microsoft
/
PowerPlatformConnectors
зеркало из https://github.com/microsoft/PowerPlatformConnectors.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
PowerPlatformConnectors/certified-connectors/CloudAppSecurity/apiDefinition.swagger.json

895 строки
28 KiB
JSON
Исходник Постоянная ссылка Ответственный История

{
"swagger": "2.0",
"info": {
"title": "MCAS Connector",
"description": "Microsoft Cloud App Security gives you visibility into your cloud apps and services, provides sophisticated analytics to identify and combat cyberthreats and enables you to control how your data travels.",
"version": "1.0",
"x-ms-api-annotation": {
"status": "Preview"
}
},
"host": "portal.cloudappsecurity.com",
"basePath": "/",
"schemes": [
"https"
],
"consumes": [],
"produces": [],
"paths": {
"/cas/api/v1/ms_flow/": {
"x-ms-notification-content": {
"description": "Cloud App Security Alert",
"schema": {
"type": "object",
"properties": {
"Version": {
"type": "string",
"description": "The version of the alert schema"
},
"VendorName": {
"type": "string",
"description": "The name of the vendor that raised the alert"
},
"ProviderName": {
"type": "string",
"description": "The name of the vendor that raised the alert"
},
"AlertType": {
"type": "string",
"description": "The type name of the alert"
},
"StartTimeUtc": {
"type": "string",
"format": "date-time",
"description": "The impact start time of the alert (the time of the first event contributing to the alert)"
},
"EndTimeUtc": {
"type": "string",
"format": "date-time",
"description": "The impact end time of the alert (the time of the last event contributing to the alert)"
},
"TimeGenerated": {
"type": "string",
"format": "date-time",
"description": "The time the alert was generated by CAS"
},
"Severity": {
"type": "string",
"enum": [
"Informational",
"Low",
"Medium",
"High"
],
"description": "The severity of the alert"
},
"ProviderAlertId": {
"type": "string",
"description": "Unique ID for the specific alert instance"
},
"ProviderPolicyId": {
"type": "string",
"description": "ID of the MCAS policy that triggered the alert"
},
"CorrelationKey": {
"type": "string",
"description": "Used to group similar or duplicate alerts"
},
"AzureResourceId": {
"type": "string",
"description": "The full ARM resource identifier for the cloud resource being alerted on"
},
"CompromisedEntity": {
"type": "string",
"description": "Display name of the main entity being reported on"
},
"AlertDisplayName": {
"type": "string",
"description": "The display name of the alert"
},
"Description": {
"type": "string",
"description": "Alert description"
},
"RemediationSteps": {
"type": "array",
"items": {
"type": "string"
},
"description": "Manual action items to take to remediate the alert"
},
"Metadata": {
"type": "object",
"x-ms-visibility": "advanced",
"description": "Contains technical fields that assist in alert processing",
"properties": {
"Component": {
"type": "string",
"description": "Component",
"x-ms-visibility": "advanced"
},
"ComponentVersion": {
"type": "string",
"description": "ComponentVersion",
"x-ms-visibility": "advanced"
},
"TenantId": {
"type": "string",
"description": "TenantId",
"x-ms-visibility": "advanced"
},
"MCASTenantId": {
"type": "string",
"description": "MCASTenantId",
"x-ms-visibility": "advanced"
},
"MCASDC": {
"type": "string",
"format": "date-time",
"description": "MCASDC",
"x-ms-visibility": "advanced"
},
"DuplicateAlertsContextId": {
"type": "string",
"description": "DuplicateAlertsContextId",
"x-ms-visibility": "advanced"
},
"MCASAlertCategory": {
"type": "string",
"description": "MCASAlertCategory",
"x-ms-visibility": "advanced"
}
}
},
"ExtendedProperties": {
"type": "object",
"description": "Extended alert properties",
"properties": {
"IP Addresses": {
"type": "string",
"description": "IP addresses related to the alert"
},
"Cloud Applications": {
"type": "string",
"description": "Cloud applications related to the alert"
},
"Countries": {
"type": "string",
"description": "Countries related to the alert"
}
}
},
"Entities": {
"type": "array",
"description": "A list of entities related to the alert. This list can hold a mixture of entities of diverse types.",
"items": {
"type": "object",
"properties": {
"Type": {
"type": "string",
"description": "Type of the entity"
},
"Name": {
"type": "string",
"description": "Name of the entity"
},
"AadTenantId": {
"type": "string",
"description": "AAD Tenant ID of an account entity"
},
"AadUserId": {
"type": "string",
"description": "AAD User ID of an account entity"
},
"UPNSuffix": {
"type": "string",
"description": "UPN Suffix of an account entity"
},
"Address": {
"type": "string",
"description": "IP Address of an IP entity"
},
"ResourceId": {
"type": "string",
"description": "ResourceId of an Azure resource entity"
},
"Domains": {
"type": "array",
"items": {
"type": "string"
},
"description": "List of domains of a cloud application entity"
}
}
}
},
"ExtendedLinks": {
"type": "array",
"description": "A list of links related to the alert. This list can hold a mixture of links of diverse types.",
"items": {
"type": "object",
"properties": {
"Type": {
"type": "string",
"description": "Link type"
},
"Category": {
"type": "string",
"description": "Link category"
},
"Label": {
"type": "string",
"description": "Link label"
},
"Href": {
"type": "string",
"description": "Link address"
}
}
}
}
}
}
},
"post": {
"responses": {
"default": {
"description": "default"
}
},
"summary": "When an alert is generated",
"description": "Triggers when a Cloud App Security alert is generated. After configuring your Power Automate, go to the Cloud App Security policy page, and specify this Power Automate in one of your policies.",
"operationId": "MCAS_ON_ALERT_GENERATED",
"x-ms-trigger": "single",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"type": "object",
"required": [
"callback_url"
],
"properties": {
"callback_url": {
"type": "string",
"description": "callback_url",
"x-ms-visibility": "internal",
"x-ms-notification-url": true
}
}
}
}
]
}
},
"/cas/api/v1/ms_flow/{flow_id}/": {
"delete": {
"responses": {
"200": {
"description": "Successful operation",
"schema": {
"type": "string"
}
},
"default": {
"description": "Operation Failed."
}
},
"summary": "Delete Power Automate",
"operationId": "MCAS_DELETE_FLOW",
"x-ms-visibility": "internal",
"parameters": [
{
"name": "flow_id",
"in": "path",
"required": true,
"type": "string"
}
],
"description": "Deletes a Power Automate"
}
},
"/cas/api/v1/alerts/dismiss_bulk/": {
"post": {
"responses": {
"200": {
"description": "OK"
},
"default": {
"description": "Operation Failed."
}
},
"summary": "Dismiss Cloud App Security alert",
"description": "Dismiss Cloud App Security alert by alert ID",
"operationId": "MCAS_DISMISS_ALERT",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"type": "object",
"properties": {
"filters": {
"type": "object",
"properties": {
"id": {
"type": "object",
"properties": {
"eq": {
"type": "array",
"items": {
"type": "string",
"description": "Enter alert ID...",
"title": "Alert ID"
},
"description": "eq"
}
},
"description": "id",
"required": [
"eq"
]
}
},
"description": "filters",
"required": [
"id"
]
},
"comment": {
"type": "string",
"description": "Comment",
"title": "Dismissal comment",
"default": "Dismissed using Microsoft Power Automate"
}
},
"required": [
"filters"
]
}
}
]
}
},
"/cas/api/v1/alerts/resolve/": {
"post": {
"responses": {
"200": {
"description": "OK"
},
"default": {
"description": "Operation Failed."
}
},
"operationId": "MCAS_RESOLVE_ALERT",
"summary": "Resolve Cloud App Security alert",
"description": "Resolve Cloud App Security alert by alert ID",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"type": "object",
"properties": {
"filters": {
"type": "object",
"properties": {
"id": {
"type": "object",
"properties": {
"eq": {
"type": "array",
"items": {
"type": "string",
"description": "Enter alert ID...",
"title": "Alert ID"
},
"description": "eq"
}
},
"description": "id",
"required": [
"eq"
]
}
},
"description": "filters",
"required": [
"id"
]
},
"comment": {
"type": "string",
"description": "Comment",
"title": "Resolution comment",
"default": "Resolved using Microsoft Power Automate"
}
},
"required": [
"filters"
]
}
}
]
}
},
"/cas/api/v1/policies/{policy_id}/disable/": {
"post": {
"responses": {
"200": {
"description": "OK"
},
"default": {
"description": "Operation Failed."
}
},
"operationId": "MCAS_DISABLE_POLICY",
"summary": "Disable Cloud App Security policy",
"description": "Disable Cloud App Security policy by policy ID",
"parameters": [
{
"name": "policy_id",
"in": "path",
"required": true,
"type": "string",
"x-ms-summary": "Provider policy ID",
"description": "Enter provider policy ID..."
}
]
}
},
"/cas/api/v1/policies/{policy_id}/enable/": {
"post": {
"responses": {
"200": {
"description": "OK"
},
"default": {
"description": "Operation Failed."
}
},
"operationId": "MCAS_ENABLE_POLICY",
"summary": "Enable Cloud App Security policy",
"description": "Enable Cloud App Security policy by policy ID",
"parameters": [
{
"name": "policy_id",
"in": "path",
"required": true,
"type": "string",
"description": "Enter provider policy ID...",
"x-ms-summary": "Provider policy ID"
}
]
}
},
"/cas/api/v1/alerts/": {
"post": {
"responses": {
"200": {
"description": "Successful operation",
"schema": {
"$ref": "#/definitions/AlertsAPIResult"
}
},
"default": {
"description": "Operation Failed."
}
},
"summary": "Get Cloud App Security open alerts",
"operationId": "MCAS_GET_OPEN_ALERTS",
"description": "Get Cloud App Security open alerts",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"type": "object",
"properties": {
"skip": {
"type": "integer",
"format": "int32",
"description": "skip",
"title": "skip",
"x-ms-visibility": "internal",
"default": 0
},
"limit": {
"type": "integer",
"format": "int32",
"description": "Enter limit...",
"title": "Limit",
"default": 20
},
"filters": {
"type": "object",
"properties" : { },
"x-ms-visibility": "internal",
"default": { "resolutionStatus" : { "eq": 0 }},
"description": "filters"
},
"sortField": {
"type": "string",
"description": "sortField",
"title": "sortField",
"x-ms-visibility": "internal",
"default": "date"
},
"sortDirection": {
"type": "string",
"description": "sortDirection",
"title": "sortDirection",
"x-ms-visibility": "internal",
"default": "desc"
},
"projectedMSFlowFields": {
"type": "boolean",
"description": "projectedMSFlowFields",
"title": "projectedMSFlowFields",
"x-ms-visibility": "internal",
"default": "true"
}
},
"required": [
"filters",
"projectedMSFlowFields",
"skip",
"sortDirection",
"sortField"
]
}
}
]
}
},
"/cas/api/v1/policies/{policy_id}/": {
"post": {
"responses": {
"200": {
"description": "Successful operation",
"schema": {
"$ref": "#/definitions/PolicyAPIResult"
}
},
"default": {
"description": "Operation Failed."
}
},
"operationId": "MCAS_GET_POLICY",
"summary": "Get Cloud App Security policy",
"description": "Get Cloud App Security policy by policy ID",
"parameters": [
{
"name": "policy_id",
"description": "Enter provider policy ID...",
"x-ms-summary": "Provider policy ID",
"in": "path",
"required": true,
"type": "string"
},
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"type": "object",
"properties": {
"projectedMSFlowFields": {
"type": "string",
"description": "projectedMSFlowFields",
"title": "projectedMSFlowFields",
"x-ms-visibility": "internal",
"default": "true"
}
},
"required": [
"projectedMSFlowFields"
]
},
"x-ms-visibility": "internal"
}
]
}
},
"/cas/api/v1/activities/": {
"post": {
"responses": {
"200": {
"description": "Successful operation",
"schema": {
"$ref": "#/definitions/ActivitiesAPIResult"
}
},
"default": {
"description": "Operation Failed."
}
},
"summary": "Get Cloud App Security activities",
"operationId": "MCAS_GET_ACTIVITIES",
"description": "Get Cloud App Security activities performed by Azure AD user ID",
"parameters": [
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"type": "object",
"properties": {
"skip": {
"type": "integer",
"format": "int32",
"description": "skip",
"title": "skip",
"x-ms-visibility": "internal",
"default": 0
},
"limit": {
"type": "integer",
"format": "int32",
"description": "Enter limit...",
"title": "Limit",
"default": 20
},
"filters": {
"type": "object",
"properties": {
"entity": {
"type": "object",
"properties": {
"eq": {
"type": "array",
"items": {
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Enter AAD User ID...",
"title": "AAD User ID"
},
"saas": {
"type": "integer",
"format": "int32",
"description": "saas",
"title": "saas",
"x-ms-visibility": "internal",
"default": 11161
},
"inst": {
"type": "integer",
"format": "int32",
"description": "inst",
"title": "inst",
"x-ms-visibility": "internal",
"default": 0
}
},
"required": [
"id",
"inst",
"saas"
]
},
"description": "eq"
}
},
"description": "entity",
"required": [
"eq"
]
}
},
"description": "filters",
"required": [
"entity"
]
},
"sortField": {
"type": "string",
"description": "sortField",
"title": "sortField",
"x-ms-visibility": "internal",
"default": "date"
},
"sortDirection": {
"type": "string",
"description": "sortDirection",
"title": "sortDirection",
"x-ms-visibility": "internal",
"default": "desc"
}
},
"required": [
"filters",
"skip",
"sortDirection",
"sortField"
]
}
}
]
}
},
"/cas/api/v1/discovery/discovery_app/{app_id}/set_sanctioned/": {
"post": {
"responses": {
"200": {
"description": "OK"
},
"default": {
"description": "Operation Failed."
}
},
"operationId": "MCAS_TAG_APP_SANCTIONED",
"summary": "Tag app as sanctioned",
"description": "Tag app as sanctioned by app ID",
"parameters": [
{
"name": "app_id",
"in": "path",
"required": true,
"type": "integer",
"format": "int32",
"description": "Enter Cloud Application ID...",
"x-ms-summary": "Cloud Application"
},
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"type": "object",
"properties": {
"sanction": {
"type": "string",
"description": "sanction",
"title": "sanction",
"x-ms-visibility": "internal",
"default": "true"
}
},
"required": [
"sanction"
]
}
}
]
}
},
"/cas/api/v1/discovery/discovery_app/{app_id}/set_banned/": {
"post": {
"responses": {
"200": {
"description": "OK"
},
"default": {
"description": "Operation Failed."
}
},
"operationId": "MCAS_TAG_APP_UNSANCTIONED",
"summary": "Tag app as unsanctioned",
"description": "Tag app as unsanctioned by app ID",
"parameters": [
{
"name": "app_id",
"in": "path",
"required": true,
"type": "integer",
"x-ms-summary": "Cloud Application",
"description": "Enter Cloud Application ID...",
"format": "int32"
},
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"type": "object",
"properties": {
"ban": {
"type": "string",
"description": "ban",
"title": "ban",
"x-ms-visibility": "internal",
"default": "true"
}
},
"required": [
"ban"
]
}
}
]
}
}
},
"definitions": {
"ActivitiesAPIResult": {
"type": "object",
"x-ms-summary": "Activities",
"properties": {
"data": {
"$ref": "#/definitions/ActivitiesData"
}
}
},
"ActivitiesData": {
"description": "Activities by AAD user ID",
"type": "string"
},
"AlertsAPIResult": {
"type": "object",
"x-ms-summary": "Open alerts",
"properties": {
"data": {
"$ref": "#/definitions/AlertsData"
}
}
},
"AlertsData": {
"description": "Get open alerts",
"type": "string"
},
"PolicyAPIResult": {
"type": "object",
"x-ms-summary": "Policy",
"properties": {
"name": {
"$ref": "#/definitions/PolicyName"
},
"description": {
"$ref": "#/definitions/PolicyDescription"
},
"policyType": {
"$ref": "#/definitions/PolicyType"
},
"alertDailyLimit": {
"$ref": "#/definitions/DailyAlertLimit"
},
"lastModified": {
"$ref": "#/definitions/LastModified"
}
}
},
"PolicyName": {
"x-ms-summary": "Name",
"description": "The name of the policy",
"type": "string"
},
"PolicyDescription": {
"x-ms-summary": "Description",
"description": "The description of the policy",
"type": "string"
},
"PolicyType": {
"x-ms-summary": "Type",
"description": "The type of the policy",
"type": "string"
},
"DailyAlertLimit": {
"x-ms-summary": "Daily alert limit",
"description": "Daily limit of generated alerts",
"type": "integer"
},
"LastModified": {
"x-ms-summary": "Last modified",
"description": "Last modified timestamp",
"type": "integer"
}
},
"parameters": {},
"responses": {},
"securityDefinitions": {
"api_key": {
"type": "apiKey",
"in": "header",
"name": "Authorization"
}
},
"security": [],
"tags": []
}
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку