Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assessment metadata API (Azure Security Center) #7622

Merged
merged 8 commits into from
Dec 5, 2019
Merged

Assessment metadata API (Azure Security Center) #7622

merged 8 commits into from
Dec 5, 2019

Conversation

eliagrady
Copy link
Member

@eliagrady eliagrady commented Oct 24, 2019
edited
Loading

Review summary:

Picked up from this PR:

  • added a "put" scenario and an example.
  • remove "secureScoreWeight" field
  • add "severity" field

Latest improvements:

MSFT employees can try out our new experience at OpenAPI Hub - one location for using our validation tools and finding your workflow.

Contribution checklist:

  • I have reviewed the documentation for the workflow.
  • Validation tools were run on swagger spec(s) and have all been fixed in this PR.
  • The OpenAPI Hub was used for checking validation status and next steps.

ARM API Review Checklist

  • Service team MUST add the "WaitForARMFeedback" label if the management plane API changes fall into one of the below categories.
  • adding/removing APIs.
  • adding/removing properties.
  • adding/removing API-version.
  • adding a new service in Azure.

Failure to comply may result in delays for manifest application. Note this does not apply to data plane APIs.

  • If you are blocked on ARM review and want to get the PR merged urgently, please get the ARM oncall for reviews (RP Manifest Approvers team under Azure Resource Manager service) from IcM and reach out to them.
    Please follow the link to find more details on API review process.

@openapi-sdkautomation
Copy link

openapi-sdkautomation bot commented Oct 24, 2019
edited
Loading

azure-sdk-for-python - Release

Pending...

@azuresdkci
Copy link
Contributor

Can one of the admins verify this patch?

@AutorestCI
Copy link

AutorestCI commented Oct 24, 2019
edited
Loading

Automation for azure-sdk-for-go

A PR has been created for you based on this PR content.

Once this PR will be merged, content will be added to your service PR:
Azure/azure-sdk-for-go#6454

This was referenced Oct 24, 2019
Open
Closed
@eliagrady eliagrady added the WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required label Oct 24, 2019
@AutorestCI AutorestCI mentioned this pull request Oct 24, 2019
Closed
chlahav
chlahav approved these changes Oct 29, 2019
View reviewed changes
...-01-01-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json Outdated Show resolved Hide resolved
.../preview/2019-01-01-preview/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json Outdated Show resolved Hide resolved
...-01-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json Outdated Show resolved Hide resolved
...-01-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json Outdated Show resolved Hide resolved
...-01-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json Outdated Show resolved Hide resolved
...-01-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json Outdated Show resolved Hide resolved
...preview/2019-01-01-preview/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json Show resolved Hide resolved
...urity/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json Outdated Show resolved Hide resolved
@AutorestCI
Copy link

AutorestCI commented Oct 31, 2019
edited
Loading

Automation for azure-sdk-for-python

A PR has been created for you based on this PR content.

Once this PR will be merged, content will be added to your service PR:
Azure/azure-sdk-for-python#8709

@eliagrady
Copy link
Member Author

@yungezz I've tidied the PR - please review

@chlahav
Copy link
Contributor

chlahav commented Nov 12, 2019

@yungezz can you please review?
we would really like to complete this PR

@AutorestCI AutorestCI mentioned this pull request Nov 12, 2019
Closed
@eliagrady eliagrady added ARM-overdue ARM review has not occurred within the expected timeframe ARM-Review-Issue and removed ARM-Review-Issue labels Nov 20, 2019
ryansbenson
ryansbenson reviewed Nov 21, 2019
View reviewed changes
...urity/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json Outdated Show resolved Hide resolved
...urity/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json
}
},
"paths": {
"/providers/Microsoft.Security/assessmentMetadata": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How are you handling RBAC of your tenant level API?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The tenant level API will be available for all to get the built in assessment metadata (similar to roleDefinitions or policyDefinitions)

...urity/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json
}
},
"/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
"get": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can these be created or only retrieved?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tenant level can only be retrieved (built ins)

...urity/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json Show resolved Hide resolved
...urity/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json Show resolved Hide resolved
...-01-preview/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json Show resolved Hide resolved
@ryansbenson ryansbenson added the ARMChangesRequested <valid label in PR review process>add this label when require changes after ARM review label Nov 21, 2019
ryansbenson
ryansbenson reviewed Nov 21, 2019
View reviewed changes
...urity/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json
}
},
"paths": {
"/providers/Microsoft.Security/assessmentMetadata": {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

assessmentMetadata doesn't really allude to what this is, as the term metadata doesn't really have any specific meaning. If I try to make sense of both your PRs, this is really the assessmentDefinitions?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess that it might be a better name, but since this API was already reviewed for most of its properties by ARM, approved with that name and publicly exposed in the manifest it will be a little problematic to change the name now :/
WDYT?

@AutorestCI AutorestCI mentioned this pull request Nov 24, 2019
Closed
@chlahav chlahav force-pushed the master branch 2 times, most recently from 9f724b4 to 00eab4b Compare November 24, 2019 23:30
@AutorestCI AutorestCI mentioned this pull request Dec 1, 2019
Closed
KrisBash
KrisBash approved these changes Dec 3, 2019
View reviewed changes
Copy link
Contributor

@KrisBash KrisBash left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ARM feedback appears to be addressed. Signing off

@KrisBash KrisBash added ARMSignedOff <valid label in PR review process>add this label when ARM approve updates after review and removed ARM-overdue ARM review has not occurred within the expected timeframe ARMChangesRequested <valid label in PR review process>add this label when require changes after ARM review WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required labels Dec 3, 2019
@chlahav
Copy link
Contributor

chlahav commented Dec 3, 2019

@yungezz
can you please review this PR?

@yungezz
Copy link
Member

yungezz commented Dec 4, 2019

hi @erich-wang could you pls review the PR since ARM signedofff?

@erich-wang erich-wang merged commit 32f47b5 into Azure:master Dec 5, 2019
@openapi-sdkautomation
Copy link

openapi-sdkautomation bot commented Dec 5, 2019
edited
Loading

azure-sdk-for-go - Release

Pending...

@openapi-sdkautomation
Copy link

openapi-sdkautomation bot commented Dec 5, 2019
edited
Loading

azure-sdk-for-js - Release

Pending...

@openapi-sdkautomation
Copy link

openapi-sdkautomation bot commented Dec 5, 2019
edited
Loading

azure-sdk-for-net - Release

Pending...

@openapi-sdkautomation
Copy link

openapi-sdkautomation bot commented Dec 5, 2019
edited
Loading

azure-sdk-for-java - Release

Pending...

TalluriAnusha pushed a commit to AsrOneSdk/azure-rest-api-specs that referenced this pull request Dec 11, 2019
@eliagrady @AnuTalluri
Assessment metadata API (Azure Security Center) (Azure#7622)
af839f8 
* create assessmentMetadata.json

* prettier fix

* review fixes

* add userImpact, implementationEffort, threat fields to assessmentMetadata

* cleanup readme.md

* Fix property name

* prettier fixes

* Property casing fix
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chlahav chlahav chlahav approved these changes

@ryansbenson ryansbenson ryansbenson left review comments

@KrisBash KrisBash KrisBash approved these changes

@yungezz yungezz Awaiting requested review from yungezz

Assignees

@erich-wang erich-wang

Labels
ARMSignedOff <valid label in PR review process>add this label when ARM approve updates after review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@eliagrady @azuresdkci @AutorestCI @chlahav @yungezz @KrisBash @ryansbenson @erich-wang @tarosler