Azure
/
azure-rest-api-specs-1
зеркало из https://github.com/Azure/azure-rest-api-specs-1.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

[Hub Generated] Review request for Microsoft.Security to add version preview/2023-05-01-preview (#23861) 

* Adds base for updating Microsoft.Security from version preview/2023-02-01-preview to version 2023-05-01-preview

* Updates readme

* Updates API version in new specs and examples

* Add aditional fields to health report

* Fix README

* Fix after CR

* Update readme

* Add additional data

* Change to lastScannedDate

* Fix readme file

---------

Co-authored-by: Roni Zhelenchuk <rzhelenchuk@microsoft.com>
This commit is contained in:
Roni 2023-05-29 05:03:56 +03:00 коммит произвёл GitHub
Родитель d6b1dfc190
Коммит be02493774
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
4 изменённых файлов: 489 добавлений и 4 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

56
specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/GetHealthReports_example.json Normal file
Просмотреть файл

@ -0,0 +1,56 @@
{
"parameters": {
"api-version": "2023-05-01-preview",
"resourceId": "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings",
"healthReportName": "909c629a-bf39-4521-8e4f-10b443a0bc02"
},
"responses": {
"200": {
"body": {
"id": "/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings/providers/Microsoft.Security/healthReports/909c629a-bf39-4521-8e4f-10b443a0bc02",
"name": "909c629a-bf39-4521-8e4f-10b443a0bc02",
"type": "Microsoft.Security/healthReports",
"properties": {
"resourceDetails": {
"source": "Aws",
"id": "/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/E2E-IBB0WX/providers/Microsoft.Security/securityconnectors/AwsConnectorAllOfferings",
"connectorId": "bb7ad9cc-26b6-48ec-a5b4-23fc23be2733"
},
"environmentDetails": {
"nativeResourceId": "arn:aws:iam::827098768879",
"environmentHierarchyId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2",
"organizationalHierarchyId": "e81b978c-11be-449f-a392-42c0ed96bb91",
"subscriptionId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2",
"tenantId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"
},
"healthDataClassification": {
"component": "Connectivity",
"scope": "Connectors"
},
"status": {
"code": "NotHealthy",
"statusChangeDate": "2023-01-12T09:07:18.6759138Z",
"firstEvaluationDate": "2023-01-12T09:07:18.6759138Z",
"lastScannedDate": "2023-04-25T09:02:20.1349133Z"
},
"affectedDefendersPlans": [],
"issues": [
{
"issueKey": "414af15d-207e-4c63-b8eb-624d1b652e45",
"issueName": "AWS CloudFormation StackSet name invalid or does not exist",
"securityValues": [
"Connectivity to AWS member accounts"
],
"issueDescription": "A problem was identified with the AWS CloudFormation StackSet. The StackSet is used to create stacks across multiple accounts. To grant Defender for Cloud access to your member accounts, there is a need to run the StackSet on the member accounts.",
"remediationSteps": "Validate that the StackSet name in AWS matches the name provided in the onboarding set up: StackSet name can be found in AWS Management Console -> CloudFormation -> StackSets -> StackSet name In case the names do not match, update the StackSet name to match the StackSet name provided in the onboarding set up. In case the StackSet does not exist, re-run the CloudFormation template only for StackSet. Navigate to CloudFormation 'StackSets' in AWS Management Console -> Click 'Create StackSet' -> Choose 'Upload a template file', `Choose file` and select the downloaded template. Make sure to enter the exact StackSet name as it was provided in the onboarding set up. Download template link ",
"remediationScript": "",
"issueAdditionalData": {
"StacksetName": "ProdStackSet"
}
}
]
}
}
}
}
}

47
specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/examples/HealthReports/ListHealthReports_example.json Normal file
Просмотреть файл

@ -0,0 +1,47 @@
{
"parameters": {
"api-version": "2023-05-01-preview",
"scope": "subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2"
},
"responses": {
"200": {
"body": {
"value": [
{
"id": "/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/ascdemorg/providers/microsoft.compute/virtualmachines/vm3/providers/Microsoft.Security/healthReports/2351eaac-f8e6-43d8-87c0-a7e2c3d197c0",
"name": "2351eaac-f8e6-43d8-87c0-a7e2c3d197c0",
"type": "Microsoft.Security/healthReports",
"properties": {
"resourceDetails": {
"source": "Azure",
"id": "/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/ascdemorg/providers/microsoft.compute/virtualmachines/vm3"
},
"environmentDetails": {
"nativeResourceId": "/subscriptions/a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2/resourcegroups/ascdemorg/providers/microsoft.compute/virtualmachines/vm3",
"environmentHierarchyId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2",
"organizationalHierarchyId": "200d73cf-ba70-4b93-8fa2-25e05e6aa1f6",
"subscriptionId": "a1efb6ca-fbc5-4782-9aaa-5c7daded1ce2",
"tenantId": "200d73cf-ba70-4b93-8fa2-25e05e6aa1f6"
},
"healthDataClassification": {
"component": "MDE",
"scenario": "Reporting",
"scope": "VirtualMachines"
},
"status": {
"code": "Healthy",
"statusChangeDate": "2023-01-12T09:07:18.6759138Z",
"firstEvaluationDate": "2023-01-12T09:07:18.6759138Z",
"lastScannedDate": "2023-04-25T09:02:20.1349133Z"
},
"affectedDefendersPlans": [
"DefenderForServers"
],
"issues": []
}
}
]
}
}
}
}

373
specification/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/healthReports.json Normal file
Просмотреть файл

@ -0,0 +1,373 @@
{
"swagger": "2.0",
"info": {
"title": "Microsoft Defender for Cloud",
"description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
"version": "2023-05-01-preview"
},
"host": "management.azure.com",
"schemes": [
"https"
],
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"security": [
{
"azure_auth": [
"user_impersonation"
]
}
],
"securityDefinitions": {
"azure_auth": {
"type": "oauth2",
"authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
"flow": "implicit",
"description": "Azure Active Directory OAuth2 Flow",
"scopes": {
"user_impersonation": "impersonate your user account"
}
}
},
"paths": {
"/{scope}/providers/Microsoft.Security/healthReports": {
"get": {
"x-ms-examples": {
"List health reports": {
"$ref": "./examples/HealthReports/ListHealthReports_example.json"
}
},
"tags": [
"HealthReports"
],
"description": "Get a list of all health reports inside a scope. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'",
"operationId": "HealthReports_List",
"parameters": [
{
"$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
},
{
"$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ScopeParameter"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/HealthReportsList"
}
},
"default": {
"description": "Common error response for all Azure Resource Manager APIs to return error details for failed operations.",
"schema": {
"$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
}
}
},
"x-ms-pageable": {
"nextLinkName": "nextLink"
}
}
},
"/{resourceId}/providers/Microsoft.Security/healthReports/{healthReportName}": {
"get": {
"x-ms-examples": {
"Get health report of resource": {
"$ref": "./examples/HealthReports/GetHealthReports_example.json"
}
},
"tags": [
"HealthReports"
],
"description": "Get health report of resource",
"operationId": "HealthReports_Get",
"parameters": [
{
"$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceId"
},
{
"$ref": "#/parameters/HealthReportName"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/HealthReport"
}
},
"default": {
"description": "Common error response for all Azure Resource Manager APIs to return error details for failed operations.",
"schema": {
"$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
}
}
}
}
}
},
"definitions": {
"HealthReportsList": {
"type": "object",
"description": "Page of health reports list",
"properties": {
"value": {
"description": "Collection of health reports in this page",
"readOnly": true,
"type": "array",
"items": {
"$ref": "#/definitions/HealthReport"
}
},
"nextLink": {
"readOnly": true,
"type": "string",
"description": "The URI to fetch the next page"
}
}
},
"HealthReport": {
"type": "object",
"description": "The health report resource",
"properties": {
"properties": {
"description": "Properties of a health report",
"x-ms-client-flatten": true,
"$ref": "#/definitions/HealthReportProperties"
}
},
"allOf": [
{
"$ref": "../../../common/v1/types.json#/definitions/Resource"
}
]
},
"HealthReportProperties": {
"type": "object",
"description": "Describes properties of the health report",
"properties": {
"resourceDetails": {
"$ref": "#/definitions/resourceDetails"
},
"environmentDetails": {
"$ref": "#/definitions/environmentDetails"
},
"healthDataClassification": {
"$ref": "#/definitions/healthDataClassification"
},
"status": {
"$ref": "#/definitions/status"
},
"affectedDefendersPlans": {
"type": "array",
"description": "The affected defenders plans by unhealthy report",
"items": {
"type": "string",
"description": "plan name"
}
},
"affectedDefendersSubPlans": {
"type": "array",
"description": "The affected defenders sub plans by unhealthy report",
"items": {
"type": "string",
"description": "sub plan name"
}
},
"reportAdditionalData": {
"type": "object",
"description": "Additional data for the given health report, this field can include more details on the resource and the health scenario.",
"readOnly": true,
"additionalProperties": {
"type": "string"
}
},
"issues": {
"type": "array",
"description": "A collection of the issues in the report",
"items": {
"$ref": "#/definitions/issue"
},
"x-ms-identifiers": []
}
}
},
"issue": {
"type": "object",
"description": "The issue that caused the resource to by unhealthy",
"required": [
"issueKey"
],
"properties": {
"issueKey": {
"description": "The unique issue key",
"type": "string"
},
"issueName": {
"type": "string",
"description": "The issue name"
},
"securityValues": {
"type": "array",
"description": "The affected security values that MDC offers that will be affected by the issue, for example: recommendations, alerts, etc",
"items": {
"type": "string",
"description": "security values"
}
},
"issueDescription": {
"type": "string",
"description": "The issue description"
},
"remediationSteps": {
"type": "string",
"description": "Human readable description of what you should do to mitigate this health issue"
},
"remediationScript": {
"type": "string",
"description": "The remediation script to solve this issue"
},
"issueAdditionalData": {
"type": "object",
"description": "Additional data for the given issue. The additional data depends on the issue type",
"additionalProperties": {
"type": "string"
}
}
}
},
"environmentDetails": {
"type": "object",
"description": "The environment details of the resource",
"properties": {
"nativeResourceId": {
"description": "The native resource id of the resource (in case of Azure - the resource Id, in case of MC - the native resource id)",
"type": "string"
},
"environmentHierarchyId": {
"description": "The hierarchy id of the connector (in case of Azure - the subscription Id, in case of MC - the hierarchyId id)",
"type": "string"
},
"organizationalHierarchyId": {
"description": "The organizational hierarchy id of the connector (in case of Azure - the subscription Id, in case of MC - the organizational hierarchyId id)",
"type": "string"
},
"subscriptionId": {
"description": "The subscription Id",
"type": "string"
},
"tenantId": {
"description": "The tenant Id",
"type": "string"
}
}
},
"healthDataClassification": {
"type": "object",
"description": "The classification of the health report",
"properties": {
"component": {
"type": "string",
"description": "The component describes the name of the agent/service that scans the issue"
},
"scenario": {
"type": "string",
"description": "The scenario describes the health scenario issue of the component"
},
"scope": {
"type": "string",
"description": "The resource scope of the health report"
}
}
},
"status": {
"type": "object",
"description": "The status of the health report",
"properties": {
"code": {
"type": "string",
"description": "The status of the health report",
"enum": [
"Healthy",
"NotHealthy",
"NotApplicable"
],
"x-ms-enum": {
"name": "statusName",
"modelAsString": true
}
},
"reason": {
"type": "string",
"description": "The reason of the given status",
"readOnly": true
},
"lastScannedDate": {
"type": "string",
"format": "date-time",
"readOnly": true,
"description": "The date of when the resource was scanned in the last time"
},
"statusChangeDate": {
"type": "string",
"format": "date-time",
"readOnly": true,
"description": "The date of when the status of the health report was changed in the last time"
},
"firstEvaluationDate": {
"readOnly": true,
"type": "string",
"format": "date-time",
"description": "The date of when the resource of the health report was scanned in the first time"
}
}
},
"resourceDetails": {
"type": "object",
"description": "The resource details of the health report",
"properties": {
"source": {
"type": "string",
"description": "The status of the health report",
"enum": [
"Aws",
"Gcp",
"Azure"
],
"x-ms-enum": {
"name": "source",
"modelAsString": true
}
},
"id": {
"type": "string",
"readOnly": true,
"description": "The azure id of the resource"
},
"connectorId": {
"readOnly": true,
"type": "string",
"description": "The id of the connector"
}
}
}
},
"parameters": {
"HealthReportName": {
"name": "healthReportName",
"in": "path",
"required": true,
"type": "string",
"pattern": "[{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$",
"description": "The health report Key - Unique key for the health report type",
"x-ms-parameter-location": "method"
}
}
}

17
specification/security/resource-manager/readme.md
Просмотреть файл

@ -85,11 +85,20 @@ tag: package-composite-v3
The following packages may be composed from multiple api-versions.
### Tag: package-preview-2023-05
These settings apply only when `--tag=package-preview-2023-05` is specified on the command line.
```yaml $(tag) == 'package-preview-2023-05'
input-file:
- Microsoft.Security/preview/2023-05-01-preview/healthReports.json
```
### Tag: package-preview-2023-03-only
These settings apply only when `--tag=package-preview-2023-03-only` is specified on the command line.
```yaml $(tag) == 'package-preview-2023-03-only'
``` yaml $(tag) == 'package-preview-2023-03-only'
input-file:
- Microsoft.Security/preview/2023-03-01-preview/securityConnectors.json
```
@ -98,7 +107,7 @@ input-file:
These settings apply only when `--tag=package-preview-2023-01-only` is specified on the command line.
```yaml $(tag) == 'package-preview-2023-01-only'
``` yaml $(tag) == 'package-preview-2023-01-only'
input-file:
- Microsoft.Security/preview/2023-01-01-preview/securityOperators.json
```
@ -107,7 +116,7 @@ input-file:
These settings apply only when `--tag=package-preview-2023-03` is specified on the command line.
```yaml $(tag) == 'package-preview-2023-03'
``` yaml $(tag) == 'package-preview-2023-03'
input-file:
- Microsoft.Security/preview/2023-03-01-preview/securityConnectors.json
- Microsoft.Security/preview/2023-01-01-preview/securityOperators.json
@ -378,12 +387,12 @@ input-file:
- Microsoft.Security/preview/2022-01-01-preview/governanceAssignments.json
- Microsoft.Security/preview/2022-07-01-preview/applications.json
- Microsoft.Security/preview/2022-11-20-preview/apiCollections.json
- Microsoft.Security/preview/2023-02-01-preview/healthReports.json
- Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanOperations.json
- Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanResultsOperations.json
- Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsBaselineRuleOperations.json
- Microsoft.Security/preview/2023-03-01-preview/securityConnectors.json
- Microsoft.Security/preview/2023-01-01-preview/securityOperators.json
- Microsoft.Security/preview/2023-05-01-preview/healthReports.json
# Needed when there is more than one input file
override-info: