SQL blob auditing and threat detection specs and examples

[jaredmoo]

This checklist is used to make sure that common issues in a pull request are addressed. This will expedite the process of getting your pull request merged and avoid extra work on your part to fix issues discovered during the review process.

PR information

• The title of the PR is clear and informative.
• There are a small number of commits, each of which have an informative message. This means that previously merged commits do not appear in the history of the PR. For information on cleaning up the commits in your pull request, see this page.
• Except for special cases involving multiple contributors, the PR is started from a fork of the main repository, not a branch.
• If applicable, the PR references the bug/issue that it fixes.
• Swagger files are correctly named (e.g. the api-version in the path should match the api-version in the spec).

Quality of Swagger

• I have read the contribution guidelines.
• My spec meets the review criteria:
  • The spec conforms to the Swagger 2.0 specification.
  • Validation errors from the Linter extension for VS Code have all been fixed for this spec. (Note: for large, previously checked in specs, there will likely be many errors shown. Please contact our team so we can set a timeframe for fixing these errors if your PR is not going to address them).
  • The spec follows the patterns described in the Swagger good patterns document unless the service API makes this impossible.

[msftclas]

@jaredmoo,
Thanks for your contribution as a Microsoft full-time employee or intern. You do not need to sign a CLA.
Thanks,
Microsoft Pull Request Bot

[jaredmoo]

Comment by @anudeepsharma :

ARM's recommendation of using another resource is by ID, and as first party application you can always query access keys. Now you are putting responsibility of updating the storage account key whenever user recycle the storage account keys. I am putting this comment specially here as these APIs are in preview.

This is applicable for SecurityAlert as well (you can open a backlog item for the same for next API version)

In case you ask for storageAccount ID, you don't need to ask subscription id as well. So in total StorageEndpoint, AccessKeys, StorageSubscription, isStorageSecondaryKeyInUse will be replaced by one entity StorageAccountId

[anudeepsharma]

Array here would have been better for disabledAlerts and emailAddresses

[anudeepsharma]

https://travis-ci.org/Azure/azure-rest-api-specs/jobs/209097807

Linter errors on PR. Please fix the same.

For comments on APIs please create backlog item in RP to fix and get it reviewed for next API version.

[amarzavery]

The property name is in plural form "emailAddress es" and it only accepts one email address as a string. An array would have been better.

[jaredmoo]

@ayeletshpigelman please make sure it's noted as a bug.

[amarzavery]

Is it OK to send an empty string back in the response (if the property was not set in the request body OR due to any other reason)? An optional property not being present if not set or it being present always with an empty string are two different things. Looks like the latter is true. If that is indeed the case then should such properties have "default": "".
I have seen this for "storageAccountAccessKey" and "storageEndpoint" as well.

[jaredmoo]

If "state": "Disabled" then everything else is optional. If "state": "Enabled" then "storageEndpoint" and "storageAccountAccessKey" are required. I'll split these out into 2 different examples.

[jaredmoo]

Also emailAddresses etc can be set to null, so empty string is not default.

[jaredmoo]

Actually the min/max examples are already accurate (when enabled=true). I just have to make state required.

[jaredmoo]

Fixed in 94e1a24

[jaredmoo]

@anudeepsharma @amarzavery can you please review?

• Build failed due to compositeAutomation.json . Not my fault
• For ENUM_MISMATCH warnings in example validation: This warning is legit, but I'm not sure how to best document this value. My thinking was to have modelAsString enum so that I can at least list the possible values, even though it's a comma-separated list so it doesn't really work as an enum. (Yes this has design issues, but we are documenting the API as it exists in production). Should I just make this a regular string without enum?
• The remaining linter warnings I have discussed with @veronicagg and are false positives

[anudeepsharma]

LGTM

[jaredmoo]

Thanks Anudeep! From: Anudeep Sharma [mailto:notifications@github.com] Sent: Tuesday, March 14, 2017 9:59 AM To: Azure/azure-rest-api-specs <azure-rest-api-specs@noreply.github.com> Cc: Jared Moore <Jared.Moore@microsoft.com>; Mention <mention@noreply.github.com> Subject: Re: [Azure/azure-rest-api-specs] SQL blob auditing and threat detection specs and examples (#1012) Merged #1012<#1012>. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub<#1012 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ADGS935zAWBsVgnkiEDBadGGiL0xh58hks5rlsdngaJpZM4MXO42>.

[AutorestCI]

No modification for NodeJS