From 4d16604614fd39769e1b96623abeed11375ba3aa Mon Sep 17 00:00:00 2001 From: Adi Griever Date: Wed, 8 Jul 2020 22:34:42 +0300 Subject: [PATCH 1/2] Remove premium firewall policy properties (private) --- .../stable/2020-03-01/firewallPolicy.json | 16 --- .../stable/2020-04-01/firewallPolicy.json | 105 ------------------ .../stable/2020-05-01/firewallPolicy.json | 101 ----------------- 3 files changed, 222 deletions(-) diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2020-03-01/firewallPolicy.json b/specification/network/resource-manager/Microsoft.Network/stable/2020-03-01/firewallPolicy.json index 856ee28bbed1..b3f020ae08c8 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2020-03-01/firewallPolicy.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2020-03-01/firewallPolicy.json @@ -614,10 +614,6 @@ "threatIntelMode": { "description": "The operation mode for Threat Intelligence.", "$ref": "./azureFirewall.json#/definitions/AzureFirewallThreatIntelMode" - }, - "intrusionSystemMode": { - "description": "The operation mode for Intrusion system.", - "$ref": "#/definitions/FirewallPolicyIntrusionSystemMode" } }, "description": "Firewall Policy definition." @@ -1058,18 +1054,6 @@ } }, "description": "Response for ListFirewallPolicyRuleGroups API service call." - }, - "FirewallPolicyIntrusionSystemMode": { - "type": "string", - "description": "The operation mode for Intrusion system mode.", - "enum": [ - "Enabled", - "Disabled" - ], - "x-ms-enum": { - "name": "FirewallPolicyIntrusionSystemMode", - "modelAsString": true - } } } } diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2020-04-01/firewallPolicy.json b/specification/network/resource-manager/Microsoft.Network/stable/2020-04-01/firewallPolicy.json index e411a402a296..4eee92967be4 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2020-04-01/firewallPolicy.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2020-04-01/firewallPolicy.json @@ -566,10 +566,6 @@ "type": "string", "readOnly": true, "description": "A unique read-only string that changes whenever the resource is updated." - }, - "identity": { - "$ref": "./network.json#/definitions/ManagedServiceIdentity", - "description": "The identity of the firewall policy." } }, "allOf": [ @@ -622,88 +618,10 @@ "threatIntelWhitelist": { "description": "ThreatIntel Whitelist for Firewall Policy.", "$ref": "#/definitions/FirewallPolicyThreatIntelWhitelist" - }, - "intrusionSystemMode": { - "description": "The operation mode for Intrusion system.", - "$ref": "#/definitions/FirewallPolicyIntrusionSystemMode" - }, - "transportSecurity": { - "description": "TLS Configuration definition.", - "$ref": "#/definitions/FirewallPolicyTransportSecurity" } }, "description": "Firewall Policy definition." }, - "FirewallPolicyTransportSecurity": { - "properties": { - "certificateAuthority": { - "$ref": "#/definitions/FirewallPolicyCertificateAuthority", - "description": "The CA used for intermediate CA generation." - }, - "excludedDomains": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of domains which are excluded from TLS termination." - }, - "trustedRootCertificates": { - "type": "array", - "items": { - "$ref": "#/definitions/FirewallPolicyTrustedRootCertificate", - "description": "A list of certificates which are to be trusted by the firewall." - }, - "description": "Certificates which are to be trusted by the firewall." - } - }, - "description": "Configuration needed to perform TLS termination & initiation." - }, - "FirewallPolicyTrustedRootCertificate": { - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/FirewallPolicyTrustedRootCertificatePropertiesFormat", - "description": "Properties of the trusted root authorities." - }, - "name": { - "type": "string", - "description": "Name of the trusted root certificate that is unique within a firewall policy." - } - }, - "description": "Trusted Root certificates of a firewall policy." - }, - "FirewallPolicyTrustedRootCertificatePropertiesFormat": { - "properties": { - "keyVaultSecretId": { - "type": "string", - "description": "Secret Id of (base-64 encoded unencrypted pfx) the public certificate data stored in KeyVault." - } - }, - "description": "Trusted Root certificates properties for tls." - }, - "FirewallPolicyCertificateAuthority": { - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/FirewallPolicyCertificateAuthorityPropertiesFormat", - "description": "Properties of the certificate authority." - }, - "name": { - "type": "string", - "description": "Name of the CA certificate." - } - }, - "description": "Trusted Root certificates properties for tls." - }, - "FirewallPolicyCertificateAuthorityPropertiesFormat": { - "properties": { - "keyVaultSecretId": { - "type": "string", - "description": "Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault." - } - }, - "description": "Trusted Root certificates properties for tls." - }, "FirewallPolicyRuleGroup": { "properties": { "properties": { @@ -901,13 +819,6 @@ }, "description": "Array of Application Protocols." }, - "targetUrls": { - "type": "array", - "description": "List of Urls for this rule condition.", - "items": { - "type": "string" - } - }, "targetFqdns": { "type": "array", "description": "List of FQDNs for this rule condition.", @@ -975,10 +886,6 @@ "items": { "type": "string" } - }, - "terminateTLS": { - "type": "boolean", - "description": "Terminate TLS connections for this rule." } } }, @@ -1152,18 +1059,6 @@ }, "description": "Response for ListFirewallPolicyRuleGroups API service call." }, - "FirewallPolicyIntrusionSystemMode": { - "type": "string", - "description": "The operation mode for Intrusion system mode.", - "enum": [ - "Enabled", - "Disabled" - ], - "x-ms-enum": { - "name": "FirewallPolicyIntrusionSystemMode", - "modelAsString": true - } - }, "FirewallPolicyThreatIntelWhitelist": { "description": "ThreatIntel Whitelist for Firewall Policy.", "x-ms-discriminator-value": "FirewallPolicyThreatIntelWhitelist", diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json index f15fb1e7a7b2..1fa9e4894fbc 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json @@ -566,10 +566,6 @@ "type": "string", "readOnly": true, "description": "A unique read-only string that changes whenever the resource is updated." - }, - "identity": { - "$ref": "./network.json#/definitions/ManagedServiceIdentity", - "description": "The identity of the firewall policy." } }, "allOf": [ @@ -623,14 +619,6 @@ "description": "ThreatIntel Whitelist for Firewall Policy.", "$ref": "#/definitions/FirewallPolicyThreatIntelWhitelist" }, - "intrusionSystemMode": { - "description": "The operation mode for Intrusion system.", - "$ref": "#/definitions/FirewallPolicyIntrusionSystemMode" - }, - "transportSecurity": { - "description": "TLS Configuration definition.", - "$ref": "#/definitions/FirewallPolicyTransportSecurity" - }, "dnsSettings": { "description": "DNS Proxy Settings definition.", "$ref": "#/definitions/DnsSettings" @@ -638,76 +626,6 @@ }, "description": "Firewall Policy definition." }, - "FirewallPolicyTransportSecurity": { - "properties": { - "certificateAuthority": { - "$ref": "#/definitions/FirewallPolicyCertificateAuthority", - "description": "The CA used for intermediate CA generation." - }, - "excludedDomains": { - "type": "array", - "items": { - "type": "string" - }, - "description": "List of domains which are excluded from TLS termination." - }, - "trustedRootCertificates": { - "type": "array", - "items": { - "$ref": "#/definitions/FirewallPolicyTrustedRootCertificate", - "description": "A list of certificates which are to be trusted by the firewall." - }, - "description": "Certificates which are to be trusted by the firewall." - } - }, - "description": "Configuration needed to perform TLS termination & initiation." - }, - "FirewallPolicyTrustedRootCertificate": { - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/FirewallPolicyTrustedRootCertificatePropertiesFormat", - "description": "Properties of the trusted root authorities." - }, - "name": { - "type": "string", - "description": "Name of the trusted root certificate that is unique within a firewall policy." - } - }, - "description": "Trusted Root certificates of a firewall policy." - }, - "FirewallPolicyTrustedRootCertificatePropertiesFormat": { - "properties": { - "keyVaultSecretId": { - "type": "string", - "description": "Secret Id of (base-64 encoded unencrypted pfx) the public certificate data stored in KeyVault." - } - }, - "description": "Trusted Root certificates properties for tls." - }, - "FirewallPolicyCertificateAuthority": { - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/FirewallPolicyCertificateAuthorityPropertiesFormat", - "description": "Properties of the certificate authority." - }, - "name": { - "type": "string", - "description": "Name of the CA certificate." - } - }, - "description": "Trusted Root certificates properties for tls." - }, - "FirewallPolicyCertificateAuthorityPropertiesFormat": { - "properties": { - "keyVaultSecretId": { - "type": "string", - "description": "Secret Id of (base-64 encoded unencrypted pfx) 'Secret' or 'Certificate' object stored in KeyVault." - } - }, - "description": "Trusted Root certificates properties for tls." - }, "FirewallPolicyRuleCollectionGroup": { "properties": { "properties": { @@ -900,13 +818,6 @@ }, "description": "Array of Application Protocols." }, - "targetUrls": { - "type": "array", - "description": "List of Urls for this rule condition.", - "items": { - "type": "string" - } - }, "targetFqdns": { "type": "array", "description": "List of FQDNs for this rule.", @@ -1166,18 +1077,6 @@ }, "description": "Response for ListFirewallPolicyRuleCollectionGroups API service call." }, - "FirewallPolicyIntrusionSystemMode": { - "type": "string", - "description": "The operation mode for Intrusion system mode.", - "enum": [ - "Enabled", - "Disabled" - ], - "x-ms-enum": { - "name": "FirewallPolicyIntrusionSystemMode", - "modelAsString": true - } - }, "FirewallPolicyThreatIntelWhitelist": { "description": "ThreatIntel Whitelist for Firewall Policy.", "x-ms-discriminator-value": "FirewallPolicyThreatIntelWhitelist", From f9ccf5d7b38a47af470fae30a676cccd7b629a5f Mon Sep 17 00:00:00 2001 From: Adi Griever Date: Wed, 8 Jul 2020 22:35:01 +0300 Subject: [PATCH 2/2] Remove premium firewall policy properties (private) --- .../Microsoft.Network/stable/2020-05-01/firewallPolicy.json | 4 ---- 1 file changed, 4 deletions(-) diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json index 1fa9e4894fbc..fca251108fb0 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2020-05-01/firewallPolicy.json @@ -838,10 +838,6 @@ "items": { "type": "string" } - }, - "terminateTLS": { - "type": "boolean", - "description": "Terminate TLS connections for this rule." } }, "description": "Rule of type application."