Dev securityinsights microsoft.security insights 2021 10 01 (#17924)

* Adds base for updating Microsoft.SecurityInsights from version stable/2021-04-01 to version 2021-10-01 * Updates readme * Updates API version in new specs and examples * Add AlertRules to microsoft.security insights 2021 10 01 (#15657) * Adds base for updating Microsoft.SecurityInsight's AlertRules from version stable/2020-01-01 to version 2021-10-01 * Updates API version in AlertRules specs and examples * Use common types in AlertRules.json and remove redundant SecurityInsights * Add AlertRules to readme * Copy action examples for alert rules * Add type:object where missing * Align CloudError with rest of the resources in this version * Update readme Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> * Use newest common types to align with rest of Azure (#16130) * Use newest common types to align with rest of Azure * Use ErrorResponse instead of CloudError in operations Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> * Add AlertRules Stable version to 2021-10-01 (#16268) * Add AlertRules Stable version to 2021-10-01 * Fix missing alignment in common types * prettier fixes * move tactics and severity to common * fix common types file extension * more prettier fixes * Add template version field * prettier * added version to required fields * dummy change to trigger checks again * Add onboarding states to new stable version (#16290) * Add onboarding states to new stable version * Update readme.md * cr fix - remove unused params * Add missing resources 2021 10 01 (#16666) * Add missing resources and examples from 2020-01-01 * Update version in added resources and examples * Use existing common types * Remove unnesessary SecurityInsights.json * Update readme * Use sentinel common types in Incidents and Watchlist * Extract and common IncidentInfo and IncidentSeverity * Extract EntityTypes * Correct double allOf in EntityTypes * update readme * Remove eventGroupingSettings and entityMappings from GetAlertRuleTemplateById example. * rename operations.json Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> * Fix analytics templates model (#16689) * add missing properties to scheduled template * prettier fixes * restore templates example after merge * fix templates example after merge and run prettier * Use CloudError instead of ErrorResponse to align with preview versions and our back-end. (#17472) * Automation - Stable Version (#17491) * First * readMe * cloudError * CloudError * schema * prettier * Fix * test * fix identifier * fix description * fix lable * fix lable * ownerInfo * Fix * types * conditionMaxLength Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Done (#17728) Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Correct 2021 10 01 (#17830) * Remove OperationalInsightsResourceProvider parameter in ThreatIntelligence * Remove OperationalInsightProviderParameter from Watchlist * Align stable operation names with preview * Add missing disciminator property in ThreatIntelligence * Done (#17844) Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Align enum names with preview (#17831) * Fix 2021 10 01 validation errors (#17937) * Add x-ms-identifiers to all arrays * Add operations_list example * Add x-ms-identifier in all arrays * Run prettier * Fix spelling error * Add isDataAction to operation schema (#18018) Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> Co-authored-by: laithhisham <49263932+laithhisham@users.noreply.github.com> Co-authored-by: royrein <37300636+royrein@users.noreply.github.com> Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> Co-authored-by: Arthur Ning <57385816+akning-ms@users.noreply.github.com>
Azure · Feb 28, 2022 · 3284dc9 · 3284dc9
1 parent 0105ac0
commit 3284dc9
Show file tree

Hide file tree

Showing 85 changed files with 14,400 additions and 1 deletion.
diff --git a/...ityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/AlertRules.json b/...ityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/AlertRules.json
diff --git a/...sights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/AutomationRules.json b/...sights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/AutomationRules.json
diff --git a/...rityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/Bookmarks.json b/...rityinsights/resource-manager/Microsoft.SecurityInsights/stable/2021-10-01/Bookmarks.json
@@ -0,0 +1,355 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Insights",
+    "description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider",
+    "version": "2021-10-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks": {
+      "get": {
+        "x-ms-examples": {
+          "Get all bookmarks.": {
+            "$ref": "./examples/bookmarks/GetBookmarks.json"
+          }
+        },
+        "tags": [
+          "Bookmarks"
+        ],
+        "description": "Gets all bookmarks.",
+        "operationId": "Bookmarks_List",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK, Operation successfully completed",
+            "schema": {
+              "$ref": "#/definitions/BookmarkList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/2.0/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks/{bookmarkId}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a bookmark.": {
+            "$ref": "./examples/bookmarks/GetBookmarkById.json"
+          }
+        },
+        "tags": [
+          "Bookmarks"
+        ],
+        "description": "Gets a bookmark.",
+        "operationId": "Bookmarks_Get",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName"
+          },
+          {
+            "$ref": "#/parameters/BookmarkId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK, Operation successfully completed",
+            "schema": {
+              "$ref": "#/definitions/Bookmark"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/2.0/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Creates or updates a bookmark.": {
+            "$ref": "./examples/bookmarks/CreateBookmark.json"
+          }
+        },
+        "tags": [
+          "Bookmarks"
+        ],
+        "description": "Creates or updates the bookmark.",
+        "operationId": "Bookmarks_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName"
+          },
+          {
+            "$ref": "#/parameters/BookmarkId"
+          },
+          {
+            "$ref": "#/parameters/Bookmark"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK, Operation successfully completed",
+            "schema": {
+              "$ref": "#/definitions/Bookmark"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/Bookmark"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/2.0/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a bookmark.": {
+            "$ref": "./examples/bookmarks/DeleteBookmark.json"
+          }
+        },
+        "tags": [
+          "Bookmarks"
+        ],
+        "description": "Delete the bookmark.",
+        "operationId": "Bookmarks_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName"
+          },
+          {
+            "$ref": "#/parameters/BookmarkId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK, Operation successfully completed"
+          },
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/2.0/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "Bookmark": {
+      "allOf": [
+        {
+          "$ref": "../../../common/2.0/types.json#/definitions/ResourceWithEtag"
+        }
+      ],
+      "description": "Represents a bookmark in Azure Security Insights.",
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/BookmarkProperties",
+          "description": "Bookmark properties",
+          "x-ms-client-flatten": true
+        }
+      },
+      "type": "object"
+    },
+    "BookmarkList": {
+      "description": "List all the bookmarks.",
+      "properties": {
+        "nextLink": {
+          "description": "URL to fetch the next set of cases.",
+          "readOnly": true,
+          "type": "string"
+        },
+        "value": {
+          "description": "Array of bookmarks.",
+          "items": {
+            "$ref": "#/definitions/Bookmark"
+          },
+          "type": "array"
+        }
+      },
+      "type": "object",
+      "required": [
+        "value"
+      ]
+    },
+    "BookmarkProperties": {
+      "description": "Describes bookmark properties",
+      "properties": {
+        "created": {
+          "description": "The time the bookmark was created",
+          "format": "date-time",
+          "type": "string"
+        },
+        "createdBy": {
+          "$ref": "../../../common/2.0/types.json#/definitions/UserInfo",
+          "description": "Describes a user that created the bookmark",
+          "type": "object"
+        },
+        "displayName": {
+          "description": "The display name of the bookmark",
+          "type": "string"
+        },
+        "labels": {
+          "description": "List of labels relevant to this bookmark",
+          "items": {
+            "$ref": "../../../common/2.0/types.json#/definitions/Label"
+          },
+          "type": "array"
+        },
+        "notes": {
+          "description": "The notes of the bookmark",
+          "type": "string"
+        },
+        "query": {
+          "description": "The query of the bookmark.",
+          "type": "string"
+        },
+        "queryResult": {
+          "description": "The query result of the bookmark.",
+          "type": "string"
+        },
+        "updated": {
+          "description": "The last time the bookmark was updated",
+          "format": "date-time",
+          "type": "string"
+        },
+        "updatedBy": {
+          "$ref": "../../../common/2.0/types.json#/definitions/UserInfo",
+          "description": "Describes a user that updated the bookmark",
+          "type": "object"
+        },
+        "eventTime": {
+          "description": "The bookmark event time",
+          "format": "date-time",
+          "type": "string"
+        },
+        "queryStartTime": {
+          "description": "The start time for the query",
+          "format": "date-time",
+          "type": "string"
+        },
+        "queryEndTime": {
+          "description": "The end time for the query",
+          "format": "date-time",
+          "type": "string"
+        },
+        "incidentInfo": {
+          "$ref": "./common/IncidentTypes.json#/definitions/IncidentInfo",
+          "description": "Describes an incident that relates to bookmark",
+          "type": "object"
+        }
+      },
+      "required": [
+        "displayName",
+        "query"
+      ],
+      "type": "object"
+    }
+  },
+  "parameters": {
+    "Bookmark": {
+      "description": "The bookmark",
+      "in": "body",
+      "name": "bookmark",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/Bookmark"
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "BookmarkId": {
+      "description": "Bookmark ID",
+      "in": "path",
+      "name": "bookmarkId",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}