From af9c1c419e5f0a3758ae69d54a29f7fd3d4579fc Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Wed, 16 Feb 2022 10:38:08 -0800 Subject: [PATCH 01/22] commit for PR --- .../authorization-DenyAssignmentCalls.json | 507 ++++++++++++ ...authorization-ProviderOperationsCalls.json | 249 ++++++ .../authorization-RoleAssignmentsCalls.json | 730 ++++++++++++++++++ .../authorization-RoleDefinitionsCalls.json | 550 +++++++++++++ .../stable/2022-03-01/common-types.json | 116 +++ .../examples/DeleteRoleDefinition.json | 37 + .../examples/GetAllDenyAssignments.json | 50 ++ .../examples/GetAllProviderOperations.json | 27 + .../examples/GetDenyAssignmentById.json | 44 ++ .../examples/GetDenyAssignmentByNameId.json | 45 ++ .../examples/GetDenyAssignmentByScope.json | 50 ++ .../GetDenyAssignmentsForResource.json | 55 ++ .../GetDenyAssignmentsForResourceGroup.json | 51 ++ .../2022-03-01/examples/GetPermissions.json | 22 + .../examples/GetProviderOperationsRP.json | 24 + .../examples/GetResourcePermissions.json | 23 + .../examples/GetRoleDefinitionAtScope.json | 39 + .../examples/GetRoleDefinitionById.json | 35 + .../examples/GetRoleDefinitionByName.json | 36 + .../examples/PutRoleDefinition.json | 61 ++ .../examples/RoleAssignments_CreateById.json | 41 + .../RoleAssignments_CreateForResource.json | 42 + ...oleAssignments_CreateForResourceGroup.json | 42 + ...RoleAssignments_CreateForSubscription.json | 42 + .../examples/RoleAssignments_Delete.json | 23 + .../examples/RoleAssignments_DeleteById.json | 22 + .../examples/RoleAssignments_Get.json | 22 + .../examples/RoleAssignments_GetById.json | 21 + .../RoleAssignments_ListForResource.json | 51 ++ .../RoleAssignments_ListForResourceGroup.json | 37 + .../RoleAssignments_ListForScope.json | 25 + .../RoleAssignments_ListForSubscription.json | 25 + .../RoleAssignments_ValidateByIdInvalid.json | 24 + .../RoleAssignments_ValidateByIdValid.json | 20 + .../RoleAssignments_ValidateInvalid.json | 25 + .../RoleAssignments_ValidateValid.json | 21 + 36 files changed, 3234 insertions(+) create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json new file mode 100644 index 000000000000..b787aa6e7ffb --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json @@ -0,0 +1,507 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2022-03-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to get deny assignments. A deny assignment describes the set of actions on resources that are denied for Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/denyAssignments": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_ListForResource", + "description": "Gets deny assignments for a resource.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceProviderNamespaceParameter" + }, + { + "name": "parentResourcePath", + "in": "path", + "required": true, + "type": "string", + "description": "The parent resource identity.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type of the resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource to get deny assignments for." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of deny assignments.", + "schema": { + "$ref": "#/definitions/DenyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/DenyAssignmentFilter", + "x-ms-examples": { + "List deny assignments for resource": { + "$ref": "./examples/GetDenyAssignmentsForResource.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/denyAssignments": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_ListForResourceGroup", + "description": "Gets deny assignments for a resource group.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of deny assignments.", + "schema": { + "$ref": "#/definitions/DenyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/DenyAssignmentFilter", + "x-ms-examples": { + "List deny assignments for resource group": { + "$ref": "./examples/GetDenyAssignmentsForResourceGroup.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/denyAssignments": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_List", + "description": "Gets all deny assignments for the subscription.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of deny assignments.", + "schema": { + "$ref": "#/definitions/DenyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/DenyAssignmentFilter", + "x-ms-examples": { + "List deny assignments for subscription": { + "$ref": "./examples/GetAllDenyAssignments.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId}": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_Get", + "description": "Get the specified deny assignment.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the deny assignment.", + "x-ms-skip-url-encoding": true + }, + { + "name": "denyAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the deny assignment to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the deny assignment.", + "schema": { + "$ref": "#/definitions/DenyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get deny assignment by name": { + "$ref": "./examples/GetDenyAssignmentByNameId.json" + } + } + } + }, + "/{denyAssignmentId}": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_GetById", + "description": "Gets a deny assignment by ID.", + "parameters": [ + { + "name": "denyAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The fully qualified deny assignment ID. For example, use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId} for subscription level deny assignments, or /providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId} for tenant level deny assignments.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns the deny assignment.", + "schema": { + "$ref": "#/definitions/DenyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get deny assignment by ID": { + "$ref": "./examples/GetDenyAssignmentById.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/denyAssignments": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_ListForScope", + "description": "Gets deny assignments for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the deny assignments.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of deny assignments.", + "schema": { + "$ref": "#/definitions/DenyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/DenyAssignmentFilter", + "x-ms-examples": { + "List deny assignments for scope": { + "$ref": "./examples/GetDenyAssignmentByScope.json" + } + } + } + } + }, + "definitions": { + "DenyAssignmentFilter": { + "properties": { + "denyAssignmentName": { + "type": "string", + "description": "Return deny assignment with specified name." + }, + "principalId": { + "type": "string", + "description": "Return all deny assignments where the specified principal is listed in the principals list of deny assignments." + }, + "gdprExportPrincipalId": { + "type": "string", + "description": "Return all deny assignments where the specified principal is listed either in the principals list or exclude principals list of deny assignments." + } + }, + "type": "object", + "description": "Deny Assignments filter" + }, + "DenyAssignmentProperties": { + "properties": { + "denyAssignmentName": { + "type": "string", + "description": "The display name of the deny assignment." + }, + "description": { + "type": "string", + "description": "The description of the deny assignment." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/definitions/DenyAssignmentPermission" + }, + "description": "An array of permissions that are denied by the deny assignment." + }, + "scope": { + "type": "string", + "description": "The deny assignment scope." + }, + "doNotApplyToChildScopes": { + "type": "boolean", + "description": "Determines if the deny assignment applies to child scopes. Default value is false." + }, + "principals": { + "type": "array", + "items": { + "$ref": "./common-types.json#/definitions/Principal" + }, + "description": "Array of principals to which the deny assignment applies." + }, + "excludePrincipals": { + "type": "array", + "items": { + "$ref": "./common-types.json#/definitions/Principal" + }, + "description": "Array of principals to which the deny assignment does not apply." + }, + "isSystemProtected": { + "type": "boolean", + "description": "Specifies whether this deny assignment was created by Azure and cannot be edited or deleted." + } + }, + "type": "object", + "description": "Deny assignment properties." + }, + "DenyAssignment": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The deny assignment ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The deny assignment name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The deny assignment type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/DenyAssignmentProperties", + "description": "Deny assignment properties." + } + }, + "type": "object", + "description": "Deny Assignment" + }, + "DenyAssignmentListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/DenyAssignment" + }, + "description": "Deny assignment list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Deny assignment list operation result." + }, + "DenyAssignmentPermission": { + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Actions to which the deny assignment does not grant access." + }, + "notActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Actions to exclude from that the deny assignment does not grant access." + }, + "dataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Data actions to which the deny assignment does not grant access." + }, + "notDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Data actions to exclude from that the deny assignment does not grant access." + }, + "condition": { + "type": "string", + "description": "The conditions on the Deny assignment permission. This limits the resources it applies to." + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition." + } + }, + "type": "object", + "description": "Deny assignment permissions." + } + }, + "parameters": { + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "FilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all deny assignments at or above the scope. Use $filter=denyAssignmentName eq '{name}' to search deny assignments by name at specified scope. Use $filter=principalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. Use $filter=gdprExportPrincipalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. This filter is different from the principalId filter as it returns not only those deny assignments that contain the specified principal is the Principals list but also those deny assignments that contain the specified principal is the ExcludePrincipals list. Additionally, when gdprExportPrincipalId filter is used, only the deny assignment name and description properties are returned.", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json new file mode 100644 index 000000000000..6bfbe3b8a4b3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json @@ -0,0 +1,249 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2022-03-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These calls handle provider operations." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/providers/Microsoft.Authorization/providerOperations/{resourceProviderNamespace}": { + "get": { + "tags": [ + "ProviderOperationsMetadata" + ], + "operationId": "ProviderOperationsMetadata_Get", + "description": "Gets provider operations metadata for the specified resource provider.", + "parameters": [ + { + "$ref": "#/parameters/ResourceProviderNamespaceParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "name": "$expand", + "in": "query", + "required": false, + "type": "string", + "default": "resourceTypes", + "description": "Specifies whether to expand the values." + } + ], + "responses": { + "200": { + "description": "OK - Returns the operations metadata.", + "schema": { + "$ref": "#/definitions/ProviderOperationsMetadata" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "List provider operations metadata for resource provider": { + "$ref": "./examples/GetProviderOperationsRP.json" + } + } + } + }, + "/providers/Microsoft.Authorization/providerOperations": { + "get": { + "tags": [ + "ProviderOperationsMetadata" + ], + "operationId": "ProviderOperationsMetadata_List", + "description": "Gets provider operations metadata for all resource providers.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "name": "$expand", + "in": "query", + "required": false, + "type": "string", + "default": "resourceTypes", + "description": "Specifies whether to expand the values." + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of the operations metadata.", + "schema": { + "$ref": "#/definitions/ProviderOperationsMetadataListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List provider operations metadata for all resource providers": { + "$ref": "./examples/GetAllProviderOperations.json" + } + } + } + } + }, + "definitions": { + "ResourceType": { + "properties": { + "name": { + "type": "string", + "description": "The resource type name." + }, + "displayName": { + "type": "string", + "description": "The resource type display name." + }, + "operations": { + "type": "array", + "items": { + "$ref": "#/definitions/ProviderOperation" + }, + "x-ms-identifiers": [], + "description": "The resource type operations." + } + }, + "type": "object", + "description": "Resource Type" + }, + "ProviderOperation": { + "properties": { + "name": { + "type": "string", + "description": "The operation name." + }, + "displayName": { + "type": "string", + "description": "The operation display name." + }, + "description": { + "type": "string", + "description": "The operation description." + }, + "origin": { + "type": "string", + "description": "The operation origin." + }, + "properties": { + "type": "object", + "x-ms-client-flatten": true, + "description": "The operation properties." + }, + "isDataAction": { + "type": "boolean", + "description": "The dataAction flag to specify the operation type." + } + }, + "type": "object", + "description": "Operation" + }, + "ProviderOperationsMetadata": { + "properties": { + "id": { + "type": "string", + "description": "The provider id." + }, + "name": { + "type": "string", + "description": "The provider name." + }, + "type": { + "type": "string", + "description": "The provider type." + }, + "displayName": { + "type": "string", + "description": "The provider display name." + }, + "resourceTypes": { + "type": "array", + "items": { + "$ref": "#/definitions/ResourceType" + }, + "x-ms-identifiers": [ + "name" + ], + "description": "The provider resource types" + }, + "operations": { + "type": "array", + "items": { + "$ref": "#/definitions/ProviderOperation" + }, + "x-ms-identifiers": [], + "description": "The provider operations." + } + }, + "type": "object", + "description": "Provider Operations metadata" + }, + "ProviderOperationsMetadataListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/ProviderOperationsMetadata" + }, + "description": "The list of providers." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Provider operations metadata list" + } + }, + "parameters": { + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json new file mode 100644 index 000000000000..99464ae3c1a8 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json @@ -0,0 +1,730 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2022-03-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForSubscription", + "description": "List all role assignments that apply to a subscription.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentFilterParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List role assignments for subscription": { + "$ref": "./examples/RoleAssignments_ListForSubscription.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForResourceGroup", + "description": "List all role assignments that apply to a resource group.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentFilterParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List role assignments for resource group": { + "$ref": "./examples/RoleAssignments_ListForResourceGroup.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForResource", + "description": "List all role assignments that apply to a resource.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./common-types.json#/parameters/ResourceProviderNamespaceParameter" + }, + { + "$ref": "./common-types.json#/parameters/ResourceTypeParameter" + }, + { + "$ref": "./common-types.json#/parameters/ResourceNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentFilterParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List role assignments for a resource": { + "$ref": "./examples/RoleAssignments_ListForResource.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Get", + "description": "Get a role assignment by scope and name.", + "parameters": [ + { + "$ref": "./common-types.json#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get role assignment by scope and name": { + "$ref": "./examples/RoleAssignments_Get.json" + } + } + }, + "put": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Create", + "description": "Create or update a role assignment by scope and name.", + "parameters": [ + { + "$ref": "./common-types.json#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentNameParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentCreateParameters" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "200": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Create role assignment for subscription": { + "$ref": "./examples/RoleAssignments_CreateForSubscription.json" + }, + "Create role assignment for resource group": { + "$ref": "./examples/RoleAssignments_CreateForResourceGroup.json" + }, + "Create role assignment for resource": { + "$ref": "./examples/RoleAssignments_CreateForResource.json" + } + } + }, + "delete": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Delete", + "description": "Delete a role assignment by scope and name.", + "parameters": [ + { + "$ref": "./common-types.json#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns the deleted role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "204": { + "description": "Role assignment was already deleted or does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Delete role assignment": { + "$ref": "./examples/RoleAssignments_Delete.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForScope", + "description": "List all role assignments that apply to a scope.", + "parameters": [ + { + "$ref": "./common-types.json#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentFilterParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "List role assignments for scope": { + "$ref": "./examples/RoleAssignments_ListForScope.json" + } + } + } + }, + "/{roleAssignmentId}": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_GetById", + "description": "Get a role assignment by ID.", + "parameters": [ + { + "$ref": "#/parameters/RoleAssignmentIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get role assignment by ID": { + "$ref": "./examples/RoleAssignments_GetById.json" + } + } + }, + "put": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_CreateById", + "description": "Create or update a role assignment by ID.", + "parameters": [ + { + "$ref": "#/parameters/RoleAssignmentIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentCreateParameters" + } + ], + "responses": { + "201": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "200": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Create or update role assignment by ID": { + "$ref": "./examples/RoleAssignments_CreateById.json" + } + } + }, + "delete": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_DeleteById", + "description": "Delete a role assignment by ID.", + "parameters": [ + { + "$ref": "#/parameters/RoleAssignmentIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns the deleted role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "204": { + "description": "Role assignment already deleted or does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Delete role assignment by ID": { + "$ref": "./examples/RoleAssignments_DeleteById.json" + } + } + } + } + }, + "definitions": { + "ValidationResponseErrorInfo": { + "type": "object", + "description": "Failed validation result details", + "properties": { + "code": { + "readOnly": true, + "type": "string", + "description": "Error code indicating why validation failed" + }, + "message": { + "readOnly": true, + "type": "string", + "description": "Message indicating why validation failed" + } + } + }, + "ValidationResponse": { + "type": "object", + "description": "Validation response", + "properties": { + "isValid": { + "readOnly": true, + "type": "boolean", + "description": "Whether or not validation succeeded" + }, + "errorInfo": { + "description": "Failed validation result details", + "$ref": "#/definitions/ValidationResponseErrorInfo" + } + } + }, + "RoleAssignmentFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment of the specific principal." + } + }, + "type": "object", + "description": "Role Assignments filter" + }, + "RoleAssignmentListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignment" + }, + "description": "Role assignment list." + }, + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The skipToken to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role assignment list operation result." + }, + "RoleAssignmentProperties": { + "properties": { + "scope": { + "readOnly": true, + "type": "string", + "description": "The role assignment scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup" + ], + "default": "User", + "x-ms-enum": { + "name": "PrincipalType", + "modelAsString": true + } + }, + "description": { + "type": "string", + "description": "Description of role assignment" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently the only accepted value is '2.0'" + }, + "createdOn": { + "readOnly": true, + "type": "string", + "description": "Time it was created", + "format": "date-time" + }, + "updatedOn": { + "readOnly": true, + "type": "string", + "description": "Time it was updated", + "format": "date-time" + }, + "createdBy": { + "readOnly": true, + "type": "string", + "description": "Id of the user who created the assignment" + }, + "updatedBy": { + "readOnly": true, + "type": "string", + "description": "Id of the user who updated the assignment" + }, + "delegatedManagedIdentityResourceId": { + "type": "string", + "description": "Id of the delegated managed identity resource" + } + }, + "required": [ + "roleDefinitionId", + "principalId" + ], + "type": "object", + "description": "Role assignment properties." + }, + "RoleAssignment": { + "x-ms-azure-resource": true, + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentProperties", + "description": "Role assignment properties." + } + }, + "type": "object", + "description": "Role Assignments" + }, + "RoleAssignmentCreateParameters": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentProperties", + "description": "Role assignment properties." + } + }, + "required": [ + "properties" + ], + "type": "object", + "description": "Role assignment create parameters." + } + }, + "parameters": { + "RoleAssignmentFilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "RoleAssignmentNameParameter": { + "name": "roleAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment. It can be any valid GUID.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "RoleAssignmentIdParameter": { + "name": "roleAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The fully qualified ID of the role assignment including scope, resource name, and resource type. Format: /{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}. Example: /subscriptions//resourcegroups//providers/Microsoft.Authorization/roleAssignments/", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "RoleAssignmentCreateParameters": { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentCreateParameters" + }, + "description": "Parameters for the role assignment.", + "x-ms-parameter-location": "method" + }, + "TenantIdQueryParameter": { + "name": "tenantId", + "in": "query", + "required": false, + "type": "string", + "description": "Tenant ID for cross-tenant request", + "x-ms-parameter-location": "method" + }, + "PaginationSkipToken":{ + "name": "$skipToken", + "in": "query", + "required": false, + "type": "string", + "description": "The skipToken to apply on the operation. Use $skipToken={skiptoken} to return paged role assignments following the skipToken passed. Only supported on provider level calls.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json new file mode 100644 index 000000000000..d228a760b42e --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json @@ -0,0 +1,550 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2022-03-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations allow you to manage role definitions. A role definition describes the set of actions that can be performed on resources." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Authorization/permissions": { + "get": { + "tags": [ + "Permissions" + ], + "operationId": "Permissions_ListForResourceGroup", + "description": "Gets all permissions the caller has for a resource group.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of permissions.", + "schema": { + "$ref": "#/definitions/PermissionGetResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List permissions for resource group": { + "$ref": "./examples/GetPermissions.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/permissions": { + "get": { + "tags": [ + "Permissions" + ], + "operationId": "Permissions_ListForResource", + "description": "Gets all permissions the caller has for a resource.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./common-types.json#/parameters/ResourceProviderNamespaceParameter" + }, + { + "name": "parentResourcePath", + "in": "path", + "required": true, + "type": "string", + "description": "The parent resource identity.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type of the resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource to get the permissions for." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of permissions.", + "schema": { + "$ref": "#/definitions/PermissionGetResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List permissions for resource": { + "$ref": "./examples/GetResourcePermissions.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}": { + "delete": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_Delete", + "description": "Deletes a role definition.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role definition to delete." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + }, + "204": { + "description": "Role definition already deleted or does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Delete role definition": { + "$ref": "./examples/DeleteRoleDefinition.json" + } + } + }, + "get": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_Get", + "description": "Get role definition by name (GUID).", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role definition." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get role definition by name": { + "$ref": "./examples/GetRoleDefinitionByName.json" + } + } + }, + "put": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_CreateOrUpdate", + "description": "Creates or updates a role definition.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role definition." + }, + { + "name": "roleDefinition", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleDefinition" + }, + "description": "The values for the role definition." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Create role definition": { + "$ref": "./examples/PutRoleDefinition.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleDefinitions": { + "get": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_List", + "description": "Get all role definitions that are applicable at scope and above.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role definitions.", + "schema": { + "$ref": "#/definitions/RoleDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleDefinitionFilter", + "x-ms-examples": { + "List role definitions for scope": { + "$ref": "./examples/GetRoleDefinitionAtScope.json" + } + } + } + } + }, + "x-ms-paths": { + "/{roleId}?disambiguation_dummy": { + "get": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_GetById", + "description": "Gets a role definition by ID.", + "parameters": [ + { + "name": "roleId", + "in": "path", + "required": true, + "type": "string", + "description": "The fully qualified role definition ID. Use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for subscription level role definitions, or /providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for tenant level role definitions.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get role definition by ID": { + "$ref": "./examples/GetRoleDefinitionById.json" + } + } + } + } + }, + "definitions": { + "RoleDefinitionFilter": { + "properties": { + "roleName": { + "type": "string", + "description": "Returns role definition with the specific name." + }, + "type": { + "type": "string", + "description": "Returns role definition with the specific type." + } + }, + "type": "object", + "description": "Role Definitions filter" + }, + "RoleDefinitionProperties": { + "properties": { + "roleName": { + "type": "string", + "description": "The role name." + }, + "description": { + "type": "string", + "description": "The role definition description." + }, + "type": { + "type": "string", + "description": "The role type.", + "x-ms-client-name": "roleType" + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/definitions/Permission" + }, + "x-ms-identifiers": [], + "description": "Role definition permissions." + }, + "assignableScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Role definition assignable scopes." + } + }, + "type": "object", + "description": "Role definition properties." + }, + "RoleDefinition": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role definition ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role definition name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role definition type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleDefinitionProperties", + "description": "Role definition properties." + } + }, + "type": "object", + "description": "Role definition." + }, + "RoleDefinitionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleDefinition" + }, + "description": "Role definition list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role definition list operation result." + }, + "PermissionGetResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Permission" + }, + "x-ms-identifiers": [], + "description": "An array of permissions." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Permissions information." + }, + "Permission": { + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed actions." + }, + "notActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied actions." + }, + "dataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed Data actions." + }, + "notDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied Data actions." + } + }, + "type": "object", + "description": "Role definition permissions." + } + }, + "parameters": { + "FilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all deny assignments at or above the scope. Use $filter=denyAssignmentName eq '{name}' to search deny assignments by name at specified scope. Use $filter=principalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. Use $filter=gdprExportPrincipalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. This filter is different from the principalId filter as it returns not only those deny assignments that contain the specified principal is the Principals list but also those deny assignments that contain the specified principal is the ExcludePrincipals list. Additionally, when gdprExportPrincipalId filter is used, only the deny assignment name and description properties are returned.", + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json new file mode 100644 index 000000000000..2419a2f1dc11 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json @@ -0,0 +1,116 @@ +{ + "swagger": "2.0", + "info": { + "version": "2022-03-01", + "title": "AuthorizationManagementClient" + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": {}, + "definitions": { + "Permission": { + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed actions." + }, + "notActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied actions." + }, + "dataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed Data actions." + }, + "notDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied Data actions." + } + }, + "type": "object", + "description": "Role definition permissions." + }, + "Principal": { + "readOnly": true, + "type": "object", + "description": "The name of the entity last modified it", + "properties": { + "id": { + "type": "string", + "description": "The id of the principal made changes" + }, + "displayName": { + "type": "string", + "description": "The name of the principal made changes" + }, + "type": { + "type": "string", + "description": "Type of principal such as user , group etc" + }, + "email": { + "type": "string", + "description": "Email of principal" + } + } + } + }, + "parameters": { + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ResourceTypeParameter": { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites).", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ResourceNameParameter": { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The resource name.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ScopeParameter": { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json new file mode 100644 index 000000000000..6a7897f3acea --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "scope": "scope", + "roleDefinitionId": "roleDefinitionId", + "api-version": "2018-01-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + }, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json new file mode 100644 index 000000000000..f937102934e1 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json @@ -0,0 +1,50 @@ +{ + "parameters": { + "subscriptionId": "subId", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "action" + ], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json new file mode 100644 index 000000000000..bab4ea4239ae --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json @@ -0,0 +1,27 @@ +{ + "parameters": { + "api-version": "2017-05-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "id", + "name": "name", + "type": "type", + "displayName": "displayName", + "resourceTypes": [ + { + "name": "name", + "displayName": "name", + "operations": [] + } + ], + "operations": [] + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json new file mode 100644 index 000000000000..5de808a9bbfe --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json @@ -0,0 +1,44 @@ +{ + "parameters": { + "denyAssignmentId": "subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/daId", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId/resourcegroups/rgname", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/daId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "daId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json new file mode 100644 index 000000000000..6147613acad3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json @@ -0,0 +1,45 @@ +{ + "parameters": { + "scope": "subscriptions/subId/resourcegroups/rgname", + "denyAssignmentId": "denyAssignmentId", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId/resourcegroups/rgname", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json new file mode 100644 index 000000000000..6f15c938febf --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json @@ -0,0 +1,50 @@ +{ + "parameters": { + "scope": "subscriptions/subId", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "action" + ], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json new file mode 100644 index 000000000000..071a5c474d06 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "subscriptionId": "subId", + "resourceGroupName": "rgname", + "resourceProviderNamespace": "resourceProviderNamespace", + "parentResourcePath": "parentResourcePath", + "resourceType": "resourceType", + "resourceName": "resourceName", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "action" + ], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId/resourcegroups/rgname/providers/resourceProviderNamespace/parentResourcePath/resourceType/resourceName", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/resourcegroups/rgname/providers/resourceProviderNamespace/parentResourcePath/resourceType/resourceName/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json new file mode 100644 index 000000000000..b98b4a37b190 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "subscriptionId": "subId", + "resourceGroupName": "rgname", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "action" + ], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId/resourcegroups/rgname", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json new file mode 100644 index 000000000000..1c236f7351e5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "resourceGroupName": "rgname", + "subscriptionId": "subID", + "api-version": "2015-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "actions": [], + "notActions": [], + "dataActions": [], + "notDataActions": [] + } + ], + "nextLink": "nextlink" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json new file mode 100644 index 000000000000..7234dcc68c7b --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "resourceProviderNamespace": "resourceProviderNamespace", + "api-version": "2017-05-01" + }, + "responses": { + "200": { + "body": { + "id": "id", + "name": "name", + "type": "type", + "displayName": "displayName", + "resourceTypes": [ + { + "name": "name", + "displayName": "name", + "operations": [] + } + ], + "operations": [] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json new file mode 100644 index 000000000000..7b2f534e9680 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json @@ -0,0 +1,23 @@ +{ + "parameters": { + "subscriptionId": "subId", + "resourceGroupName": "rgname", + "resourceProviderNamespace": "rpnamespace", + "parentResourcePath": "parentResourcePath", + "resourceType": "resourceType", + "resourceName": "resourceName", + "api-version": "2015-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "actions": [], + "notActions": [] + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json new file mode 100644 index 000000000000..52bb30d4f8cf --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json @@ -0,0 +1,39 @@ +{ + "parameters": { + "scope": "scope", + "api-version": "2018-01-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json new file mode 100644 index 000000000000..171c113267de --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json @@ -0,0 +1,35 @@ +{ + "parameters": { + "roleId": "roleDefinitionId", + "api-version": "2018-01-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json new file mode 100644 index 000000000000..208ea4688b3c --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json @@ -0,0 +1,36 @@ +{ + "parameters": { + "scope": "scope", + "roleDefinitionId": "roleDefinitionId", + "api-version": "2018-01-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json new file mode 100644 index 000000000000..a282b3a0de35 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json @@ -0,0 +1,61 @@ +{ + "parameters": { + "scope": "scope", + "roleDefinitionId": "roleDefinitionId", + "roleDefinition": {}, + "body": { + "roleDefinition": { + "roleName": "Role name", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ], + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + }, + "api-version": "2018-01-01-preview" + }, + "responses": { + "201": { + "body": { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json new file mode 100644 index 000000000000..b172307d1b28 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json @@ -0,0 +1,41 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json new file mode 100644 index 000000000000..11ded8825d3a --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json new file mode 100644 index 000000000000..37a69263995f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json new file mode 100644 index 000000000000..60c5abcccc2c --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json new file mode 100644 index 000000000000..d8b002860e45 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json @@ -0,0 +1,23 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + }, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json new file mode 100644 index 000000000000..a414596e76e5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + }, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json new file mode 100644 index 000000000000..93052cf0c395 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json new file mode 100644 index 000000000000..a5d8de87a3ad --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json @@ -0,0 +1,21 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json new file mode 100644 index 000000000000..85683823c41f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "resourceGroupName": "testrg", + "resourceProviderNamespace": "Microsoft.DocumentDb", + "resourceType": "databaseAccounts", + "resourceName": "test-db-account", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + }, + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/96786e4b-dede-4c2e-8736-8ab911987f08", + "type": "Microsoft.Authorization/roleAssignments", + "name": "96786e4b-dede-4c2e-8736-8ab911987f08" + }, + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json new file mode 100644 index 000000000000..80054fb926d5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "resourceGroupName": "testrg", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + }, + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/96786e4b-dede-4c2e-8736-8ab911987f08", + "type": "Microsoft.Authorization/roleAssignments", + "name": "96786e4b-dede-4c2e-8736-8ab911987f08" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json new file mode 100644 index 000000000000..fde73619393d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json new file mode 100644 index 000000000000..91082f6498b2 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json new file mode 100644 index 000000000000..7f5a3391adf5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": false, + "errorInfo": { + "code": "InvalidRoleDefinitionId", + "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." + } + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json new file mode 100644 index 000000000000..e533ed6a6352 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": true + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json new file mode 100644 index 000000000000..9fdd04ebcaf5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": false, + "errorInfo": { + "code": "InvalidRoleDefinitionId", + "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." + } + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json new file mode 100644 index 000000000000..c6065de7bdae --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json @@ -0,0 +1,21 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": true + } + } + } +} From 5249cfc3f396dcfeadd56fe8039bb5f13037d2d1 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Wed, 16 Feb 2022 11:03:10 -0800 Subject: [PATCH 02/22] add changes to readme --- .../resource-manager/readme.csharp.md | 12 ++++++++++++ .../authorization/resource-manager/readme.md | 15 +++++++++------ 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/specification/authorization/resource-manager/readme.csharp.md b/specification/authorization/resource-manager/readme.csharp.md index b2467c1c74d4..b629db5260d0 100644 --- a/specification/authorization/resource-manager/readme.csharp.md +++ b/specification/authorization/resource-manager/readme.csharp.md @@ -132,4 +132,16 @@ output-folder: $(csharp-sdks-folder)/Authorization/Management.Authorization/$(cs batch: - tag: package-2020-10-01-preview + ``` + +### Profile: profile_2022_03_01 + +These settings apply only when `--csharp-profile=profile_2022_03_01` is specified on the command line. + + ``` yaml $(csharp-profile)=='profile_2022_03_01' +namespace: Microsoft.Azure.Management.Profiles.$(csharp-profile).Authorization +output-folder: $(csharp-sdks-folder)/Authorization/Management.Authorization/$(csharp-profile)/Generated + +batch: + - tag: package-2022-03-01 ``` \ No newline at end of file diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 6b8cdfd52385..5ccb6fea0572 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -26,7 +26,7 @@ These are the global settings for the Authorization API. ``` yaml openapi-type: arm -tag: package-preview-2021-11 +tag: package-2022-03-01 ``` ### Suppression @@ -82,14 +82,17 @@ directive: reason: common-types doesn't need to reference api version. ``` -### Tag: package-2022-04-01-preview-only +### Tag: package-2022-03-01 -These settings apply only when `--tag=package-2022-04-01-preview-only` is specified on the command line. +These settings apply only when `--tag=package-2022-03-01` is specified on the command line. -```yaml $(tag) == 'package-2022-04-01-preview-only' +``` yaml $(tag) == 'package-2022-03-01' input-file: -- Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json -- Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json +- Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json +- Microsoft.Authorization/stable/2022-03-01/common-types.json ``` ### Tag: package-preview-2021-11 From cb9c513a28edfc3935e0846afeaec4f3ae6dc1a1 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Wed, 16 Feb 2022 11:16:58 -0800 Subject: [PATCH 03/22] fiz avocado --- .../RoleAssignments_ValidateByIdInvalid.json | 24 ------------------ .../RoleAssignments_ValidateByIdValid.json | 20 --------------- .../RoleAssignments_ValidateInvalid.json | 25 ------------------- .../RoleAssignments_ValidateValid.json | 21 ---------------- 4 files changed, 90 deletions(-) delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json deleted file mode 100644 index 7f5a3391adf5..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "parameters": { - "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview", - "parameters": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": false, - "errorInfo": { - "code": "InvalidRoleDefinitionId", - "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." - } - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json deleted file mode 100644 index e533ed6a6352..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "parameters": { - "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview", - "parameters": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": true - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json deleted file mode 100644 index 9fdd04ebcaf5..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", - "parameters": { - "properties": { - "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": false, - "errorInfo": { - "code": "InvalidRoleDefinitionId", - "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." - } - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json deleted file mode 100644 index c6065de7bdae..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", - "parameters": { - "properties": { - "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": true - } - } - } -} From 6b4fbfab3610c7d7621491a05f827af9818d8f5e Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Wed, 16 Feb 2022 11:59:17 -0800 Subject: [PATCH 04/22] prettier --- .../stable/2022-03-01/authorization-DenyAssignmentCalls.json | 1 + .../2022-03-01/authorization-ProviderOperationsCalls.json | 2 +- .../stable/2022-03-01/authorization-RoleAssignmentsCalls.json | 4 ++-- .../stable/2022-03-01/authorization-RoleDefinitionsCalls.json | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json index b787aa6e7ffb..519416d6581d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json @@ -367,6 +367,7 @@ "items": { "$ref": "#/definitions/DenyAssignmentPermission" }, + "x-ms-identifiers": [], "description": "An array of permissions that are denied by the deny assignment." }, "scope": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json index 6bfbe3b8a4b3..b8adcd5de41c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json @@ -246,4 +246,4 @@ "x-ms-parameter-location": "method" } } -} \ No newline at end of file +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json index 99464ae3c1a8..029eebb70989 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json @@ -717,7 +717,7 @@ "description": "Tenant ID for cross-tenant request", "x-ms-parameter-location": "method" }, - "PaginationSkipToken":{ + "PaginationSkipToken": { "name": "$skipToken", "in": "query", "required": false, @@ -727,4 +727,4 @@ "x-ms-parameter-location": "method" } } -} \ No newline at end of file +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json index d228a760b42e..f0199b9d2c38 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json @@ -547,4 +547,4 @@ "x-ms-parameter-location": "method" } } -} \ No newline at end of file +} From 9156d557e1522b17ce5bcdcf6526ca4f0621419f Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Mon, 28 Feb 2022 09:40:40 -0800 Subject: [PATCH 05/22] add missing swaggers --- specification/authorization/resource-manager/readme.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 5ccb6fea0572..6d253717497e 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -88,6 +88,8 @@ These settings apply only when `--tag=package-2022-03-01` is specified on the co ``` yaml $(tag) == 'package-2022-03-01' input-file: +- Microsoft.Authorization/stable/2015-07-01/authorization-ClassicAdminCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json - Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json - Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json - Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json From f452429668a7095b2fdacc5dd46f3863f9d7687c Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Thu, 31 Mar 2022 15:26:30 -0700 Subject: [PATCH 06/22] start transition to 2022-04 --- .../authorization-DenyAssignmentCalls.json | 0 .../authorization-ProviderOperationsCalls.json | 0 .../authorization-RoleAssignmentsCalls.json | 0 .../authorization-RoleDefinitionsCalls.json | 0 .../{2022-03-01 => 2022-04-01}/common-types.json | 0 .../examples/DeleteRoleDefinition.json | 0 .../examples/GetAllDenyAssignments.json | 0 .../examples/GetAllProviderOperations.json | 0 .../examples/GetDenyAssignmentById.json | 0 .../examples/GetDenyAssignmentByNameId.json | 0 .../examples/GetDenyAssignmentByScope.json | 0 .../examples/GetDenyAssignmentsForResource.json | 0 .../GetDenyAssignmentsForResourceGroup.json | 0 .../examples/GetPermissions.json | 0 .../examples/GetProviderOperationsRP.json | 0 .../examples/GetResourcePermissions.json | 0 .../examples/GetRoleDefinitionAtScope.json | 0 .../examples/GetRoleDefinitionById.json | 0 .../examples/GetRoleDefinitionByName.json | 0 .../examples/PutRoleDefinition.json | 0 .../examples/RoleAssignments_CreateById.json | 0 .../RoleAssignments_CreateForResource.json | 0 .../RoleAssignments_CreateForResourceGroup.json | 0 .../RoleAssignments_CreateForSubscription.json | 0 .../examples/RoleAssignments_Delete.json | 0 .../examples/RoleAssignments_DeleteById.json | 0 .../examples/RoleAssignments_Get.json | 0 .../examples/RoleAssignments_GetById.json | 0 .../RoleAssignments_ListForResource.json | 0 .../RoleAssignments_ListForResourceGroup.json | 0 .../examples/RoleAssignments_ListForScope.json | 0 .../RoleAssignments_ListForSubscription.json | 0 .../resource-manager/readme.csharp.md | 8 ++++---- .../authorization/resource-manager/readme.md | 16 ++++++++-------- 34 files changed, 12 insertions(+), 12 deletions(-) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/authorization-DenyAssignmentCalls.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/authorization-ProviderOperationsCalls.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/authorization-RoleAssignmentsCalls.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/authorization-RoleDefinitionsCalls.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/common-types.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/DeleteRoleDefinition.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetAllDenyAssignments.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetAllProviderOperations.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentByNameId.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentByScope.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentsForResource.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentsForResourceGroup.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetPermissions.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetProviderOperationsRP.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetResourcePermissions.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetRoleDefinitionAtScope.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetRoleDefinitionById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetRoleDefinitionByName.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/PutRoleDefinition.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_CreateById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_CreateForResource.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_CreateForResourceGroup.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_CreateForSubscription.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_Delete.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_DeleteById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_Get.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_GetById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_ListForResource.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_ListForResourceGroup.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_ListForScope.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_ListForSubscription.json (100%) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json diff --git a/specification/authorization/resource-manager/readme.csharp.md b/specification/authorization/resource-manager/readme.csharp.md index b629db5260d0..86a3f65c0ac3 100644 --- a/specification/authorization/resource-manager/readme.csharp.md +++ b/specification/authorization/resource-manager/readme.csharp.md @@ -134,14 +134,14 @@ batch: - tag: package-2020-10-01-preview ``` -### Profile: profile_2022_03_01 +### Profile: profile_2022_04_01 -These settings apply only when `--csharp-profile=profile_2022_03_01` is specified on the command line. +These settings apply only when `--csharp-profile=profile_2022_04_01` is specified on the command line. - ``` yaml $(csharp-profile)=='profile_2022_03_01' + ``` yaml $(csharp-profile)=='profile_2022_04_01' namespace: Microsoft.Azure.Management.Profiles.$(csharp-profile).Authorization output-folder: $(csharp-sdks-folder)/Authorization/Management.Authorization/$(csharp-profile)/Generated batch: - - tag: package-2022-03-01 + - tag: package-2022-04-01 ``` \ No newline at end of file diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 6d253717497e..078f30dd8961 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -82,19 +82,19 @@ directive: reason: common-types doesn't need to reference api version. ``` -### Tag: package-2022-03-01 +### Tag: package-2022-04-01 -These settings apply only when `--tag=package-2022-03-01` is specified on the command line. +These settings apply only when `--tag=package-2022-04-01` is specified on the command line. -``` yaml $(tag) == 'package-2022-03-01' +``` yaml $(tag) == 'package-2022-04-01' input-file: - Microsoft.Authorization/stable/2015-07-01/authorization-ClassicAdminCalls.json - Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json -- Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json -- Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json -- Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json -- Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json -- Microsoft.Authorization/stable/2022-03-01/common-types.json +- Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json +- Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json +- Microsoft.Authorization/stable/2022-04-01/common-types.json ``` ### Tag: package-preview-2021-11 From 007a51db374076edb902fd44eb8299eea6336335 Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Thu, 31 Mar 2022 15:42:23 -0700 Subject: [PATCH 07/22] update version number --- .../stable/2022-04-01/authorization-DenyAssignmentCalls.json | 2 +- .../2022-04-01/authorization-ProviderOperationsCalls.json | 2 +- .../stable/2022-04-01/authorization-RoleAssignmentsCalls.json | 2 +- .../stable/2022-04-01/authorization-RoleDefinitionsCalls.json | 2 +- .../Microsoft.Authorization/stable/2022-04-01/common-types.json | 2 +- .../stable/2022-04-01/examples/DeleteRoleDefinition.json | 2 +- .../stable/2022-04-01/examples/GetAllDenyAssignments.json | 2 +- .../stable/2022-04-01/examples/GetAllProviderOperations.json | 2 +- .../stable/2022-04-01/examples/GetDenyAssignmentById.json | 2 +- .../stable/2022-04-01/examples/GetDenyAssignmentByNameId.json | 2 +- .../stable/2022-04-01/examples/GetDenyAssignmentByScope.json | 2 +- .../2022-04-01/examples/GetDenyAssignmentsForResource.json | 2 +- .../2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json | 2 +- .../stable/2022-04-01/examples/GetPermissions.json | 2 +- .../stable/2022-04-01/examples/GetProviderOperationsRP.json | 2 +- .../stable/2022-04-01/examples/GetResourcePermissions.json | 2 +- .../stable/2022-04-01/examples/GetRoleDefinitionAtScope.json | 2 +- .../stable/2022-04-01/examples/GetRoleDefinitionById.json | 2 +- .../stable/2022-04-01/examples/GetRoleDefinitionByName.json | 2 +- .../stable/2022-04-01/examples/PutRoleDefinition.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_CreateById.json | 2 +- .../2022-04-01/examples/RoleAssignments_CreateForResource.json | 2 +- .../examples/RoleAssignments_CreateForResourceGroup.json | 2 +- .../examples/RoleAssignments_CreateForSubscription.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_Delete.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_DeleteById.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_Get.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_GetById.json | 2 +- .../2022-04-01/examples/RoleAssignments_ListForResource.json | 2 +- .../examples/RoleAssignments_ListForResourceGroup.json | 2 +- .../2022-04-01/examples/RoleAssignments_ListForScope.json | 2 +- .../examples/RoleAssignments_ListForSubscription.json | 2 +- specification/authorization/resource-manager/readme.md | 2 +- 33 files changed, 33 insertions(+), 33 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json index 519416d6581d..ab4271f4a988 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2022-03-01", + "version": "2022-04-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to get deny assignments. A deny assignment describes the set of actions on resources that are denied for Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json index b8adcd5de41c..233a36b80ed0 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2022-03-01", + "version": "2022-04-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These calls handle provider operations." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json index 029eebb70989..02c83730a92f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2022-03-01", + "version": "2022-04-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json index f0199b9d2c38..6ab9858f7a32 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2022-03-01", + "version": "2022-04-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations allow you to manage role definitions. A role definition describes the set of actions that can be performed on resources." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json index 2419a2f1dc11..69931818034b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json @@ -1,7 +1,7 @@ { "swagger": "2.0", "info": { - "version": "2022-03-01", + "version": "2022-04-01", "title": "AuthorizationManagementClient" }, "securityDefinitions": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json index 6a7897f3acea..a0de0e85d339 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json @@ -2,7 +2,7 @@ "parameters": { "scope": "scope", "roleDefinitionId": "roleDefinitionId", - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json index f937102934e1..f97708a40ed0 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json @@ -1,7 +1,7 @@ { "parameters": { "subscriptionId": "subId", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json index bab4ea4239ae..deeb1f8701af 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2017-05-01" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json index 5de808a9bbfe..5d2c240c1aba 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json @@ -1,7 +1,7 @@ { "parameters": { "denyAssignmentId": "subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/daId", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json index 6147613acad3..429ea8cdb7a2 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/subId/resourcegroups/rgname", "denyAssignmentId": "denyAssignmentId", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json index 6f15c938febf..370b2cf24ad4 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/subId", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json index 071a5c474d06..5494cb622b5d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json @@ -6,7 +6,7 @@ "parentResourcePath": "parentResourcePath", "resourceType": "resourceType", "resourceName": "resourceName", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json index b98b4a37b190..fe570ce9efaf 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "subId", "resourceGroupName": "rgname", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json index 1c236f7351e5..cca798f2f4c7 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json @@ -2,7 +2,7 @@ "parameters": { "resourceGroupName": "rgname", "subscriptionId": "subID", - "api-version": "2015-07-01" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json index 7234dcc68c7b..527519a3ce68 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json @@ -1,7 +1,7 @@ { "parameters": { "resourceProviderNamespace": "resourceProviderNamespace", - "api-version": "2017-05-01" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json index 7b2f534e9680..e8236c21e9b3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json @@ -6,7 +6,7 @@ "parentResourcePath": "parentResourcePath", "resourceType": "resourceType", "resourceName": "resourceName", - "api-version": "2015-07-01" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json index 52bb30d4f8cf..d8a2d799c716 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "scope", - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json index 171c113267de..6bac7e410f4b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json @@ -1,7 +1,7 @@ { "parameters": { "roleId": "roleDefinitionId", - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json index 208ea4688b3c..5dbec233d731 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "scope", "roleDefinitionId": "roleDefinitionId", - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json index a282b3a0de35..104d71a2d1f3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json @@ -27,7 +27,7 @@ "name": "roleDefinitionId" } }, - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "201": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json index b172307d1b28..9c6028ae5772 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview", + "api-version": "2022-04-01", "parameters": { "properties": { "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json index 11ded8825d3a..6fcca0cd292d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2022-04-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json index 37a69263995f..ca738cbc9ed4 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2022-04-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json index 60c5abcccc2c..a13fefb962bb 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2022-04-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json index d8b002860e45..ffbf366543b3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json index a414596e76e5..66790d37b8e6 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json index 93052cf0c395..c8866df2f200 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json index a5d8de87a3ad..e1dd75f88376 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json index 85683823c41f..0b91338b0139 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json @@ -5,7 +5,7 @@ "resourceProviderNamespace": "Microsoft.DocumentDb", "resourceType": "databaseAccounts", "resourceName": "test-db-account", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json index 80054fb926d5..428b665a0e73 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "resourceGroupName": "testrg", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json index fde73619393d..39ce0be373f4 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json index 91082f6498b2..f715b08b3d3c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json @@ -1,7 +1,7 @@ { "parameters": { "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 078f30dd8961..5cc036e52f2d 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -26,7 +26,7 @@ These are the global settings for the Authorization API. ``` yaml openapi-type: arm -tag: package-2022-03-01 +tag: package-2022-04-01 ``` ### Suppression From af18ca8419ac419bbdbd516e38642c1c49f6ddd7 Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Tue, 5 Apr 2022 14:04:11 -0700 Subject: [PATCH 08/22] merge with latest public --- .../authorization/resource-manager/readme.md | 60 +++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 5cc036e52f2d..78b38def10e0 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -95,6 +95,25 @@ input-file: - Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json - Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json - Microsoft.Authorization/stable/2022-04-01/common-types.json +- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +``` + +### Tag: package-2022-04-01-preview-only + +These settings apply only when `--tag=package-2022-04-01-preview-only` is specified on the command line. + +```yaml $(tag) == 'package-2022-04-01-preview-only' +input-file: +- Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json ``` ### Tag: package-preview-2021-11 @@ -132,6 +151,47 @@ input-file: - Microsoft.Authorization/preview/2021-01-01-preview/authorization-RoleAssignmentApprovalCalls.json ``` +### Tag: package-2020-10-01 + +These settings apply only when `--tag=package-2020-10-01` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01' +input-file: +- Microsoft.Authorization/stable/2015-07-01/authorization-RoleDefinitionsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ClassicAdminCalls.json +- Microsoft.Authorization/stable/2020-10-01/common-types.json +- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +``` + +### Tag: package-2020-10-01-only + +These settings apply only when `--tag=package-2020-10-01-only` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01-only' +input-file: +- Microsoft.Authorization/stable/2020-10-01/common-types.json +- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +``` + ### Tag: package-2020-10-01-preview These settings apply only when `--tag=package-2020-10-01-preview` is specified on the command line. From e2334769941bacd3412026d745a739ac20156c06 Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Tue, 5 Apr 2022 14:05:43 -0700 Subject: [PATCH 09/22] pull latest public master --- .../2020-10-01/EligibleChildResources.json | 154 +++ .../2020-10-01/RoleAssignmentSchedule.json | 420 +++++++ .../RoleAssignmentScheduleInstance.json | 427 +++++++ .../RoleAssignmentScheduleRequest.json | 641 ++++++++++ .../2020-10-01/RoleEligibilitySchedule.json | 404 ++++++ .../RoleEligibilityScheduleInstance.json | 403 ++++++ .../RoleEligibilityScheduleRequest.json | 638 ++++++++++ .../2020-10-01/RoleManagementPolicy.json | 381 ++++++ .../RoleManagementPolicyAssignment.json | 393 ++++++ .../stable/2020-10-01/common-types.json | 443 +++++++ ...elRoleAssignmentScheduleRequestByName.json | 10 + ...lRoleEligibilityScheduleRequestByName.json | 10 + .../examples/DeleteRoleManagementPolicy.json | 11 + .../DeleteRoleManagementPolicyAssignment.json | 11 + .../GetEligibleChildResourcesByScope.json | 25 + .../GetRoleAssignmentScheduleByName.json | 51 + ...tRoleAssignmentScheduleInstanceByName.json | 52 + ...oleAssignmentScheduleInstancesByScope.json | 56 + ...etRoleAssignmentScheduleRequestByName.json | 62 + ...tRoleAssignmentScheduleRequestByScope.json | 66 + .../GetRoleAssignmentSchedulesByScope.json | 55 + .../GetRoleEligibilityScheduleByName.json | 49 + ...RoleEligibilityScheduleInstanceByName.json | 48 + ...leEligibilityScheduleInstancesByScope.json | 52 + ...tRoleEligibilityScheduleRequestByName.json | 62 + ...RoleEligibilityScheduleRequestByScope.json | 66 + .../GetRoleEligibilitySchedulesByScope.json | 53 + ...tRoleManagementPolicyAssignmentByName.json | 391 ++++++ ...RoleManagementPolicyAssignmentByScope.json | 394 ++++++ .../GetRoleManagementPolicyByName.json | 732 +++++++++++ .../GetRoleManagementPolicyByScope.json | 735 +++++++++++ .../PatchPartialRoleManagementPolicy.json | 775 ++++++++++++ .../examples/PatchRoleManagementPolicy.json | 1084 +++++++++++++++++ .../PutRoleAssignmentScheduleRequest.json | 80 ++ .../PutRoleEligibilityScheduleRequest.json | 79 ++ .../PutRoleManagementPolicyAssignment.json | 393 ++++++ ...teRoleAssignmentScheduleRequestByName.json | 80 ++ ...eRoleEligibilityScheduleRequestByName.json | 79 ++ 38 files changed, 9865 insertions(+) create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json new file mode 100644 index 000000000000..ad8390f5ec56 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json @@ -0,0 +1,154 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/eligibleChildResources": { + "get": { + "tags": [ + "eligibleChildResources" + ], + "operationId": "EligibleChildResources_Get", + "description": "Get the child resources of a resource on which user has eligible access", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=resourceType+eq+'Subscription' to filter on only resource of type = 'Subscription'. Use $filter=resourceType+eq+'subscription'+or+resourceType+eq+'resourcegroup' to filter on resource of type = 'Subscription' or 'ResourceGroup'" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role management policy.", + "schema": { + "$ref": "#/definitions/EligibleChildResourcesListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetEligibleChildResourcesByScope": { + "$ref": "./examples/GetEligibleChildResourcesByScope.json" + } + } + } + } + }, + "definitions": { + "EligibleChildResourcesListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/EligibleChildResource" + }, + "description": "Eligible child resource list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Eligible child resources list operation result." + }, + "EligibleChildResource": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The resource scope Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The resource name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The resource type." + } + }, + "type": "object", + "description": "Eligible child resource" + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json new file mode 100644 index 000000000000..63dbf6ac245d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json @@ -0,0 +1,420 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules/{roleAssignmentScheduleName}": { + "get": { + "tags": [ + "roleAssignmentSchedules" + ], + "operationId": "RoleAssignmentSchedules_Get", + "description": "Get the specified role assignment schedule for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role assignment schedule to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule.", + "schema": { + "$ref": "#/definitions/RoleAssignmentSchedule" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleByName": { + "$ref": "./examples/GetRoleAssignmentScheduleByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules": { + "get": { + "tags": [ + "roleAssignmentSchedules" + ], + "operationId": "RoleAssignmentSchedules_ListForScope", + "description": "Gets role assignment schedules for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role assignment schedules for the current user. Use $filter=asTarget() to return all role assignment schedules created for the current user." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments schedules.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleFilter", + "x-ms-examples": { + "GetRoleAssignmentSchedulesByScope": { + "$ref": "./examples/GetRoleAssignmentSchedulesByScope.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment schedule of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment schedule of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific status." + } + }, + "type": "object", + "description": "Role assignment schedule filter" + }, + "RoleAssignmentScheduleProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role assignment schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "roleAssignmentScheduleRequestId": { + "type": "string", + "description": "The id of roleAssignmentScheduleRequest used to create this roleAssignmentSchedule" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "The id of roleEligibilitySchedule used to activated this roleAssignmentSchedule" + }, + "assignmentType": { + "type": "string", + "description": "Assignment type of the role assignment schedule", + "enum": [ + "Activated", + "Assigned" + ], + "x-ms-enum": { + "name": "AssignmentType", + "modelAsString": true + } + }, + "memberType": { + "type": "string", + "description": "Membership type of the role assignment schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "description": "The status of the role assignment schedule.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime when role assignment schedule" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime when role assignment schedule" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role assignment schedule was created" + }, + "updatedOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role assignment schedule was modified" + }, + "expandedProperties": { + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "type": "object", + "description": "Role assignment schedule properties with scope." + }, + "RoleAssignmentSchedule": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleProperties", + "description": "Role assignment schedule properties." + } + }, + "type": "object", + "description": "Role Assignment schedule" + }, + "RoleAssignmentScheduleListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentSchedule" + }, + "description": "Role assignment schedule list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role assignment schedule list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json new file mode 100644 index 000000000000..db3b478005e3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json @@ -0,0 +1,427 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleInstances": { + "get": { + "tags": [ + "roleAssignmentScheduleInstances" + ], + "operationId": "RoleAssignmentScheduleInstances_ListForScope", + "description": "Gets role assignment schedule instances of a role assignment schedule.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role assignment schedule instances for the user. Use $filter=asTarget() to return all role assignment schedule instances created for the current user." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns array of role assignment schedule instances.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleInstanceListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleInstanceFilter", + "x-ms-examples": { + "GetRoleAssignmentScheduleInstancesByScope": { + "$ref": "./examples/GetRoleAssignmentScheduleInstancesByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleInstances/{roleAssignmentScheduleInstanceName}": { + "get": { + "tags": [ + "roleAssignmentScheduleInstances" + ], + "operationId": "RoleAssignmentScheduleInstances_Get", + "description": "Gets the specified role assignment schedule instance.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleInstanceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (hash of schedule name + time) of the role assignment schedule to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule instance.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleInstance" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleInstanceByName": { + "$ref": "./examples/GetRoleAssignmentScheduleInstanceByName.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleInstanceFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific status." + }, + "roleAssignmentScheduleId": { + "type": "string", + "description": "Returns role assignment schedule instances belonging to a specific role assignment schedule." + } + }, + "type": "object", + "description": "Role assignment schedule instance filter" + }, + "RoleAssignmentScheduleInstanceProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role assignment schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "roleAssignmentScheduleId": { + "type": "string", + "description": "Id of the master role assignment schedule" + }, + "originRoleAssignmentId": { + "type": "string", + "description": "Role Assignment Id in external system" + }, + "status": { + "type": "string", + "description": "The status of the role assignment schedule instance.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "The startDateTime of the role assignment schedule instance" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "The endDateTime of the role assignment schedule instance" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "roleEligibilityScheduleId used to activate" + }, + "linkedRoleEligibilityScheduleInstanceId": { + "type": "string", + "description": "roleEligibilityScheduleInstanceId linked to this roleAssignmentScheduleInstance" + }, + "assignmentType": { + "type": "string", + "description": "Assignment type of the role assignment schedule", + "enum": [ + "Activated", + "Assigned" + ], + "x-ms-enum": { + "name": "AssignmentType", + "modelAsString": true + } + }, + "memberType": { + "type": "string", + "description": "Membership type of the role assignment schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role assignment schedule was created" + }, + "expandedProperties": { + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "type": "object", + "description": "Role assignment schedule properties with scope." + }, + "RoleAssignmentScheduleInstance": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule instance ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule instance name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule instance type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleInstanceProperties", + "description": "Role assignment schedule instance properties." + } + }, + "type": "object", + "description": "Information about current or upcoming role assignment schedule instance" + }, + "RoleAssignmentScheduleInstanceListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentScheduleInstance" + }, + "description": "Role assignment schedule instance list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role assignment schedule instance list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json new file mode 100644 index 000000000000..5482d52f453f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json @@ -0,0 +1,641 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}": { + "put": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Create", + "description": "Creates a role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule request to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "A GUID for the role assignment to create. The name must be unique and different for each role assignment." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Parameters for the role assignment schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleAssignmentScheduleRequest": { + "$ref": "./examples/PutRoleAssignmentScheduleRequest.json" + } + } + }, + "get": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Get", + "description": "Get the specified role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule request.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role assignment schedule request to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule request.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/GetRoleAssignmentScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests": { + "get": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_ListForScope", + "description": "Gets role assignment schedule requests for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedule requests.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedule requests at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role assignment schedule requests requested by the current user. Use $filter=asTarget() to return all role assignment schedule requests created for the current user. Use $filter=asApprover() to return all role assignment schedule requests where the current user is an approver." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments schedule requests.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequestListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleRequestFilter", + "x-ms-examples": { + "GetRoleAssignmentScheduleRequestByScope": { + "$ref": "./examples/GetRoleAssignmentScheduleRequestByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/cancel": { + "post": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Cancel", + "description": "Cancels a pending role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment request to cancel.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment request to cancel." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns success." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "CancelRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/CancelRoleAssignmentScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/validate": { + "post": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Validate", + "description": "Validates a new role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment request to validate.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment request to validate." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Parameters for the role assignment schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment request.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "ValidateRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/ValidateRoleAssignmentScheduleRequestByName.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleRequestFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment requests of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment requests of the specific role definition." + }, + "requestorId": { + "type": "string", + "description": "Returns role assignment requests created by specific principal." + }, + "status": { + "type": "string", + "description": "Returns role assignment requests of specific status." + } + }, + "type": "object", + "description": "Role assignment schedule request filter" + }, + "RoleAssignmentScheduleRequestProperties": { + "properties": { + "scope": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "readOnly": true, + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "requestType": { + "type": "string", + "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc", + "enum": [ + "AdminAssign", + "AdminRemove", + "AdminUpdate", + "AdminExtend", + "AdminRenew", + "SelfActivate", + "SelfDeactivate", + "SelfExtend", + "SelfRenew" + ], + "x-ms-enum": { + "name": "RequestType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "readOnly": true, + "description": "The status of the role assignment schedule request.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "approvalId": { + "type": "string", + "readOnly": true, + "description": "The approvalId of the role assignment schedule request." + }, + "targetRoleAssignmentScheduleId": { + "type": "string", + "description": "The resultant role assignment schedule id or the role assignment schedule id being updated" + }, + "targetRoleAssignmentScheduleInstanceId": { + "type": "string", + "description": "The role assignment schedule instance id being updated" + }, + "scheduleInfo": { + "properties": { + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime of the role assignment schedule." + }, + "expiration": { + "properties": { + "type": { + "type": "string", + "description": "Type of the role assignment schedule expiration", + "enum": [ + "AfterDuration", + "AfterDateTime", + "NoExpiration" + ], + "x-ms-enum": { + "name": "Type", + "modelAsString": true + } + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime of the role assignment schedule." + }, + "duration": { + "type": "string", + "description": "Duration of the role assignment schedule in TimeSpan." + } + }, + "type": "object", + "description": "Expiration of the role assignment schedule" + } + }, + "type": "object", + "description": "Schedule info of the role assignment schedule" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "The linked role eligibility schedule id - to activate an eligibility." + }, + "justification": { + "type": "string", + "description": "Justification for the role assignment" + }, + "ticketInfo": { + "properties": { + "ticketNumber": { + "type": "string", + "description": "Ticket number for the role assignment" + }, + "ticketSystem": { + "type": "string", + "description": "Ticket system name for the role assignment" + } + }, + "type": "object", + "description": "Ticket Info of the role assignment" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "readOnly": true, + "description": "DateTime when role assignment schedule request was created" + }, + "requestorId": { + "type": "string", + "readOnly": true, + "description": "Id of the user who created this request" + }, + "expandedProperties": { + "type": "object", + "readOnly": true, + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "required": [ + "roleDefinitionId", + "principalId", + "requestType" + ], + "type": "object", + "description": "Role assignment schedule request properties with scope." + }, + "RoleAssignmentScheduleRequest": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleRequestProperties", + "description": "Role assignment schedule request properties." + } + }, + "type": "object", + "description": "Role Assignment schedule request" + }, + "RoleAssignmentScheduleRequestListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Role assignment schedule request list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role assignment schedule request list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json new file mode 100644 index 000000000000..c1ce76de975b --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json @@ -0,0 +1,404 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules/{roleEligibilityScheduleName}": { + "get": { + "tags": [ + "roleEligibilitySchedules" + ], + "operationId": "RoleEligibilitySchedules_Get", + "description": "Get the specified role eligibility schedule for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role eligibility schedule to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule.", + "schema": { + "$ref": "#/definitions/RoleEligibilitySchedule" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleByName": { + "$ref": "./examples/GetRoleEligibilityScheduleByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules": { + "get": { + "tags": [ + "roleEligibilitySchedules" + ], + "operationId": "RoleEligibilitySchedules_ListForScope", + "description": "Gets role eligibility schedules for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedules at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role eligibility schedules for the user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role eligibility schedules.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleFilter", + "x-ms-examples": { + "GetRoleEligibilitySchedulesByScope": { + "$ref": "./examples/GetRoleEligibilitySchedulesByScope.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility schedule of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility schedule of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role eligibility schedule of the specific status." + } + }, + "type": "object", + "description": "Role eligibility schedule filter" + }, + "RoleEligibilityScheduleProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role eligibility schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "roleEligibilityScheduleRequestId": { + "type": "string", + "description": "The id of roleEligibilityScheduleRequest used to create this roleAssignmentSchedule" + }, + "memberType": { + "type": "string", + "description": "Membership type of the role eligibility schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "description": "The status of the role eligibility schedule.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime when role eligibility schedule" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime when role eligibility schedule" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role eligibility schedule was created" + }, + "updatedOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role eligibility schedule was modified" + }, + "expandedProperties": { + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "type": "object", + "description": "Role eligibility schedule properties with scope." + }, + "RoleEligibilitySchedule": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleProperties", + "description": "role eligibility schedule properties." + } + }, + "type": "object", + "description": "Role eligibility schedule" + }, + "RoleEligibilityScheduleListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilitySchedule" + }, + "description": "role eligibility schedule list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "role eligibility schedule list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json new file mode 100644 index 000000000000..f7324ea02362 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json @@ -0,0 +1,403 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances": { + "get": { + "tags": [ + "roleEligibilityScheduleInstances" + ], + "operationId": "RoleEligibilityScheduleInstances_ListForScope", + "description": "Gets role eligibility schedule instances of a role eligibility schedule.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role eligibility schedules for the user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns array of role eligibility schedule instances.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleInstanceListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleInstanceFilter", + "x-ms-examples": { + "GetRoleEligibilityScheduleInstancesByScope": { + "$ref": "./examples/GetRoleEligibilityScheduleInstancesByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances/{roleEligibilityScheduleInstanceName}": { + "get": { + "tags": [ + "roleEligibilityScheduleInstances" + ], + "operationId": "RoleEligibilityScheduleInstances_Get", + "description": "Gets the specified role eligibility schedule instance.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleInstanceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (hash of schedule name + time) of the role eligibility schedule to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule instance.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleInstance" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleInstanceByName": { + "$ref": "./examples/GetRoleEligibilityScheduleInstanceByName.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleInstanceFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility schedule instances of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility schedule instances of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role eligibility schedule instances of the specific status." + }, + "roleEligibilityScheduleId": { + "type": "string", + "description": "Returns role eligibility schedule instances belonging to a specific role eligibility schedule." + } + }, + "type": "object", + "description": "Role eligibility schedule instance filter" + }, + "RoleEligibilityScheduleInstanceProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role eligibility schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "roleEligibilityScheduleId": { + "type": "string", + "description": "Id of the master role eligibility schedule" + }, + "status": { + "type": "string", + "description": "The status of the role eligibility schedule instance", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "The startDateTime of the role eligibility schedule instance" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "The endDateTime of the role eligibility schedule instance" + }, + "memberType": { + "type": "string", + "description": "Membership type of the role eligibility schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role eligibility schedule was created" + }, + "expandedProperties": { + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "type": "object", + "description": "Role eligibility schedule properties with scope." + }, + "RoleEligibilityScheduleInstance": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule instance ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule instance name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule instance type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleInstanceProperties", + "description": "Role eligibility schedule instance properties." + } + }, + "type": "object", + "description": "Information about current or upcoming role eligibility schedule instance" + }, + "RoleEligibilityScheduleInstanceListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilityScheduleInstance" + }, + "description": "Role eligibility schedule instance list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role eligibility schedule instance list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json new file mode 100644 index 000000000000..f519e06d0263 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -0,0 +1,638 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}": { + "put": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Create", + "description": "Creates a role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule request to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility to create. It can be any valid GUID." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Parameters for the role eligibility schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleEligibilityScheduleRequest": { + "$ref": "./examples/PutRoleEligibilityScheduleRequest.json" + } + } + }, + "get": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Get", + "description": "Get the specified role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule request.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role eligibility schedule request to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/GetRoleEligibilityScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests": { + "get": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_ListForScope", + "description": "Gets role eligibility schedule requests for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule requests.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedule requests at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role eligibility schedule requests requested by the current user. Use $filter=asTarget() to return all role eligibility schedule requests created for the current user. Use $filter=asApprover() to return all role eligibility schedule requests where the current user is an approver." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role eligibility schedule requests.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequestListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleRequestFilter", + "x-ms-examples": { + "GetRoleEligibilityScheduleRequestByScope": { + "$ref": "./examples/GetRoleEligibilityScheduleRequestByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/cancel": { + "post": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Cancel", + "description": "Cancels a pending role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility request to cancel.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility request to cancel." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns success." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "CancelRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/CancelRoleEligibilityScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/validate": { + "post": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Validate", + "description": "Validates a new role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility request to validate.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility request to validate." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Parameters for the role eligibility schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "ValidateRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/ValidateRoleEligibilityScheduleRequestByName.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleRequestFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility requests of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility requests of the specific role definition." + }, + "requestorId": { + "type": "string", + "description": "Returns role eligibility requests created by specific principal." + }, + "status": { + "type": "string", + "description": "Returns role eligibility requests of specific status." + } + }, + "type": "object", + "description": "Role eligibility schedule request filter" + }, + "RoleEligibilityScheduleRequestProperties": { + "properties": { + "scope": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "readOnly": true, + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "requestType": { + "type": "string", + "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc", + "enum": [ + "AdminAssign", + "AdminRemove", + "AdminUpdate", + "AdminExtend", + "AdminRenew", + "SelfActivate", + "SelfDeactivate", + "SelfExtend", + "SelfRenew" + ], + "x-ms-enum": { + "name": "RequestType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "readOnly": true, + "description": "The status of the role eligibility schedule request.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "approvalId": { + "type": "string", + "readOnly": true, + "description": "The approvalId of the role eligibility schedule request." + }, + "scheduleInfo": { + "properties": { + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime of the role eligibility schedule." + }, + "expiration": { + "properties": { + "type": { + "type": "string", + "description": "Type of the role eligibility schedule expiration", + "enum": [ + "AfterDuration", + "AfterDateTime", + "NoExpiration" + ], + "x-ms-enum": { + "name": "Type", + "modelAsString": true + } + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime of the role eligibility schedule." + }, + "duration": { + "type": "string", + "description": "Duration of the role eligibility schedule in TimeSpan." + } + }, + "type": "object", + "description": "Expiration of the role eligibility schedule" + } + }, + "type": "object", + "description": "Schedule info of the role eligibility schedule" + }, + "targetRoleEligibilityScheduleId": { + "type": "string", + "description": "The resultant role eligibility schedule id or the role eligibility schedule id being updated" + }, + "targetRoleEligibilityScheduleInstanceId": { + "type": "string", + "description": "The role eligibility schedule instance id being updated" + }, + "justification": { + "type": "string", + "description": "Justification for the role eligibility" + }, + "ticketInfo": { + "properties": { + "ticketNumber": { + "type": "string", + "description": "Ticket number for the role eligibility" + }, + "ticketSystem": { + "type": "string", + "description": "Ticket system name for the role eligibility" + } + }, + "type": "object", + "description": "Ticket Info of the role eligibility" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "DateTime when role eligibility schedule request was created" + }, + "requestorId": { + "type": "string", + "readOnly": true, + "description": "Id of the user who created this request" + }, + "expandedProperties": { + "readOnly": true, + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "required": [ + "roleDefinitionId", + "principalId", + "requestType" + ], + "type": "object", + "description": "Role eligibility schedule request properties with scope." + }, + "RoleEligibilityScheduleRequest": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleRequestProperties", + "description": "Role eligibility schedule request properties." + } + }, + "type": "object", + "description": "Role Eligibility schedule request" + }, + "RoleEligibilityScheduleRequestListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Role eligibility schedule request list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role eligibility schedule request list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object", + "description": "Expanded info of resource, role and principal" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json new file mode 100644 index 000000000000..b34c09c8ce22 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json @@ -0,0 +1,381 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies/{roleManagementPolicyName}": { + "get": { + "tags": [ + "roleManagementPolicies" + ], + "operationId": "RoleManagementPolicies_Get", + "description": "Get the specified role management policy for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role management policy to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role management policy.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleManagementPolicyByName": { + "$ref": "./examples/GetRoleManagementPolicyByName.json" + } + } + }, + "patch": { + "tags": [ + "roleManagementPolicies" + ], + "operationId": "RoleManagementPolicies_Update", + "description": "Update a role management policy", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy to upsert.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role management policy to upsert." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleManagementPolicy" + }, + "description": "Parameters for the role management policy." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Ok - Returns the updated policy.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PatchRoleManagementPolicy": { + "$ref": "./examples/PatchRoleManagementPolicy.json" + }, + "PatchPartialRoleManagementPolicy": { + "$ref": "./examples/PatchPartialRoleManagementPolicy.json" + } + } + }, + "delete": { + "tags": [ + "roleManagementPolicies" + ], + "operationId": "RoleManagementPolicies_Delete", + "description": "Delete a role management policy", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy to upsert.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role management policy to upsert." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Successfully deleted the policy." + }, + "204": { + "description": "NoContent - policy does not exists." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "DeleteRoleManagementPolicy": { + "$ref": "./examples/DeleteRoleManagementPolicy.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies": { + "get": { + "tags": [ + "roleManagementPolicies" + ], + "operationId": "RoleManagementPolicies_ListForScope", + "description": "Gets role management policies for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role management policies.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicyListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetRoleManagementPolicyByRoleDefinitionFilter": { + "$ref": "./examples/GetRoleManagementPolicyByScope.json" + } + } + } + } + }, + "definitions": { + "RoleManagementPolicyProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role management policy scope." + }, + "displayName": { + "type": "string", + "description": "The role management policy display name." + }, + "description": { + "type": "string", + "description": "The role management policy description." + }, + "isOrganizationDefault": { + "type": "boolean", + "description": "The role management policy is default policy." + }, + "lastModifiedBy": { + "$ref": "./common-types.json#/definitions/Principal" + }, + "lastModifiedDateTime": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "The last modified date time." + }, + "rules": { + "type": "array", + "items": { + "$ref": "./common-types.json#/definitions/RoleManagementPolicyRule" + }, + "description": "The rule applied to the policy." + }, + "effectiveRules": { + "type": "array", + "items": { + "$ref": "./common-types.json#/definitions/RoleManagementPolicyRule" + }, + "readOnly": true, + "description": "The readonly computed rule applied to the policy." + }, + "policyProperties": { + "readOnly": true, + "type": "object", + "description": "Additional properties of scope", + "$ref": "#/definitions/PolicyProperties" + } + }, + "type": "object", + "description": "Role management policy properties with scope." + }, + "RoleManagementPolicy": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role management policy Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role management policy name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role management policy type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleManagementPolicyProperties", + "description": "Role management policy properties." + } + }, + "type": "object", + "description": "Role management policy" + }, + "RoleManagementPolicyListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleManagementPolicy" + }, + "description": "Role management policy list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role management policy list operation result." + }, + "PolicyProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "readOnly": true, + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + } + }, + "type": "object", + "description": "Expanded info of resource scope" + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json new file mode 100644 index 000000000000..b195345ffd72 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json @@ -0,0 +1,393 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments/{roleManagementPolicyAssignmentName}": { + "get": { + "tags": [ + "roleManagementPolicyAssignments" + ], + "operationId": "RoleManagementPolicyAssignments_Get", + "description": "Get the specified role management policy assignment for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of format {guid_guid} the role management policy assignment to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role management policy.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleManagementPolicyAssignmentByName.json" + } + } + }, + "put": { + "tags": [ + "roleManagementPolicyAssignments" + ], + "operationId": "RoleManagementPolicyAssignments_Create", + "description": "Create a role management policy assignment", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy assignment to upsert.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of format {guid_guid} the role management policy assignment to upsert." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleManagementPolicyAssignment" + }, + "description": "Parameters for the role management policy assignment." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns the created or updated policy assignment.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleManagementPolicyAssignment": { + "$ref": "./examples/PutRoleManagementPolicyAssignment.json" + } + } + }, + "delete": { + "tags": [ + "roleManagementPolicyAssignments" + ], + "operationId": "RoleManagementPolicyAssignments_Delete", + "description": "Delete a role management policy assignment", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy assignment to delete.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of format {guid_guid} the role management policy assignment to delete." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Successfully deleted the policy assignment." + }, + "204": { + "description": "NoContent - policy assignment does not exists." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "DeleteRoleManagementPolicyAssignment": { + "$ref": "./examples/DeleteRoleManagementPolicyAssignment.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments": { + "get": { + "tags": [ + "roleManagementPolicyAssignments" + ], + "operationId": "RoleManagementPolicyAssignments_ListForScope", + "description": "Gets role management assignment policies for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role management policies.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetRoleManagementPolicyAssignmentByScope": { + "$ref": "./examples/GetRoleManagementPolicyAssignmentByScope.json" + } + } + } + } + }, + "definitions": { + "RoleManagementPolicyAssignment": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role management policy Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role management policy name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role management policy type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleManagementPolicyAssignmentProperties", + "description": "Role management policy properties." + } + }, + "type": "object", + "description": "Role management policy" + }, + "RoleManagementPolicyAssignmentProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role management policy scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition of management policy assignment." + }, + "policyId": { + "type": "string", + "description": "The policy id role management policy assignment." + }, + "effectiveRules": { + "type": "array", + "items": { + "$ref": "./common-types.json#/definitions/RoleManagementPolicyRule" + }, + "readOnly": true, + "description": "The readonly computed rule applied to the policy." + }, + "policyAssignmentProperties": { + "readOnly": true, + "type": "object", + "description": "Additional properties of scope, role definition and policy", + "$ref": "#/definitions/PolicyAssignmentProperties" + } + }, + "type": "object", + "description": "Role management policy assignment properties with scope." + }, + "RoleManagementPolicyAssignmentListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleManagementPolicyAssignment" + }, + "description": "Role management policy assignment list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role management policy assignment list operation result." + }, + "PolicyAssignmentProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "policy": { + "type": "object", + "description": "Details of the policy", + "properties": { + "id": { + "type": "string", + "description": "Id of the policy" + }, + "lastModifiedBy": { + "$ref": "./common-types.json#/definitions/Principal" + }, + "lastModifiedDateTime": { + "type": "string", + "format": "date-time", + "description": "The last modified date time." + } + } + } + }, + "type": "object", + "description": "Expanded info of resource scope, role definition and policy" + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json new file mode 100644 index 000000000000..b373809143bf --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json @@ -0,0 +1,443 @@ +{ + "swagger": "2.0", + "info": { + "version": "2020-10-01", + "title": "AuthorizationManagementClient" + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": {}, + "definitions": { + "Permission": { + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed actions." + }, + "notActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied actions." + }, + "dataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed Data actions." + }, + "notDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied Data actions." + } + }, + "type": "object", + "description": "Role definition permissions." + }, + "Principal": { + "readOnly": true, + "type": "object", + "description": "The name of the entity last modified it", + "properties": { + "id": { + "type": "string", + "description": "The id of the principal made changes" + }, + "displayName": { + "type": "string", + "description": "The name of the principal made changes" + }, + "type": { + "type": "string", + "description": "Type of principal such as user , group etc" + }, + "email": { + "type": "string", + "description": "Email of principal" + } + } + }, + "RoleManagementPolicyRule": { + "description": "The role management policy rule.", + "type": "object", + "required": [ + "ruleType" + ], + "discriminator": "ruleType", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/RoleManagementPolicyRuleType" + }, + "target": { + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", + "description": "The target of the current rule." + } + } + }, + "RoleManagementPolicyApprovalRule": { + "description": "The role management policy approval rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "setting": { + "$ref": "#/definitions/ApprovalSettings", + "description": "The approval setting" + } + } + }, + "ApprovalSettings": { + "description": "The approval settings.", + "type": "object", + "properties": { + "isApprovalRequired": { + "type": "boolean", + "description": "Determines whether approval is required or not." + }, + "isApprovalRequiredForExtension": { + "type": "boolean", + "description": "Determines whether approval is required for assignment extension." + }, + "isRequestorJustificationRequired": { + "type": "boolean", + "description": "Determine whether requestor justification is required." + }, + "approvalMode": { + "type": "string", + "description": "The type of rule", + "enum": [ + "SingleStage", + "Serial", + "Parallel", + "NoApproval" + ], + "x-ms-enum": { + "name": "ApprovalMode", + "modelAsString": true + } + }, + "approvalStages": { + "type": "array", + "items": { + "$ref": "#/definitions/ApprovalStage" + }, + "x-ms-identifiers": [], + "description": "The approval stages of the request." + } + } + }, + "ApprovalStage": { + "description": "The approval stage.", + "type": "object", + "properties": { + "approvalStageTimeOutInDays": { + "type": "integer", + "format": "int32", + "description": "The time in days when approval request would be timed out" + }, + "isApproverJustificationRequired": { + "type": "boolean", + "description": "Determines whether approver need to provide justification for his decision." + }, + "escalationTimeInMinutes": { + "type": "integer", + "format": "int32", + "description": "The time in minutes when the approval request would be escalated if the primary approver does not approve" + }, + "primaryApprovers": { + "type": "array", + "description": "The primary approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + }, + "isEscalationEnabled": { + "type": "boolean", + "description": "The value determine whether escalation feature is enabled." + }, + "escalationApprovers": { + "type": "array", + "description": "The escalation approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + } + } + }, + "UserSet": { + "description": "The detail of a user.", + "type": "object", + "properties": { + "userType": { + "type": "string", + "description": "The type of user.", + "enum": [ + "User", + "Group" + ], + "x-ms-enum": { + "name": "UserType", + "modelAsString": true + } + }, + "isBackup": { + "type": "boolean", + "description": "The value indicating whether the user is a backup fallback approver" + }, + "id": { + "type": "string", + "description": "The object id of the user." + }, + "description": { + "type": "string", + "description": "The description of the user." + } + } + }, + "RoleManagementPolicyAuthenticationContextRule": { + "description": "The role management policy authentication context rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "The value indicating if rule is enabled." + }, + "claimValue": { + "type": "string", + "description": "The claim value." + } + } + }, + "RoleManagementPolicyEnablementRule": { + "description": "The role management policy enablement rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "enabledRules": { + "type": "array", + "items": { + "type": "string", + "description": "The type of enablement rule", + "enum": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "x-ms-enum": { + "name": "EnablementRules", + "modelAsString": true + } + }, + "description": "The list of enabled rules." + } + } + }, + "RoleManagementPolicyExpirationRule": { + "description": "The role management policy expiration rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isExpirationRequired": { + "type": "boolean", + "description": "The value indicating whether expiration is required." + }, + "maximumDuration": { + "type": "string", + "description": "The maximum duration of expiration in timespan." + } + } + }, + "RoleManagementPolicyNotificationRule": { + "description": "The role management policy notification rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "notificationType": { + "type": "string", + "description": "The type of notification.", + "enum": [ + "Email" + ], + "x-ms-enum": { + "name": "NotificationDeliveryMechanism", + "modelAsString": true + } + }, + "notificationLevel": { + "type": "string", + "description": "The notification level.", + "enum": [ + "None", + "Critical", + "All" + ], + "x-ms-enum": { + "name": "NotificationLevel", + "modelAsString": true + } + }, + "recipientType": { + "type": "string", + "description": "The recipient type.", + "enum": [ + "Requestor", + "Approver", + "Admin" + ], + "x-ms-enum": { + "name": "RecipientType", + "modelAsString": true + } + }, + "notificationRecipients": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of notification recipients." + }, + "isDefaultRecipientsEnabled": { + "type": "boolean", + "description": "Determines if the notification will be sent to the recipient type specified in the policy rule." + } + } + }, + "RoleManagementPolicyRuleTarget": { + "description": "The role management policy rule target.", + "type": "object", + "properties": { + "caller": { + "type": "string", + "description": "The caller of the setting." + }, + "operations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The type of operation." + }, + "level": { + "type": "string", + "description": "The assignment level to which rule is applied." + }, + "targetObjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target objects." + }, + "inheritableSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of inheritable settings." + }, + "enforcedSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of enforced settings." + } + } + }, + "RoleManagementPolicyRuleType": { + "type": "string", + "description": "The type of rule", + "enum": [ + "RoleManagementPolicyApprovalRule", + "RoleManagementPolicyAuthenticationContextRule", + "RoleManagementPolicyEnablementRule", + "RoleManagementPolicyExpirationRule", + "RoleManagementPolicyNotificationRule" + ], + "x-ms-enum": { + "name": "RoleManagementPolicyRuleType", + "modelAsString": true + } + } + }, + "parameters": { + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ResourceTypeParameter": { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites).", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ResourceNameParameter": { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The resource name.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ScopeParameter": { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..5226f6a4623a --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,10 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "api-version": "2020-10-01" + }, + "responses": { + "200": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..9abd0376b0b0 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,10 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "api-version": "2020-10-01" + }, + "responses": { + "200": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json new file mode 100644 index 000000000000..ed27563fbbe7 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json @@ -0,0 +1,11 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "api-version": "2020-10-01" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json new file mode 100644 index 000000000000..8db2585f06b0 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json @@ -0,0 +1,11 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyAssignmentName": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "api-version": "2020-10-01" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json new file mode 100644 index 000000000000..387a6cc7f656 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "api-version": "2020-10-01", + "$filter": "resourceType+eq+'resourcegroup'" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "name": "RG-1", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/resourceGroups/RG-1", + "type": "resourcegroup" + }, + { + "name": "RG-2", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/resourceGroups/RG-2", + "type": "resourcegroup" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json new file mode 100644 index 000000000000..d9bb7ab2259f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleName": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "assignmentType": "Assigned", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleAssignmentScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "updatedOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "type": "Microsoft.Authorization/RoleAssignmentSchedules" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json new file mode 100644 index 000000000000..3bbbf21b258d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json @@ -0,0 +1,52 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleInstanceName": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "originRoleAssignmentId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignments/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "linkedRoleEligibilityScheduleInstanceId": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "assignmentType": "Assigned", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Accepted", + "roleAssignmentScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "type": "Microsoft.Authorization/RoleAssignmentScheduleInstances" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json new file mode 100644 index 000000000000..e69d3e7d48ed --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json @@ -0,0 +1,56 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "originRoleAssignmentId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignments/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "linkedRoleEligibilityScheduleInstanceId": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "assignmentType": "Assigned", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Accepted", + "roleAssignmentScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "type": "Microsoft.Authorization/RoleAssignmentScheduleInstances" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..5e17544c2e0b --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,62 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json new file mode 100644 index 000000000000..882fd03c965c --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json @@ -0,0 +1,66 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json new file mode 100644 index 000000000000..756bb3019f0e --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "assignmentType": "Assigned", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleAssignmentScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "updatedOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "type": "Microsoft.Authorization/RoleAssignmentSchedules" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json new file mode 100644 index 000000000000..b2d944e91700 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json @@ -0,0 +1,49 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleName": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "startDateTime": "2020-09-09T21:33:14.557Z", + "endDateTime": "2021-09-09T21:32:28.49Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:33:06.3Z", + "updatedOn": "2020-09-09T22:27:00.513Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "type": "Microsoft.Authorization/RoleEligibilitySchedules" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json new file mode 100644 index 000000000000..ea21b20e063c --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleInstanceName": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "startDateTime": "2020-09-10T00:32:36.86Z", + "endDateTime": "2021-09-10T00:31:41.477Z", + "memberType": "Direct", + "createdOn": "2020-09-10T00:32:36.86Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "type": "Microsoft.Authorization/RoleEligibilityScheduleInstances" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json new file mode 100644 index 000000000000..b7725a9345fe --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json @@ -0,0 +1,52 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "startDateTime": "2020-09-10T00:32:36.86Z", + "endDateTime": "2021-09-10T00:31:41.477Z", + "memberType": "Direct", + "createdOn": "2020-09-10T00:32:36.86Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "type": "Microsoft.Authorization/RoleEligibilityScheduleInstances" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..afe63b5d15fd --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,62 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json new file mode 100644 index 000000000000..ff7300f136c5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json @@ -0,0 +1,66 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityRequests" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json new file mode 100644 index 000000000000..c1c7d106b455 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "startDateTime": "2020-09-09T21:33:14.557Z", + "endDateTime": "2021-09-09T21:32:28.49Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:33:06.3Z", + "updatedOn": "2020-09-09T22:27:00.513Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "type": "Microsoft.Authorization/RoleEligibilitySchedules" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json new file mode 100644 index 000000000000..23c8f9d798e5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json @@ -0,0 +1,391 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyAssignmentName": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyAssignmentProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "displayName": "FHIR Data Converter", + "type": "BuiltInRole" + }, + "policy": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "lastModifiedDateTime": null + } + } + }, + "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json new file mode 100644 index 000000000000..c13e8ab2ee06 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json @@ -0,0 +1,394 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyAssignmentProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "displayName": "FHIR Data Converter", + "type": "BuiltInRole" + }, + "policy": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "lastModifiedDateTime": null + } + } + }, + "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json new file mode 100644 index 000000000000..12ffa1aa396d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json @@ -0,0 +1,732 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastModifiedDateTime": "2021-03-17T02:54:27.167+00:00", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "rules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + } + } + }, + "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "type": "Microsoft.Authorization/RoleManagementPolicies" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json new file mode 100644 index 000000000000..08e6c796138f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json @@ -0,0 +1,735 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "api-version": "2020-10-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastModifiedDateTime": "2021-03-17T02:54:27.167+00:00", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "rules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + } + } + }, + "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "type": "Microsoft.Authorization/RoleManagementPolicies" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json new file mode 100644 index 000000000000..62d3b232d29e --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json @@ -0,0 +1,775 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "api-version": "2020-10-01", + "parameters": { + "properties": { + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ] + } + } + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastModifiedDateTime": "2021-03-17T16:35:27.91+00:00", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + } + } + }, + "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "type": "Microsoft.Authorization/RoleManagementPolicies" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json new file mode 100644 index 000000000000..0f5e3e1c85cb --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json @@ -0,0 +1,1084 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "api-version": "2020-10-01", + "parameters": { + "properties": { + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ] + } + } + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastModifiedDateTime": "2021-03-17T16:35:27.91+00:00", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + } + } + }, + "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "type": "Microsoft.Authorization/RoleManagementPolicies" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json new file mode 100644 index 000000000000..53d11cc9487b --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json @@ -0,0 +1,80 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "SelfActivate", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01" + }, + "responses": { + "201": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json new file mode 100644 index 000000000000..5bb91f385a35 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json @@ -0,0 +1,79 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "AdminAssign", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01" + }, + "responses": { + "201": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json new file mode 100644 index 000000000000..a7d4bafae636 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json @@ -0,0 +1,393 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyAssignmentName": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "api-version": "2020-10-01", + "parameters": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyAssignmentProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "displayName": "FHIR Data Converter", + "type": "BuiltInRole" + }, + "policy": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "lastModifiedBy": null, + "lastModifiedDateTime": null + } + } + }, + "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..c3c963c59b45 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,80 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "SelfActivate", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2022-04-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..fe18e4519d13 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,79 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "AdminAssign", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2022-04-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityScheduleRequests" + } + } + } +} From 002916a0d8822bfc7a59f3dd6553e53845267552 Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Tue, 5 Apr 2022 14:08:42 -0700 Subject: [PATCH 10/22] merge common types from 2022-10-01 public --- .../stable/2022-04-01/common-types.json | 327 ++++++++++++++++++ 1 file changed, 327 insertions(+) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json index 69931818034b..1e4cc930b2e1 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json @@ -73,6 +73,333 @@ "description": "Email of principal" } } + }, + "RoleManagementPolicyRule": { + "description": "The role management policy rule.", + "type": "object", + "required": [ + "ruleType" + ], + "discriminator": "ruleType", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/RoleManagementPolicyRuleType" + }, + "target": { + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", + "description": "The target of the current rule." + } + } + }, + "RoleManagementPolicyApprovalRule": { + "description": "The role management policy approval rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "setting": { + "$ref": "#/definitions/ApprovalSettings", + "description": "The approval setting" + } + } + }, + "ApprovalSettings": { + "description": "The approval settings.", + "type": "object", + "properties": { + "isApprovalRequired": { + "type": "boolean", + "description": "Determines whether approval is required or not." + }, + "isApprovalRequiredForExtension": { + "type": "boolean", + "description": "Determines whether approval is required for assignment extension." + }, + "isRequestorJustificationRequired": { + "type": "boolean", + "description": "Determine whether requestor justification is required." + }, + "approvalMode": { + "type": "string", + "description": "The type of rule", + "enum": [ + "SingleStage", + "Serial", + "Parallel", + "NoApproval" + ], + "x-ms-enum": { + "name": "ApprovalMode", + "modelAsString": true + } + }, + "approvalStages": { + "type": "array", + "items": { + "$ref": "#/definitions/ApprovalStage" + }, + "x-ms-identifiers": [], + "description": "The approval stages of the request." + } + } + }, + "ApprovalStage": { + "description": "The approval stage.", + "type": "object", + "properties": { + "approvalStageTimeOutInDays": { + "type": "integer", + "format": "int32", + "description": "The time in days when approval request would be timed out" + }, + "isApproverJustificationRequired": { + "type": "boolean", + "description": "Determines whether approver need to provide justification for his decision." + }, + "escalationTimeInMinutes": { + "type": "integer", + "format": "int32", + "description": "The time in minutes when the approval request would be escalated if the primary approver does not approve" + }, + "primaryApprovers": { + "type": "array", + "description": "The primary approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + }, + "isEscalationEnabled": { + "type": "boolean", + "description": "The value determine whether escalation feature is enabled." + }, + "escalationApprovers": { + "type": "array", + "description": "The escalation approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + } + } + }, + "UserSet": { + "description": "The detail of a user.", + "type": "object", + "properties": { + "userType": { + "type": "string", + "description": "The type of user.", + "enum": [ + "User", + "Group" + ], + "x-ms-enum": { + "name": "UserType", + "modelAsString": true + } + }, + "isBackup": { + "type": "boolean", + "description": "The value indicating whether the user is a backup fallback approver" + }, + "id": { + "type": "string", + "description": "The object id of the user." + }, + "description": { + "type": "string", + "description": "The description of the user." + } + } + }, + "RoleManagementPolicyAuthenticationContextRule": { + "description": "The role management policy authentication context rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "The value indicating if rule is enabled." + }, + "claimValue": { + "type": "string", + "description": "The claim value." + } + } + }, + "RoleManagementPolicyEnablementRule": { + "description": "The role management policy enablement rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "enabledRules": { + "type": "array", + "items": { + "type": "string", + "description": "The type of enablement rule", + "enum": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "x-ms-enum": { + "name": "EnablementRules", + "modelAsString": true + } + }, + "description": "The list of enabled rules." + } + } + }, + "RoleManagementPolicyExpirationRule": { + "description": "The role management policy expiration rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isExpirationRequired": { + "type": "boolean", + "description": "The value indicating whether expiration is required." + }, + "maximumDuration": { + "type": "string", + "description": "The maximum duration of expiration in timespan." + } + } + }, + "RoleManagementPolicyNotificationRule": { + "description": "The role management policy notification rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "notificationType": { + "type": "string", + "description": "The type of notification.", + "enum": [ + "Email" + ], + "x-ms-enum": { + "name": "NotificationDeliveryMechanism", + "modelAsString": true + } + }, + "notificationLevel": { + "type": "string", + "description": "The notification level.", + "enum": [ + "None", + "Critical", + "All" + ], + "x-ms-enum": { + "name": "NotificationLevel", + "modelAsString": true + } + }, + "recipientType": { + "type": "string", + "description": "The recipient type.", + "enum": [ + "Requestor", + "Approver", + "Admin" + ], + "x-ms-enum": { + "name": "RecipientType", + "modelAsString": true + } + }, + "notificationRecipients": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of notification recipients." + }, + "isDefaultRecipientsEnabled": { + "type": "boolean", + "description": "Determines if the notification will be sent to the recipient type specified in the policy rule." + } + } + }, + "RoleManagementPolicyRuleTarget": { + "description": "The role management policy rule target.", + "type": "object", + "properties": { + "caller": { + "type": "string", + "description": "The caller of the setting." + }, + "operations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The type of operation." + }, + "level": { + "type": "string", + "description": "The assignment level to which rule is applied." + }, + "targetObjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target objects." + }, + "inheritableSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of inheritable settings." + }, + "enforcedSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of enforced settings." + } + } + }, + "RoleManagementPolicyRuleType": { + "type": "string", + "description": "The type of rule", + "enum": [ + "RoleManagementPolicyApprovalRule", + "RoleManagementPolicyAuthenticationContextRule", + "RoleManagementPolicyEnablementRule", + "RoleManagementPolicyExpirationRule", + "RoleManagementPolicyNotificationRule" + ], + "x-ms-enum": { + "name": "RoleManagementPolicyRuleType", + "modelAsString": true + } } }, "parameters": { From 1aef322e42ea7248fc86cbb7ed276e896dc21ff0 Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Wed, 27 Apr 2022 16:25:17 -0700 Subject: [PATCH 11/22] remove device service principal type --- .../stable/2020-10-01/RoleAssignmentSchedule.json | 3 +-- .../stable/2020-10-01/RoleAssignmentScheduleInstance.json | 3 +-- .../stable/2020-10-01/RoleAssignmentScheduleRequest.json | 3 +-- .../stable/2020-10-01/RoleEligibilitySchedule.json | 3 +-- .../stable/2020-10-01/RoleEligibilityScheduleInstance.json | 3 +-- .../stable/2020-10-01/RoleEligibilityScheduleRequest.json | 3 +-- 6 files changed, 6 insertions(+), 12 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json index 63dbf6ac245d..de984ecfe4e1 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json @@ -175,8 +175,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json index db3b478005e3..fec0b61aa73e 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json @@ -179,8 +179,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json index 5482d52f453f..225c52a0bb9d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json @@ -338,8 +338,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json index c1ce76de975b..5f5f839e01d7 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json @@ -175,8 +175,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json index f7324ea02362..b4c8312da5d9 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json @@ -179,8 +179,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json index f519e06d0263..28f4468c888b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -338,8 +338,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", From dacc80d76ee8e1a83fc6bda0fda2ce455e394dbd Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Mon, 2 May 2022 15:39:29 -0700 Subject: [PATCH 12/22] revert device type removal and add skip token parameter --- .../stable/2020-10-01/RoleAssignmentSchedule.json | 3 ++- .../stable/2020-10-01/RoleAssignmentScheduleInstance.json | 3 ++- .../stable/2020-10-01/RoleAssignmentScheduleRequest.json | 3 ++- .../stable/2020-10-01/RoleEligibilitySchedule.json | 3 ++- .../stable/2020-10-01/RoleEligibilityScheduleInstance.json | 3 ++- .../stable/2020-10-01/RoleEligibilityScheduleRequest.json | 3 ++- .../2022-04-01/authorization-RoleAssignmentsCalls.json | 6 +++++- 7 files changed, 17 insertions(+), 7 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json index de984ecfe4e1..63dbf6ac245d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json @@ -175,7 +175,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json index fec0b61aa73e..db3b478005e3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json @@ -179,7 +179,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json index 225c52a0bb9d..5482d52f453f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json @@ -338,7 +338,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json index 5f5f839e01d7..c1ce76de975b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json @@ -175,7 +175,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json index b4c8312da5d9..f7324ea02362 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json @@ -179,7 +179,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json index 28f4468c888b..f519e06d0263 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -338,7 +338,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json index 02c83730a92f..872d7bf2be81 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json @@ -343,6 +343,9 @@ }, { "$ref": "#/parameters/TenantIdQueryParameter" + }, + { + "$ref": "#/parameters/PaginationSkipToken" } ], "responses": { @@ -575,7 +578,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "default": "User", "x-ms-enum": { From ac09db7bcd8aaf173b97a2aeafd21ba579270f09 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Wed, 16 Feb 2022 10:38:08 -0800 Subject: [PATCH 13/22] commit for PR --- .../authorization-DenyAssignmentCalls.json | 507 ++++++++++++ ...authorization-ProviderOperationsCalls.json | 249 ++++++ .../authorization-RoleAssignmentsCalls.json | 730 ++++++++++++++++++ .../authorization-RoleDefinitionsCalls.json | 550 +++++++++++++ .../stable/2022-03-01/common-types.json | 116 +++ .../examples/DeleteRoleDefinition.json | 37 + .../examples/GetAllDenyAssignments.json | 50 ++ .../examples/GetAllProviderOperations.json | 27 + .../examples/GetDenyAssignmentById.json | 44 ++ .../examples/GetDenyAssignmentByNameId.json | 45 ++ .../examples/GetDenyAssignmentByScope.json | 50 ++ .../GetDenyAssignmentsForResource.json | 55 ++ .../GetDenyAssignmentsForResourceGroup.json | 51 ++ .../2022-03-01/examples/GetPermissions.json | 22 + .../examples/GetProviderOperationsRP.json | 24 + .../examples/GetResourcePermissions.json | 23 + .../examples/GetRoleDefinitionAtScope.json | 39 + .../examples/GetRoleDefinitionById.json | 35 + .../examples/GetRoleDefinitionByName.json | 36 + .../examples/PutRoleDefinition.json | 61 ++ .../examples/RoleAssignments_CreateById.json | 41 + .../RoleAssignments_CreateForResource.json | 42 + ...oleAssignments_CreateForResourceGroup.json | 42 + ...RoleAssignments_CreateForSubscription.json | 42 + .../examples/RoleAssignments_Delete.json | 23 + .../examples/RoleAssignments_DeleteById.json | 22 + .../examples/RoleAssignments_Get.json | 22 + .../examples/RoleAssignments_GetById.json | 21 + .../RoleAssignments_ListForResource.json | 51 ++ .../RoleAssignments_ListForResourceGroup.json | 37 + .../RoleAssignments_ListForScope.json | 25 + .../RoleAssignments_ListForSubscription.json | 25 + .../RoleAssignments_ValidateByIdInvalid.json | 24 + .../RoleAssignments_ValidateByIdValid.json | 20 + .../RoleAssignments_ValidateInvalid.json | 25 + .../RoleAssignments_ValidateValid.json | 21 + 36 files changed, 3234 insertions(+) create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json new file mode 100644 index 000000000000..b787aa6e7ffb --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json @@ -0,0 +1,507 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2022-03-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to get deny assignments. A deny assignment describes the set of actions on resources that are denied for Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/denyAssignments": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_ListForResource", + "description": "Gets deny assignments for a resource.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceProviderNamespaceParameter" + }, + { + "name": "parentResourcePath", + "in": "path", + "required": true, + "type": "string", + "description": "The parent resource identity.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type of the resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource to get deny assignments for." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of deny assignments.", + "schema": { + "$ref": "#/definitions/DenyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/DenyAssignmentFilter", + "x-ms-examples": { + "List deny assignments for resource": { + "$ref": "./examples/GetDenyAssignmentsForResource.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/denyAssignments": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_ListForResourceGroup", + "description": "Gets deny assignments for a resource group.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of deny assignments.", + "schema": { + "$ref": "#/definitions/DenyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/DenyAssignmentFilter", + "x-ms-examples": { + "List deny assignments for resource group": { + "$ref": "./examples/GetDenyAssignmentsForResourceGroup.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/denyAssignments": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_List", + "description": "Gets all deny assignments for the subscription.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of deny assignments.", + "schema": { + "$ref": "#/definitions/DenyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/DenyAssignmentFilter", + "x-ms-examples": { + "List deny assignments for subscription": { + "$ref": "./examples/GetAllDenyAssignments.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId}": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_Get", + "description": "Get the specified deny assignment.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the deny assignment.", + "x-ms-skip-url-encoding": true + }, + { + "name": "denyAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the deny assignment to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the deny assignment.", + "schema": { + "$ref": "#/definitions/DenyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get deny assignment by name": { + "$ref": "./examples/GetDenyAssignmentByNameId.json" + } + } + } + }, + "/{denyAssignmentId}": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_GetById", + "description": "Gets a deny assignment by ID.", + "parameters": [ + { + "name": "denyAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The fully qualified deny assignment ID. For example, use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId} for subscription level deny assignments, or /providers/Microsoft.Authorization/denyAssignments/{denyAssignmentId} for tenant level deny assignments.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns the deny assignment.", + "schema": { + "$ref": "#/definitions/DenyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get deny assignment by ID": { + "$ref": "./examples/GetDenyAssignmentById.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/denyAssignments": { + "get": { + "tags": [ + "DenyAssignments" + ], + "operationId": "DenyAssignments_ListForScope", + "description": "Gets deny assignments for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the deny assignments.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of deny assignments.", + "schema": { + "$ref": "#/definitions/DenyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/DenyAssignmentFilter", + "x-ms-examples": { + "List deny assignments for scope": { + "$ref": "./examples/GetDenyAssignmentByScope.json" + } + } + } + } + }, + "definitions": { + "DenyAssignmentFilter": { + "properties": { + "denyAssignmentName": { + "type": "string", + "description": "Return deny assignment with specified name." + }, + "principalId": { + "type": "string", + "description": "Return all deny assignments where the specified principal is listed in the principals list of deny assignments." + }, + "gdprExportPrincipalId": { + "type": "string", + "description": "Return all deny assignments where the specified principal is listed either in the principals list or exclude principals list of deny assignments." + } + }, + "type": "object", + "description": "Deny Assignments filter" + }, + "DenyAssignmentProperties": { + "properties": { + "denyAssignmentName": { + "type": "string", + "description": "The display name of the deny assignment." + }, + "description": { + "type": "string", + "description": "The description of the deny assignment." + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/definitions/DenyAssignmentPermission" + }, + "description": "An array of permissions that are denied by the deny assignment." + }, + "scope": { + "type": "string", + "description": "The deny assignment scope." + }, + "doNotApplyToChildScopes": { + "type": "boolean", + "description": "Determines if the deny assignment applies to child scopes. Default value is false." + }, + "principals": { + "type": "array", + "items": { + "$ref": "./common-types.json#/definitions/Principal" + }, + "description": "Array of principals to which the deny assignment applies." + }, + "excludePrincipals": { + "type": "array", + "items": { + "$ref": "./common-types.json#/definitions/Principal" + }, + "description": "Array of principals to which the deny assignment does not apply." + }, + "isSystemProtected": { + "type": "boolean", + "description": "Specifies whether this deny assignment was created by Azure and cannot be edited or deleted." + } + }, + "type": "object", + "description": "Deny assignment properties." + }, + "DenyAssignment": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The deny assignment ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The deny assignment name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The deny assignment type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/DenyAssignmentProperties", + "description": "Deny assignment properties." + } + }, + "type": "object", + "description": "Deny Assignment" + }, + "DenyAssignmentListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/DenyAssignment" + }, + "description": "Deny assignment list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Deny assignment list operation result." + }, + "DenyAssignmentPermission": { + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Actions to which the deny assignment does not grant access." + }, + "notActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Actions to exclude from that the deny assignment does not grant access." + }, + "dataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Data actions to which the deny assignment does not grant access." + }, + "notDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Data actions to exclude from that the deny assignment does not grant access." + }, + "condition": { + "type": "string", + "description": "The conditions on the Deny assignment permission. This limits the resources it applies to." + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition." + } + }, + "type": "object", + "description": "Deny assignment permissions." + } + }, + "parameters": { + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "FilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all deny assignments at or above the scope. Use $filter=denyAssignmentName eq '{name}' to search deny assignments by name at specified scope. Use $filter=principalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. Use $filter=gdprExportPrincipalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. This filter is different from the principalId filter as it returns not only those deny assignments that contain the specified principal is the Principals list but also those deny assignments that contain the specified principal is the ExcludePrincipals list. Additionally, when gdprExportPrincipalId filter is used, only the deny assignment name and description properties are returned.", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json new file mode 100644 index 000000000000..6bfbe3b8a4b3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json @@ -0,0 +1,249 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2022-03-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These calls handle provider operations." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/providers/Microsoft.Authorization/providerOperations/{resourceProviderNamespace}": { + "get": { + "tags": [ + "ProviderOperationsMetadata" + ], + "operationId": "ProviderOperationsMetadata_Get", + "description": "Gets provider operations metadata for the specified resource provider.", + "parameters": [ + { + "$ref": "#/parameters/ResourceProviderNamespaceParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "name": "$expand", + "in": "query", + "required": false, + "type": "string", + "default": "resourceTypes", + "description": "Specifies whether to expand the values." + } + ], + "responses": { + "200": { + "description": "OK - Returns the operations metadata.", + "schema": { + "$ref": "#/definitions/ProviderOperationsMetadata" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "List provider operations metadata for resource provider": { + "$ref": "./examples/GetProviderOperationsRP.json" + } + } + } + }, + "/providers/Microsoft.Authorization/providerOperations": { + "get": { + "tags": [ + "ProviderOperationsMetadata" + ], + "operationId": "ProviderOperationsMetadata_List", + "description": "Gets provider operations metadata for all resource providers.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "name": "$expand", + "in": "query", + "required": false, + "type": "string", + "default": "resourceTypes", + "description": "Specifies whether to expand the values." + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of the operations metadata.", + "schema": { + "$ref": "#/definitions/ProviderOperationsMetadataListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List provider operations metadata for all resource providers": { + "$ref": "./examples/GetAllProviderOperations.json" + } + } + } + } + }, + "definitions": { + "ResourceType": { + "properties": { + "name": { + "type": "string", + "description": "The resource type name." + }, + "displayName": { + "type": "string", + "description": "The resource type display name." + }, + "operations": { + "type": "array", + "items": { + "$ref": "#/definitions/ProviderOperation" + }, + "x-ms-identifiers": [], + "description": "The resource type operations." + } + }, + "type": "object", + "description": "Resource Type" + }, + "ProviderOperation": { + "properties": { + "name": { + "type": "string", + "description": "The operation name." + }, + "displayName": { + "type": "string", + "description": "The operation display name." + }, + "description": { + "type": "string", + "description": "The operation description." + }, + "origin": { + "type": "string", + "description": "The operation origin." + }, + "properties": { + "type": "object", + "x-ms-client-flatten": true, + "description": "The operation properties." + }, + "isDataAction": { + "type": "boolean", + "description": "The dataAction flag to specify the operation type." + } + }, + "type": "object", + "description": "Operation" + }, + "ProviderOperationsMetadata": { + "properties": { + "id": { + "type": "string", + "description": "The provider id." + }, + "name": { + "type": "string", + "description": "The provider name." + }, + "type": { + "type": "string", + "description": "The provider type." + }, + "displayName": { + "type": "string", + "description": "The provider display name." + }, + "resourceTypes": { + "type": "array", + "items": { + "$ref": "#/definitions/ResourceType" + }, + "x-ms-identifiers": [ + "name" + ], + "description": "The provider resource types" + }, + "operations": { + "type": "array", + "items": { + "$ref": "#/definitions/ProviderOperation" + }, + "x-ms-identifiers": [], + "description": "The provider operations." + } + }, + "type": "object", + "description": "Provider Operations metadata" + }, + "ProviderOperationsMetadataListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/ProviderOperationsMetadata" + }, + "description": "The list of providers." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Provider operations metadata list" + } + }, + "parameters": { + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json new file mode 100644 index 000000000000..99464ae3c1a8 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json @@ -0,0 +1,730 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2022-03-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForSubscription", + "description": "List all role assignments that apply to a subscription.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentFilterParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List role assignments for subscription": { + "$ref": "./examples/RoleAssignments_ListForSubscription.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForResourceGroup", + "description": "List all role assignments that apply to a resource group.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentFilterParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List role assignments for resource group": { + "$ref": "./examples/RoleAssignments_ListForResourceGroup.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForResource", + "description": "List all role assignments that apply to a resource.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./common-types.json#/parameters/ResourceProviderNamespaceParameter" + }, + { + "$ref": "./common-types.json#/parameters/ResourceTypeParameter" + }, + { + "$ref": "./common-types.json#/parameters/ResourceNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentFilterParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List role assignments for a resource": { + "$ref": "./examples/RoleAssignments_ListForResource.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Get", + "description": "Get a role assignment by scope and name.", + "parameters": [ + { + "$ref": "./common-types.json#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get role assignment by scope and name": { + "$ref": "./examples/RoleAssignments_Get.json" + } + } + }, + "put": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Create", + "description": "Create or update a role assignment by scope and name.", + "parameters": [ + { + "$ref": "./common-types.json#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentNameParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentCreateParameters" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "200": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Create role assignment for subscription": { + "$ref": "./examples/RoleAssignments_CreateForSubscription.json" + }, + "Create role assignment for resource group": { + "$ref": "./examples/RoleAssignments_CreateForResourceGroup.json" + }, + "Create role assignment for resource": { + "$ref": "./examples/RoleAssignments_CreateForResource.json" + } + } + }, + "delete": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Delete", + "description": "Delete a role assignment by scope and name.", + "parameters": [ + { + "$ref": "./common-types.json#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns the deleted role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "204": { + "description": "Role assignment was already deleted or does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Delete role assignment": { + "$ref": "./examples/RoleAssignments_Delete.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForScope", + "description": "List all role assignments that apply to a scope.", + "parameters": [ + { + "$ref": "./common-types.json#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentFilterParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "List role assignments for scope": { + "$ref": "./examples/RoleAssignments_ListForScope.json" + } + } + } + }, + "/{roleAssignmentId}": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_GetById", + "description": "Get a role assignment by ID.", + "parameters": [ + { + "$ref": "#/parameters/RoleAssignmentIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get role assignment by ID": { + "$ref": "./examples/RoleAssignments_GetById.json" + } + } + }, + "put": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_CreateById", + "description": "Create or update a role assignment by ID.", + "parameters": [ + { + "$ref": "#/parameters/RoleAssignmentIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/RoleAssignmentCreateParameters" + } + ], + "responses": { + "201": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "200": { + "description": "Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Create or update role assignment by ID": { + "$ref": "./examples/RoleAssignments_CreateById.json" + } + } + }, + "delete": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_DeleteById", + "description": "Delete a role assignment by ID.", + "parameters": [ + { + "$ref": "#/parameters/RoleAssignmentIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TenantIdQueryParameter" + } + ], + "responses": { + "200": { + "description": "Returns the deleted role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + }, + "204": { + "description": "Role assignment already deleted or does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Delete role assignment by ID": { + "$ref": "./examples/RoleAssignments_DeleteById.json" + } + } + } + } + }, + "definitions": { + "ValidationResponseErrorInfo": { + "type": "object", + "description": "Failed validation result details", + "properties": { + "code": { + "readOnly": true, + "type": "string", + "description": "Error code indicating why validation failed" + }, + "message": { + "readOnly": true, + "type": "string", + "description": "Message indicating why validation failed" + } + } + }, + "ValidationResponse": { + "type": "object", + "description": "Validation response", + "properties": { + "isValid": { + "readOnly": true, + "type": "boolean", + "description": "Whether or not validation succeeded" + }, + "errorInfo": { + "description": "Failed validation result details", + "$ref": "#/definitions/ValidationResponseErrorInfo" + } + } + }, + "RoleAssignmentFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment of the specific principal." + } + }, + "type": "object", + "description": "Role Assignments filter" + }, + "RoleAssignmentListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignment" + }, + "description": "Role assignment list." + }, + "nextLink": { + "readOnly": true, + "type": "string", + "description": "The skipToken to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role assignment list operation result." + }, + "RoleAssignmentProperties": { + "properties": { + "scope": { + "readOnly": true, + "type": "string", + "description": "The role assignment scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup" + ], + "default": "User", + "x-ms-enum": { + "name": "PrincipalType", + "modelAsString": true + } + }, + "description": { + "type": "string", + "description": "Description of role assignment" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently the only accepted value is '2.0'" + }, + "createdOn": { + "readOnly": true, + "type": "string", + "description": "Time it was created", + "format": "date-time" + }, + "updatedOn": { + "readOnly": true, + "type": "string", + "description": "Time it was updated", + "format": "date-time" + }, + "createdBy": { + "readOnly": true, + "type": "string", + "description": "Id of the user who created the assignment" + }, + "updatedBy": { + "readOnly": true, + "type": "string", + "description": "Id of the user who updated the assignment" + }, + "delegatedManagedIdentityResourceId": { + "type": "string", + "description": "Id of the delegated managed identity resource" + } + }, + "required": [ + "roleDefinitionId", + "principalId" + ], + "type": "object", + "description": "Role assignment properties." + }, + "RoleAssignment": { + "x-ms-azure-resource": true, + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentProperties", + "description": "Role assignment properties." + } + }, + "type": "object", + "description": "Role Assignments" + }, + "RoleAssignmentCreateParameters": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentProperties", + "description": "Role assignment properties." + } + }, + "required": [ + "properties" + ], + "type": "object", + "description": "Role assignment create parameters." + } + }, + "parameters": { + "RoleAssignmentFilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "RoleAssignmentNameParameter": { + "name": "roleAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment. It can be any valid GUID.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "RoleAssignmentIdParameter": { + "name": "roleAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The fully qualified ID of the role assignment including scope, resource name, and resource type. Format: /{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}. Example: /subscriptions//resourcegroups//providers/Microsoft.Authorization/roleAssignments/", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "RoleAssignmentCreateParameters": { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentCreateParameters" + }, + "description": "Parameters for the role assignment.", + "x-ms-parameter-location": "method" + }, + "TenantIdQueryParameter": { + "name": "tenantId", + "in": "query", + "required": false, + "type": "string", + "description": "Tenant ID for cross-tenant request", + "x-ms-parameter-location": "method" + }, + "PaginationSkipToken":{ + "name": "$skipToken", + "in": "query", + "required": false, + "type": "string", + "description": "The skipToken to apply on the operation. Use $skipToken={skiptoken} to return paged role assignments following the skipToken passed. Only supported on provider level calls.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json new file mode 100644 index 000000000000..d228a760b42e --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json @@ -0,0 +1,550 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2022-03-01", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations allow you to manage role definitions. A role definition describes the set of actions that can be performed on resources." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Authorization/permissions": { + "get": { + "tags": [ + "Permissions" + ], + "operationId": "Permissions_ListForResourceGroup", + "description": "Gets all permissions the caller has for a resource group.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of permissions.", + "schema": { + "$ref": "#/definitions/PermissionGetResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List permissions for resource group": { + "$ref": "./examples/GetPermissions.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/permissions": { + "get": { + "tags": [ + "Permissions" + ], + "operationId": "Permissions_ListForResource", + "description": "Gets all permissions the caller has for a resource.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./common-types.json#/parameters/ResourceProviderNamespaceParameter" + }, + { + "name": "parentResourcePath", + "in": "path", + "required": true, + "type": "string", + "description": "The parent resource identity.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type of the resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource to get the permissions for." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of permissions.", + "schema": { + "$ref": "#/definitions/PermissionGetResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List permissions for resource": { + "$ref": "./examples/GetResourcePermissions.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}": { + "delete": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_Delete", + "description": "Deletes a role definition.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role definition to delete." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + }, + "204": { + "description": "Role definition already deleted or does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Delete role definition": { + "$ref": "./examples/DeleteRoleDefinition.json" + } + } + }, + "get": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_Get", + "description": "Get role definition by name (GUID).", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role definition." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get role definition by name": { + "$ref": "./examples/GetRoleDefinitionByName.json" + } + } + }, + "put": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_CreateOrUpdate", + "description": "Creates or updates a role definition.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role definition." + }, + { + "name": "roleDefinition", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleDefinition" + }, + "description": "The values for the role definition." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Create role definition": { + "$ref": "./examples/PutRoleDefinition.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleDefinitions": { + "get": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_List", + "description": "Get all role definitions that are applicable at scope and above.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role definitions.", + "schema": { + "$ref": "#/definitions/RoleDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleDefinitionFilter", + "x-ms-examples": { + "List role definitions for scope": { + "$ref": "./examples/GetRoleDefinitionAtScope.json" + } + } + } + } + }, + "x-ms-paths": { + "/{roleId}?disambiguation_dummy": { + "get": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_GetById", + "description": "Gets a role definition by ID.", + "parameters": [ + { + "name": "roleId", + "in": "path", + "required": true, + "type": "string", + "description": "The fully qualified role definition ID. Use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for subscription level role definitions, or /providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for tenant level role definitions.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get role definition by ID": { + "$ref": "./examples/GetRoleDefinitionById.json" + } + } + } + } + }, + "definitions": { + "RoleDefinitionFilter": { + "properties": { + "roleName": { + "type": "string", + "description": "Returns role definition with the specific name." + }, + "type": { + "type": "string", + "description": "Returns role definition with the specific type." + } + }, + "type": "object", + "description": "Role Definitions filter" + }, + "RoleDefinitionProperties": { + "properties": { + "roleName": { + "type": "string", + "description": "The role name." + }, + "description": { + "type": "string", + "description": "The role definition description." + }, + "type": { + "type": "string", + "description": "The role type.", + "x-ms-client-name": "roleType" + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/definitions/Permission" + }, + "x-ms-identifiers": [], + "description": "Role definition permissions." + }, + "assignableScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Role definition assignable scopes." + } + }, + "type": "object", + "description": "Role definition properties." + }, + "RoleDefinition": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role definition ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role definition name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role definition type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleDefinitionProperties", + "description": "Role definition properties." + } + }, + "type": "object", + "description": "Role definition." + }, + "RoleDefinitionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleDefinition" + }, + "description": "Role definition list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role definition list operation result." + }, + "PermissionGetResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Permission" + }, + "x-ms-identifiers": [], + "description": "An array of permissions." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Permissions information." + }, + "Permission": { + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed actions." + }, + "notActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied actions." + }, + "dataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed Data actions." + }, + "notDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied Data actions." + } + }, + "type": "object", + "description": "Role definition permissions." + } + }, + "parameters": { + "FilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all deny assignments at or above the scope. Use $filter=denyAssignmentName eq '{name}' to search deny assignments by name at specified scope. Use $filter=principalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. Use $filter=gdprExportPrincipalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. This filter is different from the principalId filter as it returns not only those deny assignments that contain the specified principal is the Principals list but also those deny assignments that contain the specified principal is the ExcludePrincipals list. Additionally, when gdprExportPrincipalId filter is used, only the deny assignment name and description properties are returned.", + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json new file mode 100644 index 000000000000..2419a2f1dc11 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json @@ -0,0 +1,116 @@ +{ + "swagger": "2.0", + "info": { + "version": "2022-03-01", + "title": "AuthorizationManagementClient" + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": {}, + "definitions": { + "Permission": { + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed actions." + }, + "notActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied actions." + }, + "dataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed Data actions." + }, + "notDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied Data actions." + } + }, + "type": "object", + "description": "Role definition permissions." + }, + "Principal": { + "readOnly": true, + "type": "object", + "description": "The name of the entity last modified it", + "properties": { + "id": { + "type": "string", + "description": "The id of the principal made changes" + }, + "displayName": { + "type": "string", + "description": "The name of the principal made changes" + }, + "type": { + "type": "string", + "description": "Type of principal such as user , group etc" + }, + "email": { + "type": "string", + "description": "Email of principal" + } + } + } + }, + "parameters": { + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ResourceTypeParameter": { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites).", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ResourceNameParameter": { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The resource name.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ScopeParameter": { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json new file mode 100644 index 000000000000..6a7897f3acea --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "scope": "scope", + "roleDefinitionId": "roleDefinitionId", + "api-version": "2018-01-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + }, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json new file mode 100644 index 000000000000..f937102934e1 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json @@ -0,0 +1,50 @@ +{ + "parameters": { + "subscriptionId": "subId", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "action" + ], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json new file mode 100644 index 000000000000..bab4ea4239ae --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json @@ -0,0 +1,27 @@ +{ + "parameters": { + "api-version": "2017-05-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "id", + "name": "name", + "type": "type", + "displayName": "displayName", + "resourceTypes": [ + { + "name": "name", + "displayName": "name", + "operations": [] + } + ], + "operations": [] + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json new file mode 100644 index 000000000000..5de808a9bbfe --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json @@ -0,0 +1,44 @@ +{ + "parameters": { + "denyAssignmentId": "subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/daId", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId/resourcegroups/rgname", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/daId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "daId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json new file mode 100644 index 000000000000..6147613acad3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json @@ -0,0 +1,45 @@ +{ + "parameters": { + "scope": "subscriptions/subId/resourcegroups/rgname", + "denyAssignmentId": "denyAssignmentId", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId/resourcegroups/rgname", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json new file mode 100644 index 000000000000..6f15c938febf --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json @@ -0,0 +1,50 @@ +{ + "parameters": { + "scope": "subscriptions/subId", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "action" + ], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json new file mode 100644 index 000000000000..071a5c474d06 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "subscriptionId": "subId", + "resourceGroupName": "rgname", + "resourceProviderNamespace": "resourceProviderNamespace", + "parentResourcePath": "parentResourcePath", + "resourceType": "resourceType", + "resourceName": "resourceName", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "action" + ], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId/resourcegroups/rgname/providers/resourceProviderNamespace/parentResourcePath/resourceType/resourceName", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/resourcegroups/rgname/providers/resourceProviderNamespace/parentResourcePath/resourceType/resourceName/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json new file mode 100644 index 000000000000..b98b4a37b190 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "subscriptionId": "subId", + "resourceGroupName": "rgname", + "api-version": "2018-07-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "denyAssignmentName": "Deny assignment name", + "description": "Deny assignment description", + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "action" + ], + "notDataActions": [] + } + ], + "scope": "/subscriptions/subId/resourcegroups/rgname", + "doNotApplyToChildScopes": false, + "principals": [ + { + "id": "principalId1", + "type": "principalType1" + } + ], + "excludePrincipals": [ + { + "id": "principalId2", + "type": "principalType2" + } + ], + "isSystemProtected": true + }, + "id": "/subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/denyAssignmentId", + "type": "Microsoft.Authorization/denyAssignments", + "name": "denyAssignmentId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json new file mode 100644 index 000000000000..1c236f7351e5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "resourceGroupName": "rgname", + "subscriptionId": "subID", + "api-version": "2015-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "actions": [], + "notActions": [], + "dataActions": [], + "notDataActions": [] + } + ], + "nextLink": "nextlink" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json new file mode 100644 index 000000000000..7234dcc68c7b --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "resourceProviderNamespace": "resourceProviderNamespace", + "api-version": "2017-05-01" + }, + "responses": { + "200": { + "body": { + "id": "id", + "name": "name", + "type": "type", + "displayName": "displayName", + "resourceTypes": [ + { + "name": "name", + "displayName": "name", + "operations": [] + } + ], + "operations": [] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json new file mode 100644 index 000000000000..7b2f534e9680 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json @@ -0,0 +1,23 @@ +{ + "parameters": { + "subscriptionId": "subId", + "resourceGroupName": "rgname", + "resourceProviderNamespace": "rpnamespace", + "parentResourcePath": "parentResourcePath", + "resourceType": "resourceType", + "resourceName": "resourceName", + "api-version": "2015-07-01" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "actions": [], + "notActions": [] + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json new file mode 100644 index 000000000000..52bb30d4f8cf --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json @@ -0,0 +1,39 @@ +{ + "parameters": { + "scope": "scope", + "api-version": "2018-01-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json new file mode 100644 index 000000000000..171c113267de --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json @@ -0,0 +1,35 @@ +{ + "parameters": { + "roleId": "roleDefinitionId", + "api-version": "2018-01-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json new file mode 100644 index 000000000000..208ea4688b3c --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json @@ -0,0 +1,36 @@ +{ + "parameters": { + "scope": "scope", + "roleDefinitionId": "roleDefinitionId", + "api-version": "2018-01-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json new file mode 100644 index 000000000000..a282b3a0de35 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json @@ -0,0 +1,61 @@ +{ + "parameters": { + "scope": "scope", + "roleDefinitionId": "roleDefinitionId", + "roleDefinition": {}, + "body": { + "roleDefinition": { + "roleName": "Role name", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ], + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + }, + "api-version": "2018-01-01-preview" + }, + "responses": { + "201": { + "body": { + "properties": { + "roleName": "Role name", + "type": "roletype", + "description": "Role description", + "assignableScopes": [ + "/subscriptions/subId" + ], + "permissions": [ + { + "actions": [ + "action" + ], + "notActions": [], + "dataActions": [ + "dataAction" + ], + "notDataActions": [] + } + ] + }, + "id": "/subscriptions/subID/providers/Microsoft.Authorization/roleDefinitions/roleDefinitionId", + "type": "Microsoft.Authorization/roleDefinitions", + "name": "roleDefinitionId" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json new file mode 100644 index 000000000000..b172307d1b28 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json @@ -0,0 +1,41 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json new file mode 100644 index 000000000000..11ded8825d3a --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json new file mode 100644 index 000000000000..37a69263995f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json new file mode 100644 index 000000000000..60c5abcccc2c --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json new file mode 100644 index 000000000000..d8b002860e45 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json @@ -0,0 +1,23 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + }, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json new file mode 100644 index 000000000000..a414596e76e5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + }, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json new file mode 100644 index 000000000000..93052cf0c395 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json new file mode 100644 index 000000000000..a5d8de87a3ad --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json @@ -0,0 +1,21 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json new file mode 100644 index 000000000000..85683823c41f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "resourceGroupName": "testrg", + "resourceProviderNamespace": "Microsoft.DocumentDb", + "resourceType": "databaseAccounts", + "resourceName": "test-db-account", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + }, + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/96786e4b-dede-4c2e-8736-8ab911987f08", + "type": "Microsoft.Authorization/roleAssignments", + "name": "96786e4b-dede-4c2e-8736-8ab911987f08" + }, + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json new file mode 100644 index 000000000000..80054fb926d5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "resourceGroupName": "testrg", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + }, + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/96786e4b-dede-4c2e-8736-8ab911987f08", + "type": "Microsoft.Authorization/roleAssignments", + "name": "96786e4b-dede-4c2e-8736-8ab911987f08" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json new file mode 100644 index 000000000000..fde73619393d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json new file mode 100644 index 000000000000..91082f6498b2 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json new file mode 100644 index 000000000000..7f5a3391adf5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": false, + "errorInfo": { + "code": "InvalidRoleDefinitionId", + "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." + } + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json new file mode 100644 index 000000000000..e533ed6a6352 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": true + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json new file mode 100644 index 000000000000..9fdd04ebcaf5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": false, + "errorInfo": { + "code": "InvalidRoleDefinitionId", + "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." + } + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json new file mode 100644 index 000000000000..c6065de7bdae --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json @@ -0,0 +1,21 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": true + } + } + } +} From 143dcc8e7b3c184d43d2756fc420ff534d9a50a1 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Wed, 16 Feb 2022 11:03:10 -0800 Subject: [PATCH 14/22] add changes to readme --- .../resource-manager/readme.csharp.md | 12 +++ .../authorization/resource-manager/readme.md | 79 ++++++++++++------- 2 files changed, 64 insertions(+), 27 deletions(-) diff --git a/specification/authorization/resource-manager/readme.csharp.md b/specification/authorization/resource-manager/readme.csharp.md index b2467c1c74d4..b629db5260d0 100644 --- a/specification/authorization/resource-manager/readme.csharp.md +++ b/specification/authorization/resource-manager/readme.csharp.md @@ -132,4 +132,16 @@ output-folder: $(csharp-sdks-folder)/Authorization/Management.Authorization/$(cs batch: - tag: package-2020-10-01-preview + ``` + +### Profile: profile_2022_03_01 + +These settings apply only when `--csharp-profile=profile_2022_03_01` is specified on the command line. + + ``` yaml $(csharp-profile)=='profile_2022_03_01' +namespace: Microsoft.Azure.Management.Profiles.$(csharp-profile).Authorization +output-folder: $(csharp-sdks-folder)/Authorization/Management.Authorization/$(csharp-profile)/Generated + +batch: + - tag: package-2022-03-01 ``` \ No newline at end of file diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index ada09dcfb8a6..34f85a874a3e 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -26,7 +26,7 @@ These are the global settings for the Authorization API. ``` yaml openapi-type: arm -tag: package-preview-2021-11 +tag: package-2022-03-01 ``` ### Suppression @@ -82,36 +82,19 @@ directive: reason: common-types doesn't need to reference api version. ``` -### Tag: package-2020-10-01 +### Tag: package-2022-04-01 -These settings apply only when `--tag=package-2020-10-01` is specified on the command line. +These settings apply only when `--tag=package-2022-04-01` is specified on the command line. -``` yaml $(tag) == 'package-2020-10-01' +``` yaml $(tag) == 'package-2022-04-01' input-file: -- Microsoft.Authorization/stable/2015-07-01/authorization-RoleDefinitionsCalls.json -- Microsoft.Authorization/stable/2015-07-01/authorization-ProviderOperationsCalls.json -- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json -- Microsoft.Authorization/stable/2015-07-01/authorization-RoleAssignmentsCalls.json - Microsoft.Authorization/stable/2015-07-01/authorization-ClassicAdminCalls.json -- Microsoft.Authorization/stable/2020-10-01/common-types.json -- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json -- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json -- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json -- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json -- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json -- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json -- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json -- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json -- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json -``` - -### Tag: package-2020-10-01-only - -These settings apply only when `--tag=package-2020-10-01-only` is specified on the command line. - -``` yaml $(tag) == 'package-2020-10-01-only' -input-file: -- Microsoft.Authorization/stable/2020-10-01/common-types.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json +- Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json +- Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json +- Microsoft.Authorization/stable/2022-04-01/common-types.json - Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json - Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json - Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json @@ -133,6 +116,7 @@ input-file: - Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json ``` + ### Tag: package-preview-2021-11 These settings apply only when `--tag=package-preview-2021-11` is specified on the command line. @@ -168,6 +152,47 @@ input-file: - Microsoft.Authorization/preview/2021-01-01-preview/authorization-RoleAssignmentApprovalCalls.json ``` +### Tag: package-2020-10-01 + +These settings apply only when `--tag=package-2020-10-01` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01' +input-file: +- Microsoft.Authorization/stable/2015-07-01/authorization-RoleDefinitionsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ClassicAdminCalls.json +- Microsoft.Authorization/stable/2020-10-01/common-types.json +- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +``` + +### Tag: package-2020-10-01-only + +These settings apply only when `--tag=package-2020-10-01-only` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01-only' +input-file: +- Microsoft.Authorization/stable/2020-10-01/common-types.json +- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +``` + ### Tag: package-2020-10-01-preview These settings apply only when `--tag=package-2020-10-01-preview` is specified on the command line. From 73fe7d4136b5c81f13b31c1c5eaed957b016eb79 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Wed, 16 Feb 2022 11:16:58 -0800 Subject: [PATCH 15/22] fiz avocado --- .../RoleAssignments_ValidateByIdInvalid.json | 24 ------------------ .../RoleAssignments_ValidateByIdValid.json | 20 --------------- .../RoleAssignments_ValidateInvalid.json | 25 ------------------- .../RoleAssignments_ValidateValid.json | 21 ---------------- 4 files changed, 90 deletions(-) delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json deleted file mode 100644 index 7f5a3391adf5..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdInvalid.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "parameters": { - "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview", - "parameters": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": false, - "errorInfo": { - "code": "InvalidRoleDefinitionId", - "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." - } - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json deleted file mode 100644 index e533ed6a6352..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateByIdValid.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "parameters": { - "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview", - "parameters": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": true - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json deleted file mode 100644 index 9fdd04ebcaf5..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateInvalid.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", - "parameters": { - "properties": { - "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": false, - "errorInfo": { - "code": "InvalidRoleDefinitionId", - "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." - } - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json deleted file mode 100644 index c6065de7bdae..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ValidateValid.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", - "parameters": { - "properties": { - "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": true - } - } - } -} From 7c648e8caef025dc3e31b027b526f2453975f1f8 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Wed, 16 Feb 2022 11:59:17 -0800 Subject: [PATCH 16/22] prettier --- .../stable/2022-03-01/authorization-DenyAssignmentCalls.json | 1 + .../2022-03-01/authorization-ProviderOperationsCalls.json | 2 +- .../stable/2022-03-01/authorization-RoleAssignmentsCalls.json | 4 ++-- .../stable/2022-03-01/authorization-RoleDefinitionsCalls.json | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json index b787aa6e7ffb..519416d6581d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json @@ -367,6 +367,7 @@ "items": { "$ref": "#/definitions/DenyAssignmentPermission" }, + "x-ms-identifiers": [], "description": "An array of permissions that are denied by the deny assignment." }, "scope": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json index 6bfbe3b8a4b3..b8adcd5de41c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json @@ -246,4 +246,4 @@ "x-ms-parameter-location": "method" } } -} \ No newline at end of file +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json index 99464ae3c1a8..029eebb70989 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json @@ -717,7 +717,7 @@ "description": "Tenant ID for cross-tenant request", "x-ms-parameter-location": "method" }, - "PaginationSkipToken":{ + "PaginationSkipToken": { "name": "$skipToken", "in": "query", "required": false, @@ -727,4 +727,4 @@ "x-ms-parameter-location": "method" } } -} \ No newline at end of file +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json index d228a760b42e..f0199b9d2c38 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json @@ -547,4 +547,4 @@ "x-ms-parameter-location": "method" } } -} \ No newline at end of file +} From 8cfbb5f3f32f88e73d0e4735a7af45057777833a Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Thu, 31 Mar 2022 15:26:30 -0700 Subject: [PATCH 17/22] start transition to 2022-04 --- .../authorization-DenyAssignmentCalls.json | 0 .../authorization-ProviderOperationsCalls.json | 0 .../authorization-RoleAssignmentsCalls.json | 0 .../authorization-RoleDefinitionsCalls.json | 0 .../stable/{2022-03-01 => 2022-04-01}/common-types.json | 0 .../examples/DeleteRoleDefinition.json | 0 .../examples/GetAllDenyAssignments.json | 0 .../examples/GetAllProviderOperations.json | 0 .../examples/GetDenyAssignmentById.json | 0 .../examples/GetDenyAssignmentByNameId.json | 0 .../examples/GetDenyAssignmentByScope.json | 0 .../examples/GetDenyAssignmentsForResource.json | 0 .../examples/GetDenyAssignmentsForResourceGroup.json | 0 .../examples/GetPermissions.json | 0 .../examples/GetProviderOperationsRP.json | 0 .../examples/GetResourcePermissions.json | 0 .../examples/GetRoleDefinitionAtScope.json | 0 .../examples/GetRoleDefinitionById.json | 0 .../examples/GetRoleDefinitionByName.json | 0 .../examples/PutRoleDefinition.json | 0 .../examples/RoleAssignments_CreateById.json | 0 .../examples/RoleAssignments_CreateForResource.json | 0 .../examples/RoleAssignments_CreateForResourceGroup.json | 0 .../examples/RoleAssignments_CreateForSubscription.json | 0 .../examples/RoleAssignments_Delete.json | 0 .../examples/RoleAssignments_DeleteById.json | 0 .../examples/RoleAssignments_Get.json | 0 .../examples/RoleAssignments_GetById.json | 0 .../examples/RoleAssignments_ListForResource.json | 0 .../examples/RoleAssignments_ListForResourceGroup.json | 0 .../examples/RoleAssignments_ListForScope.json | 0 .../examples/RoleAssignments_ListForSubscription.json | 0 .../authorization/resource-manager/readme.csharp.md | 8 ++++---- 33 files changed, 4 insertions(+), 4 deletions(-) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/authorization-DenyAssignmentCalls.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/authorization-ProviderOperationsCalls.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/authorization-RoleAssignmentsCalls.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/authorization-RoleDefinitionsCalls.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/common-types.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/DeleteRoleDefinition.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetAllDenyAssignments.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetAllProviderOperations.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentByNameId.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentByScope.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentsForResource.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetDenyAssignmentsForResourceGroup.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetPermissions.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetProviderOperationsRP.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetResourcePermissions.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetRoleDefinitionAtScope.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetRoleDefinitionById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/GetRoleDefinitionByName.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/PutRoleDefinition.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_CreateById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_CreateForResource.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_CreateForResourceGroup.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_CreateForSubscription.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_Delete.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_DeleteById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_Get.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_GetById.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_ListForResource.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_ListForResourceGroup.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_ListForScope.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/stable/{2022-03-01 => 2022-04-01}/examples/RoleAssignments_ListForSubscription.json (100%) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-DenyAssignmentCalls.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-ProviderOperationsCalls.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleAssignmentsCalls.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/authorization-RoleDefinitionsCalls.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/common-types.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/DeleteRoleDefinition.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllDenyAssignments.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetAllProviderOperations.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByNameId.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentByScope.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResource.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetDenyAssignmentsForResourceGroup.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetPermissions.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetProviderOperationsRP.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetResourcePermissions.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionAtScope.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/GetRoleDefinitionByName.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/PutRoleDefinition.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResource.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForResourceGroup.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_CreateForSubscription.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Delete.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_DeleteById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_Get.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_GetById.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResource.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForResourceGroup.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForScope.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-03-01/examples/RoleAssignments_ListForSubscription.json rename to specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json diff --git a/specification/authorization/resource-manager/readme.csharp.md b/specification/authorization/resource-manager/readme.csharp.md index b629db5260d0..86a3f65c0ac3 100644 --- a/specification/authorization/resource-manager/readme.csharp.md +++ b/specification/authorization/resource-manager/readme.csharp.md @@ -134,14 +134,14 @@ batch: - tag: package-2020-10-01-preview ``` -### Profile: profile_2022_03_01 +### Profile: profile_2022_04_01 -These settings apply only when `--csharp-profile=profile_2022_03_01` is specified on the command line. +These settings apply only when `--csharp-profile=profile_2022_04_01` is specified on the command line. - ``` yaml $(csharp-profile)=='profile_2022_03_01' + ``` yaml $(csharp-profile)=='profile_2022_04_01' namespace: Microsoft.Azure.Management.Profiles.$(csharp-profile).Authorization output-folder: $(csharp-sdks-folder)/Authorization/Management.Authorization/$(csharp-profile)/Generated batch: - - tag: package-2022-03-01 + - tag: package-2022-04-01 ``` \ No newline at end of file From d891159fbaa0c0abce692a42fb377043f2a57f09 Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Thu, 31 Mar 2022 15:42:23 -0700 Subject: [PATCH 18/22] update version number --- .../stable/2022-04-01/authorization-DenyAssignmentCalls.json | 2 +- .../2022-04-01/authorization-ProviderOperationsCalls.json | 2 +- .../stable/2022-04-01/authorization-RoleAssignmentsCalls.json | 2 +- .../stable/2022-04-01/authorization-RoleDefinitionsCalls.json | 2 +- .../Microsoft.Authorization/stable/2022-04-01/common-types.json | 2 +- .../stable/2022-04-01/examples/DeleteRoleDefinition.json | 2 +- .../stable/2022-04-01/examples/GetAllDenyAssignments.json | 2 +- .../stable/2022-04-01/examples/GetAllProviderOperations.json | 2 +- .../stable/2022-04-01/examples/GetDenyAssignmentById.json | 2 +- .../stable/2022-04-01/examples/GetDenyAssignmentByNameId.json | 2 +- .../stable/2022-04-01/examples/GetDenyAssignmentByScope.json | 2 +- .../2022-04-01/examples/GetDenyAssignmentsForResource.json | 2 +- .../2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json | 2 +- .../stable/2022-04-01/examples/GetPermissions.json | 2 +- .../stable/2022-04-01/examples/GetProviderOperationsRP.json | 2 +- .../stable/2022-04-01/examples/GetResourcePermissions.json | 2 +- .../stable/2022-04-01/examples/GetRoleDefinitionAtScope.json | 2 +- .../stable/2022-04-01/examples/GetRoleDefinitionById.json | 2 +- .../stable/2022-04-01/examples/GetRoleDefinitionByName.json | 2 +- .../stable/2022-04-01/examples/PutRoleDefinition.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_CreateById.json | 2 +- .../2022-04-01/examples/RoleAssignments_CreateForResource.json | 2 +- .../examples/RoleAssignments_CreateForResourceGroup.json | 2 +- .../examples/RoleAssignments_CreateForSubscription.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_Delete.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_DeleteById.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_Get.json | 2 +- .../stable/2022-04-01/examples/RoleAssignments_GetById.json | 2 +- .../2022-04-01/examples/RoleAssignments_ListForResource.json | 2 +- .../examples/RoleAssignments_ListForResourceGroup.json | 2 +- .../2022-04-01/examples/RoleAssignments_ListForScope.json | 2 +- .../examples/RoleAssignments_ListForSubscription.json | 2 +- specification/authorization/resource-manager/readme.md | 2 +- 33 files changed, 33 insertions(+), 33 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json index 519416d6581d..ab4271f4a988 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-DenyAssignmentCalls.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2022-03-01", + "version": "2022-04-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to get deny assignments. A deny assignment describes the set of actions on resources that are denied for Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json index b8adcd5de41c..233a36b80ed0 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-ProviderOperationsCalls.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2022-03-01", + "version": "2022-04-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These calls handle provider operations." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json index 029eebb70989..02c83730a92f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2022-03-01", + "version": "2022-04-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json index f0199b9d2c38..6ab9858f7a32 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2022-03-01", + "version": "2022-04-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations allow you to manage role definitions. A role definition describes the set of actions that can be performed on resources." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json index 2419a2f1dc11..69931818034b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json @@ -1,7 +1,7 @@ { "swagger": "2.0", "info": { - "version": "2022-03-01", + "version": "2022-04-01", "title": "AuthorizationManagementClient" }, "securityDefinitions": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json index 6a7897f3acea..a0de0e85d339 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/DeleteRoleDefinition.json @@ -2,7 +2,7 @@ "parameters": { "scope": "scope", "roleDefinitionId": "roleDefinitionId", - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json index f937102934e1..f97708a40ed0 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllDenyAssignments.json @@ -1,7 +1,7 @@ { "parameters": { "subscriptionId": "subId", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json index bab4ea4239ae..deeb1f8701af 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetAllProviderOperations.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2017-05-01" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json index 5de808a9bbfe..5d2c240c1aba 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentById.json @@ -1,7 +1,7 @@ { "parameters": { "denyAssignmentId": "subscriptions/subId/resourcegroups/rgname/providers/Microsoft.Authorization/denyAssignments/daId", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json index 6147613acad3..429ea8cdb7a2 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByNameId.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/subId/resourcegroups/rgname", "denyAssignmentId": "denyAssignmentId", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json index 6f15c938febf..370b2cf24ad4 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentByScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/subId", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json index 071a5c474d06..5494cb622b5d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResource.json @@ -6,7 +6,7 @@ "parentResourcePath": "parentResourcePath", "resourceType": "resourceType", "resourceName": "resourceName", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json index b98b4a37b190..fe570ce9efaf 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetDenyAssignmentsForResourceGroup.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "subId", "resourceGroupName": "rgname", - "api-version": "2018-07-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json index 1c236f7351e5..cca798f2f4c7 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetPermissions.json @@ -2,7 +2,7 @@ "parameters": { "resourceGroupName": "rgname", "subscriptionId": "subID", - "api-version": "2015-07-01" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json index 7234dcc68c7b..527519a3ce68 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetProviderOperationsRP.json @@ -1,7 +1,7 @@ { "parameters": { "resourceProviderNamespace": "resourceProviderNamespace", - "api-version": "2017-05-01" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json index 7b2f534e9680..e8236c21e9b3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetResourcePermissions.json @@ -6,7 +6,7 @@ "parentResourcePath": "parentResourcePath", "resourceType": "resourceType", "resourceName": "resourceName", - "api-version": "2015-07-01" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json index 52bb30d4f8cf..d8a2d799c716 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionAtScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "scope", - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json index 171c113267de..6bac7e410f4b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionById.json @@ -1,7 +1,7 @@ { "parameters": { "roleId": "roleDefinitionId", - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json index 208ea4688b3c..5dbec233d731 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/GetRoleDefinitionByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "scope", "roleDefinitionId": "roleDefinitionId", - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json index a282b3a0de35..104d71a2d1f3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/PutRoleDefinition.json @@ -27,7 +27,7 @@ "name": "roleDefinitionId" } }, - "api-version": "2018-01-01-preview" + "api-version": "2022-04-01" }, "responses": { "201": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json index b172307d1b28..9c6028ae5772 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateById.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview", + "api-version": "2022-04-01", "parameters": { "properties": { "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json index 11ded8825d3a..6fcca0cd292d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResource.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2022-04-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json index 37a69263995f..ca738cbc9ed4 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForResourceGroup.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2022-04-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json index 60c5abcccc2c..a13fefb962bb 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_CreateForSubscription.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2022-04-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json index d8b002860e45..ffbf366543b3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Delete.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json index a414596e76e5..66790d37b8e6 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_DeleteById.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json index 93052cf0c395..c8866df2f200 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_Get.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json index a5d8de87a3ad..e1dd75f88376 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_GetById.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json index 85683823c41f..0b91338b0139 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResource.json @@ -5,7 +5,7 @@ "resourceProviderNamespace": "Microsoft.DocumentDb", "resourceType": "databaseAccounts", "resourceName": "test-db-account", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json index 80054fb926d5..428b665a0e73 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForResourceGroup.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "resourceGroupName": "testrg", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json index fde73619393d..39ce0be373f4 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json index 91082f6498b2..f715b08b3d3c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/examples/RoleAssignments_ListForSubscription.json @@ -1,7 +1,7 @@ { "parameters": { "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 34f85a874a3e..15c7eb4af4aa 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -26,7 +26,7 @@ These are the global settings for the Authorization API. ``` yaml openapi-type: arm -tag: package-2022-03-01 +tag: package-2022-04-01 ``` ### Suppression From 55a8d5029356e550119ff8887256e048c32a4b06 Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Tue, 5 Apr 2022 14:08:42 -0700 Subject: [PATCH 19/22] merge common types from 2022-10-01 public --- .../stable/2022-04-01/common-types.json | 327 ++++++++++++++++++ 1 file changed, 327 insertions(+) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json index 69931818034b..1e4cc930b2e1 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/common-types.json @@ -73,6 +73,333 @@ "description": "Email of principal" } } + }, + "RoleManagementPolicyRule": { + "description": "The role management policy rule.", + "type": "object", + "required": [ + "ruleType" + ], + "discriminator": "ruleType", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/RoleManagementPolicyRuleType" + }, + "target": { + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", + "description": "The target of the current rule." + } + } + }, + "RoleManagementPolicyApprovalRule": { + "description": "The role management policy approval rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "setting": { + "$ref": "#/definitions/ApprovalSettings", + "description": "The approval setting" + } + } + }, + "ApprovalSettings": { + "description": "The approval settings.", + "type": "object", + "properties": { + "isApprovalRequired": { + "type": "boolean", + "description": "Determines whether approval is required or not." + }, + "isApprovalRequiredForExtension": { + "type": "boolean", + "description": "Determines whether approval is required for assignment extension." + }, + "isRequestorJustificationRequired": { + "type": "boolean", + "description": "Determine whether requestor justification is required." + }, + "approvalMode": { + "type": "string", + "description": "The type of rule", + "enum": [ + "SingleStage", + "Serial", + "Parallel", + "NoApproval" + ], + "x-ms-enum": { + "name": "ApprovalMode", + "modelAsString": true + } + }, + "approvalStages": { + "type": "array", + "items": { + "$ref": "#/definitions/ApprovalStage" + }, + "x-ms-identifiers": [], + "description": "The approval stages of the request." + } + } + }, + "ApprovalStage": { + "description": "The approval stage.", + "type": "object", + "properties": { + "approvalStageTimeOutInDays": { + "type": "integer", + "format": "int32", + "description": "The time in days when approval request would be timed out" + }, + "isApproverJustificationRequired": { + "type": "boolean", + "description": "Determines whether approver need to provide justification for his decision." + }, + "escalationTimeInMinutes": { + "type": "integer", + "format": "int32", + "description": "The time in minutes when the approval request would be escalated if the primary approver does not approve" + }, + "primaryApprovers": { + "type": "array", + "description": "The primary approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + }, + "isEscalationEnabled": { + "type": "boolean", + "description": "The value determine whether escalation feature is enabled." + }, + "escalationApprovers": { + "type": "array", + "description": "The escalation approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + } + } + }, + "UserSet": { + "description": "The detail of a user.", + "type": "object", + "properties": { + "userType": { + "type": "string", + "description": "The type of user.", + "enum": [ + "User", + "Group" + ], + "x-ms-enum": { + "name": "UserType", + "modelAsString": true + } + }, + "isBackup": { + "type": "boolean", + "description": "The value indicating whether the user is a backup fallback approver" + }, + "id": { + "type": "string", + "description": "The object id of the user." + }, + "description": { + "type": "string", + "description": "The description of the user." + } + } + }, + "RoleManagementPolicyAuthenticationContextRule": { + "description": "The role management policy authentication context rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "The value indicating if rule is enabled." + }, + "claimValue": { + "type": "string", + "description": "The claim value." + } + } + }, + "RoleManagementPolicyEnablementRule": { + "description": "The role management policy enablement rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "enabledRules": { + "type": "array", + "items": { + "type": "string", + "description": "The type of enablement rule", + "enum": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "x-ms-enum": { + "name": "EnablementRules", + "modelAsString": true + } + }, + "description": "The list of enabled rules." + } + } + }, + "RoleManagementPolicyExpirationRule": { + "description": "The role management policy expiration rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isExpirationRequired": { + "type": "boolean", + "description": "The value indicating whether expiration is required." + }, + "maximumDuration": { + "type": "string", + "description": "The maximum duration of expiration in timespan." + } + } + }, + "RoleManagementPolicyNotificationRule": { + "description": "The role management policy notification rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "notificationType": { + "type": "string", + "description": "The type of notification.", + "enum": [ + "Email" + ], + "x-ms-enum": { + "name": "NotificationDeliveryMechanism", + "modelAsString": true + } + }, + "notificationLevel": { + "type": "string", + "description": "The notification level.", + "enum": [ + "None", + "Critical", + "All" + ], + "x-ms-enum": { + "name": "NotificationLevel", + "modelAsString": true + } + }, + "recipientType": { + "type": "string", + "description": "The recipient type.", + "enum": [ + "Requestor", + "Approver", + "Admin" + ], + "x-ms-enum": { + "name": "RecipientType", + "modelAsString": true + } + }, + "notificationRecipients": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of notification recipients." + }, + "isDefaultRecipientsEnabled": { + "type": "boolean", + "description": "Determines if the notification will be sent to the recipient type specified in the policy rule." + } + } + }, + "RoleManagementPolicyRuleTarget": { + "description": "The role management policy rule target.", + "type": "object", + "properties": { + "caller": { + "type": "string", + "description": "The caller of the setting." + }, + "operations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The type of operation." + }, + "level": { + "type": "string", + "description": "The assignment level to which rule is applied." + }, + "targetObjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target objects." + }, + "inheritableSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of inheritable settings." + }, + "enforcedSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of enforced settings." + } + } + }, + "RoleManagementPolicyRuleType": { + "type": "string", + "description": "The type of rule", + "enum": [ + "RoleManagementPolicyApprovalRule", + "RoleManagementPolicyAuthenticationContextRule", + "RoleManagementPolicyEnablementRule", + "RoleManagementPolicyExpirationRule", + "RoleManagementPolicyNotificationRule" + ], + "x-ms-enum": { + "name": "RoleManagementPolicyRuleType", + "modelAsString": true + } } }, "parameters": { From 8c36ae358f18b76c4559515a21bdaa1e30e28ad5 Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Wed, 27 Apr 2022 16:25:17 -0700 Subject: [PATCH 20/22] remove device service principal type --- .../stable/2020-10-01/RoleAssignmentSchedule.json | 3 +-- .../stable/2020-10-01/RoleAssignmentScheduleInstance.json | 3 +-- .../stable/2020-10-01/RoleAssignmentScheduleRequest.json | 3 +-- .../stable/2020-10-01/RoleEligibilitySchedule.json | 3 +-- .../stable/2020-10-01/RoleEligibilityScheduleInstance.json | 3 +-- .../stable/2020-10-01/RoleEligibilityScheduleRequest.json | 3 +-- 6 files changed, 6 insertions(+), 12 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json index 63dbf6ac245d..de984ecfe4e1 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json @@ -175,8 +175,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json index db3b478005e3..fec0b61aa73e 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json @@ -179,8 +179,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json index 5482d52f453f..225c52a0bb9d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json @@ -338,8 +338,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json index c1ce76de975b..5f5f839e01d7 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json @@ -175,8 +175,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json index f7324ea02362..b4c8312da5d9 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json @@ -179,8 +179,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json index f519e06d0263..28f4468c888b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -338,8 +338,7 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup", - "Device" + "ForeignGroup" ], "x-ms-enum": { "name": "principalType", From 84ca989f2d30dc3f3a5b3fbd26b5f96183c5a43e Mon Sep 17 00:00:00 2001 From: "Daniel Orozco (HE/THEY)" Date: Mon, 2 May 2022 15:39:29 -0700 Subject: [PATCH 21/22] revert device type removal and add skip token parameter --- .../stable/2020-10-01/RoleAssignmentSchedule.json | 3 ++- .../stable/2020-10-01/RoleAssignmentScheduleInstance.json | 3 ++- .../stable/2020-10-01/RoleAssignmentScheduleRequest.json | 3 ++- .../stable/2020-10-01/RoleEligibilitySchedule.json | 3 ++- .../stable/2020-10-01/RoleEligibilityScheduleInstance.json | 3 ++- .../stable/2020-10-01/RoleEligibilityScheduleRequest.json | 3 ++- .../2022-04-01/authorization-RoleAssignmentsCalls.json | 6 +++++- 7 files changed, 17 insertions(+), 7 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json index de984ecfe4e1..63dbf6ac245d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json @@ -175,7 +175,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json index fec0b61aa73e..db3b478005e3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json @@ -179,7 +179,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json index 225c52a0bb9d..5482d52f453f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json @@ -338,7 +338,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json index 5f5f839e01d7..c1ce76de975b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json @@ -175,7 +175,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json index b4c8312da5d9..f7324ea02362 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json @@ -179,7 +179,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json index 28f4468c888b..f519e06d0263 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -338,7 +338,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "x-ms-enum": { "name": "principalType", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json index 02c83730a92f..872d7bf2be81 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json @@ -343,6 +343,9 @@ }, { "$ref": "#/parameters/TenantIdQueryParameter" + }, + { + "$ref": "#/parameters/PaginationSkipToken" } ], "responses": { @@ -575,7 +578,8 @@ "User", "Group", "ServicePrincipal", - "ForeignGroup" + "ForeignGroup", + "Device" ], "default": "User", "x-ms-enum": { From 689b9eee7bf0aeba5301ce69621ee2c8dae90cc4 Mon Sep 17 00:00:00 2001 From: zhihaoxue Date: Mon, 25 Jul 2022 14:54:29 -0700 Subject: [PATCH 22/22] update readme --- .../authorization/resource-manager/readme.md | 52 ++++++++++++++++++- 1 file changed, 51 insertions(+), 1 deletion(-) mode change 100644 => 100755 specification/authorization/resource-manager/readme.md diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md old mode 100644 new mode 100755 index a49452b5eb81..2f51ec816898 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -26,7 +26,7 @@ These are the global settings for the Authorization API. ``` yaml openapi-type: arm -tag: package-2022-04-01 +tag: package-2021-12-01-preview-only ``` ### Suppression @@ -82,6 +82,56 @@ directive: reason: common-types doesn't need to reference api version. ``` +### Tag: package-2021-12-01-preview-only + +These settings apply only when `--tag=package-2021-12-01-preview-only` is specified on the command line. + +``` yaml $(tag) == 'package-2021-12-01-preview-only' +input-file: +- Microsoft.Authorization/preview/2021-12-01-preview/authorization-AccessReviewCalls.json +``` + +### Tag: package-2020-10-01 + +These settings apply only when `--tag=package-2020-10-01` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01' +input-file: +- Microsoft.Authorization/stable/2015-07-01/authorization-RoleDefinitionsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ClassicAdminCalls.json +- Microsoft.Authorization/stable/2020-10-01/common-types.json +- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +``` + +### Tag: package-2020-10-01-only + +These settings apply only when `--tag=package-2020-10-01-only` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01-only' +input-file: +- Microsoft.Authorization/stable/2020-10-01/common-types.json +- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +``` + ### Tag: package-2022-04-01 These settings apply only when `--tag=package-2022-04-01` is specified on the command line.