Add AlertRules Stable version to 2021-10-01 #16268
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Hi, @laithhisham Thanks for your PR. I am workflow bot for review process. Here are some small tips. Any feedback about review process or workflow bot, pls contact swagger and tools team. vsswagger@microsoft.com |
|
[Call for Action] To better understand Azure service dev/test scenario, and support Azure service developer better on Swagger and REST API related tests in early phase, please help to fill in with this survey https://aka.ms/SurveyForEarlyPhase. It will take 5 to 10 minutes. If you already complete survey, please neglect this comment. Thanks. |
Swagger Validation Report
|
| Rule | Message |
|---|---|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: createIncident Location: Microsoft.SecurityInsights/stable/2021-10-01/AlertRules.json#L1284 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: enabled Location: Microsoft.SecurityInsights/stable/2021-10-01/AlertRules.json#L1301 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: reopenClosedIncident Location: Microsoft.SecurityInsights/stable/2021-10-01/AlertRules.json#L1305 |
The following errors/warnings exist before current PR submission:
| Rule | Message |
|---|---|
|
The response schema of operations API '/providers/Microsoft.SecurityInsights/operations' does not match the ARM specification. Please standardize the schema. Location: Microsoft.SecurityInsights/stable/2021-10-01/operations.json#L37 |
| Since operation 'ThreatIntelligenceIndicator_QueryIndicators' response has model definition 'x-ms-pageable', it should be of the form '_list'. Note: If you have already shipped an SDK on top of this spec, fixing this warning may introduce a breaking change. Location: Microsoft.SecurityInsights/stable/2021-10-01/ThreatIntelligence.json#L311 |
|
| Consider using x-ms-client-flatten to provide a better end user experience Location: Microsoft.SecurityInsights/stable/2021-10-01/ThreatIntelligence.json#L1017 |
|
| Based on the response model schema, operation 'ThreatIntelligenceIndicatorMetrics_List' might be pageable. Consider adding the x-ms-pageable extension. Location: Microsoft.SecurityInsights/stable/2021-10-01/ThreatIntelligence.json#L352 |
|
| The child tracked resource, 'comments' with immediate parent 'Incident', must have a list by immediate parent operation. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L1666 |
|
| The child tracked resource, 'relations' with immediate parent 'Incident', must have a list by immediate parent operation. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L3072 |
|
| The child tracked resource, 'watchlistItems' with immediate parent 'Watchlist', must have a list by immediate parent operation. Location: Microsoft.SecurityInsights/stable/2021-10-01/Watchlists.json#L621 |
|
| Guid used in model definition 'AccountEntityProperties' for property 'objectGuid'. Usage of Guid is not recommanded. If GUIDs are absolutely required in your service, please get sign off from the Azure API review board. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L851 |
|
| Guid used in model definition 'ClientInfo' for property 'objectId'. Usage of Guid is not recommanded. If GUIDs are absolutely required in your service, please get sign off from the Azure API review board. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L929 |
|
| Guid used in model definition 'IncidentOwnerInfo' for property 'objectId'. Usage of Guid is not recommanded. If GUIDs are absolutely required in your service, please get sign off from the Azure API review board. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L1896 |
|
| Guid used in model definition 'IoTDeviceEntityProperties' for property 'iotSecurityAgentId'. Usage of Guid is not recommanded. If GUIDs are absolutely required in your service, please get sign off from the Azure API review board. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L2154 |
|
| Guid used in model definition 'MailboxEntityProperties' for property 'externalDirectoryObjectId'. Usage of Guid is not recommanded. If GUIDs are absolutely required in your service, please get sign off from the Azure API review board. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L2323 |
|
| Guid used in model definition 'MailMessageEntityProperties' for property 'networkMessageId'. Usage of Guid is not recommanded. If GUIDs are absolutely required in your service, please get sign off from the Azure API review board. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L2544 |
|
| Guid used in model definition 'SecurityGroupEntityProperties' for property 'objectGuid'. Usage of Guid is not recommanded. If GUIDs are absolutely required in your service, please get sign off from the Azure API review board. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L3511 |
|
| Guid used in model definition 'SubmissionMailEntityProperties' for property 'networkMessageId'. Usage of Guid is not recommanded. If GUIDs are absolutely required in your service, please get sign off from the Azure API review board. Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L3550 |
|
| Guid used in model definition 'UserInfo' for property 'objectId'. Usage of Guid is not recommanded. If GUIDs are absolutely required in your service, please get sign off from the Azure API review board. Location: Microsoft.SecurityInsights/stable/2021-10-01/Watchlists.json#L703 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: isDomainJoined Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L841 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: isDomainJoined Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L1427 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: isVolumeAnomaly Location: Microsoft.SecurityInsights/stable/2021-10-01/Incidents.json#L2407 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: defanged Location: Microsoft.SecurityInsights/stable/2021-10-01/ThreatIntelligence.json#L678 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: revoked Location: Microsoft.SecurityInsights/stable/2021-10-01/ThreatIntelligence.json#L710 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: includeDisabled Location: Microsoft.SecurityInsights/stable/2021-10-01/ThreatIntelligence.json#L887 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: isDeleted Location: Microsoft.SecurityInsights/stable/2021-10-01/Watchlists.json#L550 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: isDeleted Location: Microsoft.SecurityInsights/stable/2021-10-01/Watchlists.json#L652 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: enabled Location: Microsoft.SecurityInsights/stable/2021-10-01/AlertRules.json#L823 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: enabled Location: Microsoft.SecurityInsights/stable/2021-10-01/AlertRules.json#L1002 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: enabled Location: Microsoft.SecurityInsights/stable/2021-10-01/AlertRules.json#L1410 |
|
| Booleans are not descriptive and make them hard to use. Consider using string enums with allowed set of values defined. Property: suppressionEnabled Location: Microsoft.SecurityInsights/stable/2021-10-01/AlertRules.json#L1425 |
️️✔️Avocado succeeded [Detail] [Expand]
Validation passes for Avocado.
️️✔️ModelValidation succeeded [Detail] [Expand]
Validation passes for ModelValidation.
️️✔️SemanticValidation succeeded [Detail] [Expand]
Validation passes for SemanticValidation.
️️✔️Cross-Version Breaking Changes succeeded [Detail] [Expand]
There are no breaking changes.
️️✔️[Staging] SDK Track2 Validation succeeded [Detail] [Expand]
Validation passes for SDKTrack2Validation
- The following tags are being changed in this PR
️️✔️[Staging] PrettierCheck succeeded [Detail] [Expand]
Validation passes for PrettierCheck.
️️✔️[Staging] SpellCheck succeeded [Detail] [Expand]
Validation passes for SpellCheck.
Swagger Generation Artifacts
|
|
Hi @laithhisham, Your PR has some issues. Please fix the CI sequentially by following the order of
|
anat-gilenson
approved these changes
Oct 3, 2021
anat-gilenson
suggested changes
Oct 3, 2021
There was a problem hiding this comment.
Seems you have two conflicting definitions of AttackTatics (one in Incidents and one in AlertRules).
Will you create a 'common' directory under this version and move any shared definitions there?
You can put it under 'AlertTypes.json' and refer to it just as it was done here.
openapi-workflow-bot
bot
added
the
WaitForARMFeedback
|
Hi, @laithhisham your PR are labelled with WaitForARMFeedback. A notification email will be sent out shortly afterwards to notify ARM review board(armapireview@microsoft.com). |
This was referenced Oct 3, 2021
anat-gilenson
approved these changes
Oct 4, 2021
Amitbergman
approved these changes
Oct 4, 2021
Amitbergman
approved these changes
Oct 5, 2021
pilor
added
ARMSignedOff
ruowan
merged commit 778156a
into
dev-securityinsights-Microsoft.SecurityInsights-2021-10-01
dw511214992
pushed a commit
that referenced
this pull request
Feb 28, 2022
* Adds base for updating Microsoft.SecurityInsights from version stable/2021-04-01 to version 2021-10-01 * Updates readme * Updates API version in new specs and examples * Add AlertRules to microsoft.security insights 2021 10 01 (#15657) * Adds base for updating Microsoft.SecurityInsight's AlertRules from version stable/2020-01-01 to version 2021-10-01 * Updates API version in AlertRules specs and examples * Use common types in AlertRules.json and remove redundant SecurityInsights * Add AlertRules to readme * Copy action examples for alert rules * Add type:object where missing * Align CloudError with rest of the resources in this version * Update readme Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> * Use newest common types to align with rest of Azure (#16130) * Use newest common types to align with rest of Azure * Use ErrorResponse instead of CloudError in operations Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> * Add AlertRules Stable version to 2021-10-01 (#16268) * Add AlertRules Stable version to 2021-10-01 * Fix missing alignment in common types * prettier fixes * move tactics and severity to common * fix common types file extension * more prettier fixes * Add template version field * prettier * added version to required fields * dummy change to trigger checks again * Add onboarding states to new stable version (#16290) * Add onboarding states to new stable version * Update readme.md * cr fix - remove unused params * Add missing resources 2021 10 01 (#16666) * Add missing resources and examples from 2020-01-01 * Update version in added resources and examples * Use existing common types * Remove unnesessary SecurityInsights.json * Update readme * Use sentinel common types in Incidents and Watchlist * Extract and common IncidentInfo and IncidentSeverity * Extract EntityTypes * Correct double allOf in EntityTypes * update readme * Remove eventGroupingSettings and entityMappings from GetAlertRuleTemplateById example. * rename operations.json Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> * Fix analytics templates model (#16689) * add missing properties to scheduled template * prettier fixes * restore templates example after merge * fix templates example after merge and run prettier * Use CloudError instead of ErrorResponse to align with preview versions and our back-end. (#17472) * Automation - Stable Version (#17491) * First * readMe * cloudError * CloudError * schema * prettier * Fix * test * fix identifier * fix description * fix lable * fix lable * ownerInfo * Fix * types * conditionMaxLength Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Done (#17728) Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Correct 2021 10 01 (#17830) * Remove OperationalInsightsResourceProvider parameter in ThreatIntelligence * Remove OperationalInsightProviderParameter from Watchlist * Align stable operation names with preview * Add missing disciminator property in ThreatIntelligence * Done (#17844) Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Align enum names with preview (#17831) * Fix 2021 10 01 validation errors (#17937) * Add x-ms-identifiers to all arrays * Add operations_list example * Add x-ms-identifier in all arrays * Run prettier * Fix spelling error * Add isDataAction to operation schema (#18018) Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> Co-authored-by: laithhisham <49263932+laithhisham@users.noreply.github.com> Co-authored-by: royrein <37300636+royrein@users.noreply.github.com> Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> Co-authored-by: Arthur Ning <57385816+akning-ms@users.noreply.github.com>
FredericHeem
pushed a commit
to grucloud/azure-rest-api-specs
that referenced
this pull request
Mar 7, 2022
) * Adds base for updating Microsoft.SecurityInsights from version stable/2021-04-01 to version 2021-10-01 * Updates readme * Updates API version in new specs and examples * Add AlertRules to microsoft.security insights 2021 10 01 (Azure#15657) * Adds base for updating Microsoft.SecurityInsight's AlertRules from version stable/2020-01-01 to version 2021-10-01 * Updates API version in AlertRules specs and examples * Use common types in AlertRules.json and remove redundant SecurityInsights * Add AlertRules to readme * Copy action examples for alert rules * Add type:object where missing * Align CloudError with rest of the resources in this version * Update readme Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> * Use newest common types to align with rest of Azure (Azure#16130) * Use newest common types to align with rest of Azure * Use ErrorResponse instead of CloudError in operations Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> * Add AlertRules Stable version to 2021-10-01 (Azure#16268) * Add AlertRules Stable version to 2021-10-01 * Fix missing alignment in common types * prettier fixes * move tactics and severity to common * fix common types file extension * more prettier fixes * Add template version field * prettier * added version to required fields * dummy change to trigger checks again * Add onboarding states to new stable version (Azure#16290) * Add onboarding states to new stable version * Update readme.md * cr fix - remove unused params * Add missing resources 2021 10 01 (Azure#16666) * Add missing resources and examples from 2020-01-01 * Update version in added resources and examples * Use existing common types * Remove unnesessary SecurityInsights.json * Update readme * Use sentinel common types in Incidents and Watchlist * Extract and common IncidentInfo and IncidentSeverity * Extract EntityTypes * Correct double allOf in EntityTypes * update readme * Remove eventGroupingSettings and entityMappings from GetAlertRuleTemplateById example. * rename operations.json Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> * Fix analytics templates model (Azure#16689) * add missing properties to scheduled template * prettier fixes * restore templates example after merge * fix templates example after merge and run prettier * Use CloudError instead of ErrorResponse to align with preview versions and our back-end. (Azure#17472) * Automation - Stable Version (Azure#17491) * First * readMe * cloudError * CloudError * schema * prettier * Fix * test * fix identifier * fix description * fix lable * fix lable * ownerInfo * Fix * types * conditionMaxLength Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Done (Azure#17728) Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Correct 2021 10 01 (Azure#17830) * Remove OperationalInsightsResourceProvider parameter in ThreatIntelligence * Remove OperationalInsightProviderParameter from Watchlist * Align stable operation names with preview * Add missing disciminator property in ThreatIntelligence * Done (Azure#17844) Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Align enum names with preview (Azure#17831) * Fix 2021 10 01 validation errors (Azure#17937) * Add x-ms-identifiers to all arrays * Add operations_list example * Add x-ms-identifier in all arrays * Run prettier * Fix spelling error * Add isDataAction to operation schema (Azure#18018) Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com> Co-authored-by: laithhisham <49263932+laithhisham@users.noreply.github.com> Co-authored-by: royrein <37300636+royrein@users.noreply.github.com> Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> Co-authored-by: Arthur Ning <57385816+akning-ms@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adding main features from 2021-03-01-preview to the new 2021-10-01 stable version in preparation for GA.
Main features added are:
MSFT employees can try out our new experience at OpenAPI Hub - one location for using our validation tools and finding your workflow.
Changelog
Add a changelog entry for this PR by answering the following questions:
Contribution checklist:
If any further question about AME onboarding or validation tools, please view the FAQ.
ARM API Review Checklist
Otherwise your PR may be subject to ARM review requirements. Complete the following:
Check this box if any of the following apply to the PR so that label “WaitForARMFeedback” will be added automatically to begin ARM API Review. Failure to comply may result in delays to the manifest.
Ensure you've reviewed following guidelines including ARM resource provider contract and REST guidelines. Estimated time (4 hours). This is required before you can request review from ARM API Review board.
If you are blocked on ARM review and want to get the PR merged with urgency, please get the ARM oncall for reviews (RP Manifest Approvers team under Azure Resource Manager service) from IcM and reach out to them.
Breaking Change Review Checklist
If any of the following scenarios apply to the PR, request approval from the Breaking Change Review Board as defined in the Breaking Change Policy.
Action: to initiate an evaluation of the breaking change, create a new intake using the template for breaking changes. Addition details on the process and office hours are on the Breaking change Wiki.
Please follow the link to find more details on PR review process.