From 8392017d66f23eb96aa6032681bbfd254f0fd019 Mon Sep 17 00:00:00 2001 From: Abhijit Karanjkar Date: Tue, 5 Oct 2021 00:48:33 -0700 Subject: [PATCH] mongo rbac cherry-pick (#5) * mongo rbac cherry-pick * Removing entry for 07 preview Co-authored-by: kavskalyan --- ...osDBMongoDBRoleDefinitionCreateUpdate.json | 66 ++ .../CosmosDBMongoDBRoleDefinitionDelete.json | 14 + .../CosmosDBMongoDBRoleDefinitionGet.json | 42 ++ .../CosmosDBMongoDBRoleDefinitionList.json | 44 ++ ...osDBMongoDBUserDefinitionCreateUpdate.json | 47 ++ .../CosmosDBMongoDBUserDefinitionDelete.json | 15 + .../CosmosDBMongoDBUserDefinitionGet.json | 31 + .../CosmosDBMongoDBUserDefinitionList.json | 33 + .../preview/2021-10-15-preview/mongorbac.json | 601 ++++++++++++++++++ .../cosmos-db/resource-manager/readme.md | 1 + 10 files changed, 894 insertions(+) create mode 100644 specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionCreateUpdate.json create mode 100644 specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionDelete.json create mode 100644 specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionGet.json create mode 100644 specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionList.json create mode 100644 specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionCreateUpdate.json create mode 100644 specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionDelete.json create mode 100644 specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionGet.json create mode 100644 specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionList.json create mode 100644 specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/mongorbac.json diff --git a/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionCreateUpdate.json b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionCreateUpdate.json new file mode 100644 index 000000000000..ad9c0b3c1b53 --- /dev/null +++ b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionCreateUpdate.json @@ -0,0 +1,66 @@ +{ + "parameters": { + "mongoDbRoleDefinitionId": "myMongoDbRoleDefinitionId", + "subscriptionId": "mySubscriptionId", + "resourceGroupName": "myResourceGroupName", + "accountName": "myAccountName", + "api-version": "2021-10-15-preview", + "createUpdateMongoDbRoleDefinitionParameters": { + "properties": { + "roleName": "myRoleName", + "databaseName": "sales", + "privileges": [ + { + "resource": { + "db": "sales", + "collection": "sales" + }, + "actions": [ + "insert", + "find" + ] + } + ], + "roles": [ + { + "role": "myInheritedRole", + "db": "sales" + } + ] + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/mongodbRoleDefinitions/myMongoDbRoleDefinitionId", + "name": "myMongoDbRoleDefinitionId", + "type": "Microsoft.DocumentDB/databaseAccounts/mongoDbRoleDefinitionId", + "properties": { + "roleName": "myRoleName", + "type": "CustomRole", + "databaseName": "sales", + "privileges": [ + { + "resource": { + "db": "sales", + "collection": "coll" + }, + "actions": [ + "find", + "insert" + ] + } + ], + "roles": [ + { + "db": "sales", + "role": "myReadRole" + } + ] + } + } + }, + "202": {} + } +} diff --git a/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionDelete.json b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionDelete.json new file mode 100644 index 000000000000..9d68ddad1c60 --- /dev/null +++ b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionDelete.json @@ -0,0 +1,14 @@ +{ + "parameters": { + "mongoDbRoleDefinitionId": "myMongoDbRoleDefinitionId", + "subscriptionId": "mySubscriptionId", + "resourceGroupName": "myResourceGroupName", + "accountName": "myAccountName", + "api-version": "2021-10-15-preview" + }, + "responses": { + "200": {}, + "202": {}, + "204": {} + } +} diff --git a/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionGet.json b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionGet.json new file mode 100644 index 000000000000..7bba5df7f838 --- /dev/null +++ b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionGet.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "mongoDbRoleDefinitionId": "myMongoDbRoleDefinitionId", + "databaseName": "sales", + "subscriptionId": "mySubscriptionId", + "resourceGroupName": "myResourceGroupName", + "accountName": "myAccountName", + "api-version": "2021-10-15-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/mongodbRoleDefinitions/myMongoDbRoleDefinitionId", + "name": "myMongoRoleDefinitionId", + "type": "Microsoft.DocumentDB/databaseAccounts/mongoRoleDefinitions", + "properties": { + "roleName": "myRoleName", + "type": "CustomRole", + "databaseName": "sales", + "privileges": [ + { + "resource": { + "db": "sales", + "collection": "coll" + }, + "actions": [ + "find", + "insert" + ] + } + ], + "roles": [ + { + "db": "sales", + "role": "myReadRole" + } + ] + } + } + } + } +} diff --git a/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionList.json b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionList.json new file mode 100644 index 000000000000..bd195613f08c --- /dev/null +++ b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBRoleDefinitionList.json @@ -0,0 +1,44 @@ +{ + "parameters": { + "subscriptionId": "mySubscriptionId", + "resourceGroupName": "myResourceGroupName", + "accountName": "myAccountName", + "api-version": "2021-10-15-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/mongoRoleDefinitions/myRoleDefinitionId", + "name": "myRoleDefinitionId", + "type": "Microsoft.DocumentDB/databaseAccounts/mongoRoleDefinitions", + "properties": { + "roleName": "myRoleName", + "type": "CustomRole", + "databaseName": "sales", + "privileges": [ + { + "resource": { + "db": "sales", + "collection": "coll" + }, + "actions": [ + "find", + "insert" + ] + } + ], + "roles": [ + { + "db": "sales", + "role": "myReadRole" + } + ] + } + } + ] + } + } + } +} diff --git a/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionCreateUpdate.json b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionCreateUpdate.json new file mode 100644 index 000000000000..26cce7c91e67 --- /dev/null +++ b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionCreateUpdate.json @@ -0,0 +1,47 @@ +{ + "parameters": { + "userName": "myUserName", + "databaseName": "sales", + "subscriptionId": "mySubscriptionId", + "resourceGroupName": "myResourceGroupName", + "accountName": "myAccountName", + "api-version": "2021-10-15-preview", + "createUpdateMongoDbRoleDefinitionParameters": { + "properties": { + "userName": "myUserName", + "password": "myPassword", + "databaseName": "sales", + "customData": "My custom data", + "roles": [ + { + "role": "myReadRole", + "db": "sales" + } + ], + "mechanisms": "SCRAM-SHA-256" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/mongodbUserDefinitions/myUserId", + "name": "myUserName", + "type": "Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions", + "properties": { + "userName": "myUserName", + "databaseName": "sales", + "customData": "My custom data", + "roles": [ + { + "db": "sales", + "role": "myReadRole" + } + ], + "mechanisms": "SCRAM-SHA-256" + } + } + }, + "202": {} + } +} diff --git a/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionDelete.json b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionDelete.json new file mode 100644 index 000000000000..df5774b28c96 --- /dev/null +++ b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionDelete.json @@ -0,0 +1,15 @@ +{ + "parameters": { + "userName": "myUserName", + "databaseName": "sales", + "subscriptionId": "mySubscriptionId", + "resourceGroupName": "myResourceGroupName", + "accountName": "myAccountName", + "api-version": "2021-10-15-preview" + }, + "responses": { + "200": {}, + "202": {}, + "204": {} + } +} diff --git a/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionGet.json b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionGet.json new file mode 100644 index 000000000000..7ae249019751 --- /dev/null +++ b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionGet.json @@ -0,0 +1,31 @@ +{ + "parameters": { + "userName": "myUserName", + "databaseName": "sales", + "subscriptionId": "mySubscriptionId", + "resourceGroupName": "myResourceGroupName", + "accountName": "myAccountName", + "api-version": "2021-10-15-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/mongodbUserDefinitions/myUserId", + "name": "myUserId", + "type": "Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions", + "properties": { + "userName": "myUserName", + "databaseName": "sales", + "customData": "My custom data", + "roles": [ + { + "db": "sales", + "role": "myReadRole" + } + ], + "mechanisms": "SCRAM-SHA-256" + } + } + } + } +} diff --git a/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionList.json b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionList.json new file mode 100644 index 000000000000..392ac233b6a5 --- /dev/null +++ b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/examples/CosmosDBMongoDBUserDefinitionList.json @@ -0,0 +1,33 @@ +{ + "parameters": { + "subscriptionId": "mySubscriptionId", + "resourceGroupName": "myResourceGroupName", + "accountName": "myAccountName", + "api-version": "2021-10-15-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/mySubscriptionId/resourceGroups/myResourceGroupName/providers/Microsoft.DocumentDB/databaseAccounts/myAccountName/mongodbUserDefinitions/myUserId", + "name": "myUserId", + "type": "Microsoft.DocumentDB/databaseAccounts/mongodbUserDefinitions", + "properties": { + "userName": "myUserName", + "databaseName": "sales", + "customData": "My custom data", + "roles": [ + { + "db": "sales", + "role": "myReadRole" + } + ], + "mechanisms": "SCRAM-SHA-256" + } + } + ] + } + } + } +} diff --git a/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/mongorbac.json b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/mongorbac.json new file mode 100644 index 000000000000..e5a528e111b2 --- /dev/null +++ b/specification/cosmos-db/resource-manager/Microsoft.DocumentDB/preview/2021-10-15-preview/mongorbac.json @@ -0,0 +1,601 @@ +{ + "swagger": "2.0", + "info": { + "title": "Cosmos DB", + "description": "Azure Cosmos DB API for MongoDB Role Based Access Control Resource Provider REST API", + "version": "2021-10-15-preview" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "Impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DocumentDB/databaseAccounts/{accountName}/mongoRoleDefinitions/{roleDefinitionId}": { + "get": { + "operationId": "MongoDBResources_GetMongoRoleDefinition", + "x-ms-examples": { + "CosmosDBMongoRoleDefinitionGet": { + "$ref": "./examples/CosmosDBMongoDBRoleDefinitionGet.json" + } + }, + "description": "Retrieves the properties of an existing Azure Cosmos DB Mongo Role Definition with the given Id.", + "parameters": [ + { + "$ref": "#/parameters/roleDefinitionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "cosmos-db.json#/parameters/accountNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The Mongo Role Definition was successfully retrieved.", + "schema": { + "$ref": "#/definitions/MongoRoleDefinitionGetResults" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "cosmos-db.json#/definitions/CloudError" + } + } + } + }, + "put": { + "operationId": "MongoDBResources_CreateUpdateMongoRoleDefinition", + "x-ms-examples": { + "CosmosDBMongoDBRoleDefinitionCreateUpdate": { + "$ref": "./examples/CosmosDBMongoDBRoleDefinitionCreateUpdate.json" + } + }, + "x-ms-long-running-operation": true, + "description": "Creates or updates an Azure Cosmos DB Mongo Role Definition.", + "parameters": [ + { + "$ref": "#/parameters/roleDefinitionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "cosmos-db.json#/parameters/accountNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "name": "createUpdateMongoRoleDefinitionParameters", + "in": "body", + "required": true, + "description": "The properties required to create or update a Role Definition.", + "schema": { + "$ref": "#/definitions/MongoRoleDefinitionCreateUpdateParameters" + } + } + ], + "responses": { + "200": { + "description": "The Mongo Role Definition create or update operation was completed successfully.", + "schema": { + "$ref": "#/definitions/MongoRoleDefinitionGetResults" + } + }, + "202": { + "description": "The Mongo Role Definition create or update request was accepted and will complete asynchronously." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "cosmos-db.json#/definitions/CloudError" + } + } + } + }, + "delete": { + "operationId": "MongoDBResources_DeleteMongoRoleDefinition", + "x-ms-examples": { + "CosmosDBMongoDBRoleDefinitionDelete": { + "$ref": "./examples/CosmosDBMongoDBRoleDefinitionDelete.json" + } + }, + "x-ms-long-running-operation": true, + "description": "Deletes an existing Azure Cosmos DB Mongo Role Definition.", + "parameters": [ + { + "$ref": "#/parameters/mongoRoleDefinitionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "cosmos-db.json#/parameters/accountNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The Mongo Role Definition delete operation was completed successfully." + }, + "202": { + "description": "The Mongo Role Definition delete request was accepted and will complete asynchronously." + }, + "204": { + "description": "The requested Mongo Role Definition does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "cosmos-db.json#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DocumentDB/databaseAccounts/{accountName}/mongoRoleDefinitions": { + "get": { + "operationId": "MongoDBResources_ListMongoRoleDefinitions", + "x-ms-examples": { + "CosmosDBMongoDBRoleDefinitionList": { + "$ref": "./examples/CosmosDBMongoDBRoleDefinitionList.json" + } + }, + "x-ms-pageable": { + "nextLinkName": null + }, + "description": "Retrieves the list of all Azure Cosmos DB Mongo Role Definitions.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "cosmos-db.json#/parameters/accountNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The list operation completed successfully.", + "schema": { + "$ref": "#/definitions/MongoRoleDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "cosmos-db.json#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DocumentDB/databaseAccounts/{accountName}/mongoUserDefinitions/{userDefinitionId}": { + "get": { + "operationId": "MongoDBResources_GetMongoUserDefinition", + "x-ms-examples": { + "CosmosDBMongoDBUserDefinitionGet": { + "$ref": "./examples/CosmosDBMongoDBUserDefinitionGet.json" + } + }, + "description": "Retrieves the properties of an existing Azure Cosmos DB Mongo User Definition with the given Id.", + "parameters": [ + { + "$ref": "#/parameters/userDefinitionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "cosmos-db.json#/parameters/accountNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The User Definition was successfully retrieved.", + "schema": { + "$ref": "#/definitions/MongoUserDefinitionGetResults" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "cosmos-db.json#/definitions/CloudError" + } + } + } + }, + "put": { + "operationId": "MongoDBResources_CreateUpdateMongoUserDefinition", + "x-ms-examples": { + "CosmosDBMongoDBUserDefinitionCreateUpdate": { + "$ref": "./examples/CosmosDBMongoDBUserDefinitionCreateUpdate.json" + } + }, + "x-ms-long-running-operation": true, + "description": "Creates or updates an Azure Cosmos DB Mongo User Definition.", + "parameters": [ + { + "$ref": "#/parameters/UserDefinitionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "cosmos-db.json#/parameters/accountNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "name": "createUpdateMongoUserDefinitionParameters", + "in": "body", + "required": true, + "description": "The properties required to create or update a User Definition.", + "schema": { + "$ref": "#/definitions/MongoUserDefinitionCreateUpdateParameters" + } + } + ], + "responses": { + "200": { + "description": "The User Definition create or update operation was completed successfully.", + "schema": { + "$ref": "#/definitions/MongoUserDefinitionGetResults" + } + }, + "202": { + "description": "The User Definition create or update request was accepted and will complete asynchronously." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "cosmos-db.json#/definitions/CloudError" + } + } + } + }, + "delete": { + "operationId": "MongoDBResources_DeleteMongoUserDefinition", + "x-ms-examples": { + "CosmosDBMongoDBUserDefinitionDelete": { + "$ref": "./examples/CosmosDBMongoDBUserDefinitionDelete.json" + } + }, + "x-ms-long-running-operation": true, + "description": "Deletes an existing Azure Cosmos DB Mongo User Definition.", + "parameters": [ + { + "$ref": "#/parameters/userDefinitionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "cosmos-db.json#/parameters/accountNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The User Definition delete operation was completed successfully." + }, + "202": { + "description": "The User Definition delete request was accepted and will complete asynchronously." + }, + "204": { + "description": "The requested User Definition does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "cosmos-db.json#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DocumentDB/databaseAccounts/{accountName}/mongoUserDefinitions": { + "get": { + "operationId": "MongoDBResources_ListMongoUserDefinitions", + "x-ms-examples": { + "CosmosDBMongoDBUserDefinitionList": { + "$ref": "./examples/CosmosDBMongoDBUserDefinitionList.json" + } + }, + "x-ms-pageable": { + "nextLinkName": null + }, + "description": "Retrieves the list of all Azure Cosmos DB Mongo User Definition.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "cosmos-db.json#/parameters/accountNameParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The list operation completed successfully.", + "schema": { + "$ref": "#/definitions/MongoUserDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "cosmos-db.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "MongoRoleDefinitionResource": { + "properties": { + "roleName": { + "type": "string", + "description": "A user-friendly name for the Role Definition. Must be unique for the database account." + }, + "type": { + "type": "string", + "enum": [ + "BuiltInRole", + "CustomRole" + ], + "description": "Indicates whether the Role Definition was built-in or user created.", + "x-ms-enum": { + "name": "MongoRoleDefinitionType", + "modelAsString": false + } + }, + "privileges": { + "type": "array", + "items": { + "$ref": "#/definitions/Privilege" + }, + "description": "A set of privileges contained by the Role Definition. This will allow application of this Role Definition on the entire database account or any underlying Database / Collection. Scopes higher than Database are not enforceable as privilege." + }, + "roles": { + "type": "array", + "items": { + "$ref": "#/definitions/Role" + }, + "description": "The set of roles inherited by this Role Definition." + } + }, + "description": "Azure Cosmos DB Mongo Role Definition resource object." + }, + "MongoRoleDefinitionCreateUpdateParameters": { + "description": "Parameters to create and update an Azure Cosmos DB Mongo Role Definition.", + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Properties to create and update an Azure Cosmos DB Mongo Role Definition.", + "$ref": "#/definitions/MongoRoleDefinitionResource" + } + } + }, + "MongoRoleDefinitionGetResults": { + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/MongoRoleDefinitionResource", + "description": "Properties related to the Mongo Role Definition." + } + }, + "allOf": [ + { + "$ref": "cosmos-db.json#/definitions/ARMProxyResource" + } + ], + "description": "An Azure Cosmos DB Mongo Role Definition." + }, + "Privilege": { + "type": "object", + "properties": { + "resource": { + "type": "object", + "properties": { + "db": { + "type": "string", + "description": "The database name the role is applied." + }, + "collection": { + "type": "string", + "description": "The collection name the role is applied." + }, + "description": "An array of data actions that are allowed." + } + }, + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "An array of actions that are allowed." + } + }, + "description": "The set of data plane operations permitted through this Role Definition." + }, + "Role": { + "type": "object", + "properties": { + "db": { + "type": "string", + "description": "The database name the role is applied." + }, + "role": { + "type": "string", + "description": "The role name." + } + } , + "description": "The set of roles permitted through this Role Definition." + }, + "MongoRoleDefinitionListResult": { + "properties": { + "value": { + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/MongoRoleDefinitionGetResults" + }, + "description": "List of Mongo Role Definitions and their properties." + } + }, + "description": "The relevant Mongo Role Definitions." + }, + "MongoUserDefinitionResource": { + "type": "object", + "properties": { + "userName": { + "type": "string", + "description": "The user name for User Definition." + }, + "databaseName": { + "type": "string", + "description": "The database name for which access is being granted for this User Definition." + }, + "customData": { + "type": "string", + "description": "A custom definition for the USer Definition." + }, + "roles": { + "type": "array", + "items": { + "$ref": "#/definitions/Role" + }, + "description": "The set of roles inherited by the User Definition." + } + }, + "description": "Azure Cosmos DB Mongo User Definition resource object." + }, + "MongoUserDefinitionCreateUpdateParameters": { + "description": "Parameters to create and update an Azure Cosmos DB Mongo User Definition.", + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Properties to create and update an Azure Cosmos DB Mongo User Definition.", + "$ref": "#/definitions/MongoUserDefinitionResource" + } + } + }, + "MongoUserDefinitionGetResults": { + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/MongoUserDefinitionResource", + "description": "Properties related to the User Definition." + } + }, + "allOf": [ + { + "$ref": "cosmos-db.json#/definitions/ARMProxyResource" + } + ], + "description": "An Azure Cosmos DB User Definition" + }, + "MongoUserDefinitionListResult": { + "properties": { + "value": { + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/MongoUserDefinitionGetResults" + }, + "description": "List of User Definition and their properties" + } + }, + "description": "The relevant User Definition." + } + }, + "parameters": { + "roleDefinitionIdParameter": { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "x-ms-parameter-location": "method", + "description": "The ID for the Role Definition {dbName.roleName}." + }, + "userDefinitionIdParameter": { + "name": "userDefinitionId", + "in": "path", + "required": true, + "type": "string", + "x-ms-parameter-location": "method", + "description": "The ID for the User Definition {dbName.userName}." + } + } +} diff --git a/specification/cosmos-db/resource-manager/readme.md b/specification/cosmos-db/resource-manager/readme.md index 6a469e324665..dee280a2a060 100644 --- a/specification/cosmos-db/resource-manager/readme.md +++ b/specification/cosmos-db/resource-manager/readme.md @@ -45,6 +45,7 @@ input-file: - Microsoft.DocumentDB/preview/2021-10-15-preview/rbac.json - Microsoft.DocumentDB/preview/2021-10-15-preview/restorable.json - Microsoft.DocumentDB/preview/2021-10-15-preview/services.json + - Microsoft.DocumentDB/preview/2021-10-15-preview/mongorbac.json ``` ### Tag: package-2021-07-preview