From 0927a35c3ba89fc77a61e10dc6f5a1a3c10dad1c Mon Sep 17 00:00:00 2001 From: t-robalt Date: Sun, 20 Jan 2019 11:41:56 +0200 Subject: [PATCH] Added SecurityAlert List API Added List api to: Manged Server + Managed Database Logical Server + Logical Database --- .../ManagedDatabaseSecurityAlertPolicies.json | 74 +++- .../ManagedServerSecurityAlertPolicy.json | 63 ++- ...edDatabaseSecurityAlertListByDatabase.json | 33 ++ ...agedServerSecurityAlertListByInstance.json | 30 ++ .../ServerSecurityAlertsListByServer.json | 30 ++ .../serverSecurityAlertPolicies.json | 69 ++- .../DatabaseSecurityAlertPolicies.json | 409 ++++++++++++++++++ .../DatabaseSecurityAlertListByDatabase.json | 33 ++ 8 files changed, 738 insertions(+), 3 deletions(-) create mode 100644 specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ManagedDatabaseSecurityAlertListByDatabase.json create mode 100644 specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ManagedServerSecurityAlertListByInstance.json create mode 100644 specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ServerSecurityAlertsListByServer.json create mode 100644 specification/sql/resource-manager/Microsoft.Sql/preview/2018-06-01-preview/DatabaseSecurityAlertPolicies.json create mode 100644 specification/sql/resource-manager/Microsoft.Sql/preview/2018-06-01-preview/examples/DatabaseSecurityAlertListByDatabase.json diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/ManagedDatabaseSecurityAlertPolicies.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/ManagedDatabaseSecurityAlertPolicies.json index e9c7dfb489f..d2689712b89 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/ManagedDatabaseSecurityAlertPolicies.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/ManagedDatabaseSecurityAlertPolicies.json @@ -159,6 +159,59 @@ } } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/managedInstances/{managedInstanceName}/databases/{databaseName}/securityAlertPolicies": { + "get": { + "tags": [ + "ManagedDatabaseSecurityAlertPolicies" + ], + "description": "Gets a list of managed database's security alert policies.", + "operationId": "ManagedDatabaseSecurityAlertPolicies_ListByDatabase", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "name": "managedInstanceName", + "in": "path", + "description": "The name of the managed instance.", + "required": true, + "type": "string" + }, + { + "name": "databaseName", + "in": "path", + "description": "The name of the managed database for which the security alert policies are defined.", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the managed database security alert policies.", + "schema": { + "$ref": "#/definitions/ManagedDatabaseSecurityAlertPolicyListResult" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountName - The provided storage account is not valid or does not exist.\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountCredentials - The provided storage account access key is not valid.\n\n * 400 InvalidServerSecurityAlertPolicyCreateRequest - The create server Threat Detection security alert policy request does not exist or has no properties object.\n\n * 400 DataSecurityInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 400 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 400 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 409 ServerSecurityAlertPolicyInProgress - Set server security alert policy is already in progress\n\n * 409 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later.\n\n * 500 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 GetServerSecurityAlertPolicyFailed - Failed to get Threat Detection settings" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "Get a list of the database's threat detection policies.": { + "$ref": "./examples/ManagedDatabaseSecurityAlertListByDatabase.json" + } + } + } } }, "definitions": { @@ -170,7 +223,7 @@ "type": "object", "properties": { "state": { - "description": "Specifies the state of the policy, whether it is enabled or disabled.", + "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.", "enum": [ "New", "Enabled", @@ -236,6 +289,25 @@ "x-ms-client-flatten": true } } + }, + "ManagedDatabaseSecurityAlertPolicyListResult": { + "description": "A list of the managed database's security alert policies.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/ManagedDatabaseSecurityAlertPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } } }, "parameters": { diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/ManagedServerSecurityAlertPolicy.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/ManagedServerSecurityAlertPolicy.json index e7e4e739553..24664c4631e 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/ManagedServerSecurityAlertPolicy.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/ManagedServerSecurityAlertPolicy.json @@ -135,6 +135,48 @@ } } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/managedInstances/{managedInstanceName}/securityAlertPolicies": { + "get": { + "tags": [ + "ManagedServerSecurityAlertPolicies" + ], + "description": "Get the managed server's threat detection policies.", + "operationId": "ManagedServerSecurityAlertPolicies_ListByInstance", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "$ref": "#/parameters/ManagedInstanceNameParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the managed server threat detection policies.", + "schema": { + "$ref": "#/definitions/ManagedServerSecurityAlertPolicyListResult" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountName - The provided storage account is not valid or does not exist.\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountCredentials - The provided storage account access key is not valid.\n\n * 400 InvalidServerSecurityAlertPolicyCreateRequest - The create server Threat Detection security alert policy request does not exist or has no properties object.\n\n * 400 DataSecurityInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 400 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 400 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 409 ServerSecurityAlertPolicyInProgress - Set server security alert policy is already in progress\n\n * 409 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later.\n\n * 500 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 GetServerSecurityAlertPolicyFailed - Failed to get Threat Detection settings" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "Get the managed server's threat detection policies": { + "$ref": "./examples/ManagedServerSecurityAlertListByInstance.json" + } + } + } } }, "definitions": { @@ -146,7 +188,7 @@ "type": "object", "properties": { "state": { - "description": "Specifies the state of the policy, whether it is enabled or disabled.", + "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.", "enum": [ "New", "Enabled", @@ -212,6 +254,25 @@ "x-ms-client-flatten": true } } + }, + "ManagedServerSecurityAlertPolicyListResult": { + "description": "A list of the managed Server's security alert policies.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/ManagedServerSecurityAlertPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } } }, "parameters": { diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ManagedDatabaseSecurityAlertListByDatabase.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ManagedDatabaseSecurityAlertListByDatabase.json new file mode 100644 index 00000000000..04b87a21047 --- /dev/null +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ManagedDatabaseSecurityAlertListByDatabase.json @@ -0,0 +1,33 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-6852", + "managedInstanceName": "securityalert-2080", + "databaseName": "testdb", + "api-version": "2017-03-01=preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-6852/providers/Microsoft.Sql/managedInstances/securityalert-2080/databases/testdb", + "name": "default", + "type": "Microsoft.Sql/managedInstances/databases/securityAlertPolicies", + "location": "Japan East", + "kind": "V12", + "properties": { + "state": "Enabled", + "emailAccountAdmins": "true", + "emailAddresses": ["test@microsoft.com","user@microsoft.com"], + "disabledAlerts": ["Usage_Anomaly"], + "retentionDays": 0, + "storageAccountAccessKey": "", + "storageEndpoint": "" + } + } + ] + } + } + } +} diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ManagedServerSecurityAlertListByInstance.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ManagedServerSecurityAlertListByInstance.json new file mode 100644 index 00000000000..795c0b10e5c --- /dev/null +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ManagedServerSecurityAlertListByInstance.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-4799", + "managedInstanceName": "securityalert-6440", + "api-version": "2017-03-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.Sql/managedInstances/securityalert-6440", + "name": "Default", + "type": "Microsoft.Sql/managedInstances/securityAlertPolicies", + "properties": { + "state": "Disabled", + "emailAccountAdmins": true, + "emailAddresses": [ "test@microsoft.com;user@microsoft.com" ], + "disabledAlerts": ["Access_Anomaly"], + "retentionDays": 0, + "storageAccountAccessKey": "", + "storageEndpoint": "" + } + } + ] + } + } + } +} diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ServerSecurityAlertsListByServer.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ServerSecurityAlertsListByServer.json new file mode 100644 index 00000000000..b34bd24e97d --- /dev/null +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/examples/ServerSecurityAlertsListByServer.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-4799", + "serverName": "securityalert-6440", + "api-version": "2017-03-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.Sql/servers/securityalert-6440/securityAlertPolicies", + "name": "Default", + "type": "Microsoft.Sql/servers/securityAlertPolicies", + "properties": { + "state": "Disabled", + "emailAccountAdmins": true, + "emailAddresses": [ "test@microsoft.com;user@microsoft.com" ], + "disabledAlerts": ["Access_Anomaly"], + "retentionDays": 0, + "storageAccountAccessKey": "", + "storageEndpoint": "https://mystorage.blob.core.windows.net" + } + } + ] + } + } + } +} diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/serverSecurityAlertPolicies.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/serverSecurityAlertPolicies.json index eeb43a2a129..a04d538ba5f 100644 --- a/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/serverSecurityAlertPolicies.json +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2017-03-01-preview/serverSecurityAlertPolicies.json @@ -135,6 +135,48 @@ } } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/securityAlertPolicies": { + "get": { + "tags": [ + "ServerSecurityAlertPolicies" + ], + "description": "Get the server's threat detection policies.", + "operationId": "ServerSecurityAlertPolicies_ListByServer", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "$ref": "#/parameters/ServerNameParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the server threat detection policies.", + "schema": { + "$ref": "#/definitions/LogicalServerSecurityAlertPolicyListResult" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountName - The provided storage account is not valid or does not exist.\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountCredentials - The provided storage account access key is not valid.\n\n * 400 InvalidServerSecurityAlertPolicyCreateRequest - The create server Threat Detection security alert policy request does not exist or has no properties object.\n\n * 400 DataSecurityInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 400 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 400 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 409 ServerSecurityAlertPolicyInProgress - Set server security alert policy is already in progress\n\n * 409 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later.\n\n * 500 UpsertServerSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 GetServerSecurityAlertPolicyFailed - Failed to get Threat Detection settings" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List the server's threat detection policies": { + "$ref": "./examples/ServerSecurityAlertsListByServer.json" + } + } + } } }, "definitions": { @@ -146,7 +188,7 @@ "type": "object", "properties": { "state": { - "description": "Specifies the state of the policy, whether it is enabled or disabled.", + "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.", "enum": [ "New", "Enabled", @@ -188,6 +230,12 @@ "format": "int32", "description": "Specifies the number of days to keep in the Threat Detection audit logs.", "type": "integer" + }, + "creationTime": { + "format": "date-time", + "description": "Specifies the UTC creation time of the policy.", + "type": "string", + "readOnly": true } } }, @@ -206,6 +254,25 @@ "x-ms-client-flatten": true } } + }, + "LogicalServerSecurityAlertPolicyListResult": { + "description": "A list of the server's security alert policies.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/ServerSecurityAlertPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } } }, "parameters": { diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2018-06-01-preview/DatabaseSecurityAlertPolicies.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2018-06-01-preview/DatabaseSecurityAlertPolicies.json new file mode 100644 index 00000000000..cb585915d5e --- /dev/null +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2018-06-01-preview/DatabaseSecurityAlertPolicies.json @@ -0,0 +1,409 @@ +{ + "swagger": "2.0", + "info": { + "version": "2018-06-01-preview", + "title": "SqlManagementClient", + "description": "The Azure SQL Database management API provides a RESTful set of web APIs that interact with Azure SQL Database services to manage your databases. The API enables users to create, retrieve, update, and delete databases, servers, and other entities." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/securityAlertPolicies/{securityAlertPolicyName}": { + "get": { + "tags": [ + "DatabaseSecurityAlertPolicies" + ], + "description": "Gets a database's security alert policy.", + "operationId": "DatabaseSecurityAlertPolicies_Get", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "name": "serverName", + "in": "path", + "description": "The name of the server.", + "required": true, + "type": "string" + }, + { + "name": "databaseName", + "in": "path", + "description": "The name of the database for which the security alert policy is defined.", + "required": true, + "type": "string" + }, + { + "name": "securityAlertPolicyName", + "in": "path", + "description": "The name of the security alert policy.", + "required": true, + "type": "string", + "enum": [ + "default" + ], + "x-ms-enum": { + "name": "SecurityAlertPolicyName", + "modelAsString": true + } + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the database security alert policy.", + "schema": { + "$ref": "#/definitions/DatabaseSecurityAlertPolicy" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountName - The provided storage account is not valid or does not exist.\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountCredentials - The provided storage account access key is not valid.\n\n * 400 InvalidDatabaseSecurityAlertPolicyCreateRequest - The create database Threat Detection security alert policy request does not exist or has no properties object.\n\n * 400 DataSecurityInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 400 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 400 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 409 DatabaseSecurityAlertPolicyInProgress - Set database security alert policy is already in progress\n\n * 409 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later.\n\n * 500 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 GetDatabaseSecurityAlertPolicyFailed - Failed to get Threat Detection settings" + } + }, + "x-ms-examples": { + "Get a database's threat detection policy": { + "$ref": "./examples/DatabaseSecurityAlertGet.json" + } + } + }, + "put": { + "tags": [ + "DatabaseSecurityAlertPolicies" + ], + "description": "Creates or updates a database's security alert policy.", + "operationId": "DatabaseSecurityAlertPolicies_CreateOrUpdate", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "name": "serverName", + "in": "path", + "description": "The name of the server.", + "required": true, + "type": "string" + }, + { + "name": "databaseName", + "in": "path", + "description": "The name of the database for which the security alert policy is defined.", + "required": true, + "type": "string" + }, + { + "name": "securityAlertPolicyName", + "in": "path", + "description": "The name of the security alert policy.", + "required": true, + "type": "string", + "enum": [ + "default" + ], + "x-ms-enum": { + "name": "SecurityAlertPolicyName", + "modelAsString": true + } + }, + { + "name": "parameters", + "in": "body", + "description": "The database security alert policy.", + "required": true, + "schema": { + "$ref": "#/definitions/DatabaseSecurityAlertPolicy" + } + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully set the database security alert policy.", + "schema": { + "$ref": "#/definitions/DatabaseSecurityAlertPolicy" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountName - The provided storage account is not valid or does not exist.\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountCredentials - The provided storage account access key is not valid.\n\n * 400 InvalidDatabaseSecurityAlertPolicyCreateRequest - The create database Threat Detection security alert policy request does not exist or has no properties object.\n\n * 400 DataSecurityInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 400 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 400 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 409 DatabaseSecurityAlertPolicyInProgress - Set database security alert policy is already in progress\n\n * 409 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later.\n\n * 500 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 GetDatabaseSecurityAlertPolicyFailed - Failed to get Threat Detection settings" + }, + "201": { + "description": "Successfully created the database security alert policy.", + "schema": { + "$ref": "#/definitions/DatabaseSecurityAlertPolicy" + } + } + }, + "x-ms-examples": { + "Update a database's threat detection policy with minimal parameters": { + "$ref": "./examples/DatabaseSecurityAlertCreateMin.json" + }, + "Update a database's threat detection policy with all parameters": { + "$ref": "./examples/DatabaseSecurityAlertCreateMax.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/securityAlertPolicies": { + "get": { + "tags": [ + "DatabaseSecurityAlertPolicies" + ], + "description": "Gets a list of database's security alert policies.", + "operationId": "DatabaseSecurityAlertPolicies_ListByDatabase", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "name": "serverName", + "in": "path", + "description": "The name of the server.", + "required": true, + "type": "string" + }, + { + "name": "databaseName", + "in": "path", + "description": "The name of the database for which the security alert policy is defined.", + "required": true, + "type": "string" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the database security alert policy.", + "schema": { + "$ref": "#/definitions/DatabaseSecurityAlertListResult" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountName - The provided storage account is not valid or does not exist.\n\n * 400 SecurityAlertPoliciesInvalidStorageAccountCredentials - The provided storage account access key is not valid.\n\n * 400 InvalidDatabaseSecurityAlertPolicyCreateRequest - The create database Threat Detection security alert policy request does not exist or has no properties object.\n\n * 400 DataSecurityInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 400 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 400 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 409 DatabaseSecurityAlertPolicyInProgress - Set database security alert policy is already in progress\n\n * 409 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later.\n\n * 500 UpsertDatabaseSecurityAlertPolicyFailed - An error has occurred while saving Threat detection settings, please try again later\n\n * 500 GetDatabaseSecurityAlertPolicyFailed - Failed to get Threat Detection settings" + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "Get the database's threat detection policies": { + "$ref": "./examples/DatabaseSecurityAlertListByDatabase.json" + } + } + } + } + }, + "definitions": { + "SecurityAlertPolicyProperties": { + "description": "Properties of a security alert policy.", + "required": [ + "state" + ], + "type": "object", + "properties": { + "state": { + "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.", + "enum": [ + "New", + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "SecurityAlertPolicyState", + "modelAsString": false + } + }, + "disabledAlerts": { + "description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action", + "type": "array", + "items": { + "type": "string" + } + }, + "emailAddresses": { + "description": "Specifies an array of e-mail addresses to which the alert is sent.", + "type": "array", + "items": { + "type": "string" + } + }, + "emailAccountAdmins": { + "description": "Specifies that the alert is sent to the account administrators.", + "type": "boolean" + }, + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.", + "type": "string" + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the Threat Detection audit storage account.", + "type": "string" + }, + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the Threat Detection audit logs.", + "type": "integer" + }, + "creationTime": { + "format": "date-time", + "description": "Specifies the UTC creation time of the policy.", + "type": "string", + "readOnly": true + } + } + }, + "DatabaseSecurityAlertPolicy": { + "description": "A database security alert policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../common/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/SecurityAlertPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "DatabaseSecurityAlertListResult": { + "description": "A list of the database's security alert policies.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/DatabaseSecurityAlertPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "description": "The subscription ID that identifies an Azure subscription.", + "required": true, + "type": "string", + "x-ms-parameter-location": "client" + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "description": "The API version to use for the request.", + "required": true, + "type": "string", + "x-ms-parameter-location": "client" + }, + "ResourceGroupParameter": { + "name": "resourceGroupName", + "in": "path", + "description": "The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "ServerNameParameter": { + "name": "serverName", + "in": "path", + "description": "The name of the server.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "ManagedInstanceNameParameter": { + "name": "managedInstanceName", + "in": "path", + "description": "The name of the managed instance.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "DatabaseNameParameter": { + "name": "databaseName", + "in": "path", + "description": "The name of the database.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "BlobAuditingPolicyNameParameter": { + "name": "blobAuditingPolicyName", + "in": "path", + "description": "The name of the blob auditing policy.", + "required": true, + "type": "string", + "enum": [ + "default" + ], + "x-ms-parameter-location": "method" + }, + "SqlVirtualMachineInstanceNameParameter": { + "name": "sqlVirtualMachineInstanceName", + "in": "path", + "description": "The name of the SqlVirtualMachineInstance.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "SqlVirtualMachineContainerNameParameter": { + "name": "sqlVirtualMachineContainerName", + "in": "path", + "description": "The name of the SqlVirtualMachineContainer.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "VirtualClusterNameParameter": { + "name": "virtualClusterName", + "in": "path", + "description": "The name of the virtual cluster.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + } + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "description": "Azure Active Directory OAuth2 Flow", + "flow": "implicit", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + } +} diff --git a/specification/sql/resource-manager/Microsoft.Sql/preview/2018-06-01-preview/examples/DatabaseSecurityAlertListByDatabase.json b/specification/sql/resource-manager/Microsoft.Sql/preview/2018-06-01-preview/examples/DatabaseSecurityAlertListByDatabase.json new file mode 100644 index 00000000000..ccc78ad3f9e --- /dev/null +++ b/specification/sql/resource-manager/Microsoft.Sql/preview/2018-06-01-preview/examples/DatabaseSecurityAlertListByDatabase.json @@ -0,0 +1,33 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-6852", + "serverName": "securityalert-2080", + "databaseName": "testdb", + "api-version": "2018-06-01=preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-6852/providers/Microsoft.Sql/servers/securityalert-2080/databases/testdb", + "name": "default", + "type": "Microsoft.Sql/servers/databases/securityAlertPolicies", + "location": "Japan East", + "kind": "V12", + "properties": { + "state": "Enabled", + "emailAccountAdmins": "true", + "emailAddresses": ["test@microsoft.com","user@microsoft.com"], + "disabledAlerts": ["Usage_Anomaly"], + "retentionDays": 0, + "storageAccountAccessKey": "", + "creationTime": "10/8/2018 12:00:00 AM" + } + } + ] + } + } + } +}