From 9983f1daf4b9a703e98e208fbd35f30f2d0b37a2 Mon Sep 17 00:00:00 2001 From: Anat Gilenson Date: Tue, 24 Aug 2021 10:09:13 +0300 Subject: [PATCH 1/5] Remove definitions that don't exist in 2020-01-01 and extract Incident Severity to a definition. --- .../stable/2020-01-01/SecurityInsights.json | 172 ++++-------------- 1 file changed, 33 insertions(+), 139 deletions(-) diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json index 1bb0b3dff3b2..be47a15a391f 100644 --- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json @@ -814,35 +814,8 @@ }, "severity": { "description": "The severity of the incident", - "enum": [ - "High", - "Medium", - "Low", - "Informational" - ], "type": "string", - "x-ms-enum": { - "modelAsString": true, - "name": "IncidentSeverity", - "values": [ - { - "description": "High severity", - "value": "High" - }, - { - "description": "Medium severity", - "value": "Medium" - }, - { - "description": "Low severity", - "value": "Low" - }, - { - "description": "Informational severity", - "value": "Informational" - } - ] - } + "$ref": "#/definitions/IncidentSeverityEnum" }, "status": { "description": "The status of the incident", @@ -883,6 +856,38 @@ ], "type": "object" }, + "IncidentSeverityEnum": { + "description": "The severity of the incident", + "enum": [ + "High", + "Medium", + "Low", + "Informational" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "IncidentSeverity", + "values": [ + { + "description": "High severity", + "value": "High" + }, + { + "description": "Medium severity", + "value": "Medium" + }, + { + "description": "Low severity", + "value": "Low" + }, + { + "description": "Informational severity", + "value": "Informational" + } + ] + } + }, "OfficeConsent": { "allOf": [ { @@ -1038,37 +1043,6 @@ "type": "object", "x-ms-azure-resource": true }, - "Settings": { - "allOf": [ - { - "$ref": "#/definitions/ResourceWithEtag" - } - ], - "description": "The Settings.", - "discriminator": "kind", - "required": [ - "kind" - ], - "properties": { - "kind": { - "$ref": "#/definitions/SettingsKind", - "description": "The data connector kind" - } - }, - "type": "object" - }, - "SettingsKind": { - "description": "The kind of the setting", - "enum": [ - "UebaSettings", - "ToggleSettings" - ], - "type": "string", - "x-ms-enum": { - "modelAsString": true, - "name": "SettingKind" - } - }, "ThreatIntelligence": { "description": "ThreatIntelligence property bag.", "properties": { @@ -1106,86 +1080,6 @@ }, "type": "object" }, - "ToggleSettings": { - "allOf": [ - { - "$ref": "#/definitions/Settings" - } - ], - "description": "Settings with single toggle.", - "properties": { - "properties": { - "$ref": "#/definitions/ToggleSettingsProperties", - "description": "toggle properties", - "x-ms-client-flatten": true - } - }, - "type": "object", - "x-ms-discriminator-value": "ToggleSettings" - }, - "ToggleSettingsProperties": { - "description": "toggle property bag.", - "properties": { - "isEnabled": { - "description": "Determines whether the setting is enable or disabled.", - "type": "boolean" - } - }, - "type": "object" - }, - "UebaSettings": { - "allOf": [ - { - "$ref": "#/definitions/Settings" - } - ], - "description": "Represents settings for User and Entity Behavior Analytics enablement.", - "properties": { - "properties": { - "$ref": "#/definitions/UebaSettingsProperties", - "description": "User and Entity Behavior Analytics settings properties", - "x-ms-client-flatten": true - } - }, - "type": "object", - "x-ms-discriminator-value": "UebaSettings" - }, - "UebaSettingsProperties": { - "description": "User and Entity Behavior Analytics settings property bag.", - "properties": { - "atpLicenseStatus": { - "description": "Determines whether the tenant has ATP (Advanced Threat Protection) license.", - "enum": [ - "Enabled", - "Disabled" - ], - "readOnly": true, - "type": "string", - "x-ms-enum": { - "modelAsString": true, - "name": "LicenseStatus" - } - }, - "isEnabled": { - "description": "Determines whether User and Entity Behavior Analytics is enabled for this workspace.", - "type": "boolean" - }, - "statusInMcas": { - "description": "Determines whether User and Entity Behavior Analytics is enabled from MCAS (Microsoft Cloud App Security).", - "enum": [ - "Enabled", - "Disabled" - ], - "readOnly": true, - "type": "string", - "x-ms-enum": { - "modelAsString": true, - "name": "StatusInMcas" - } - } - }, - "type": "object" - }, "UserInfo": { "description": "User information that made some action", "properties": { From c972f5c821c794bbfcf46fddd31f6c1d4b9666ee Mon Sep 17 00:00:00 2001 From: Anat Gilenson Date: Tue, 24 Aug 2021 10:10:20 +0300 Subject: [PATCH 2/5] Use IncidentSeverityEnum instead of defining an incorrect enum which have 'Critical' value. --- .../stable/2020-01-01/Bookmarks.json | 34 +------------------ 1 file changed, 1 insertion(+), 33 deletions(-) diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/Bookmarks.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/Bookmarks.json index a3581ff591da..e4e5cce3ee31 100644 --- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/Bookmarks.json +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/Bookmarks.json @@ -340,40 +340,8 @@ }, "severity": { "description": "The severity of the incident", - "enum": [ - "Critical", - "High", - "Medium", - "Low", - "Informational" - ], "type": "string", - "x-ms-enum": { - "modelAsString": true, - "name": "CaseSeverity", - "values": [ - { - "description": "Critical severity", - "value": "Critical" - }, - { - "description": "High severity", - "value": "High" - }, - { - "description": "Medium severity", - "value": "Medium" - }, - { - "description": "Low severity", - "value": "Low" - }, - { - "description": "Informational severity", - "value": "Informational" - } - ] - } + "$ref": "SecurityInsights.json#/definitions/IncidentSeverityEnum" }, "title": { "description": "The title of the incident", From dd883a8a9bb6ffbeccd93253c9b5fd75a6ab5a1f Mon Sep 17 00:00:00 2001 From: Anat Gilenson Date: Tue, 24 Aug 2021 10:17:32 +0300 Subject: [PATCH 3/5] Remove duplicate definition of IncidentInfo which is already defined in Bookmarks.json --- .../stable/2020-01-01/SecurityInsights.json | 56 +------------------ 1 file changed, 1 insertion(+), 55 deletions(-) diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json index be47a15a391f..efd3131b30e9 100644 --- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json @@ -920,6 +920,7 @@ "type": "array" } }, + "type": "object", "required": [ "value" ] @@ -1104,61 +1105,6 @@ "objectId" ], "type": "object" - }, - "IncidentInfo": { - "description": "Describes related incident information for the bookmark", - "properties": { - "incidentId": { - "description": "Incident Id", - "type": "string" - }, - "severity": { - "description": "The severity of the incident", - "enum": [ - "Critical", - "High", - "Medium", - "Low", - "Informational" - ], - "type": "string", - "x-ms-enum": { - "modelAsString": true, - "name": "CaseSeverity", - "values": [ - { - "description": "Critical severity", - "value": "Critical" - }, - { - "description": "High severity", - "value": "High" - }, - { - "description": "Medium severity", - "value": "Medium" - }, - { - "description": "Low severity", - "value": "Low" - }, - { - "description": "Informational severity", - "value": "Informational" - } - ] - } - }, - "title": { - "description": "The title of the incident", - "type": "string" - }, - "relationName": { - "description": "Relation Name", - "type": "string" - } - }, - "type": "object" } }, "parameters": { From 3291fc14aa322bb700c18ded7f537a8ebfe5dc08 Mon Sep 17 00:00:00 2001 From: Anat Gilenson Date: Tue, 24 Aug 2021 10:20:44 +0300 Subject: [PATCH 4/5] Remove Settings from SecurityInsights.json --- .../stable/2020-01-01/SecurityInsights.json | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json index efd3131b30e9..57a3c596490b 100644 --- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json @@ -1230,24 +1230,6 @@ "type": "string", "x-ms-parameter-location": "method" }, - "Settings": { - "description": "The setting", - "in": "body", - "name": "settings", - "required": true, - "schema": { - "$ref": "#/definitions/Settings" - }, - "x-ms-parameter-location": "method" - }, - "SettingsName": { - "description": "The setting name. Supports- Fusion, UEBA", - "in": "path", - "name": "settingsName", - "required": true, - "type": "string", - "x-ms-parameter-location": "method" - }, "SubscriptionId": { "description": "Azure subscription ID", "in": "path", From 118ea2d996f58c497a80df5f891ae21bfef0e339 Mon Sep 17 00:00:00 2001 From: Anat Gilenson Date: Tue, 24 Aug 2021 10:31:16 +0300 Subject: [PATCH 5/5] Make prettier --- .../stable/2020-01-01/SecurityInsights.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json index 57a3c596490b..26b6215df723 100644 --- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2020-01-01/SecurityInsights.json @@ -920,7 +920,7 @@ "type": "array" } }, - "type": "object", + "type": "object", "required": [ "value" ]