From 28eb7030963f9abc8de034b598ca3b790a0c4047 Mon Sep 17 00:00:00 2001
From: Adit Dalvi <62365436+aditdalvi@users.noreply.github.com>
Date: Thu, 6 Oct 2022 15:57:09 -0700
Subject: [PATCH 01/13] Adds base for updating Microsoft.Security from version
stable/2021-06-01 to version 2022-11-20-preview
---
.../assessmentMetadata.json | 1109 +++++++++++++++++
.../2022-11-20-preview/assessments.json | 467 +++++++
.../Assessments/DeleteAssessment_example.json | 11 +
.../GetAssessmentWithExpand_example.json | 37 +
.../Assessments/GetAssessment_example.json | 33 +
.../Assessments/ListAssessments_example.json | 53 +
.../Assessments/PutAssessment_example.json | 53 +
...essmentsMetadata_subscription_example.json | 52 +
...essmentsMetadata_subscription_example.json | 10 +
.../GetAssessmentsMetadata_example.json | 53 +
...essmentsMetadata_subscription_example.json | 54 +
.../ListAssessmentsMetadata_example.json | 106 ++
...essmentsMetadata_subscription_example.json | 85 ++
.../examples/Settings/GetSetting_example.json | 20 +
.../Settings/GetSettings_example.json | 41 +
.../Settings/UpdateSetting_example.json | 26 +
.../preview/2022-11-20-preview/settings.json | 300 +++++
17 files changed, 2510 insertions(+)
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
new file mode 100644
index 000000000000..51c9ff8f8b31
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
@@ -0,0 +1,1109 @@
+{
+ "swagger": "2.0",
+ "info": {
+ "title": "Microsoft Defender for Cloud",
+ "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+ "version": "2021-06-01"
+ },
+ "host": "management.azure.com",
+ "schemes": [
+ "https"
+ ],
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "security": [
+ {
+ "azure_auth": [
+ "user_impersonation"
+ ]
+ }
+ ],
+ "securityDefinitions": {
+ "azure_auth": {
+ "type": "oauth2",
+ "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+ "flow": "implicit",
+ "description": "Azure Active Directory OAuth2 Flow",
+ "scopes": {
+ "user_impersonation": "impersonate your user account"
+ }
+ }
+ },
+ "paths": {
+ "/providers/Microsoft.Security/assessmentMetadata": {
+ "get": {
+ "x-ms-examples": {
+ "List security assessment metadata": {
+ "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Get metadata information on all assessment types",
+ "operationId": "AssessmentsMetadata_List",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponseList"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ },
+ "x-ms-pageable": {
+ "nextLinkName": "nextLink"
+ }
+ }
+ },
+ "/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+ "get": {
+ "x-ms-examples": {
+ "Get security assessment metadata": {
+ "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Get metadata information on an assessment type",
+ "operationId": "AssessmentsMetadata_Get",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "#/parameters/AssessmentsMetadataName"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ }
+ },
+ "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata": {
+ "get": {
+ "x-ms-examples": {
+ "List security assessment metadata for subscription": {
+ "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Get metadata information on all assessment types in a specific subscription",
+ "operationId": "AssessmentsMetadata_ListBySubscription",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponseList"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ },
+ "x-ms-pageable": {
+ "nextLinkName": "nextLink"
+ }
+ }
+ },
+ "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+ "get": {
+ "x-ms-examples": {
+ "Get security assessment metadata for subscription": {
+ "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Get metadata information on an assessment type in a specific subscription",
+ "operationId": "AssessmentsMetadata_GetInSubscription",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "#/parameters/AssessmentsMetadataName"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ },
+ "put": {
+ "x-ms-examples": {
+ "Create security assessment metadata for subscription": {
+ "$ref": "./examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Create metadata information on an assessment type in a specific subscription",
+ "operationId": "AssessmentsMetadata_CreateInSubscription",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "#/parameters/AssessmentsMetadataName"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ },
+ {
+ "$ref": "#/parameters/SecurityAssessmentMetadataResponse"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ },
+ "delete": {
+ "x-ms-examples": {
+ "Delete a security assessment metadata for subscription": {
+ "$ref": "./examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Delete metadata information on an assessment type in a specific subscription, will cause the deletion of all the assessments of that type in that subscription",
+ "operationId": "AssessmentsMetadata_DeleteInSubscription",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "#/parameters/AssessmentsMetadataName"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK"
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ }
+ }
+ },
+ "definitions": {
+ "SecurityAssessmentMetadataResponseList": {
+ "type": "object",
+ "description": "List of security assessment metadata",
+ "properties": {
+ "value": {
+ "readOnly": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+ }
+ },
+ "nextLink": {
+ "readOnly": true,
+ "type": "string",
+ "description": "The URI to fetch the next page."
+ }
+ }
+ },
+ "SecurityAssessmentMetadata": {
+ "type": "object",
+ "description": "Security assessment metadata",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "SecurityAssessmentMetadataResponse": {
+ "type": "object",
+ "description": "Security assessment metadata response",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "$ref": "#/definitions/SecurityAssessmentMetadataPropertiesResponse"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "SecurityAssessmentMetadataProperties": {
+ "type": "object",
+ "description": "Describes properties of an assessment metadata.",
+ "properties": {
+ "displayName": {
+ "type": "string",
+ "description": "User friendly display name of the assessment"
+ },
+ "policyDefinitionId": {
+ "readOnly": true,
+ "type": "string",
+ "description": "Azure resource ID of the policy definition that turns this assessment calculation on"
+ },
+ "description": {
+ "type": "string",
+ "description": "Human readable description of the assessment"
+ },
+ "remediationDescription": {
+ "type": "string",
+ "description": "Human readable description of what you should do to mitigate this security issue"
+ },
+ "categories": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "description": "The categories of resource that is at risk when the assessment is unhealthy",
+ "enum": [
+ "Compute",
+ "Networking",
+ "Data",
+ "IdentityAndAccess",
+ "IoT"
+ ],
+ "x-ms-enum": {
+ "name": "categories",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Compute"
+ },
+ {
+ "value": "Networking"
+ },
+ {
+ "value": "Data"
+ },
+ {
+ "value": "IdentityAndAccess"
+ },
+ {
+ "value": "IoT"
+ }
+ ]
+ }
+ }
+ },
+ "severity": {
+ "type": "string",
+ "description": "The severity level of the assessment",
+ "enum": [
+ "Low",
+ "Medium",
+ "High"
+ ],
+ "x-ms-enum": {
+ "name": "severity",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Low"
+ },
+ {
+ "value": "Medium"
+ },
+ {
+ "value": "High"
+ }
+ ]
+ }
+ },
+ "userImpact": {
+ "type": "string",
+ "description": "The user impact of the assessment",
+ "enum": [
+ "Low",
+ "Moderate",
+ "High"
+ ],
+ "x-ms-enum": {
+ "name": "userImpact",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Low"
+ },
+ {
+ "value": "Moderate"
+ },
+ {
+ "value": "High"
+ }
+ ]
+ }
+ },
+ "implementationEffort": {
+ "type": "string",
+ "description": "The implementation effort required to remediate this assessment",
+ "enum": [
+ "Low",
+ "Moderate",
+ "High"
+ ],
+ "x-ms-enum": {
+ "name": "implementationEffort",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Low"
+ },
+ {
+ "value": "Moderate"
+ },
+ {
+ "value": "High"
+ }
+ ]
+ }
+ },
+ "threats": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "description": "Threats impact of the assessment",
+ "enum": [
+ "accountBreach",
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider",
+ "elevationOfPrivilege",
+ "threatResistance",
+ "missingCoverage",
+ "denialOfService"
+ ],
+ "x-ms-enum": {
+ "name": "threats",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "accountBreach"
+ },
+ {
+ "value": "dataExfiltration"
+ },
+ {
+ "value": "dataSpillage"
+ },
+ {
+ "value": "maliciousInsider"
+ },
+ {
+ "value": "elevationOfPrivilege"
+ },
+ {
+ "value": "threatResistance"
+ },
+ {
+ "value": "missingCoverage"
+ },
+ {
+ "value": "denialOfService"
+ }
+ ]
+ }
+ }
+ },
+ "preview": {
+ "type": "boolean",
+ "description": "True if this assessment is in preview release status"
+ },
+ "assessmentType": {
+ "type": "string",
+ "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition",
+ "enum": [
+ "BuiltIn",
+ "CustomPolicy",
+ "CustomerManaged",
+ "VerifiedPartner"
+ ],
+ "x-ms-enum": {
+ "name": "assessmentType",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "BuiltIn",
+ "description": "Microsoft Defender for Cloud managed assessments"
+ },
+ {
+ "value": "CustomPolicy",
+ "description": "User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud"
+ },
+ {
+ "value": "CustomerManaged",
+ "description": "User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud"
+ },
+ {
+ "value": "VerifiedPartner",
+ "description": "An assessment that was created by a verified 3rd party if the user connected it to ASC"
+ }
+ ]
+ }
+ },
+ "partnerData": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataPartnerData"
+ }
+ },
+ "required": [
+ "displayName",
+ "severity",
+ "assessmentType"
+ ]
+ },
+ "SecurityAssessmentMetadataPartnerData": {
+ "type": "object",
+ "description": "Describes the partner that created the assessment",
+ "properties": {
+ "partnerName": {
+ "type": "string",
+ "description": "Name of the company of the partner"
+ },
+ "productName": {
+ "type": "string",
+ "description": "Name of the product of the partner that created the assessment"
+ },
+ "secret": {
+ "type": "string",
+ "description": "Secret to authenticate the partner and verify it created the assessment - write only",
+ "x-ms-secret": true
+ }
+ },
+ "required": [
+ "partnerName",
+ "secret"
+ ]
+ },
+ "SecurityAssessmentMetadataPropertiesResponse": {
+ "type": "object",
+ "description": "Describes properties of an assessment metadata response.",
+ "properties": {
+ "publishDates": {
+ "type": "object",
+ "properties": {
+ "GA": {
+ "type": "string",
+ "pattern": "^([0-9]{2}/){2}[0-9]{4}$"
+ },
+ "public": {
+ "type": "string",
+ "pattern": "^([0-9]{2}/){2}[0-9]{4}$"
+ }
+ },
+ "required": [
+ "public"
+ ]
+ },
+ "plannedDeprecationDate": {
+ "type": "string",
+ "pattern": "^[0-9]{2}/[0-9]{4}$"
+ },
+ "tactics": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "description": "Tactic of the assessment",
+ "enum": [
+ "Reconnaissance",
+ "Resource Development",
+ "Initial Access",
+ "Execution",
+ "Persistence",
+ "Privilege Escalation",
+ "Defense Evasion",
+ "Credential Access",
+ "Discovery",
+ "Lateral Movement",
+ "Collection",
+ "Command and Control",
+ "Exfiltration",
+ "Impact"
+ ],
+ "x-ms-enum": {
+ "name": "tactics",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Reconnaissance"
+ },
+ {
+ "value": "Resource Development"
+ },
+ {
+ "value": "Initial Access"
+ },
+ {
+ "value": "Execution"
+ },
+ {
+ "value": "Persistence"
+ },
+ {
+ "value": "Privilege Escalation"
+ },
+ {
+ "value": "Defense Evasion"
+ },
+ {
+ "value": "Credential Access"
+ },
+ {
+ "value": "Discovery"
+ },
+ {
+ "value": "Lateral Movement"
+ },
+ {
+ "value": "Collection"
+ },
+ {
+ "value": "Command and Control"
+ },
+ {
+ "value": "Exfiltration"
+ },
+ {
+ "value": "Impact"
+ }
+ ]
+ }
+ }
+ },
+ "techniques": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "description": "Techniques of the assessment",
+ "enum": [
+ "Abuse Elevation Control Mechanism",
+ "Access Token Manipulation",
+ "Account Discovery",
+ "Account Manipulation",
+ "Active Scanning",
+ "Application Layer Protocol",
+ "Audio Capture",
+ "Boot or Logon Autostart Execution",
+ "Boot or Logon Initialization Scripts",
+ "Brute Force",
+ "Cloud Infrastructure Discovery",
+ "Cloud Service Dashboard",
+ "Cloud Service Discovery",
+ "Command and Scripting Interpreter",
+ "Compromise Client Software Binary",
+ "Compromise Infrastructure",
+ "Container and Resource Discovery",
+ "Create Account",
+ "Create or Modify System Process",
+ "Credentials from Password Stores",
+ "Data Destruction",
+ "Data Encrypted for Impact",
+ "Data from Cloud Storage Object",
+ "Data from Configuration Repository",
+ "Data from Information Repositories",
+ "Data from Local System",
+ "Data Manipulation",
+ "Data Staged",
+ "Defacement",
+ "Deobfuscate/Decode Files or Information",
+ "Disk Wipe",
+ "Domain Trust Discovery",
+ "Drive-by Compromise",
+ "Dynamic Resolution",
+ "Endpoint Denial of Service",
+ "Event Triggered Execution",
+ "Exfiltration Over Alternative Protocol",
+ "Exploit Public-Facing Application",
+ "Exploitation for Client Execution",
+ "Exploitation for Credential Access",
+ "Exploitation for Defense Evasion",
+ "Exploitation for Privilege Escalation",
+ "Exploitation of Remote Services",
+ "External Remote Services",
+ "Fallback Channels",
+ "File and Directory Discovery",
+ "Gather Victim Network Information",
+ "Hide Artifacts",
+ "Hijack Execution Flow",
+ "Impair Defenses",
+ "Implant Container Image",
+ "Indicator Removal on Host",
+ "Indirect Command Execution",
+ "Ingress Tool Transfer",
+ "Input Capture",
+ "Inter-Process Communication",
+ "Lateral Tool Transfer",
+ "Man-in-the-Middle",
+ "Masquerading",
+ "Modify Authentication Process",
+ "Modify Registry",
+ "Network Denial of Service",
+ "Network Service Scanning",
+ "Network Sniffing",
+ "Non-Application Layer Protocol",
+ "Non-Standard Port",
+ "Obtain Capabilities",
+ "Obfuscated Files or Information",
+ "Office Application Startup",
+ "OS Credential Dumping",
+ "Permission Groups Discovery",
+ "Phishing",
+ "Pre-OS Boot",
+ "Process Discovery",
+ "Process Injection",
+ "Protocol Tunneling",
+ "Proxy",
+ "Query Registry",
+ "Remote Access Software",
+ "Remote Service Session Hijacking",
+ "Remote Services",
+ "Remote System Discovery",
+ "Resource Hijacking",
+ "Scheduled Task/Job",
+ "Screen Capture",
+ "Search Victim-Owned Websites",
+ "Server Software Component",
+ "Service Stop",
+ "Signed Binary Proxy Execution",
+ "Software Deployment Tools",
+ "SQL Stored Procedures",
+ "Steal or Forge Kerberos Tickets",
+ "Subvert Trust Controls",
+ "Supply Chain Compromise",
+ "System Information Discovery",
+ "Taint Shared Content",
+ "Traffic Signaling",
+ "Transfer Data to Cloud Account",
+ "Trusted Relationship",
+ "Unsecured Credentials",
+ "User Execution",
+ "Valid Accounts",
+ "Windows Management Instrumentation",
+ "File and Directory Permissions Modification"
+ ],
+ "x-ms-enum": {
+ "name": "techniques",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Abuse Elevation Control Mechanism"
+ },
+ {
+ "value": "Access Token Manipulation"
+ },
+ {
+ "value": "Account Discovery"
+ },
+ {
+ "value": "Account Manipulation"
+ },
+ {
+ "value": "Active Scanning"
+ },
+ {
+ "value": "Application Layer Protocol"
+ },
+ {
+ "value": "Audio Capture"
+ },
+ {
+ "value": "Boot or Logon Autostart Execution"
+ },
+ {
+ "value": "Boot or Logon Initialization Scripts"
+ },
+ {
+ "value": "Brute Force"
+ },
+ {
+ "value": "Cloud Infrastructure Discovery"
+ },
+ {
+ "value": "Cloud Service Dashboard"
+ },
+ {
+ "value": "Cloud Service Discovery"
+ },
+ {
+ "value": "Command and Scripting Interpreter"
+ },
+ {
+ "value": "Compromise Client Software Binary"
+ },
+ {
+ "value": "Compromise Infrastructure"
+ },
+ {
+ "value": "Container and Resource Discovery"
+ },
+ {
+ "value": "Create Account"
+ },
+ {
+ "value": "Create or Modify System Process"
+ },
+ {
+ "value": "Credentials from Password Stores"
+ },
+ {
+ "value": "Data Destruction"
+ },
+ {
+ "value": "Data Encrypted for Impact"
+ },
+ {
+ "value": "Data from Cloud Storage Object"
+ },
+ {
+ "value": "Data from Configuration Repository"
+ },
+ {
+ "value": "Data from Information Repositories"
+ },
+ {
+ "value": "Data from Local System"
+ },
+ {
+ "value": "Data Manipulation"
+ },
+ {
+ "value": "Data Staged"
+ },
+ {
+ "value": "Defacement"
+ },
+ {
+ "value": "Deobfuscate/Decode Files or Information"
+ },
+ {
+ "value": "Disk Wipe"
+ },
+ {
+ "value": "Domain Trust Discovery"
+ },
+ {
+ "value": "Drive-by Compromise"
+ },
+ {
+ "value": "Dynamic Resolution"
+ },
+ {
+ "value": "Endpoint Denial of Service"
+ },
+ {
+ "value": "Event Triggered Execution"
+ },
+ {
+ "value": "Exfiltration Over Alternative Protocol"
+ },
+ {
+ "value": "Exploit Public-Facing Application"
+ },
+ {
+ "value": "Exploitation for Client Execution"
+ },
+ {
+ "value": "Exploitation for Credential Access"
+ },
+ {
+ "value": "Exploitation for Defense Evasion"
+ },
+ {
+ "value": "Exploitation for Privilege Escalation"
+ },
+ {
+ "value": "Exploitation of Remote Services"
+ },
+ {
+ "value": "External Remote Services"
+ },
+ {
+ "value": "Fallback Channels"
+ },
+ {
+ "value": "File and Directory Discovery"
+ },
+ {
+ "value": "Gather Victim Network Information"
+ },
+ {
+ "value": "Hide Artifacts"
+ },
+ {
+ "value": "Hijack Execution Flow"
+ },
+ {
+ "value": "Impair Defenses"
+ },
+ {
+ "value": "Implant Container Image"
+ },
+ {
+ "value": "Indicator Removal on Host"
+ },
+ {
+ "value": "Indirect Command Execution"
+ },
+ {
+ "value": "Ingress Tool Transfer"
+ },
+ {
+ "value": "Input Capture"
+ },
+ {
+ "value": "Inter-Process Communication"
+ },
+ {
+ "value": "Lateral Tool Transfer"
+ },
+ {
+ "value": "Man-in-the-Middle"
+ },
+ {
+ "value": "Masquerading"
+ },
+ {
+ "value": "Modify Authentication Process"
+ },
+ {
+ "value": "Modify Registry"
+ },
+ {
+ "value": "Network Denial of Service"
+ },
+ {
+ "value": "Network Service Scanning"
+ },
+ {
+ "value": "Network Sniffing"
+ },
+ {
+ "value": "Non-Application Layer Protocol"
+ },
+ {
+ "value": "Non-Standard Port"
+ },
+ {
+ "value": "Obtain Capabilities"
+ },
+ {
+ "value": "Obfuscated Files or Information"
+ },
+ {
+ "value": "Office Application Startup"
+ },
+ {
+ "value": "OS Credential Dumping"
+ },
+ {
+ "value": "Permission Groups Discovery"
+ },
+ {
+ "value": "Phishing"
+ },
+ {
+ "value": "Pre-OS Boot"
+ },
+ {
+ "value": "Process Discovery"
+ },
+ {
+ "value": "Process Injection"
+ },
+ {
+ "value": "Protocol Tunneling"
+ },
+ {
+ "value": "Proxy"
+ },
+ {
+ "value": "Query Registry"
+ },
+ {
+ "value": "Remote Access Software"
+ },
+ {
+ "value": "Remote Service Session Hijacking"
+ },
+ {
+ "value": "Remote Services"
+ },
+ {
+ "value": "Remote System Discovery"
+ },
+ {
+ "value": "Resource Hijacking"
+ },
+ {
+ "value": "Scheduled Task/Job"
+ },
+ {
+ "value": "Screen Capture"
+ },
+ {
+ "value": "Search Victim-Owned Websites"
+ },
+ {
+ "value": "Server Software Component"
+ },
+ {
+ "value": "Service Stop"
+ },
+ {
+ "value": "Signed Binary Proxy Execution"
+ },
+ {
+ "value": "Software Deployment Tools"
+ },
+ {
+ "value": "SQL Stored Procedures"
+ },
+ {
+ "value": "Steal or Forge Kerberos Tickets"
+ },
+ {
+ "value": "Subvert Trust Controls"
+ },
+ {
+ "value": "Supply Chain Compromise"
+ },
+ {
+ "value": "System Information Discovery"
+ },
+ {
+ "value": "Taint Shared Content"
+ },
+ {
+ "value": "Traffic Signaling"
+ },
+ {
+ "value": "Transfer Data to Cloud Account"
+ },
+ {
+ "value": "Trusted Relationship"
+ },
+ {
+ "value": "Unsecured Credentials"
+ },
+ {
+ "value": "User Execution"
+ },
+ {
+ "value": "Valid Accounts"
+ },
+ {
+ "value": "Windows Management Instrumentation"
+ },
+ {
+ "value": "File and Directory Permissions Modification"
+ }
+ ]
+ }
+ }
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+ }
+ ]
+ }
+ },
+ "parameters": {
+ "AssessmentsMetadataName": {
+ "name": "assessmentMetadataName",
+ "in": "path",
+ "required": true,
+ "type": "string",
+ "description": "The Assessment Key - Unique key for the assessment type",
+ "x-ms-parameter-location": "method"
+ },
+ "SecurityAssessmentMetadataResponse": {
+ "name": "assessmentMetadata",
+ "in": "body",
+ "required": true,
+ "description": "AssessmentMetadata object",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+ },
+ "x-ms-parameter-location": "method"
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json
new file mode 100644
index 000000000000..58a60667e526
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json
@@ -0,0 +1,467 @@
+{
+ "swagger": "2.0",
+ "info": {
+ "title": "Microsoft Defender for Cloud",
+ "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+ "version": "2021-06-01"
+ },
+ "host": "management.azure.com",
+ "schemes": [
+ "https"
+ ],
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "security": [
+ {
+ "azure_auth": [
+ "user_impersonation"
+ ]
+ }
+ ],
+ "securityDefinitions": {
+ "azure_auth": {
+ "type": "oauth2",
+ "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+ "flow": "implicit",
+ "description": "Azure Active Directory OAuth2 Flow",
+ "scopes": {
+ "user_impersonation": "impersonate your user account"
+ }
+ }
+ },
+ "paths": {
+ "/{scope}/providers/Microsoft.Security/assessments": {
+ "get": {
+ "x-ms-examples": {
+ "List security assessments": {
+ "$ref": "./examples/Assessments/ListAssessments_example.json"
+ }
+ },
+ "tags": [
+ "Assessments"
+ ],
+ "description": "Get security assessments on all your scanned resources inside a scope",
+ "operationId": "Assessments_List",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/Scope"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentList"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ },
+ "x-ms-pageable": {
+ "nextLinkName": "nextLink"
+ }
+ }
+ },
+ "/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}": {
+ "get": {
+ "x-ms-examples": {
+ "Get security recommendation task from security data location": {
+ "$ref": "./examples/Assessments/GetAssessment_example.json"
+ },
+ "Get security recommendation task from security data location with expand parameter": {
+ "$ref": "./examples/Assessments/GetAssessmentWithExpand_example.json"
+ }
+ },
+ "tags": [
+ "Assessments"
+ ],
+ "description": "Get a security assessment on your scanned resource",
+ "operationId": "Assessments_Get",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+ },
+ {
+ "$ref": "#/parameters/AssessmentName"
+ },
+ {
+ "$ref": "#/parameters/ExpandAssessments"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ },
+ "put": {
+ "x-ms-examples": {
+ "Create security recommendation task on a resource": {
+ "$ref": "./examples/Assessments/PutAssessment_example.json"
+ }
+ },
+ "tags": [
+ "Assessments"
+ ],
+ "description": "Create a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+ "operationId": "Assessments_CreateOrUpdate",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+ },
+ {
+ "$ref": "#/parameters/AssessmentName"
+ },
+ {
+ "$ref": "#/parameters/AssessmentBody"
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Created",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentResponse"
+ }
+ },
+ "200": {
+ "description": "OK - Updated",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ },
+ "delete": {
+ "x-ms-examples": {
+ "Delete a security recommendation task on a resource": {
+ "$ref": "./examples/Assessments/DeleteAssessment_example.json"
+ }
+ },
+ "tags": [
+ "Assessments"
+ ],
+ "description": "Delete a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+ "operationId": "Assessments_Delete",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+ },
+ {
+ "$ref": "#/parameters/AssessmentName"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK - Assessment was deleted"
+ },
+ "204": {
+ "description": "No Content - Assessment does not exist"
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ }
+ }
+ },
+ "definitions": {
+ "SecurityAssessmentList": {
+ "type": "object",
+ "description": "Page of a security assessments list",
+ "properties": {
+ "value": {
+ "description": "Collection of security assessments in this page",
+ "readOnly": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/SecurityAssessmentResponse"
+ }
+ },
+ "nextLink": {
+ "readOnly": true,
+ "type": "string",
+ "description": "The URI to fetch the next page."
+ }
+ }
+ },
+ "SecurityAssessment": {
+ "type": "object",
+ "description": "Security assessment on a resource",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "$ref": "#/definitions/SecurityAssessmentProperties"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "SecurityAssessmentResponse": {
+ "type": "object",
+ "description": "Security assessment on a resource - response format",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "$ref": "#/definitions/SecurityAssessmentPropertiesResponse"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "SecurityAssessmentProperties": {
+ "type": "object",
+ "description": "Describes properties of an assessment.",
+ "properties": {
+ "status": {
+ "$ref": "#/definitions/AssessmentStatus"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentPropertiesBase"
+ }
+ ],
+ "required": [
+ "status"
+ ]
+ },
+ "SecurityAssessmentPropertiesResponse": {
+ "type": "object",
+ "description": "Describes properties of an assessment.",
+ "properties": {
+ "status": {
+ "$ref": "#/definitions/AssessmentStatusResponse"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentPropertiesBase"
+ }
+ ],
+ "required": [
+ "status"
+ ]
+ },
+ "SecurityAssessmentPropertiesBase": {
+ "type": "object",
+ "description": "Describes properties of an assessment.",
+ "properties": {
+ "resourceDetails": {
+ "$ref": "../../../common/v1/types.json#/definitions/ResourceDetails"
+ },
+ "displayName": {
+ "readOnly": true,
+ "type": "string",
+ "description": "User friendly display name of the assessment"
+ },
+ "additionalData": {
+ "type": "object",
+ "description": "Additional data regarding the assessment",
+ "additionalProperties": {
+ "type": "string"
+ }
+ },
+ "links": {
+ "$ref": "#/definitions/AssessmentLinks"
+ },
+ "metadata": {
+ "$ref": "./assessmentMetadata.json#/definitions/SecurityAssessmentMetadataProperties"
+ },
+ "partnersData": {
+ "$ref": "#/definitions/SecurityAssessmentPartnerData"
+ }
+ },
+ "required": [
+ "resourceDetails"
+ ]
+ },
+ "SecurityAssessmentPartnerData": {
+ "type": "object",
+ "description": "Data regarding 3rd party partner integration",
+ "properties": {
+ "partnerName": {
+ "type": "string",
+ "description": "Name of the company of the partner"
+ },
+ "secret": {
+ "type": "string",
+ "description": "secret to authenticate the partner - write only",
+ "x-ms-secret": true
+ }
+ },
+ "required": [
+ "partnerName",
+ "secret"
+ ]
+ },
+ "AssessmentLinks": {
+ "type": "object",
+ "description": "Links relevant to the assessment",
+ "readOnly": true,
+ "properties": {
+ "azurePortalUri": {
+ "type": "string",
+ "description": "Link to assessment in Azure Portal",
+ "readOnly": true
+ }
+ }
+ },
+ "AssessmentStatusResponse": {
+ "type": "object",
+ "description": "The result of the assessment",
+ "properties": {
+ "firstEvaluationDate": {
+ "readOnly": true,
+ "type": "string",
+ "format": "date-time",
+ "description": "The time that the assessment was created and first evaluated. Returned as UTC time in ISO 8601 format"
+ },
+ "statusChangeDate": {
+ "readOnly": true,
+ "type": "string",
+ "format": "date-time",
+ "description": "The time that the status of the assessment last changed. Returned as UTC time in ISO 8601 format"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/AssessmentStatus"
+ }
+ ]
+ },
+ "AssessmentStatus": {
+ "type": "object",
+ "description": "The result of the assessment",
+ "properties": {
+ "code": {
+ "type": "string",
+ "description": "Programmatic code for the status of the assessment",
+ "enum": [
+ "Healthy",
+ "Unhealthy",
+ "NotApplicable"
+ ],
+ "x-ms-enum": {
+ "name": "AssessmentStatusCode",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Healthy",
+ "description": "The resource is healthy"
+ },
+ {
+ "value": "Unhealthy",
+ "description": "The resource has a security issue that needs to be addressed"
+ },
+ {
+ "value": "NotApplicable",
+ "description": "Assessment for this resource did not happen"
+ }
+ ]
+ }
+ },
+ "cause": {
+ "type": "string",
+ "description": "Programmatic code for the cause of the assessment status"
+ },
+ "description": {
+ "type": "string",
+ "description": "Human readable description of the assessment status"
+ }
+ },
+ "required": [
+ "code"
+ ]
+ }
+ },
+ "parameters": {
+ "ExpandAssessments": {
+ "name": "$expand",
+ "in": "query",
+ "required": false,
+ "type": "string",
+ "description": "OData expand. Optional.",
+ "x-ms-parameter-location": "method",
+ "enum": [
+ "links",
+ "metadata"
+ ],
+ "x-ms-enum": {
+ "name": "ExpandEnum",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "links",
+ "description": "All links associated with an assessment"
+ },
+ {
+ "value": "metadata",
+ "description": "Assessment metadata"
+ }
+ ]
+ }
+ },
+ "AssessmentName": {
+ "name": "assessmentName",
+ "in": "path",
+ "required": true,
+ "type": "string",
+ "description": "The Assessment Key - Unique key for the assessment type",
+ "x-ms-parameter-location": "method"
+ },
+ "AssessmentBody": {
+ "name": "assessment",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessment"
+ },
+ "description": "Calculated assessment on a pre-defined assessment metadata",
+ "x-ms-parameter-location": "method"
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json
new file mode 100644
index 000000000000..5a4da6233241
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json
@@ -0,0 +1,11 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
+ "assessmentName": "8bb8be0a-6010-4789-812f-e4d661c4ed0e"
+ },
+ "responses": {
+ "200": {},
+ "204": {}
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json
new file mode 100644
index 000000000000..216a2c29dbc4
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json
@@ -0,0 +1,37 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
+ "assessmentName": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "$expand": "links"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
+ },
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "status": {
+ "code": "NotApplicable",
+ "cause": "OffByPolicy",
+ "description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
+ "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
+ "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
+ },
+ "additionalData": {
+ "linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
+ },
+ "links": {
+ "azurePortalUri": "https://www.portal.azure.com/?fea#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/21300918-b2e3-0346-785f-c77ff57d243b"
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json
new file mode 100644
index 000000000000..00cc1cd605ad
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json
@@ -0,0 +1,33 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
+ "assessmentName": "21300918-b2e3-0346-785f-c77ff57d243b"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
+ },
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "status": {
+ "code": "NotApplicable",
+ "cause": "OffByPolicy",
+ "description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
+ "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
+ "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
+ },
+ "additionalData": {
+ "linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json
new file mode 100644
index 000000000000..9fcb5d07a2f7
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json
@@ -0,0 +1,53 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "value": [
+ {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1"
+ },
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "status": {
+ "code": "Healthy",
+ "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
+ "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
+ }
+ }
+ },
+ {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
+ },
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "status": {
+ "code": "NotApplicable",
+ "cause": "OffByPolicy",
+ "description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
+ "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
+ "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
+ },
+ "additionalData": {
+ "linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json
new file mode 100644
index 000000000000..36964844cd9c
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json
@@ -0,0 +1,53 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
+ "assessmentName": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "assessment": {
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure"
+ },
+ "status": {
+ "code": "Healthy"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e"
+ },
+ "displayName": "Install internal agent on VM",
+ "status": {
+ "code": "Healthy"
+ }
+ }
+ }
+ },
+ "201": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e"
+ },
+ "displayName": "Install internal agent on VM",
+ "status": {
+ "code": "Healthy"
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
new file mode 100644
index 000000000000..f2f8d67693b6
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
@@ -0,0 +1,52 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
+ "assessmentMetadataName": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "assessmentMetadata": {
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "assessmentType": "CustomerManaged"
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "name": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "My organization security assessment",
+ "description": "Assessment that my organization created to view our security assessment in Azure Security Center",
+ "remediationDescription": "Fix it with these remediation instructions",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "assessmentType": "CustomerManaged"
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
new file mode 100644
index 000000000000..592c45b8848b
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
@@ -0,0 +1,10 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
+ "assessmentMetadataName": "ca039e75-a276-4175-aebc-bcd41e4b14b7"
+ },
+ "responses": {
+ "200": {}
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
new file mode 100644
index 000000000000..e58f1307ae58
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
@@ -0,0 +1,53 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "assessmentMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "plannedDeprecationDate": "03/2022",
+ "tactics": [
+ "Credential Access",
+ "Persistence",
+ "Execution",
+ "Defense Evasion",
+ "Collection",
+ "Discovery",
+ "Privilege Escalation"
+ ],
+ "techniques": [
+ "Obfuscated Files or Information",
+ "Ingress Tool Transfer",
+ "Phishing",
+ "User Execution"
+ ],
+ "assessmentType": "BuiltIn"
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
new file mode 100644
index 000000000000..665650571e6d
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
@@ -0,0 +1,54 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
+ "assessmentMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "plannedDeprecationDate": "03/2022",
+ "tactics": [
+ "Credential Access",
+ "Persistence",
+ "Execution",
+ "Defense Evasion",
+ "Collection",
+ "Discovery",
+ "Privilege Escalation"
+ ],
+ "techniques": [
+ "Obfuscated Files or Information",
+ "Ingress Tool Transfer",
+ "Phishing",
+ "User Execution"
+ ],
+ "assessmentType": "BuiltIn"
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
new file mode 100644
index 000000000000..82a62fff2488
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
@@ -0,0 +1,106 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "value": [
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "plannedDeprecationDate": "03/2022",
+ "tactics": [
+ "Credential Access",
+ "Persistence",
+ "Execution",
+ "Defense Evasion",
+ "Collection",
+ "Discovery",
+ "Privilege Escalation"
+ ],
+ "techniques": [
+ "Obfuscated Files or Information",
+ "Ingress Tool Transfer",
+ "Phishing",
+ "User Execution"
+ ],
+ "assessmentType": "BuiltIn"
+ }
+ },
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe",
+ "name": "bc303248-3d14-44c2-96a0-55f5c326b5fe",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Close management ports on your virtual machines",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
+ "description": "Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.",
+ "remediationDescription": "We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.
To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'",
+ "categories": [
+ "Networking"
+ ],
+ "severity": "Medium",
+ "userImpact": "High",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "preview": true,
+ "assessmentType": "CustomPolicy"
+ }
+ },
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "name": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "My organization security assessment",
+ "description": "Assessment that my organization created to view our security assessment in Azure Security Center",
+ "remediationDescription": "Fix it with these remediation instructions",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "assessmentType": "CustomerManaged"
+ }
+ }
+ ]
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
new file mode 100644
index 000000000000..9e7f41e091d4
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
@@ -0,0 +1,85 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "value": [
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "plannedDeprecationDate": "03/2022",
+ "tactics": [
+ "Credential Access",
+ "Persistence",
+ "Execution",
+ "Defense Evasion",
+ "Collection",
+ "Discovery",
+ "Privilege Escalation"
+ ],
+ "techniques": [
+ "Obfuscated Files or Information",
+ "Ingress Tool Transfer",
+ "Phishing",
+ "User Execution"
+ ],
+ "assessmentType": "BuiltIn"
+ }
+ },
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe",
+ "name": "bc303248-3d14-44c2-96a0-55f5c326b5fe",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Close management ports on your virtual machines",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
+ "description": "Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.",
+ "remediationDescription": "We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.
To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'",
+ "categories": [
+ "Networking"
+ ],
+ "severity": "Medium",
+ "userImpact": "High",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "preview": true,
+ "assessmentType": "CustomPolicy"
+ }
+ }
+ ]
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json
new file mode 100644
index 000000000000..7fbbed710058
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json
@@ -0,0 +1,20 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
+ "settingName": "MCAS"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS",
+ "name": "MCAS",
+ "kind": "DataExportSettings",
+ "type": "Microsoft.Security/settings",
+ "properties": {
+ "enabled": true
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json
new file mode 100644
index 000000000000..f38c7c97cf2d
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json
@@ -0,0 +1,41 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "value": [
+ {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS",
+ "name": "MCAS",
+ "kind": "DataExportSettings",
+ "type": "Microsoft.Security/settings",
+ "properties": {
+ "enabled": true
+ }
+ },
+ {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/WDATP",
+ "name": "WDATP",
+ "kind": "DataExportSettings",
+ "type": "Microsoft.Security/settings",
+ "properties": {
+ "enabled": false
+ }
+ },
+ {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/Sentinel",
+ "name": "Sentinel",
+ "kind": "AlertSyncSettings",
+ "type": "Microsoft.Security/settings",
+ "properties": {
+ "enabled": false
+ }
+ }
+ ]
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json
new file mode 100644
index 000000000000..ece31475d6eb
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json
@@ -0,0 +1,26 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
+ "settingName": "MCAS",
+ "setting": {
+ "kind": "DataExportSettings",
+ "properties": {
+ "enabled": true
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS",
+ "name": "MCAS",
+ "kind": "DataExportSettings",
+ "type": "Microsoft.Security/settings",
+ "properties": {
+ "enabled": true
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json
new file mode 100644
index 000000000000..512722183dcb
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json
@@ -0,0 +1,300 @@
+{
+ "swagger": "2.0",
+ "info": {
+ "title": "Microsoft Defender for Cloud",
+ "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+ "version": "2021-06-01"
+ },
+ "host": "management.azure.com",
+ "schemes": [
+ "https"
+ ],
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "security": [
+ {
+ "azure_auth": [
+ "user_impersonation"
+ ]
+ }
+ ],
+ "securityDefinitions": {
+ "azure_auth": {
+ "type": "oauth2",
+ "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+ "flow": "implicit",
+ "description": "Azure Active Directory OAuth2 Flow",
+ "scopes": {
+ "user_impersonation": "impersonate your user account"
+ }
+ }
+ },
+ "paths": {
+ "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings": {
+ "get": {
+ "x-ms-examples": {
+ "Get settings of subscription": {
+ "$ref": "./examples/Settings/GetSettings_example.json"
+ }
+ },
+ "tags": [
+ "Settings"
+ ],
+ "description": "Settings about different configurations in Microsoft Defender for Cloud",
+ "operationId": "Settings_List",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SettingsList"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ },
+ "x-ms-pageable": {
+ "nextLinkName": "nextLink"
+ }
+ }
+ },
+ "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings/{settingName}": {
+ "get": {
+ "x-ms-examples": {
+ "Get a setting on subscription": {
+ "$ref": "./examples/Settings/GetSetting_example.json"
+ }
+ },
+ "tags": [
+ "Settings"
+ ],
+ "description": "Settings of different configurations in Microsoft Defender for Cloud",
+ "operationId": "Settings_Get",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ },
+ {
+ "$ref": "#/parameters/SettingName"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/Setting"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ },
+ "put": {
+ "x-ms-examples": {
+ "Update a setting for subscription": {
+ "$ref": "./examples/Settings/UpdateSetting_example.json"
+ }
+ },
+ "tags": [
+ "Settings"
+ ],
+ "description": "updating settings about different configurations in Microsoft Defender for Cloud",
+ "operationId": "Settings_Update",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ },
+ {
+ "$ref": "#/parameters/SettingName"
+ },
+ {
+ "$ref": "#/parameters/Setting"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/Setting"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ }
+ }
+ },
+ "definitions": {
+ "SettingsList": {
+ "type": "object",
+ "description": "Subscription settings list.",
+ "properties": {
+ "value": {
+ "type": "array",
+ "description": "The settings list.",
+ "items": {
+ "$ref": "#/definitions/Setting"
+ }
+ },
+ "nextLink": {
+ "readOnly": true,
+ "type": "string",
+ "description": "The URI to fetch the next page."
+ }
+ }
+ },
+ "DataExportSettings": {
+ "type": "object",
+ "description": "Represents a data export setting",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "description": "Data export setting data",
+ "$ref": "#/definitions/DataExportSettingProperties"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/Setting"
+ }
+ ],
+ "x-ms-discriminator-value": "DataExportSettings"
+ },
+ "AlertSyncSettings": {
+ "type": "object",
+ "description": "Represents an alert sync setting",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "description": "Alert sync setting data",
+ "$ref": "#/definitions/AlertSyncSettingProperties"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/Setting"
+ }
+ ],
+ "x-ms-discriminator-value": "AlertSyncSettings"
+ },
+ "Setting": {
+ "type": "object",
+ "description": "The kind of the security setting",
+ "properties": {
+ "kind": {
+ "type": "string",
+ "description": "the kind of the settings string",
+ "enum": [
+ "DataExportSettings",
+ "AlertSuppressionSetting",
+ "AlertSyncSettings"
+ ],
+ "x-ms-enum": {
+ "name": "SettingKind",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "DataExportSettings"
+ },
+ {
+ "value": "AlertSuppressionSetting"
+ },
+ {
+ "value": "AlertSyncSettings"
+ }
+ ]
+ }
+ }
+ },
+ "discriminator": "kind",
+ "required": [
+ "kind"
+ ],
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "DataExportSettingProperties": {
+ "type": "object",
+ "description": "The data export setting properties",
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Is the data export setting enabled"
+ }
+ },
+ "required": [
+ "enabled"
+ ]
+ },
+ "AlertSyncSettingProperties": {
+ "type": "object",
+ "description": "The alert sync setting properties",
+ "properties": {
+ "enabled": {
+ "type": "boolean",
+ "description": "Is the alert sync setting enabled"
+ }
+ },
+ "required": [
+ "enabled"
+ ]
+ }
+ },
+ "parameters": {
+ "SettingName": {
+ "name": "settingName",
+ "in": "path",
+ "required": true,
+ "type": "string",
+ "description": "The name of the setting",
+ "enum": [
+ "MCAS",
+ "WDATP",
+ "Sentinel"
+ ],
+ "x-ms-parameter-location": "method"
+ },
+ "Setting": {
+ "name": "setting",
+ "in": "body",
+ "required": true,
+ "description": "Setting object",
+ "schema": {
+ "$ref": "#/definitions/Setting"
+ },
+ "x-ms-parameter-location": "method"
+ }
+ }
+}
From b1490442b061a23ab6cd41a0f51beb058e781a80 Mon Sep 17 00:00:00 2001
From: Adit Dalvi <62365436+aditdalvi@users.noreply.github.com>
Date: Thu, 6 Oct 2022 15:57:13 -0700
Subject: [PATCH 02/13] Updates readme
---
specification/security/resource-manager/readme.md | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md
index 3da90abed9d6..ba0e72f5cd08 100644
--- a/specification/security/resource-manager/readme.md
+++ b/specification/security/resource-manager/readme.md
@@ -78,7 +78,7 @@ These are the global settings for the Security API.
title: SecurityCenter
description: API spec for Microsoft.Security (Azure Security Center) resource provider
openapi-type: arm
-tag: package-composite-v3
+tag: package-preview-2022-11
```
### Composite packages
@@ -86,14 +86,25 @@ tag: package-composite-v3
The following packages may be composed from multiple api-versions.
+### Tag: package-preview-2022-11
+
+These settings apply only when `--tag=package-preview-2022-11` is specified on the command line.
+
+```yaml $(tag) == 'package-preview-2022-11'
+input-file:
+ - Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
+ - Microsoft.Security/preview/2022-11-20-preview/assessments.json
+ - Microsoft.Security/preview/2022-11-20-preview/settings.json
+```
### Tag: package-preview-2022-08
These settings apply only when `--tag=package-preview-2022-08` is specified on the command line.
-```yaml $(tag) == 'package-preview-2022-08'
+``` yaml $(tag) == 'package-preview-2022-08'
input-file:
- Microsoft.Security/preview/2022-08-01-preview/securityConnectors.json
```
+
### Tag: package-preview-2022-07
These settings apply only when `--tag=package-preview-2022-07` is specified on the command line.
From 15a582abde2e05ef0783f14c95eaf4a3d4f03683 Mon Sep 17 00:00:00 2001
From: Adit Dalvi <62365436+aditdalvi@users.noreply.github.com>
Date: Thu, 6 Oct 2022 15:57:17 -0700
Subject: [PATCH 03/13] Updates API version in new specs and examples
---
.../preview/2022-11-20-preview/assessmentMetadata.json | 2 +-
.../preview/2022-11-20-preview/assessments.json | 2 +-
.../examples/Assessments/DeleteAssessment_example.json | 2 +-
.../examples/Assessments/GetAssessmentWithExpand_example.json | 2 +-
.../examples/Assessments/GetAssessment_example.json | 2 +-
.../examples/Assessments/ListAssessments_example.json | 2 +-
.../examples/Assessments/PutAssessment_example.json | 2 +-
.../CreateAssessmentsMetadata_subscription_example.json | 2 +-
.../DeleteAssessmentsMetadata_subscription_example.json | 2 +-
.../AssessmentsMetadata/GetAssessmentsMetadata_example.json | 2 +-
.../GetAssessmentsMetadata_subscription_example.json | 2 +-
.../AssessmentsMetadata/ListAssessmentsMetadata_example.json | 2 +-
.../ListAssessmentsMetadata_subscription_example.json | 2 +-
.../examples/Settings/GetSetting_example.json | 2 +-
.../examples/Settings/GetSettings_example.json | 2 +-
.../examples/Settings/UpdateSetting_example.json | 2 +-
.../Microsoft.Security/preview/2022-11-20-preview/settings.json | 2 +-
17 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
index 51c9ff8f8b31..11f2dfed306b 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
@@ -3,7 +3,7 @@
"info": {
"title": "Microsoft Defender for Cloud",
"description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
- "version": "2021-06-01"
+ "version": "2022-11-20-preview"
},
"host": "management.azure.com",
"schemes": [
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json
index 58a60667e526..e4310003f903 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json
@@ -3,7 +3,7 @@
"info": {
"title": "Microsoft Defender for Cloud",
"description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
- "version": "2021-06-01"
+ "version": "2022-11-20-preview"
},
"host": "management.azure.com",
"schemes": [
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json
index 5a4da6233241..39aaa0a8ed56 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
"assessmentName": "8bb8be0a-6010-4789-812f-e4d661c4ed0e"
},
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json
index 216a2c29dbc4..d9265662c159 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
"assessmentName": "21300918-b2e3-0346-785f-c77ff57d243b",
"$expand": "links"
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json
index 00cc1cd605ad..6ea60b6bfbd0 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
"assessmentName": "21300918-b2e3-0346-785f-c77ff57d243b"
},
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json
index 9fcb5d07a2f7..a236f500e098 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23"
},
"responses": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json
index 36964844cd9c..6659be495287 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
"assessmentName": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
"assessment": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
index f2f8d67693b6..ae2beef6e21b 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
"assessmentMetadataName": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
"assessmentMetadata": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
index 592c45b8848b..6474356bf41e 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
"assessmentMetadataName": "ca039e75-a276-4175-aebc-bcd41e4b14b7"
},
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
index e58f1307ae58..09b39f48a5eb 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"assessmentMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
},
"responses": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
index 665650571e6d..90f42c321205 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
"assessmentMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
},
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
index 82a62fff2488..4cfbc3e1d0c9 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01"
+ "api-version": "2022-11-20-preview"
},
"responses": {
"200": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
index 9e7f41e091d4..f882b56abe2f 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"subscriptionId": "0980887d-03d6-408c-9566-532f3456804e"
},
"responses": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json
index 7fbbed710058..da3d161190b0 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"settingName": "MCAS"
},
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json
index f38c7c97cf2d..c909f8e2f1a4 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23"
},
"responses": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json
index ece31475d6eb..b9bb545019c4 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json
@@ -1,6 +1,6 @@
{
"parameters": {
- "api-version": "2021-06-01",
+ "api-version": "2022-11-20-preview",
"subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
"settingName": "MCAS",
"setting": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json
index 512722183dcb..77436c29ec46 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json
@@ -3,7 +3,7 @@
"info": {
"title": "Microsoft Defender for Cloud",
"description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
- "version": "2021-06-01"
+ "version": "2022-11-20-preview"
},
"host": "management.azure.com",
"schemes": [
From 044838bfabd09a74a23ac24234fc928f25e6bc08 Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Thu, 10 Nov 2022 22:09:28 -0800
Subject: [PATCH 04/13] Add apiCollections.json and relevant examples
---
.../2022-11-20-preview/apiCollections.json | 200 +++
.../assessmentMetadata.json | 1109 -----------------
.../2022-11-20-preview/assessments.json | 467 -------
...ICollectionOffboarding_Delete_example.json | 10 +
...CollectionOnboardingState_Get_example.json | 21 +
...PICollectionOnboarding_Create_example.json | 21 +
.../Assessments/DeleteAssessment_example.json | 11 -
.../GetAssessmentWithExpand_example.json | 37 -
.../Assessments/GetAssessment_example.json | 33 -
.../Assessments/ListAssessments_example.json | 53 -
.../Assessments/PutAssessment_example.json | 53 -
...essmentsMetadata_subscription_example.json | 52 -
...essmentsMetadata_subscription_example.json | 10 -
.../GetAssessmentsMetadata_example.json | 53 -
...essmentsMetadata_subscription_example.json | 54 -
.../ListAssessmentsMetadata_example.json | 106 --
...essmentsMetadata_subscription_example.json | 85 --
.../examples/Settings/GetSetting_example.json | 20 -
.../Settings/GetSettings_example.json | 41 -
.../Settings/UpdateSetting_example.json | 26 -
.../preview/2022-11-20-preview/settings.json | 300 -----
21 files changed, 252 insertions(+), 2510 deletions(-)
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboardingState_Get_example.json
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json
delete mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
new file mode 100644
index 000000000000..35ead285d3bd
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
@@ -0,0 +1,200 @@
+{
+ "swagger": "2.0",
+ "info": {
+ "title": "Microsoft Defender for Cloud",
+ "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+ "version": "2022-11-20-preview"
+ },
+ "host": "management.azure.com",
+ "schemes": [
+ "https"
+ ],
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "security": [
+ {
+ "azure_auth": [
+ "user_impersonation"
+ ]
+ }
+ ],
+ "securityDefinitions": {
+ "azure_auth": {
+ "type": "oauth2",
+ "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+ "flow": "implicit",
+ "description": "Azure Active Directory OAuth2 Flow",
+ "scopes": {
+ "user_impersonation": "impersonate your user account"
+ }
+ }
+ },
+ "paths": {
+ "/{apiManagementServiceResourceId}/providers/Microsoft.Security/apiCollections/{apiCollectionId}": {
+ "get": {
+ "x-ms-examples": {
+ "Determine whether an Azure API Management API is onboarded to Defender for APIs": {
+ "$ref": "./examples/ApiCollections/APICollectionOnboardingState_Get_example.json"
+ }
+ },
+ "tags": [
+ "D4APIOnboardingStatus",
+ "APIMConfig"
+ ],
+ "description": "Determine whether an Azure API Management API is onboarded to Defender for APIs. If the Azure API Management API is onboarded to Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+ "summary": "Determine whether an Azure API Management API is onboarded to Defender for APIs",
+ "operationId": "APICollectionOnboardingState_Get",
+ "parameters": [
+ {
+ "$ref": "#/parameters/ApiManagementServiceResourceId"
+ },
+ {
+ "$ref": "#/parameters/ApiCollectionId"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/ApiCollectionResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/definitions/ErrorResponse"
+ }
+ }
+ }
+ },
+ "put": {
+ "x-ms-examples": {
+ "Onboard an Azure API Management API to Defender for APIs": {
+ "$ref": "./examples/ApiCollections/APICollectionOnboarding_Create_example.json"
+ }
+ },
+ "tags": [
+ "OnboardToD4API",
+ "APIMConfig"
+ ],
+ "description": "Onboard an Azure API Management API to Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+ "summary": "Onboard an Azure API Management API to Defender for APIs",
+ "operationId": "APICollectionOnboarding_Create",
+ "parameters": [
+ {
+ "$ref": "#/parameters/ApiManagementServiceResourceId"
+ },
+ {
+ "$ref": "#/parameters/ApiCollectionId"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/ApiCollectionResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/definitions/ErrorResponse"
+ }
+ }
+ }
+ },
+ "delete": {
+ "x-ms-examples": {
+ "Delete a security recommendation task on a resource": {
+ "$ref": "./examples/ApiCollections/APICollectionOffboarding_Delete_example.json"
+ }
+ },
+ "tags": [
+ "OffboardFromD4API",
+ "APIMConfig"
+ ],
+ "description": "Offboard an Azure API Management API from Defender for APIs. The system will stop monitoring the operations within the Azure API Management API for intrusive behaviors.",
+ "summary": "Offboard an Azure API Management API from Defender for APIs",
+ "operationId": "APICollectionOffboarding_Delete",
+ "parameters": [
+ {
+ "$ref": "#/parameters/ApiManagementServiceResourceId"
+ },
+ {
+ "$ref": "#/parameters/ApiCollectionId"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK"
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/definitions/ErrorResponse"
+ }
+ }
+ }
+ }
+ }
+ },
+ "definitions": {
+ "ApiCollectionResponse": {
+ "type": "object",
+ "description": "D4API representation of an API collection",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "$ref": "#/definitions/ApiCollectionProperties"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "ApiCollectionProperties": {
+ "type": "object",
+ "description": "Describes the properties of an API collection.",
+ "properties": {
+ "additionalData": {
+ "type": "object",
+ "description": "Additional data regarding the API collection",
+ "additionalProperties": {
+ "type": "string"
+ }
+ }
+ }
+ }
+ },
+ "parameters": {
+ "ApiManagementServiceResourceId": {
+ "name": "apiManagementServiceResourceId",
+ "in": "path",
+ "required": true,
+ "type": "string",
+ "description": "A string representing the ARM ResourceId of the Azure API Management Service resource."
+ },
+ "ApiCollectionId": {
+ "name": "apiCollectionId",
+ "in": "path",
+ "required": true,
+ "type": "string",
+ "description": "A string representing the apiCollections resource within the Microsoft.Security provider namespace. This string matches the Azure API Management API name."
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
deleted file mode 100644
index 11f2dfed306b..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
+++ /dev/null
@@ -1,1109 +0,0 @@
-{
- "swagger": "2.0",
- "info": {
- "title": "Microsoft Defender for Cloud",
- "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
- "version": "2022-11-20-preview"
- },
- "host": "management.azure.com",
- "schemes": [
- "https"
- ],
- "consumes": [
- "application/json"
- ],
- "produces": [
- "application/json"
- ],
- "security": [
- {
- "azure_auth": [
- "user_impersonation"
- ]
- }
- ],
- "securityDefinitions": {
- "azure_auth": {
- "type": "oauth2",
- "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
- "flow": "implicit",
- "description": "Azure Active Directory OAuth2 Flow",
- "scopes": {
- "user_impersonation": "impersonate your user account"
- }
- }
- },
- "paths": {
- "/providers/Microsoft.Security/assessmentMetadata": {
- "get": {
- "x-ms-examples": {
- "List security assessment metadata": {
- "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Get metadata information on all assessment types",
- "operationId": "AssessmentsMetadata_List",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadataResponseList"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- },
- "x-ms-pageable": {
- "nextLinkName": "nextLink"
- }
- }
- },
- "/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
- "get": {
- "x-ms-examples": {
- "Get security assessment metadata": {
- "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Get metadata information on an assessment type",
- "operationId": "AssessmentsMetadata_Get",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "#/parameters/AssessmentsMetadataName"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- }
- },
- "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata": {
- "get": {
- "x-ms-examples": {
- "List security assessment metadata for subscription": {
- "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Get metadata information on all assessment types in a specific subscription",
- "operationId": "AssessmentsMetadata_ListBySubscription",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadataResponseList"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- },
- "x-ms-pageable": {
- "nextLinkName": "nextLink"
- }
- }
- },
- "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
- "get": {
- "x-ms-examples": {
- "Get security assessment metadata for subscription": {
- "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Get metadata information on an assessment type in a specific subscription",
- "operationId": "AssessmentsMetadata_GetInSubscription",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "#/parameters/AssessmentsMetadataName"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- },
- "put": {
- "x-ms-examples": {
- "Create security assessment metadata for subscription": {
- "$ref": "./examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Create metadata information on an assessment type in a specific subscription",
- "operationId": "AssessmentsMetadata_CreateInSubscription",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "#/parameters/AssessmentsMetadataName"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
- },
- {
- "$ref": "#/parameters/SecurityAssessmentMetadataResponse"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- },
- "delete": {
- "x-ms-examples": {
- "Delete a security assessment metadata for subscription": {
- "$ref": "./examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json"
- }
- },
- "tags": [
- "Assessments Metadata"
- ],
- "description": "Delete metadata information on an assessment type in a specific subscription, will cause the deletion of all the assessments of that type in that subscription",
- "operationId": "AssessmentsMetadata_DeleteInSubscription",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "#/parameters/AssessmentsMetadataName"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
- }
- ],
- "responses": {
- "200": {
- "description": "OK"
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- }
- }
- },
- "definitions": {
- "SecurityAssessmentMetadataResponseList": {
- "type": "object",
- "description": "List of security assessment metadata",
- "properties": {
- "value": {
- "readOnly": true,
- "type": "array",
- "items": {
- "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "SecurityAssessmentMetadata": {
- "type": "object",
- "description": "Security assessment metadata",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
- }
- },
- "allOf": [
- {
- "$ref": "../../../common/v1/types.json#/definitions/Resource"
- }
- ]
- },
- "SecurityAssessmentMetadataResponse": {
- "type": "object",
- "description": "Security assessment metadata response",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "$ref": "#/definitions/SecurityAssessmentMetadataPropertiesResponse"
- }
- },
- "allOf": [
- {
- "$ref": "../../../common/v1/types.json#/definitions/Resource"
- }
- ]
- },
- "SecurityAssessmentMetadataProperties": {
- "type": "object",
- "description": "Describes properties of an assessment metadata.",
- "properties": {
- "displayName": {
- "type": "string",
- "description": "User friendly display name of the assessment"
- },
- "policyDefinitionId": {
- "readOnly": true,
- "type": "string",
- "description": "Azure resource ID of the policy definition that turns this assessment calculation on"
- },
- "description": {
- "type": "string",
- "description": "Human readable description of the assessment"
- },
- "remediationDescription": {
- "type": "string",
- "description": "Human readable description of what you should do to mitigate this security issue"
- },
- "categories": {
- "type": "array",
- "items": {
- "type": "string",
- "description": "The categories of resource that is at risk when the assessment is unhealthy",
- "enum": [
- "Compute",
- "Networking",
- "Data",
- "IdentityAndAccess",
- "IoT"
- ],
- "x-ms-enum": {
- "name": "categories",
- "modelAsString": true,
- "values": [
- {
- "value": "Compute"
- },
- {
- "value": "Networking"
- },
- {
- "value": "Data"
- },
- {
- "value": "IdentityAndAccess"
- },
- {
- "value": "IoT"
- }
- ]
- }
- }
- },
- "severity": {
- "type": "string",
- "description": "The severity level of the assessment",
- "enum": [
- "Low",
- "Medium",
- "High"
- ],
- "x-ms-enum": {
- "name": "severity",
- "modelAsString": true,
- "values": [
- {
- "value": "Low"
- },
- {
- "value": "Medium"
- },
- {
- "value": "High"
- }
- ]
- }
- },
- "userImpact": {
- "type": "string",
- "description": "The user impact of the assessment",
- "enum": [
- "Low",
- "Moderate",
- "High"
- ],
- "x-ms-enum": {
- "name": "userImpact",
- "modelAsString": true,
- "values": [
- {
- "value": "Low"
- },
- {
- "value": "Moderate"
- },
- {
- "value": "High"
- }
- ]
- }
- },
- "implementationEffort": {
- "type": "string",
- "description": "The implementation effort required to remediate this assessment",
- "enum": [
- "Low",
- "Moderate",
- "High"
- ],
- "x-ms-enum": {
- "name": "implementationEffort",
- "modelAsString": true,
- "values": [
- {
- "value": "Low"
- },
- {
- "value": "Moderate"
- },
- {
- "value": "High"
- }
- ]
- }
- },
- "threats": {
- "type": "array",
- "items": {
- "type": "string",
- "description": "Threats impact of the assessment",
- "enum": [
- "accountBreach",
- "dataExfiltration",
- "dataSpillage",
- "maliciousInsider",
- "elevationOfPrivilege",
- "threatResistance",
- "missingCoverage",
- "denialOfService"
- ],
- "x-ms-enum": {
- "name": "threats",
- "modelAsString": true,
- "values": [
- {
- "value": "accountBreach"
- },
- {
- "value": "dataExfiltration"
- },
- {
- "value": "dataSpillage"
- },
- {
- "value": "maliciousInsider"
- },
- {
- "value": "elevationOfPrivilege"
- },
- {
- "value": "threatResistance"
- },
- {
- "value": "missingCoverage"
- },
- {
- "value": "denialOfService"
- }
- ]
- }
- }
- },
- "preview": {
- "type": "boolean",
- "description": "True if this assessment is in preview release status"
- },
- "assessmentType": {
- "type": "string",
- "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition",
- "enum": [
- "BuiltIn",
- "CustomPolicy",
- "CustomerManaged",
- "VerifiedPartner"
- ],
- "x-ms-enum": {
- "name": "assessmentType",
- "modelAsString": true,
- "values": [
- {
- "value": "BuiltIn",
- "description": "Microsoft Defender for Cloud managed assessments"
- },
- {
- "value": "CustomPolicy",
- "description": "User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud"
- },
- {
- "value": "CustomerManaged",
- "description": "User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud"
- },
- {
- "value": "VerifiedPartner",
- "description": "An assessment that was created by a verified 3rd party if the user connected it to ASC"
- }
- ]
- }
- },
- "partnerData": {
- "$ref": "#/definitions/SecurityAssessmentMetadataPartnerData"
- }
- },
- "required": [
- "displayName",
- "severity",
- "assessmentType"
- ]
- },
- "SecurityAssessmentMetadataPartnerData": {
- "type": "object",
- "description": "Describes the partner that created the assessment",
- "properties": {
- "partnerName": {
- "type": "string",
- "description": "Name of the company of the partner"
- },
- "productName": {
- "type": "string",
- "description": "Name of the product of the partner that created the assessment"
- },
- "secret": {
- "type": "string",
- "description": "Secret to authenticate the partner and verify it created the assessment - write only",
- "x-ms-secret": true
- }
- },
- "required": [
- "partnerName",
- "secret"
- ]
- },
- "SecurityAssessmentMetadataPropertiesResponse": {
- "type": "object",
- "description": "Describes properties of an assessment metadata response.",
- "properties": {
- "publishDates": {
- "type": "object",
- "properties": {
- "GA": {
- "type": "string",
- "pattern": "^([0-9]{2}/){2}[0-9]{4}$"
- },
- "public": {
- "type": "string",
- "pattern": "^([0-9]{2}/){2}[0-9]{4}$"
- }
- },
- "required": [
- "public"
- ]
- },
- "plannedDeprecationDate": {
- "type": "string",
- "pattern": "^[0-9]{2}/[0-9]{4}$"
- },
- "tactics": {
- "type": "array",
- "items": {
- "type": "string",
- "description": "Tactic of the assessment",
- "enum": [
- "Reconnaissance",
- "Resource Development",
- "Initial Access",
- "Execution",
- "Persistence",
- "Privilege Escalation",
- "Defense Evasion",
- "Credential Access",
- "Discovery",
- "Lateral Movement",
- "Collection",
- "Command and Control",
- "Exfiltration",
- "Impact"
- ],
- "x-ms-enum": {
- "name": "tactics",
- "modelAsString": true,
- "values": [
- {
- "value": "Reconnaissance"
- },
- {
- "value": "Resource Development"
- },
- {
- "value": "Initial Access"
- },
- {
- "value": "Execution"
- },
- {
- "value": "Persistence"
- },
- {
- "value": "Privilege Escalation"
- },
- {
- "value": "Defense Evasion"
- },
- {
- "value": "Credential Access"
- },
- {
- "value": "Discovery"
- },
- {
- "value": "Lateral Movement"
- },
- {
- "value": "Collection"
- },
- {
- "value": "Command and Control"
- },
- {
- "value": "Exfiltration"
- },
- {
- "value": "Impact"
- }
- ]
- }
- }
- },
- "techniques": {
- "type": "array",
- "items": {
- "type": "string",
- "description": "Techniques of the assessment",
- "enum": [
- "Abuse Elevation Control Mechanism",
- "Access Token Manipulation",
- "Account Discovery",
- "Account Manipulation",
- "Active Scanning",
- "Application Layer Protocol",
- "Audio Capture",
- "Boot or Logon Autostart Execution",
- "Boot or Logon Initialization Scripts",
- "Brute Force",
- "Cloud Infrastructure Discovery",
- "Cloud Service Dashboard",
- "Cloud Service Discovery",
- "Command and Scripting Interpreter",
- "Compromise Client Software Binary",
- "Compromise Infrastructure",
- "Container and Resource Discovery",
- "Create Account",
- "Create or Modify System Process",
- "Credentials from Password Stores",
- "Data Destruction",
- "Data Encrypted for Impact",
- "Data from Cloud Storage Object",
- "Data from Configuration Repository",
- "Data from Information Repositories",
- "Data from Local System",
- "Data Manipulation",
- "Data Staged",
- "Defacement",
- "Deobfuscate/Decode Files or Information",
- "Disk Wipe",
- "Domain Trust Discovery",
- "Drive-by Compromise",
- "Dynamic Resolution",
- "Endpoint Denial of Service",
- "Event Triggered Execution",
- "Exfiltration Over Alternative Protocol",
- "Exploit Public-Facing Application",
- "Exploitation for Client Execution",
- "Exploitation for Credential Access",
- "Exploitation for Defense Evasion",
- "Exploitation for Privilege Escalation",
- "Exploitation of Remote Services",
- "External Remote Services",
- "Fallback Channels",
- "File and Directory Discovery",
- "Gather Victim Network Information",
- "Hide Artifacts",
- "Hijack Execution Flow",
- "Impair Defenses",
- "Implant Container Image",
- "Indicator Removal on Host",
- "Indirect Command Execution",
- "Ingress Tool Transfer",
- "Input Capture",
- "Inter-Process Communication",
- "Lateral Tool Transfer",
- "Man-in-the-Middle",
- "Masquerading",
- "Modify Authentication Process",
- "Modify Registry",
- "Network Denial of Service",
- "Network Service Scanning",
- "Network Sniffing",
- "Non-Application Layer Protocol",
- "Non-Standard Port",
- "Obtain Capabilities",
- "Obfuscated Files or Information",
- "Office Application Startup",
- "OS Credential Dumping",
- "Permission Groups Discovery",
- "Phishing",
- "Pre-OS Boot",
- "Process Discovery",
- "Process Injection",
- "Protocol Tunneling",
- "Proxy",
- "Query Registry",
- "Remote Access Software",
- "Remote Service Session Hijacking",
- "Remote Services",
- "Remote System Discovery",
- "Resource Hijacking",
- "Scheduled Task/Job",
- "Screen Capture",
- "Search Victim-Owned Websites",
- "Server Software Component",
- "Service Stop",
- "Signed Binary Proxy Execution",
- "Software Deployment Tools",
- "SQL Stored Procedures",
- "Steal or Forge Kerberos Tickets",
- "Subvert Trust Controls",
- "Supply Chain Compromise",
- "System Information Discovery",
- "Taint Shared Content",
- "Traffic Signaling",
- "Transfer Data to Cloud Account",
- "Trusted Relationship",
- "Unsecured Credentials",
- "User Execution",
- "Valid Accounts",
- "Windows Management Instrumentation",
- "File and Directory Permissions Modification"
- ],
- "x-ms-enum": {
- "name": "techniques",
- "modelAsString": true,
- "values": [
- {
- "value": "Abuse Elevation Control Mechanism"
- },
- {
- "value": "Access Token Manipulation"
- },
- {
- "value": "Account Discovery"
- },
- {
- "value": "Account Manipulation"
- },
- {
- "value": "Active Scanning"
- },
- {
- "value": "Application Layer Protocol"
- },
- {
- "value": "Audio Capture"
- },
- {
- "value": "Boot or Logon Autostart Execution"
- },
- {
- "value": "Boot or Logon Initialization Scripts"
- },
- {
- "value": "Brute Force"
- },
- {
- "value": "Cloud Infrastructure Discovery"
- },
- {
- "value": "Cloud Service Dashboard"
- },
- {
- "value": "Cloud Service Discovery"
- },
- {
- "value": "Command and Scripting Interpreter"
- },
- {
- "value": "Compromise Client Software Binary"
- },
- {
- "value": "Compromise Infrastructure"
- },
- {
- "value": "Container and Resource Discovery"
- },
- {
- "value": "Create Account"
- },
- {
- "value": "Create or Modify System Process"
- },
- {
- "value": "Credentials from Password Stores"
- },
- {
- "value": "Data Destruction"
- },
- {
- "value": "Data Encrypted for Impact"
- },
- {
- "value": "Data from Cloud Storage Object"
- },
- {
- "value": "Data from Configuration Repository"
- },
- {
- "value": "Data from Information Repositories"
- },
- {
- "value": "Data from Local System"
- },
- {
- "value": "Data Manipulation"
- },
- {
- "value": "Data Staged"
- },
- {
- "value": "Defacement"
- },
- {
- "value": "Deobfuscate/Decode Files or Information"
- },
- {
- "value": "Disk Wipe"
- },
- {
- "value": "Domain Trust Discovery"
- },
- {
- "value": "Drive-by Compromise"
- },
- {
- "value": "Dynamic Resolution"
- },
- {
- "value": "Endpoint Denial of Service"
- },
- {
- "value": "Event Triggered Execution"
- },
- {
- "value": "Exfiltration Over Alternative Protocol"
- },
- {
- "value": "Exploit Public-Facing Application"
- },
- {
- "value": "Exploitation for Client Execution"
- },
- {
- "value": "Exploitation for Credential Access"
- },
- {
- "value": "Exploitation for Defense Evasion"
- },
- {
- "value": "Exploitation for Privilege Escalation"
- },
- {
- "value": "Exploitation of Remote Services"
- },
- {
- "value": "External Remote Services"
- },
- {
- "value": "Fallback Channels"
- },
- {
- "value": "File and Directory Discovery"
- },
- {
- "value": "Gather Victim Network Information"
- },
- {
- "value": "Hide Artifacts"
- },
- {
- "value": "Hijack Execution Flow"
- },
- {
- "value": "Impair Defenses"
- },
- {
- "value": "Implant Container Image"
- },
- {
- "value": "Indicator Removal on Host"
- },
- {
- "value": "Indirect Command Execution"
- },
- {
- "value": "Ingress Tool Transfer"
- },
- {
- "value": "Input Capture"
- },
- {
- "value": "Inter-Process Communication"
- },
- {
- "value": "Lateral Tool Transfer"
- },
- {
- "value": "Man-in-the-Middle"
- },
- {
- "value": "Masquerading"
- },
- {
- "value": "Modify Authentication Process"
- },
- {
- "value": "Modify Registry"
- },
- {
- "value": "Network Denial of Service"
- },
- {
- "value": "Network Service Scanning"
- },
- {
- "value": "Network Sniffing"
- },
- {
- "value": "Non-Application Layer Protocol"
- },
- {
- "value": "Non-Standard Port"
- },
- {
- "value": "Obtain Capabilities"
- },
- {
- "value": "Obfuscated Files or Information"
- },
- {
- "value": "Office Application Startup"
- },
- {
- "value": "OS Credential Dumping"
- },
- {
- "value": "Permission Groups Discovery"
- },
- {
- "value": "Phishing"
- },
- {
- "value": "Pre-OS Boot"
- },
- {
- "value": "Process Discovery"
- },
- {
- "value": "Process Injection"
- },
- {
- "value": "Protocol Tunneling"
- },
- {
- "value": "Proxy"
- },
- {
- "value": "Query Registry"
- },
- {
- "value": "Remote Access Software"
- },
- {
- "value": "Remote Service Session Hijacking"
- },
- {
- "value": "Remote Services"
- },
- {
- "value": "Remote System Discovery"
- },
- {
- "value": "Resource Hijacking"
- },
- {
- "value": "Scheduled Task/Job"
- },
- {
- "value": "Screen Capture"
- },
- {
- "value": "Search Victim-Owned Websites"
- },
- {
- "value": "Server Software Component"
- },
- {
- "value": "Service Stop"
- },
- {
- "value": "Signed Binary Proxy Execution"
- },
- {
- "value": "Software Deployment Tools"
- },
- {
- "value": "SQL Stored Procedures"
- },
- {
- "value": "Steal or Forge Kerberos Tickets"
- },
- {
- "value": "Subvert Trust Controls"
- },
- {
- "value": "Supply Chain Compromise"
- },
- {
- "value": "System Information Discovery"
- },
- {
- "value": "Taint Shared Content"
- },
- {
- "value": "Traffic Signaling"
- },
- {
- "value": "Transfer Data to Cloud Account"
- },
- {
- "value": "Trusted Relationship"
- },
- {
- "value": "Unsecured Credentials"
- },
- {
- "value": "User Execution"
- },
- {
- "value": "Valid Accounts"
- },
- {
- "value": "Windows Management Instrumentation"
- },
- {
- "value": "File and Directory Permissions Modification"
- }
- ]
- }
- }
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
- }
- ]
- }
- },
- "parameters": {
- "AssessmentsMetadataName": {
- "name": "assessmentMetadataName",
- "in": "path",
- "required": true,
- "type": "string",
- "description": "The Assessment Key - Unique key for the assessment type",
- "x-ms-parameter-location": "method"
- },
- "SecurityAssessmentMetadataResponse": {
- "name": "assessmentMetadata",
- "in": "body",
- "required": true,
- "description": "AssessmentMetadata object",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
- },
- "x-ms-parameter-location": "method"
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json
deleted file mode 100644
index e4310003f903..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/assessments.json
+++ /dev/null
@@ -1,467 +0,0 @@
-{
- "swagger": "2.0",
- "info": {
- "title": "Microsoft Defender for Cloud",
- "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
- "version": "2022-11-20-preview"
- },
- "host": "management.azure.com",
- "schemes": [
- "https"
- ],
- "consumes": [
- "application/json"
- ],
- "produces": [
- "application/json"
- ],
- "security": [
- {
- "azure_auth": [
- "user_impersonation"
- ]
- }
- ],
- "securityDefinitions": {
- "azure_auth": {
- "type": "oauth2",
- "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
- "flow": "implicit",
- "description": "Azure Active Directory OAuth2 Flow",
- "scopes": {
- "user_impersonation": "impersonate your user account"
- }
- }
- },
- "paths": {
- "/{scope}/providers/Microsoft.Security/assessments": {
- "get": {
- "x-ms-examples": {
- "List security assessments": {
- "$ref": "./examples/Assessments/ListAssessments_example.json"
- }
- },
- "tags": [
- "Assessments"
- ],
- "description": "Get security assessments on all your scanned resources inside a scope",
- "operationId": "Assessments_List",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/Scope"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentList"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- },
- "x-ms-pageable": {
- "nextLinkName": "nextLink"
- }
- }
- },
- "/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}": {
- "get": {
- "x-ms-examples": {
- "Get security recommendation task from security data location": {
- "$ref": "./examples/Assessments/GetAssessment_example.json"
- },
- "Get security recommendation task from security data location with expand parameter": {
- "$ref": "./examples/Assessments/GetAssessmentWithExpand_example.json"
- }
- },
- "tags": [
- "Assessments"
- ],
- "description": "Get a security assessment on your scanned resource",
- "operationId": "Assessments_Get",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
- },
- {
- "$ref": "#/parameters/AssessmentName"
- },
- {
- "$ref": "#/parameters/ExpandAssessments"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentResponse"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- },
- "put": {
- "x-ms-examples": {
- "Create security recommendation task on a resource": {
- "$ref": "./examples/Assessments/PutAssessment_example.json"
- }
- },
- "tags": [
- "Assessments"
- ],
- "description": "Create a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
- "operationId": "Assessments_CreateOrUpdate",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
- },
- {
- "$ref": "#/parameters/AssessmentName"
- },
- {
- "$ref": "#/parameters/AssessmentBody"
- }
- ],
- "responses": {
- "201": {
- "description": "Created",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentResponse"
- }
- },
- "200": {
- "description": "OK - Updated",
- "schema": {
- "$ref": "#/definitions/SecurityAssessmentResponse"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- },
- "delete": {
- "x-ms-examples": {
- "Delete a security recommendation task on a resource": {
- "$ref": "./examples/Assessments/DeleteAssessment_example.json"
- }
- },
- "tags": [
- "Assessments"
- ],
- "description": "Delete a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
- "operationId": "Assessments_Delete",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
- },
- {
- "$ref": "#/parameters/AssessmentName"
- }
- ],
- "responses": {
- "200": {
- "description": "OK - Assessment was deleted"
- },
- "204": {
- "description": "No Content - Assessment does not exist"
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- }
- }
- },
- "definitions": {
- "SecurityAssessmentList": {
- "type": "object",
- "description": "Page of a security assessments list",
- "properties": {
- "value": {
- "description": "Collection of security assessments in this page",
- "readOnly": true,
- "type": "array",
- "items": {
- "$ref": "#/definitions/SecurityAssessmentResponse"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "SecurityAssessment": {
- "type": "object",
- "description": "Security assessment on a resource",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "$ref": "#/definitions/SecurityAssessmentProperties"
- }
- },
- "allOf": [
- {
- "$ref": "../../../common/v1/types.json#/definitions/Resource"
- }
- ]
- },
- "SecurityAssessmentResponse": {
- "type": "object",
- "description": "Security assessment on a resource - response format",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "$ref": "#/definitions/SecurityAssessmentPropertiesResponse"
- }
- },
- "allOf": [
- {
- "$ref": "../../../common/v1/types.json#/definitions/Resource"
- }
- ]
- },
- "SecurityAssessmentProperties": {
- "type": "object",
- "description": "Describes properties of an assessment.",
- "properties": {
- "status": {
- "$ref": "#/definitions/AssessmentStatus"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/SecurityAssessmentPropertiesBase"
- }
- ],
- "required": [
- "status"
- ]
- },
- "SecurityAssessmentPropertiesResponse": {
- "type": "object",
- "description": "Describes properties of an assessment.",
- "properties": {
- "status": {
- "$ref": "#/definitions/AssessmentStatusResponse"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/SecurityAssessmentPropertiesBase"
- }
- ],
- "required": [
- "status"
- ]
- },
- "SecurityAssessmentPropertiesBase": {
- "type": "object",
- "description": "Describes properties of an assessment.",
- "properties": {
- "resourceDetails": {
- "$ref": "../../../common/v1/types.json#/definitions/ResourceDetails"
- },
- "displayName": {
- "readOnly": true,
- "type": "string",
- "description": "User friendly display name of the assessment"
- },
- "additionalData": {
- "type": "object",
- "description": "Additional data regarding the assessment",
- "additionalProperties": {
- "type": "string"
- }
- },
- "links": {
- "$ref": "#/definitions/AssessmentLinks"
- },
- "metadata": {
- "$ref": "./assessmentMetadata.json#/definitions/SecurityAssessmentMetadataProperties"
- },
- "partnersData": {
- "$ref": "#/definitions/SecurityAssessmentPartnerData"
- }
- },
- "required": [
- "resourceDetails"
- ]
- },
- "SecurityAssessmentPartnerData": {
- "type": "object",
- "description": "Data regarding 3rd party partner integration",
- "properties": {
- "partnerName": {
- "type": "string",
- "description": "Name of the company of the partner"
- },
- "secret": {
- "type": "string",
- "description": "secret to authenticate the partner - write only",
- "x-ms-secret": true
- }
- },
- "required": [
- "partnerName",
- "secret"
- ]
- },
- "AssessmentLinks": {
- "type": "object",
- "description": "Links relevant to the assessment",
- "readOnly": true,
- "properties": {
- "azurePortalUri": {
- "type": "string",
- "description": "Link to assessment in Azure Portal",
- "readOnly": true
- }
- }
- },
- "AssessmentStatusResponse": {
- "type": "object",
- "description": "The result of the assessment",
- "properties": {
- "firstEvaluationDate": {
- "readOnly": true,
- "type": "string",
- "format": "date-time",
- "description": "The time that the assessment was created and first evaluated. Returned as UTC time in ISO 8601 format"
- },
- "statusChangeDate": {
- "readOnly": true,
- "type": "string",
- "format": "date-time",
- "description": "The time that the status of the assessment last changed. Returned as UTC time in ISO 8601 format"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/AssessmentStatus"
- }
- ]
- },
- "AssessmentStatus": {
- "type": "object",
- "description": "The result of the assessment",
- "properties": {
- "code": {
- "type": "string",
- "description": "Programmatic code for the status of the assessment",
- "enum": [
- "Healthy",
- "Unhealthy",
- "NotApplicable"
- ],
- "x-ms-enum": {
- "name": "AssessmentStatusCode",
- "modelAsString": true,
- "values": [
- {
- "value": "Healthy",
- "description": "The resource is healthy"
- },
- {
- "value": "Unhealthy",
- "description": "The resource has a security issue that needs to be addressed"
- },
- {
- "value": "NotApplicable",
- "description": "Assessment for this resource did not happen"
- }
- ]
- }
- },
- "cause": {
- "type": "string",
- "description": "Programmatic code for the cause of the assessment status"
- },
- "description": {
- "type": "string",
- "description": "Human readable description of the assessment status"
- }
- },
- "required": [
- "code"
- ]
- }
- },
- "parameters": {
- "ExpandAssessments": {
- "name": "$expand",
- "in": "query",
- "required": false,
- "type": "string",
- "description": "OData expand. Optional.",
- "x-ms-parameter-location": "method",
- "enum": [
- "links",
- "metadata"
- ],
- "x-ms-enum": {
- "name": "ExpandEnum",
- "modelAsString": true,
- "values": [
- {
- "value": "links",
- "description": "All links associated with an assessment"
- },
- {
- "value": "metadata",
- "description": "Assessment metadata"
- }
- ]
- }
- },
- "AssessmentName": {
- "name": "assessmentName",
- "in": "path",
- "required": true,
- "type": "string",
- "description": "The Assessment Key - Unique key for the assessment type",
- "x-ms-parameter-location": "method"
- },
- "AssessmentBody": {
- "name": "assessment",
- "in": "body",
- "required": true,
- "schema": {
- "$ref": "#/definitions/SecurityAssessment"
- },
- "description": "Calculated assessment on a pre-defined assessment metadata",
- "x-ms-parameter-location": "method"
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json
new file mode 100644
index 000000000000..dd969ea99d97
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json
@@ -0,0 +1,10 @@
+{
+ "parameters": {
+ "apiManagementServiceResourceId": "subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
+ "apiCollectionId": "echo-api",
+ "api-version": "2022-11-20-preview"
+ },
+ "responses": {
+ "200": {}
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboardingState_Get_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboardingState_Get_example.json
new file mode 100644
index 000000000000..5948eb727982
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboardingState_Get_example.json
@@ -0,0 +1,21 @@
+{
+ "parameters": {
+ "apiManagementServiceResourceId": "subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
+ "apiCollectionId": "echo-api",
+ "api-version": "2022-11-20-preview"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api",
+ "name": "echo-api",
+ "type": "Microsoft.Security/apiCollections",
+ "properties": {
+ "additionalData": {
+ "apiManagementApiId": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/apis/echo-api"
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json
new file mode 100644
index 000000000000..5948eb727982
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json
@@ -0,0 +1,21 @@
+{
+ "parameters": {
+ "apiManagementServiceResourceId": "subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
+ "apiCollectionId": "echo-api",
+ "api-version": "2022-11-20-preview"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api",
+ "name": "echo-api",
+ "type": "Microsoft.Security/apiCollections",
+ "properties": {
+ "additionalData": {
+ "apiManagementApiId": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/apis/echo-api"
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json
deleted file mode 100644
index 39aaa0a8ed56..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/DeleteAssessment_example.json
+++ /dev/null
@@ -1,11 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
- "assessmentName": "8bb8be0a-6010-4789-812f-e4d661c4ed0e"
- },
- "responses": {
- "200": {},
- "204": {}
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json
deleted file mode 100644
index d9265662c159..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessmentWithExpand_example.json
+++ /dev/null
@@ -1,37 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
- "assessmentName": "21300918-b2e3-0346-785f-c77ff57d243b",
- "$expand": "links"
- },
- "responses": {
- "200": {
- "body": {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessments",
- "properties": {
- "resourceDetails": {
- "source": "Azure",
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
- },
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "status": {
- "code": "NotApplicable",
- "cause": "OffByPolicy",
- "description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
- "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
- "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
- },
- "additionalData": {
- "linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
- },
- "links": {
- "azurePortalUri": "https://www.portal.azure.com/?fea#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/21300918-b2e3-0346-785f-c77ff57d243b"
- }
- }
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json
deleted file mode 100644
index 6ea60b6bfbd0..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/GetAssessment_example.json
+++ /dev/null
@@ -1,33 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
- "assessmentName": "21300918-b2e3-0346-785f-c77ff57d243b"
- },
- "responses": {
- "200": {
- "body": {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessments",
- "properties": {
- "resourceDetails": {
- "source": "Azure",
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
- },
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "status": {
- "code": "NotApplicable",
- "cause": "OffByPolicy",
- "description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
- "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
- "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
- },
- "additionalData": {
- "linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
- }
- }
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json
deleted file mode 100644
index a236f500e098..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/ListAssessments_example.json
+++ /dev/null
@@ -1,53 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23"
- },
- "responses": {
- "200": {
- "body": {
- "value": [
- {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessments",
- "properties": {
- "resourceDetails": {
- "source": "Azure",
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1"
- },
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "status": {
- "code": "Healthy",
- "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
- "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
- }
- }
- },
- {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessments",
- "properties": {
- "resourceDetails": {
- "source": "Azure",
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
- },
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "status": {
- "code": "NotApplicable",
- "cause": "OffByPolicy",
- "description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
- "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
- "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
- },
- "additionalData": {
- "linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
- }
- }
- }
- ]
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json
deleted file mode 100644
index 6659be495287..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Assessments/PutAssessment_example.json
+++ /dev/null
@@ -1,53 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
- "assessmentName": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
- "assessment": {
- "properties": {
- "resourceDetails": {
- "source": "Azure"
- },
- "status": {
- "code": "Healthy"
- }
- }
- }
- },
- "responses": {
- "200": {
- "body": {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
- "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
- "type": "Microsoft.Security/assessments",
- "properties": {
- "resourceDetails": {
- "source": "Azure",
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e"
- },
- "displayName": "Install internal agent on VM",
- "status": {
- "code": "Healthy"
- }
- }
- }
- },
- "201": {
- "body": {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
- "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
- "type": "Microsoft.Security/assessments",
- "properties": {
- "resourceDetails": {
- "source": "Azure",
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e"
- },
- "displayName": "Install internal agent on VM",
- "status": {
- "code": "Healthy"
- }
- }
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
deleted file mode 100644
index ae2beef6e21b..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
+++ /dev/null
@@ -1,52 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
- "assessmentMetadataName": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
- "assessmentMetadata": {
- "properties": {
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
- "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
- "categories": [
- "Compute"
- ],
- "severity": "Medium",
- "userImpact": "Low",
- "implementationEffort": "Low",
- "threats": [
- "dataExfiltration",
- "dataSpillage",
- "maliciousInsider"
- ],
- "assessmentType": "CustomerManaged"
- }
- }
- },
- "responses": {
- "200": {
- "body": {
- "id": "/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7",
- "name": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "My organization security assessment",
- "description": "Assessment that my organization created to view our security assessment in Azure Security Center",
- "remediationDescription": "Fix it with these remediation instructions",
- "categories": [
- "Compute"
- ],
- "severity": "Medium",
- "userImpact": "Low",
- "implementationEffort": "Low",
- "threats": [
- "dataExfiltration",
- "dataSpillage",
- "maliciousInsider"
- ],
- "assessmentType": "CustomerManaged"
- }
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
deleted file mode 100644
index 6474356bf41e..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
+++ /dev/null
@@ -1,10 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
- "assessmentMetadataName": "ca039e75-a276-4175-aebc-bcd41e4b14b7"
- },
- "responses": {
- "200": {}
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
deleted file mode 100644
index 09b39f48a5eb..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
+++ /dev/null
@@ -1,53 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "assessmentMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
- },
- "responses": {
- "200": {
- "body": {
- "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
- "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
- "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
- "categories": [
- "Compute"
- ],
- "severity": "Medium",
- "userImpact": "Low",
- "implementationEffort": "Low",
- "threats": [
- "dataExfiltration",
- "dataSpillage",
- "maliciousInsider"
- ],
- "publishDates": {
- "GA": "06/01/2021",
- "public": "06/01/2021"
- },
- "plannedDeprecationDate": "03/2022",
- "tactics": [
- "Credential Access",
- "Persistence",
- "Execution",
- "Defense Evasion",
- "Collection",
- "Discovery",
- "Privilege Escalation"
- ],
- "techniques": [
- "Obfuscated Files or Information",
- "Ingress Tool Transfer",
- "Phishing",
- "User Execution"
- ],
- "assessmentType": "BuiltIn"
- }
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
deleted file mode 100644
index 90f42c321205..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
+++ /dev/null
@@ -1,54 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
- "assessmentMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
- },
- "responses": {
- "200": {
- "body": {
- "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
- "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
- "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
- "categories": [
- "Compute"
- ],
- "severity": "Medium",
- "userImpact": "Low",
- "implementationEffort": "Low",
- "threats": [
- "dataExfiltration",
- "dataSpillage",
- "maliciousInsider"
- ],
- "publishDates": {
- "GA": "06/01/2021",
- "public": "06/01/2021"
- },
- "plannedDeprecationDate": "03/2022",
- "tactics": [
- "Credential Access",
- "Persistence",
- "Execution",
- "Defense Evasion",
- "Collection",
- "Discovery",
- "Privilege Escalation"
- ],
- "techniques": [
- "Obfuscated Files or Information",
- "Ingress Tool Transfer",
- "Phishing",
- "User Execution"
- ],
- "assessmentType": "BuiltIn"
- }
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
deleted file mode 100644
index 4cfbc3e1d0c9..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
+++ /dev/null
@@ -1,106 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview"
- },
- "responses": {
- "200": {
- "body": {
- "value": [
- {
- "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
- "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
- "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
- "categories": [
- "Compute"
- ],
- "severity": "Medium",
- "userImpact": "Low",
- "implementationEffort": "Low",
- "threats": [
- "dataExfiltration",
- "dataSpillage",
- "maliciousInsider"
- ],
- "publishDates": {
- "GA": "06/01/2021",
- "public": "06/01/2021"
- },
- "plannedDeprecationDate": "03/2022",
- "tactics": [
- "Credential Access",
- "Persistence",
- "Execution",
- "Defense Evasion",
- "Collection",
- "Discovery",
- "Privilege Escalation"
- ],
- "techniques": [
- "Obfuscated Files or Information",
- "Ingress Tool Transfer",
- "Phishing",
- "User Execution"
- ],
- "assessmentType": "BuiltIn"
- }
- },
- {
- "id": "/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe",
- "name": "bc303248-3d14-44c2-96a0-55f5c326b5fe",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Close management ports on your virtual machines",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
- "description": "Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.",
- "remediationDescription": "We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.
To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'",
- "categories": [
- "Networking"
- ],
- "severity": "Medium",
- "userImpact": "High",
- "implementationEffort": "Low",
- "threats": [
- "dataExfiltration",
- "dataSpillage",
- "maliciousInsider"
- ],
- "publishDates": {
- "GA": "06/01/2021",
- "public": "06/01/2021"
- },
- "preview": true,
- "assessmentType": "CustomPolicy"
- }
- },
- {
- "id": "/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7",
- "name": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "My organization security assessment",
- "description": "Assessment that my organization created to view our security assessment in Azure Security Center",
- "remediationDescription": "Fix it with these remediation instructions",
- "categories": [
- "Compute"
- ],
- "severity": "Medium",
- "userImpact": "Low",
- "implementationEffort": "Low",
- "threats": [],
- "publishDates": {
- "GA": "06/01/2021",
- "public": "06/01/2021"
- },
- "assessmentType": "CustomerManaged"
- }
- }
- ]
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
deleted file mode 100644
index f882b56abe2f..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
+++ /dev/null
@@ -1,85 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e"
- },
- "responses": {
- "200": {
- "body": {
- "value": [
- {
- "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
- "name": "21300918-b2e3-0346-785f-c77ff57d243b",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Install endpoint protection solution on virtual machine scale sets",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
- "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
- "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
- "categories": [
- "Compute"
- ],
- "severity": "Medium",
- "userImpact": "Low",
- "implementationEffort": "Low",
- "threats": [
- "dataExfiltration",
- "dataSpillage",
- "maliciousInsider"
- ],
- "publishDates": {
- "GA": "06/01/2021",
- "public": "06/01/2021"
- },
- "plannedDeprecationDate": "03/2022",
- "tactics": [
- "Credential Access",
- "Persistence",
- "Execution",
- "Defense Evasion",
- "Collection",
- "Discovery",
- "Privilege Escalation"
- ],
- "techniques": [
- "Obfuscated Files or Information",
- "Ingress Tool Transfer",
- "Phishing",
- "User Execution"
- ],
- "assessmentType": "BuiltIn"
- }
- },
- {
- "id": "/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe",
- "name": "bc303248-3d14-44c2-96a0-55f5c326b5fe",
- "type": "Microsoft.Security/assessmentMetadata",
- "properties": {
- "displayName": "Close management ports on your virtual machines",
- "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
- "description": "Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.",
- "remediationDescription": "We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.
To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'",
- "categories": [
- "Networking"
- ],
- "severity": "Medium",
- "userImpact": "High",
- "implementationEffort": "Low",
- "threats": [
- "dataExfiltration",
- "dataSpillage",
- "maliciousInsider"
- ],
- "publishDates": {
- "GA": "06/01/2021",
- "public": "06/01/2021"
- },
- "preview": true,
- "assessmentType": "CustomPolicy"
- }
- }
- ]
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json
deleted file mode 100644
index da3d161190b0..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSetting_example.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
- "settingName": "MCAS"
- },
- "responses": {
- "200": {
- "body": {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS",
- "name": "MCAS",
- "kind": "DataExportSettings",
- "type": "Microsoft.Security/settings",
- "properties": {
- "enabled": true
- }
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json
deleted file mode 100644
index c909f8e2f1a4..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/GetSettings_example.json
+++ /dev/null
@@ -1,41 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23"
- },
- "responses": {
- "200": {
- "body": {
- "value": [
- {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS",
- "name": "MCAS",
- "kind": "DataExportSettings",
- "type": "Microsoft.Security/settings",
- "properties": {
- "enabled": true
- }
- },
- {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/WDATP",
- "name": "WDATP",
- "kind": "DataExportSettings",
- "type": "Microsoft.Security/settings",
- "properties": {
- "enabled": false
- }
- },
- {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/Sentinel",
- "name": "Sentinel",
- "kind": "AlertSyncSettings",
- "type": "Microsoft.Security/settings",
- "properties": {
- "enabled": false
- }
- }
- ]
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json
deleted file mode 100644
index b9bb545019c4..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/Settings/UpdateSetting_example.json
+++ /dev/null
@@ -1,26 +0,0 @@
-{
- "parameters": {
- "api-version": "2022-11-20-preview",
- "subscriptionId": "20ff7fc3-e762-44dd-bd96-b71116dcdc23",
- "settingName": "MCAS",
- "setting": {
- "kind": "DataExportSettings",
- "properties": {
- "enabled": true
- }
- }
- },
- "responses": {
- "200": {
- "body": {
- "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/providers/Microsoft.Security/settings/MCAS",
- "name": "MCAS",
- "kind": "DataExportSettings",
- "type": "Microsoft.Security/settings",
- "properties": {
- "enabled": true
- }
- }
- }
- }
-}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json
deleted file mode 100644
index 77436c29ec46..000000000000
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/settings.json
+++ /dev/null
@@ -1,300 +0,0 @@
-{
- "swagger": "2.0",
- "info": {
- "title": "Microsoft Defender for Cloud",
- "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
- "version": "2022-11-20-preview"
- },
- "host": "management.azure.com",
- "schemes": [
- "https"
- ],
- "consumes": [
- "application/json"
- ],
- "produces": [
- "application/json"
- ],
- "security": [
- {
- "azure_auth": [
- "user_impersonation"
- ]
- }
- ],
- "securityDefinitions": {
- "azure_auth": {
- "type": "oauth2",
- "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
- "flow": "implicit",
- "description": "Azure Active Directory OAuth2 Flow",
- "scopes": {
- "user_impersonation": "impersonate your user account"
- }
- }
- },
- "paths": {
- "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings": {
- "get": {
- "x-ms-examples": {
- "Get settings of subscription": {
- "$ref": "./examples/Settings/GetSettings_example.json"
- }
- },
- "tags": [
- "Settings"
- ],
- "description": "Settings about different configurations in Microsoft Defender for Cloud",
- "operationId": "Settings_List",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/SettingsList"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- },
- "x-ms-pageable": {
- "nextLinkName": "nextLink"
- }
- }
- },
- "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings/{settingName}": {
- "get": {
- "x-ms-examples": {
- "Get a setting on subscription": {
- "$ref": "./examples/Settings/GetSetting_example.json"
- }
- },
- "tags": [
- "Settings"
- ],
- "description": "Settings of different configurations in Microsoft Defender for Cloud",
- "operationId": "Settings_Get",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
- },
- {
- "$ref": "#/parameters/SettingName"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/Setting"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- },
- "put": {
- "x-ms-examples": {
- "Update a setting for subscription": {
- "$ref": "./examples/Settings/UpdateSetting_example.json"
- }
- },
- "tags": [
- "Settings"
- ],
- "description": "updating settings about different configurations in Microsoft Defender for Cloud",
- "operationId": "Settings_Update",
- "parameters": [
- {
- "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
- },
- {
- "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
- },
- {
- "$ref": "#/parameters/SettingName"
- },
- {
- "$ref": "#/parameters/Setting"
- }
- ],
- "responses": {
- "200": {
- "description": "OK",
- "schema": {
- "$ref": "#/definitions/Setting"
- }
- },
- "default": {
- "description": "Error response describing why the operation failed.",
- "schema": {
- "$ref": "../../../common/v1/types.json#/definitions/CloudError"
- }
- }
- }
- }
- }
- },
- "definitions": {
- "SettingsList": {
- "type": "object",
- "description": "Subscription settings list.",
- "properties": {
- "value": {
- "type": "array",
- "description": "The settings list.",
- "items": {
- "$ref": "#/definitions/Setting"
- }
- },
- "nextLink": {
- "readOnly": true,
- "type": "string",
- "description": "The URI to fetch the next page."
- }
- }
- },
- "DataExportSettings": {
- "type": "object",
- "description": "Represents a data export setting",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Data export setting data",
- "$ref": "#/definitions/DataExportSettingProperties"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/Setting"
- }
- ],
- "x-ms-discriminator-value": "DataExportSettings"
- },
- "AlertSyncSettings": {
- "type": "object",
- "description": "Represents an alert sync setting",
- "properties": {
- "properties": {
- "x-ms-client-flatten": true,
- "description": "Alert sync setting data",
- "$ref": "#/definitions/AlertSyncSettingProperties"
- }
- },
- "allOf": [
- {
- "$ref": "#/definitions/Setting"
- }
- ],
- "x-ms-discriminator-value": "AlertSyncSettings"
- },
- "Setting": {
- "type": "object",
- "description": "The kind of the security setting",
- "properties": {
- "kind": {
- "type": "string",
- "description": "the kind of the settings string",
- "enum": [
- "DataExportSettings",
- "AlertSuppressionSetting",
- "AlertSyncSettings"
- ],
- "x-ms-enum": {
- "name": "SettingKind",
- "modelAsString": true,
- "values": [
- {
- "value": "DataExportSettings"
- },
- {
- "value": "AlertSuppressionSetting"
- },
- {
- "value": "AlertSyncSettings"
- }
- ]
- }
- }
- },
- "discriminator": "kind",
- "required": [
- "kind"
- ],
- "allOf": [
- {
- "$ref": "../../../common/v1/types.json#/definitions/Resource"
- }
- ]
- },
- "DataExportSettingProperties": {
- "type": "object",
- "description": "The data export setting properties",
- "properties": {
- "enabled": {
- "type": "boolean",
- "description": "Is the data export setting enabled"
- }
- },
- "required": [
- "enabled"
- ]
- },
- "AlertSyncSettingProperties": {
- "type": "object",
- "description": "The alert sync setting properties",
- "properties": {
- "enabled": {
- "type": "boolean",
- "description": "Is the alert sync setting enabled"
- }
- },
- "required": [
- "enabled"
- ]
- }
- },
- "parameters": {
- "SettingName": {
- "name": "settingName",
- "in": "path",
- "required": true,
- "type": "string",
- "description": "The name of the setting",
- "enum": [
- "MCAS",
- "WDATP",
- "Sentinel"
- ],
- "x-ms-parameter-location": "method"
- },
- "Setting": {
- "name": "setting",
- "in": "body",
- "required": true,
- "description": "Setting object",
- "schema": {
- "$ref": "#/definitions/Setting"
- },
- "x-ms-parameter-location": "method"
- }
- }
-}
From df5585221a79edebcc4274a53f71b6ffa79b7cb3 Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Thu, 10 Nov 2022 22:31:28 -0800
Subject: [PATCH 05/13] Update readme.md
---
specification/security/resource-manager/readme.md | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md
index ba0e72f5cd08..0c716e5e316d 100644
--- a/specification/security/resource-manager/readme.md
+++ b/specification/security/resource-manager/readme.md
@@ -78,7 +78,7 @@ These are the global settings for the Security API.
title: SecurityCenter
description: API spec for Microsoft.Security (Azure Security Center) resource provider
openapi-type: arm
-tag: package-preview-2022-11
+tag: package-composite-v3
```
### Composite packages
@@ -92,9 +92,7 @@ These settings apply only when `--tag=package-preview-2022-11` is specified on t
```yaml $(tag) == 'package-preview-2022-11'
input-file:
- - Microsoft.Security/preview/2022-11-20-preview/assessmentMetadata.json
- - Microsoft.Security/preview/2022-11-20-preview/assessments.json
- - Microsoft.Security/preview/2022-11-20-preview/settings.json
+ - Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
```
### Tag: package-preview-2022-08
From b098a0c532bb9e7bc1c871ad4e8940c79c3e38e0 Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Thu, 10 Nov 2022 23:06:18 -0800
Subject: [PATCH 06/13] Fix validation errors
---
custom-words.txt | 1 +
.../preview/2022-11-20-preview/apiCollections.json | 3 +++
.../APICollectionOffboarding_Delete_example.json | 3 ++-
specification/security/resource-manager/readme.md | 4 ++++
4 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/custom-words.txt b/custom-words.txt
index 4aa5fe56e4f7..b3d181c2dfab 100644
--- a/custom-words.txt
+++ b/custom-words.txt
@@ -1484,6 +1484,7 @@ ODBC
oeverify
offboard
offboards
+offboarding
officedocument
OLTP
OIDC
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
index 35ead285d3bd..489cf51984d9 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
@@ -141,6 +141,9 @@
"200": {
"description": "OK"
},
+ "204": {
+ "description": "NoContent"
+ },
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json
index dd969ea99d97..1d3b99820fbd 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json
@@ -5,6 +5,7 @@
"api-version": "2022-11-20-preview"
},
"responses": {
- "200": {}
+ "200": {},
+ "204": {}
}
}
diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md
index 0c716e5e316d..6ff0350ae37d 100644
--- a/specification/security/resource-manager/readme.md
+++ b/specification/security/resource-manager/readme.md
@@ -177,6 +177,7 @@ These settings apply only when `--tag=package-composite-v1` is specified on the
``` yaml $(tag) == 'package-composite-v1'
input-file:
+- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
- Microsoft.Security/preview/2022-08-01-preview/securityConnectors.json
- Microsoft.Security/preview/2021-10-01-preview/mdeOnboardings.json
- Microsoft.Security/preview/2021-07-01-preview/customAssessmentAutomation.json
@@ -224,6 +225,7 @@ These settings apply only when `--tag=package-composite-v2` is specified on the
``` yaml $(tag) == 'package-composite-v2'
input-file:
+- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
- Microsoft.Security/preview/2022-08-01-preview/securityConnectors.json
- Microsoft.Security/preview/2021-10-01-preview/mdeOnboardings.json
- Microsoft.Security/preview/2021-07-01-preview/customAssessmentAutomation.json
@@ -319,6 +321,8 @@ input-file:
- Microsoft.Security/preview/2022-01-01-preview/governanceRules.json
- Microsoft.Security/preview/2022-01-01-preview/governanceAssignments.json
- Microsoft.Security/preview/2022-07-01-preview/applications.json
+- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
+
# Needed when there is more than one input file
override-info:
From d00aa21c5ddf08c0813be1f0c2075191f2423bbc Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Fri, 11 Nov 2022 00:44:32 -0800
Subject: [PATCH 07/13] Fix validation errors
---
.../2022-11-20-preview/apiCollections.json | 76 +++++++++++++++++--
...le.json => APICollection_Get_example.json} | 0
.../APICollection_List_example.json | 24 ++++++
.../security/resource-manager/readme.md | 1 +
4 files changed, 93 insertions(+), 8 deletions(-)
rename specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/{APICollectionOnboardingState_Get_example.json => APICollection_Get_example.json} (100%)
create mode 100644 specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
index 489cf51984d9..14d2c6d1fc2a 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
@@ -34,20 +34,61 @@
}
},
"paths": {
+ "/{apiManagementServiceResourceId}/providers/Microsoft.Security/apiCollections": {
+ "get": {
+ "x-ms-examples": {
+ "Gets a list of Azure API Management APIs that have been onboarded to Defender for APIs": {
+ "$ref": "./examples/ApiCollections/APICollection_List_example.json"
+ }
+ },
+ "tags": [
+ "D4APICollectionList",
+ "APIMConfig"
+ ],
+ "description": "Gets a list of Azure API Management APIs that have been onboarded to Defender for APIs. If an Azure API Management API is onboarded to Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+ "summary": "Gets a list of Azure API Management APIs that have been onboarded to Defender for APIs",
+ "operationId": "APICollection_List",
+ "parameters": [
+ {
+ "$ref": "#/parameters/ApiManagementServiceResourceId"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/ApiCollectionResponseList"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/definitions/ErrorResponse"
+ }
+ }
+ },
+ "x-ms-pageable": {
+ "nextLinkName": "nextLink"
+ }
+ }
+ },
"/{apiManagementServiceResourceId}/providers/Microsoft.Security/apiCollections/{apiCollectionId}": {
"get": {
"x-ms-examples": {
- "Determine whether an Azure API Management API is onboarded to Defender for APIs": {
- "$ref": "./examples/ApiCollections/APICollectionOnboardingState_Get_example.json"
+ "Gets an Azure API Management API if it has been onboarded to Defender for APIs": {
+ "$ref": "./examples/ApiCollections/APICollection_Get_example.json"
}
},
"tags": [
- "D4APIOnboardingStatus",
+ "D4APICollection",
"APIMConfig"
],
- "description": "Determine whether an Azure API Management API is onboarded to Defender for APIs. If the Azure API Management API is onboarded to Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
- "summary": "Determine whether an Azure API Management API is onboarded to Defender for APIs",
- "operationId": "APICollectionOnboardingState_Get",
+ "description": "Gets an Azure API Management API if it has been onboarded to Defender for APIs. If an Azure API Management API is onboarded to Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+ "summary": "Gets an Azure API Management API if it has been onboarded to Defender for APIs",
+ "operationId": "APICollection_Get",
"parameters": [
{
"$ref": "#/parameters/ApiManagementServiceResourceId"
@@ -155,9 +196,28 @@
}
},
"definitions": {
+ "ApiCollectionResponseList": {
+ "type": "object",
+ "description": "Page of a list of API collections as represented by Defender for APIs.",
+ "properties": {
+ "value": {
+ "description": "API collections in this page.",
+ "readOnly": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/ApiCollectionResponse"
+ }
+ },
+ "nextLink": {
+ "readOnly": true,
+ "type": "string",
+ "description": "The URI to fetch the next page."
+ }
+ }
+ },
"ApiCollectionResponse": {
"type": "object",
- "description": "D4API representation of an API collection",
+ "description": "An API collection as represented by Defender for APIs.",
"properties": {
"properties": {
"x-ms-client-flatten": true,
@@ -176,7 +236,7 @@
"properties": {
"additionalData": {
"type": "object",
- "description": "Additional data regarding the API collection",
+ "description": "Additional data regarding the API collection.",
"additionalProperties": {
"type": "string"
}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboardingState_Get_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json
similarity index 100%
rename from specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboardingState_Get_example.json
rename to specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json
new file mode 100644
index 000000000000..15de6c75909c
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json
@@ -0,0 +1,24 @@
+{
+ "parameters": {
+ "apiManagementServiceResourceId": "subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
+ "api-version": "2022-11-20-preview"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "value": [
+ {
+ "id": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/providers/Microsoft.Security/apiCollections/echo-api",
+ "name": "echo-api",
+ "type": "Microsoft.Security/apiCollections",
+ "properties": {
+ "additionalData": {
+ "apiManagementApiId": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/apis/echo-api"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md
index 6ff0350ae37d..dfeb8d73a159 100644
--- a/specification/security/resource-manager/readme.md
+++ b/specification/security/resource-manager/readme.md
@@ -93,6 +93,7 @@ These settings apply only when `--tag=package-preview-2022-11` is specified on t
```yaml $(tag) == 'package-preview-2022-11'
input-file:
- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
+ - Microsoft.Security/preview/2015-06-01-preview/operations.json
```
### Tag: package-preview-2022-08
From 8fafb5e4916c65dde7e45300574c69c57f1f989a Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Fri, 11 Nov 2022 01:11:21 -0800
Subject: [PATCH 08/13] One more fix
---
.../preview/2022-11-20-preview/apiCollections.json | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
index 14d2c6d1fc2a..3384175d41b4 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
@@ -250,14 +250,16 @@
"in": "path",
"required": true,
"type": "string",
- "description": "A string representing the ARM ResourceId of the Azure API Management Service resource."
+ "description": "A string representing the ARM ResourceId of the Azure API Management Service resource.",
+ "x-ms-parameter-location": "method"
},
"ApiCollectionId": {
"name": "apiCollectionId",
"in": "path",
"required": true,
"type": "string",
- "description": "A string representing the apiCollections resource within the Microsoft.Security provider namespace. This string matches the Azure API Management API name."
+ "description": "A string representing the apiCollections resource within the Microsoft.Security provider namespace. This string matches the Azure API Management API name.",
+ "x-ms-parameter-location": "method"
}
}
}
From a2e2bc9ad71804aaf397b8694fd12b33ee74c087 Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Fri, 11 Nov 2022 01:30:21 -0800
Subject: [PATCH 09/13] Switch to full paths
---
.../2022-11-20-preview/apiCollections.json | 54 ++++++++++++++-----
...ICollectionOffboarding_Delete_example.json | 4 +-
...PICollectionOnboarding_Create_example.json | 4 +-
.../APICollection_Get_example.json | 4 +-
.../APICollection_List_example.json | 4 +-
5 files changed, 53 insertions(+), 17 deletions(-)
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
index 3384175d41b4..06fab50a223f 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
@@ -34,7 +34,7 @@
}
},
"paths": {
- "/{apiManagementServiceResourceId}/providers/Microsoft.Security/apiCollections": {
+ "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections": {
"get": {
"x-ms-examples": {
"Gets a list of Azure API Management APIs that have been onboarded to Defender for APIs": {
@@ -50,7 +50,13 @@
"operationId": "APICollection_List",
"parameters": [
{
- "$ref": "#/parameters/ApiManagementServiceResourceId"
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
+ },
+ {
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
+ },
+ {
+ "$ref": "#/parameters/ApiManagementServiceNameParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
@@ -75,7 +81,7 @@
}
}
},
- "/{apiManagementServiceResourceId}/providers/Microsoft.Security/apiCollections/{apiCollectionId}": {
+ "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiCollectionId}": {
"get": {
"x-ms-examples": {
"Gets an Azure API Management API if it has been onboarded to Defender for APIs": {
@@ -91,10 +97,16 @@
"operationId": "APICollection_Get",
"parameters": [
{
- "$ref": "#/parameters/ApiManagementServiceResourceId"
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
+ },
+ {
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
+ },
+ {
+ "$ref": "#/parameters/ApiManagementServiceNameParameter"
},
{
- "$ref": "#/parameters/ApiCollectionId"
+ "$ref": "#/parameters/ApiCollectionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
@@ -130,10 +142,16 @@
"operationId": "APICollectionOnboarding_Create",
"parameters": [
{
- "$ref": "#/parameters/ApiManagementServiceResourceId"
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
},
{
- "$ref": "#/parameters/ApiCollectionId"
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
+ },
+ {
+ "$ref": "#/parameters/ApiManagementServiceNameParameter"
+ },
+ {
+ "$ref": "#/parameters/ApiCollectionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
@@ -169,10 +187,16 @@
"operationId": "APICollectionOffboarding_Delete",
"parameters": [
{
- "$ref": "#/parameters/ApiManagementServiceResourceId"
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
+ },
+ {
+ "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
+ },
+ {
+ "$ref": "#/parameters/ApiManagementServiceNameParameter"
},
{
- "$ref": "#/parameters/ApiCollectionId"
+ "$ref": "#/parameters/ApiCollectionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
@@ -245,20 +269,24 @@
}
},
"parameters": {
- "ApiManagementServiceResourceId": {
- "name": "apiManagementServiceResourceId",
+ "ApiManagementServiceNameParameter": {
+ "name": "serviceName",
"in": "path",
"required": true,
"type": "string",
- "description": "A string representing the ARM ResourceId of the Azure API Management Service resource.",
+ "description": "The name of the API Management service.",
+ "minLength": 1,
+ "maxLength": 50,
"x-ms-parameter-location": "method"
},
- "ApiCollectionId": {
+ "ApiCollectionIdParameter": {
"name": "apiCollectionId",
"in": "path",
"required": true,
"type": "string",
"description": "A string representing the apiCollections resource within the Microsoft.Security provider namespace. This string matches the Azure API Management API name.",
+ "minLength": 1,
+ "maxLength": 256,
"x-ms-parameter-location": "method"
}
}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json
index 1d3b99820fbd..9883243c4c18 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOffboarding_Delete_example.json
@@ -1,6 +1,8 @@
{
"parameters": {
- "apiManagementServiceResourceId": "subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
+ "subscriptionId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
+ "resourceGroupName": "rg1",
+ "serviceName": "apimService1",
"apiCollectionId": "echo-api",
"api-version": "2022-11-20-preview"
},
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json
index 5948eb727982..54c17b08cbf5 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json
@@ -1,6 +1,8 @@
{
"parameters": {
- "apiManagementServiceResourceId": "subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
+ "subscriptionId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
+ "resourceGroupName": "rg1",
+ "serviceName": "apimService1",
"apiCollectionId": "echo-api",
"api-version": "2022-11-20-preview"
},
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json
index 5948eb727982..54c17b08cbf5 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json
@@ -1,6 +1,8 @@
{
"parameters": {
- "apiManagementServiceResourceId": "subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
+ "subscriptionId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
+ "resourceGroupName": "rg1",
+ "serviceName": "apimService1",
"apiCollectionId": "echo-api",
"api-version": "2022-11-20-preview"
},
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json
index 15de6c75909c..69fb37e96a57 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json
@@ -1,6 +1,8 @@
{
"parameters": {
- "apiManagementServiceResourceId": "subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1",
+ "subscriptionId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
+ "resourceGroupName": "rg1",
+ "serviceName": "apimService1",
"api-version": "2022-11-20-preview"
},
"responses": {
From fb1af7c62c003e68209029406075af8318250f17 Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Fri, 11 Nov 2022 10:18:45 -0800
Subject: [PATCH 10/13] More validation fixes
---
.../preview/2022-11-20-preview/apiCollections.json | 5 +++++
.../APICollectionOnboarding_Create_example.json | 1 +
.../examples/ApiCollections/APICollection_Get_example.json | 1 +
.../examples/ApiCollections/APICollection_List_example.json | 1 +
4 files changed, 8 insertions(+)
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
index 06fab50a223f..dfb7f13aacd6 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
@@ -258,6 +258,10 @@
"type": "object",
"description": "Describes the properties of an API collection.",
"properties": {
+ "displayName": {
+ "type": "string",
+ "description": "The display name of the Azure API Management API."
+ },
"additionalData": {
"type": "object",
"description": "Additional data regarding the API collection.",
@@ -277,6 +281,7 @@
"description": "The name of the API Management service.",
"minLength": 1,
"maxLength": 50,
+ "pattern": "^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$",
"x-ms-parameter-location": "method"
},
"ApiCollectionIdParameter": {
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json
index 54c17b08cbf5..73a69b63b821 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollectionOnboarding_Create_example.json
@@ -13,6 +13,7 @@
"name": "echo-api",
"type": "Microsoft.Security/apiCollections",
"properties": {
+ "displayName": "echo-api",
"additionalData": {
"apiManagementApiId": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/apis/echo-api"
}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json
index 54c17b08cbf5..73a69b63b821 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_Get_example.json
@@ -13,6 +13,7 @@
"name": "echo-api",
"type": "Microsoft.Security/apiCollections",
"properties": {
+ "displayName": "echo-api",
"additionalData": {
"apiManagementApiId": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/apis/echo-api"
}
diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json
index 69fb37e96a57..b4b3f27096d1 100644
--- a/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json
+++ b/specification/security/resource-manager/Microsoft.Security/preview/2022-11-20-preview/examples/ApiCollections/APICollection_List_example.json
@@ -14,6 +14,7 @@
"name": "echo-api",
"type": "Microsoft.Security/apiCollections",
"properties": {
+ "displayName": "echo-api",
"additionalData": {
"apiManagementApiId": "/subscriptions/3fa85f64-5717-4562-b3fc-2c963f66afa6/resourceGroups/rg1/providers/Microsoft.ApiManagement/service/apimService1/apis/echo-api"
}
From be9b20b79adb8798695b79e89a89050ec539d612 Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Sat, 12 Nov 2022 11:50:01 -0800
Subject: [PATCH 11/13] Try and fix the SDK errors
---
specification/security/resource-manager/readme.md | 2 --
1 file changed, 2 deletions(-)
diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md
index dfeb8d73a159..49f5ca6e4341 100644
--- a/specification/security/resource-manager/readme.md
+++ b/specification/security/resource-manager/readme.md
@@ -319,8 +319,6 @@ input-file:
- Microsoft.Security/preview/2021-01-15-preview/ingestionSettings.json
- Microsoft.Security/preview/2021-05-01-preview/softwareInventories.json
- Microsoft.Security/preview/2022-08-01-preview/securityConnectors.json
-- Microsoft.Security/preview/2022-01-01-preview/governanceRules.json
-- Microsoft.Security/preview/2022-01-01-preview/governanceAssignments.json
- Microsoft.Security/preview/2022-07-01-preview/applications.json
- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
From 6cdb0f9057ea3014b48a28fde424beef88e0b72d Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Sat, 12 Nov 2022 11:55:04 -0800
Subject: [PATCH 12/13] Fix avocado error
---
specification/security/resource-manager/readme.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md
index 49f5ca6e4341..8f8d6bbbe4c3 100644
--- a/specification/security/resource-manager/readme.md
+++ b/specification/security/resource-manager/readme.md
@@ -178,7 +178,6 @@ These settings apply only when `--tag=package-composite-v1` is specified on the
``` yaml $(tag) == 'package-composite-v1'
input-file:
-- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
- Microsoft.Security/preview/2022-08-01-preview/securityConnectors.json
- Microsoft.Security/preview/2021-10-01-preview/mdeOnboardings.json
- Microsoft.Security/preview/2021-07-01-preview/customAssessmentAutomation.json
@@ -226,7 +225,6 @@ These settings apply only when `--tag=package-composite-v2` is specified on the
``` yaml $(tag) == 'package-composite-v2'
input-file:
-- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
- Microsoft.Security/preview/2022-08-01-preview/securityConnectors.json
- Microsoft.Security/preview/2021-10-01-preview/mdeOnboardings.json
- Microsoft.Security/preview/2021-07-01-preview/customAssessmentAutomation.json
@@ -319,6 +317,8 @@ input-file:
- Microsoft.Security/preview/2021-01-15-preview/ingestionSettings.json
- Microsoft.Security/preview/2021-05-01-preview/softwareInventories.json
- Microsoft.Security/preview/2022-08-01-preview/securityConnectors.json
+- Microsoft.Security/preview/2022-01-01-preview/governanceRules.json
+- Microsoft.Security/preview/2022-01-01-preview/governanceAssignments.json
- Microsoft.Security/preview/2022-07-01-preview/applications.json
- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
From 2cad0776cb0bfe96abc00467856ea69bc150e910 Mon Sep 17 00:00:00 2001
From: Adit Dalvi
Date: Mon, 14 Nov 2022 10:55:19 -0800
Subject: [PATCH 13/13] Remove operations.json from tag =
package-preview-2022-11 based on PR comments
---
specification/security/resource-manager/readme.md | 1 -
1 file changed, 1 deletion(-)
diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md
index 8f8d6bbbe4c3..370efb51d059 100644
--- a/specification/security/resource-manager/readme.md
+++ b/specification/security/resource-manager/readme.md
@@ -93,7 +93,6 @@ These settings apply only when `--tag=package-preview-2022-11` is specified on t
```yaml $(tag) == 'package-preview-2022-11'
input-file:
- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
- - Microsoft.Security/preview/2015-06-01-preview/operations.json
```
### Tag: package-preview-2022-08