From f6f3cedfd11527974c982018c72e1e782ab0d8d1 Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Wed, 30 Sep 2020 07:59:52 -0700 Subject: [PATCH 01/13] Adding extended auditing settings support --- ...dSqlPoolAzureMonitorAuditingCreateMin.json | 56 ++++ .../ExtendedSqlPoolBlobAuditingCreateMax.json | 71 +++++ .../ExtendedSqlPoolBlobAuditingCreateMin.json | 59 ++++ .../ExtendedSqlPoolBlobAuditingGet.json | 29 ++ .../SqlPoolExtendedAuditingSettingsList.json | 32 ++ .../preview/2019-06-01-preview/sqlPool.json | 296 ++++++++++++++++++ 6 files changed, 543 insertions(+) create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolAzureMonitorAuditingCreateMin.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingCreateMax.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingCreateMin.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingGet.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolExtendedAuditingSettingsList.json diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolAzureMonitorAuditingCreateMin.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolAzureMonitorAuditingCreateMin.json new file mode 100644 index 000000000000..a366921b14e5 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolAzureMonitorAuditingCreateMin.json @@ -0,0 +1,56 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "blobauditingtest-4799", + "workspaceName": "blobauditingtest-6440", + "sqlPoolName": "testdb", + "blobAuditingPolicyName": "default", + "api-version": "2019-06-01-preview", + "parameters": { + "properties": { + "state": "Enabled", + "isAzureMonitorTargetEnabled": true + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/blobauditingtest-4799/providers/Microsoft.Synapse/workspaces/blobauditingtest-6440/sqlPools/testdb", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings", + "properties": { + "state": "Enabled", + "isAzureMonitorTargetEnabled": true, + "retentionDays": 0, + "storageAccountSubscriptionId": "00000000-0000-0000-0000-000000000000", + "isStorageSecondaryKeyInUse": false, + "auditActionsAndGroups": [ + "SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP", + "FAILED_DATABASE_AUTHENTICATION_GROUP", + "BATCH_COMPLETED_GROUP" + ] + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/blobauditingtest-4799/providers/Microsoft.Synapse/workspaces/blobauditingtest-6440/sqlPools/testdb", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings", + "properties": { + "state": "Enabled", + "isAzureMonitorTargetEnabled": true, + "retentionDays": 0, + "storageAccountSubscriptionId": "00000000-0000-0000-0000-000000000000", + "isStorageSecondaryKeyInUse": false, + "auditActionsAndGroups": [ + "SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP", + "FAILED_DATABASE_AUTHENTICATION_GROUP", + "BATCH_COMPLETED_GROUP" + ] + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingCreateMax.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingCreateMax.json new file mode 100644 index 000000000000..fb0a9328a552 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingCreateMax.json @@ -0,0 +1,71 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "blobauditingtest-4799", + "workspaceName": "blobauditingtest-6440", + "sqlPoolName": "testdb", + "blobAuditingPolicyName": "default", + "api-version": "2019-06-01-preview", + "parameters": { + "properties": { + "state": "Enabled", + "storageAccountAccessKey": "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==", + "storageEndpoint": "https://mystorage.blob.core.windows.net", + "retentionDays": 6, + "storageAccountSubscriptionId": "00000000-1234-0000-5678-000000000000", + "isStorageSecondaryKeyInUse": false, + "auditActionsAndGroups": [ + "DATABASE_LOGOUT_GROUP", + "DATABASE_ROLE_MEMBER_CHANGE_GROUP", + "UPDATE on database::TestDatabaseName by public" + ], + "predicateExpression": "statement = 'select 1'", + "isAzureMonitorTargetEnabled": true + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/blobauditingtest-4799/providers/Microsoft.Synapse/workspaces/blobauditingtest-6440/sqlPools/testdb", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings", + "properties": { + "state": "Enabled", + "storageEndpoint": "https://mystorage.blob.core.windows.net", + "retentionDays": 0, + "storageAccountSubscriptionId": "00000000-1234-0000-5678-000000000000", + "isStorageSecondaryKeyInUse": false, + "auditActionsAndGroups": [ + "DATABASE_LOGOUT_GROUP", + "DATABASE_ROLE_MEMBER_CHANGE_GROUP", + "UPDATE on database::TestDatabaseName by public" + ], + "predicateExpression": "statement = 'select 1'", + "isAzureMonitorTargetEnabled": true + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/blobauditingtest-4799/providers/Microsoft.Synapse/workspaces/blobauditingtest-6440/sqlPools/testdb", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings", + "properties": { + "state": "Enabled", + "storageEndpoint": "https://mystorage.blob.core.windows.net", + "retentionDays": 0, + "storageAccountSubscriptionId": "00000000-1234-0000-5678-000000000000", + "isStorageSecondaryKeyInUse": false, + "auditActionsAndGroups": [ + "DATABASE_LOGOUT_GROUP", + "DATABASE_ROLE_MEMBER_CHANGE_GROUP", + "UPDATE on database::TestDatabaseName by public" + ], + "predicateExpression": "statement = 'select 1'", + "isAzureMonitorTargetEnabled": true + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingCreateMin.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingCreateMin.json new file mode 100644 index 000000000000..b57b39b62ac8 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingCreateMin.json @@ -0,0 +1,59 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "blobauditingtest-4799", + "workspaceName": "blobauditingtest-6440", + "sqlPoolName": "testdb", + "blobAuditingPolicyName": "default", + "api-version": "2019-06-01-preview", + "parameters": { + "properties": { + "state": "Enabled", + "storageAccountAccessKey": "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==", + "storageEndpoint": "https://mystorage.blob.core.windows.net" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/blobauditingtest-4799/providers/Microsoft.Synapse/workspaces/blobauditingtest-6440/sqlPools/testdb", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings", + "properties": { + "state": "Enabled", + "storageEndpoint": "https://mystorage.blob.core.windows.net", + "retentionDays": 0, + "storageAccountSubscriptionId": "00000000-0000-0000-0000-000000000000", + "isStorageSecondaryKeyInUse": false, + "auditActionsAndGroups": [ + "SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP", + "FAILED_DATABASE_AUTHENTICATION_GROUP", + "BATCH_COMPLETED_GROUP" + ], + "isAzureMonitorTargetEnabled": false + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/blobauditingtest-4799/providers/Microsoft.Synapse/workspaces/blobauditingtest-6440/sqlPools/testdb", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings", + "properties": { + "state": "Enabled", + "storageEndpoint": "https://mystorage.blob.core.windows.net", + "retentionDays": 0, + "storageAccountSubscriptionId": "00000000-0000-0000-0000-000000000000", + "isStorageSecondaryKeyInUse": false, + "auditActionsAndGroups": [ + "SUCCESSFUL_DATABASE_AUTHENTICATION_GROUP", + "FAILED_DATABASE_AUTHENTICATION_GROUP", + "BATCH_COMPLETED_GROUP" + ], + "isAzureMonitorTargetEnabled": false + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingGet.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingGet.json new file mode 100644 index 000000000000..867aec54f026 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/ExtendedSqlPoolBlobAuditingGet.json @@ -0,0 +1,29 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "blobauditingtest-6852", + "workspaceName": "blobauditingtest-2080", + "sqlPoolName": "testdb", + "blobAuditingPolicyName": "default", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/blobauditingtest-6852/providers/Microsoft.Synapse/workspaces/blobauditingtest-2080/sqlPools/testdb", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings", + "properties": { + "state": "Disabled", + "storageEndpoint": "", + "retentionDays": 0, + "auditActionsAndGroups": [], + "storageAccountSubscriptionId": "00000000-0000-0000-0000-000000000000", + "isStorageSecondaryKeyInUse": false, + "predicateExpression": "statement = 'select 1'", + "isAzureMonitorTargetEnabled": false + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolExtendedAuditingSettingsList.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolExtendedAuditingSettingsList.json new file mode 100644 index 000000000000..80df8e8985e5 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolExtendedAuditingSettingsList.json @@ -0,0 +1,32 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "blobauditingtest-6852", + "workspaceName": "blobauditingtest-2080", + "sqlPoolName": "testdb", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/blobauditingtest-6852/providers/Microsoft.Synapse/workspaces/blobauditingtest-2080/sqlPools/testdb/extendedAuditingSettings/default", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings", + "properties": { + "state": "Disabled", + "storageEndpoint": "", + "retentionDays": 0, + "auditActionsAndGroups": [], + "storageAccountSubscriptionId": "00000000-0000-0000-0000-000000000000", + "isStorageSecondaryKeyInUse": false, + "predicateExpression": "statement = 'select 1'", + "isAzureMonitorTargetEnabled": false + } + } + ] + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json index 5d40707bd2ae..1f3e071d4302 100644 --- a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json @@ -2887,6 +2887,200 @@ } } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/extendedAuditingSettings/{blobAuditingPolicyName}": { + "get": { + "tags": [ + "SqlPools, BlobAuditing" + ], + "description": "Gets an extended Sql pool's blob auditing policy.", + "operationId": "ExtendedSqlPoolBlobAuditingPolicies_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "name": "blobAuditingPolicyName", + "in": "path", + "description": "The name of the blob auditing policy.", + "required": true, + "type": "string", + "enum": [ + "default" + ], + "x-ms-parameter-location": "method" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the extended Sql pool blob auditing policy.", + "schema": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicy" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 BlobAuditingIsNotSupportedOnResourceType - Blob Auditing is currently not supported for this resource type.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later." + } + }, + "consumes": [], + "produces": [ + "application/json" + ], + "x-ms-examples": { + "Get an extended database's blob auditing policy": { + "$ref": "./examples/ExtendedSqlPoolBlobAuditingGet.json" + } + } + }, + "put": { + "tags": [ + "SqlPools, BlobAuditing" + ], + "description": "Creates or updates an extended Sql pool's blob auditing policy.", + "operationId": "ExtendedSqlPoolBlobAuditingPolicies_CreateOrUpdate", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "name": "blobAuditingPolicyName", + "in": "path", + "description": "The name of the blob auditing policy.", + "required": true, + "type": "string", + "enum": [ + "default" + ], + "x-ms-parameter-location": "method" + }, + { + "name": "parameters", + "in": "body", + "description": "The extended Sql pool blob auditing policy.", + "required": true, + "schema": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicy" + } + } + ], + "responses": { + "200": { + "description": "Successfully set the extended Sql pool blob auditing policy.", + "schema": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicy" + } + }, + "201": { + "description": "Successfully created the extended database blob auditing policy.", + "schema": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicy" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 BlobAuditingIsNotSupportedOnResourceType - Blob Auditing is currently not supported for this resource type.\n\n * 400 BlobAuditingPredicateExpressionSyntaxError - Invalid value of parameter 'predicateExpression'.\n\n * 400 InvalidDatabaseBlobAuditingPolicyCreateRequest - The create database blob auditing policy request does not exist or has no properties object.\n\n * 400 InvalidBlobAuditActionsAndGroups - Invalid audit actions or action groups.\n\n * 400 DataSecurityInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 400 BlobAuditingPredicateExpressionEmpty - Invalid parameter 'predicateExpression', value can not be empty.\n\n * 400 BlobAuditingInvalidStorageAccountName - The provided storage account is not valid or does not exist.\n\n * 400 UpdateNotAllowedOnPausedDatabase - User attempted to perform an update on a paused database.\n\n * 400 BlobAuditingInvalidStorageAccountCredentials - The provided storage account or access key is not valid.\n\n * 400 BlobAuditingIsNotSupportedOnGeoDr - Blob auditing can be configured on primary databases only.\n\n * 400 BlobAuditingNoServerIdentity - The server identity is not correctly configured.\n\n * 400 InvalidBlobAuditActionsAndGroupsForDW - Unsupported audit actions or action groups for DW.\n\n * 400 BlobAuditingInsufficientStorageAccountPermissions - Insufficient read or write permissions on the provided storage account.\n\n * 400 BlobAuditingStorageAccountIsDisabled - The provided storage account is disabled.\n\n * 400 InsufficientDiskSpaceForAuditing - Insufficient disk space to save auditing metadata in the database\n\n * 400 InvalidBlobAuditActions - Invalid audit action\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later." + } + }, + "consumes": [], + "produces": [ + "application/json" + ], + "x-ms-examples": { + "Create or update an extended Sql pool's blob auditing policy with minimal parameters": { + "$ref": "./examples/ExtendedSqlPoolBlobAuditingCreateMin.json" + }, + "Create or update an extended Sql pool's blob auditing policy with all parameters": { + "$ref": "./examples/ExtendedSqlPoolBlobAuditingCreateMax.json" + }, + "Create or update an extended SQL pool's azure monitor auditing policy with minimal parameters": { + "$ref": "./examples/ExtendedSqlPoolAzureMonitorAuditingCreateMin.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/extendedAuditingSettings": { + "get": { + "tags": [ + "SqlPools,BlobAuditing" + ], + "description": "Lists extended auditing settings of a Sql pool.", + "operationId": "ExtendedSqlPoolBlobAuditingPolicies_ListBySqlPool", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the database extended auditing settings.", + "schema": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicyListResult" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 BlobAuditingIsNotSupportedOnResourceType - Blob Auditing is currently not supported for this resource type.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later." + } + }, + "consumes": [], + "produces": [ + "application/json" + ], + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List extended auditing settings of a database": { + "$ref": "./examples/SqlPoolExtendedAuditingSettingsList.json" + } + } + } } }, "definitions": { @@ -4459,6 +4653,108 @@ "type": "string" } } + }, + "ExtendedSqlPoolBlobAuditingPolicy": { + "description": "An extended Sql pool blob auditing policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "ExtendedSqlPoolBlobAuditingPolicyProperties": { + "description": "Properties of an extended Sql pool blob auditing policy.", + "required": [ + "state" + ], + "type": "object", + "properties": { + "predicateExpression": { + "description": "Specifies condition of where clause when creating an audit.", + "type": "string" + }, + "state": { + "description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.", + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "BlobAuditingPolicyState", + "modelAsString": false + } + }, + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.", + "type": "string" + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the audit logs in the storage account.", + "type": "integer" + }, + "auditActionsAndGroups": { + "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)", + "type": "array", + "items": { + "type": "string" + } + }, + "storageAccountSubscriptionId": { + "format": "uuid", + "description": "Specifies the blob storage subscription Id.", + "type": "string" + }, + "isStorageSecondaryKeyInUse": { + "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.", + "type": "boolean" + }, + "isAzureMonitorTargetEnabled": { + "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n", + "type": "boolean" + }, + "queueDelayMs": { + "format": "int32", + "description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.", + "type": "integer" + } + } + }, + "ExtendedSqlPoolBlobAuditingPolicyListResult": { + "description": "A list of sql pool extended auditing settings.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } } } } From 20060b344fde9d8b50b216ccb56bf714f14611b0 Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Thu, 1 Oct 2020 14:03:02 -0700 Subject: [PATCH 02/13] Added datamasking and missing get for ColumnSensitivityLabels --- .../preview/2019-06-01-preview/sqlPool.json | 521 ++++++++++++++++++ 1 file changed, 521 insertions(+) diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json index 5067cbba9be5..eb5fa87e3057 100644 --- a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json @@ -1665,6 +1665,90 @@ "$ref": "./examples/DeleteSqlPoolColumnSensitivityLabel.json" } } + }, + "get": { + "tags": [ + "SqlPools, SensitivityLabels" + ], + "description": "Gets the sensitivity label of a given column", + "operationId": "SqlPoolSensitivityLabels_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "name": "schemaName", + "in": "path", + "description": "The name of the schema.", + "required": true, + "type": "string" + }, + { + "name": "tableName", + "in": "path", + "description": "The name of the table.", + "required": true, + "type": "string" + }, + { + "name": "columnName", + "in": "path", + "description": "The name of the column.", + "required": true, + "type": "string" + }, + { + "name": "sensitivityLabelSource", + "in": "path", + "description": "The source of the sensitivity label.", + "required": true, + "type": "string", + "enum": [ + "current", + "recommended" + ], + "x-ms-enum": { + "name": "SensitivityLabelSource", + "modelAsString": false + } + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the sensitivity label.", + "schema": { + "$ref": "#/definitions/SensitivityLabel" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 DatawarehouseDatabaseIsDeactivated - Could not execute Data Classification operation because the database is paused. Please resume it.\n\n * 400 SensitivityLabelSourceNameNotSupported - The specified sensitivity label source is not valid\n\n * 404 SensitivityLabelsColumnNotFound - The specified schema/table/column could not be found\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 SensitivityLabelsLabelNotFound - The specified sensitivity label could not be found\n\n * 501 SensitivityLabelRecommendedSourceNameNotSupported - 'Recommended' sensitivity label source is not supported yet" + } + }, + "consumes": [], + "produces": [ + "application/json" + ], + "x-ms-examples": { + "Gets the sensitivity label of a given column": { + "$ref": "./examples/GetSqlPoolColumnSensitivityLabelGet.json" + } + } } }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/schemas/{schemaName}/tables/{tableName}/columns/{columnName}/sensitivityLabels/{sensitivityLabelSource}/enable": { @@ -3081,6 +3165,250 @@ } } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/dataMaskingPolicies/{dataMaskingPolicyName}": { + "put": { + "tags": [ + "SqlPools, DataMaskingPolicies" + ], + "operationId": "DataMaskingPolicies_CreateOrUpdate", + "description": "Creates or updates a Sql pool data masking policy", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "$ref": "#/parameters/DataMaskingPolicyNameParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DataMaskingPolicy" + }, + "description": "Parameters for creating or updating a data masking policy." + } + ], + "consumes": [], + "produces": [ + "application/json" + ], + "x-ms-examples": { + "Create or update data masking policy max": { + "$ref": "./examples/DataMaskingPolicyCreateOrUpdateMax.json" + }, + "Create or update data masking policy min": { + "$ref": "./examples/DataMaskingPolicyCreateOrUpdateMin.json" + } + }, + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/DataMaskingPolicy" + } + } + } + }, + "get": { + "tags": [ + "SqlPools, DataMaskingPolicies" + ], + "operationId": "DataMaskingPolicies_Get", + "description": "Gets a Sql pool data masking policy.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "$ref": "#/parameters/DataMaskingPolicyNameParameter" + } + ], + "consumes": [], + "produces": [ + "application/json" + ], + "x-ms-examples": { + "Get data masking policy": { + "$ref": "./examples/DataMaskingPolicyGet.json" + } + }, + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/DataMaskingPolicy" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/dataMaskingPolicies/{dataMaskingPolicyName}/rules/{dataMaskingRuleName}": { + "put": { + "tags": [ + "SqlPools, DataMaskingRules" + ], + "operationId": "DataMaskingRules_CreateOrUpdate", + "description": "Creates or updates a Sql pool data masking rule.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "$ref": "#/parameters/DataMaskingPolicyNameParameter" + }, + { + "name": "dataMaskingRuleName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the data masking rule." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/DataMaskingRule" + }, + "description": "The required parameters for creating or updating a data masking rule." + } + ], + "consumes": [], + "produces": [ + "application/json" + ], + "x-ms-examples": { + "Create/Update data masking rule for text": { + "$ref": "./examples/DataMaskingRuleCreateOrUpdateText.json" + }, + "Create/Update data masking rule for numbers": { + "$ref": "./examples/DataMaskingRuleCreateOrUpdateNumber.json" + }, + "Create/Update data masking rule for default min": { + "$ref": "./examples/DataMaskingRuleCreateOrUpdateDefaultMin.json" + }, + "Create/Update data masking rule for default max": { + "$ref": "./examples/DataMaskingRuleCreateOrUpdateDefaultMax.json" + } + }, + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/DataMaskingRule" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/DataMaskingRule" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/dataMaskingPolicies/{dataMaskingPolicyName}/rules": { + "get": { + "tags": [ + "DataMaskingRules" + ], + "operationId": "DataMaskingRules_ListBySqlPool", + "description": "Gets a list of Sql pool data masking rules.", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "$ref": "#/parameters/DataMaskingPolicyNameParameter" + } + ], + "consumes": [], + "produces": [ + "application/json" + ], + "x-ms-examples": { + "List data masking rules": { + "$ref": "./examples/DataMaskingRuleList.json" + } + }, + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/DataMaskingRuleListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": null + } + } } }, "definitions": { @@ -4760,6 +5088,199 @@ "readOnly": true } } + }, + "DataMaskingPolicy": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/DataMaskingPolicyProperties", + "description": "The properties of the data masking policy." + }, + "location": { + "type": "string", + "readOnly": true, + "description": "The location of the data masking policy." + }, + "kind": { + "type": "string", + "readOnly": true, + "description": "The kind of data masking policy. Metadata, used for Azure portal." + } + }, + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Represents a database data masking policy." + }, + "DataMaskingPolicyProperties": { + "properties": { + "dataMaskingState": { + "type": "string", + "description": "The state of the data masking policy.", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingState" + } + }, + "exemptPrincipals": { + "type": "string", + "description": "The list of the exempt principals. Specifies the semicolon-separated list of database users for which the data masking policy does not apply. The specified users receive data results without masking for all of the database queries." + }, + "applicationPrincipals": { + "type": "string", + "description": "The list of the application principals. This is a legacy parameter and is no longer used.", + "readOnly": true + }, + "maskingLevel": { + "type": "string", + "description": "The masking level. This is a legacy parameter and is no longer used.", + "readOnly": true + } + }, + "required": [ + "dataMaskingState" + ], + "description": "The properties of a database data masking policy." + }, + "DataMaskingRule": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/DataMaskingRuleProperties", + "description": "The properties of the resource." + }, + "location": { + "type": "string", + "readOnly": true, + "description": "The location of the data masking rule." + }, + "kind": { + "type": "string", + "readOnly": true, + "description": "The kind of Data Masking Rule. Metadata, used for Azure portal." + } + }, + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Represents a Sql pool data masking rule." + }, + "DataMaskingRuleProperties": { + "properties": { + "id": { + "type": "string", + "description": "The rule Id.", + "readOnly": true + }, + "aliasName": { + "type": "string", + "description": "The alias name. This is a legacy parameter and is no longer used." + }, + "ruleState": { + "type": "string", + "description": "The rule state. Used to delete a rule. To delete an existing rule, specify the schemaName, tableName, columnName, maskingFunction, and specify ruleState as disabled. However, if the rule doesn't already exist, the rule will be created with ruleState set to enabled, regardless of the provided value of ruleState.", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingRuleState" + } + }, + "schemaName": { + "type": "string", + "description": "The schema name on which the data masking rule is applied." + }, + "tableName": { + "type": "string", + "description": "The table name on which the data masking rule is applied." + }, + "columnName": { + "type": "string", + "description": "The column name on which the data masking rule is applied." + }, + "maskingFunction": { + "type": "string", + "description": "The masking function that is used for the data masking rule.", + "enum": [ + "Default", + "CCN", + "Email", + "Number", + "SSN", + "Text" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingFunction" + } + }, + "numberFrom": { + "type": "string", + "description": "The numberFrom property of the masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." + }, + "numberTo": { + "type": "string", + "description": "The numberTo property of the data masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." + }, + "prefixSize": { + "type": "string", + "description": "If maskingFunction is set to Text, the number of characters to show unmasked in the beginning of the string. Otherwise, this parameter will be ignored." + }, + "suffixSize": { + "type": "string", + "description": "If maskingFunction is set to Text, the number of characters to show unmasked at the end of the string. Otherwise, this parameter will be ignored." + }, + "replacementString": { + "type": "string", + "description": "If maskingFunction is set to Text, the character to use for masking the unexposed part of the string. Otherwise, this parameter will be ignored." + } + }, + "required": [ + "maskingFunction", + "schemaName", + "tableName", + "columnName" + ], + "description": "The properties of a Sql pool data masking rule." + }, + "DataMaskingRuleListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/DataMaskingRule" + }, + "description": "The list of Sql pool data masking rules." + } + }, + "description": "The response to a list data masking rules request." + } + }, + "parameters": { + "DataMaskingPolicyNameParameter": { + "name": "dataMaskingPolicyName", + "in": "path", + "required": true, + "type": "string", + "enum": [ + "Default" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingPolicyName" + }, + "description": "The name of the data masking policy for which the masking rule applies.", + "x-ms-parameter-location": "method" } } } From f4c2ea1c1a252e979aba8d0223b5cfe751eedf6d Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Thu, 1 Oct 2020 14:03:35 -0700 Subject: [PATCH 03/13] Added datamasking exampless --- .../DataMaskingPolicyCreateOrUpdateMax.json | 33 +++++++++ .../DataMaskingPolicyCreateOrUpdateMin.json | 32 +++++++++ .../examples/DataMaskingPolicyGet.json | 27 +++++++ ...taMaskingRuleCreateOrUpdateDefaultMax.json | 69 ++++++++++++++++++ ...taMaskingRuleCreateOrUpdateDefaultMin.json | 67 ++++++++++++++++++ .../DataMaskingRuleCreateOrUpdateNumber.json | 69 ++++++++++++++++++ .../DataMaskingRuleCreateOrUpdateText.json | 70 +++++++++++++++++++ .../examples/DataMaskingRuleList.json | 60 ++++++++++++++++ .../GetSqlPoolColumnSensitivityLabelGet.json | 28 ++++++++ 9 files changed, 455 insertions(+) create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyCreateOrUpdateMax.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyCreateOrUpdateMin.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyGet.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateDefaultMax.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateDefaultMin.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateNumber.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateText.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleList.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/GetSqlPoolColumnSensitivityLabelGet.json diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyCreateOrUpdateMax.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyCreateOrUpdateMax.json new file mode 100644 index 000000000000..020fcfa56e58 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyCreateOrUpdateMax.json @@ -0,0 +1,33 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "sqlcrudtest-6852", + "workspaceName": "sqlcrudtest-2080", + "sqlPoolName": "sqlcrudtest-331", + "dataMaskingPolicyName": "Default", + "api-version": "2019-06-01-preview", + "parameters": { + "properties": { + "dataMaskingState": "Enabled", + "exemptPrincipals": "testuser;" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-2080/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default", + "name": "Default", + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies", + "location": "Central US", + "kind": null, + "properties": { + "dataMaskingState": "Enabled", + "applicationPrincipals": "", + "exemptPrincipals": "testuser;", + "maskingLevel": "" + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyCreateOrUpdateMin.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyCreateOrUpdateMin.json new file mode 100644 index 000000000000..50709215690c --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyCreateOrUpdateMin.json @@ -0,0 +1,32 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "sqlcrudtest-6852", + "workspaceName": "sqlcrudtest-2080", + "sqlPoolName": "sqlcrudtest-331", + "dataMaskingPolicyName": "Default", + "api-version": "2019-06-01-preview", + "parameters": { + "properties": { + "dataMaskingState": "Enabled" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-2080/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default", + "name": "Default", + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies", + "location": "Central US", + "kind": null, + "properties": { + "dataMaskingState": "Enabled", + "applicationPrincipals": "", + "exemptPrincipals": "", + "maskingLevel": "" + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyGet.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyGet.json new file mode 100644 index 000000000000..73551e852dd7 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingPolicyGet.json @@ -0,0 +1,27 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "sqlcrudtest-6852", + "workspaceName": "sqlcrudtest-2080", + "sqlPoolName": "sqlcrudtest-331", + "dataMaskingPolicyName": "Default", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-2080/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default", + "name": "Default", + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies", + "location": "Central US", + "kind": null, + "properties": { + "dataMaskingState": "Enabled", + "applicationPrincipals": "", + "exemptPrincipals": "", + "maskingLevel": "" + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateDefaultMax.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateDefaultMax.json new file mode 100644 index 000000000000..8c7754248ab4 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateDefaultMax.json @@ -0,0 +1,69 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "sqlcrudtest-6852", + "workspaceName": "sqlcrudtest-2080", + "sqlPoolName": "sqlcrudtest-331", + "dataMaskingPolicyName": "Default", + "api-version": "2019-06-01-preview", + "dataMaskingRuleName": "rule1", + "parameters": { + "properties": { + "aliasName": "nickname", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "maskingFunction": "Default", + "ruleState": "Enabled" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": "nickname", + "maskingFunction": "Default", + "numberFrom": null, + "numberTo": null, + "prefixSize": null, + "suffixSize": null, + "replacementString": null + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": "nickname", + "maskingFunction": "Default", + "numberFrom": null, + "numberTo": null, + "prefixSize": null, + "suffixSize": null, + "replacementString": null + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateDefaultMin.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateDefaultMin.json new file mode 100644 index 000000000000..8db1e3ef3765 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateDefaultMin.json @@ -0,0 +1,67 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "sqlcrudtest-6852", + "workspaceName": "sqlcrudtest-2080", + "sqlPoolName": "sqlcrudtest-331", + "dataMaskingPolicyName": "Default", + "api-version": "2019-06-01-preview", + "dataMaskingRuleName": "rule1", + "parameters": { + "properties": { + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "maskingFunction": "Default" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": null, + "maskingFunction": "Default", + "numberFrom": null, + "numberTo": null, + "prefixSize": null, + "suffixSize": null, + "replacementString": null + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": null, + "maskingFunction": "Default", + "numberFrom": null, + "numberTo": null, + "prefixSize": null, + "suffixSize": null, + "replacementString": null + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateNumber.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateNumber.json new file mode 100644 index 000000000000..f442dbd00e10 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateNumber.json @@ -0,0 +1,69 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "sqlcrudtest-6852", + "workspaceName": "sqlcrudtest-2080", + "sqlPoolName": "sqlcrudtest-331", + "dataMaskingPolicyName": "Default", + "api-version": "2019-06-01-preview", + "dataMaskingRuleName": "rule1", + "parameters": { + "properties": { + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "maskingFunction": "Number", + "numberFrom": "0", + "numberTo": "2" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": null, + "maskingFunction": "Number", + "numberFrom": "0", + "numberTo": "2", + "prefixSize": null, + "suffixSize": null, + "replacementString": null + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": null, + "maskingFunction": "Number", + "numberFrom": "0", + "numberTo": "2", + "prefixSize": null, + "suffixSize": null, + "replacementString": null + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateText.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateText.json new file mode 100644 index 000000000000..ca68baae606f --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleCreateOrUpdateText.json @@ -0,0 +1,70 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "sqlcrudtest-6852", + "workspaceName": "sqlcrudtest-2080", + "sqlPoolName": "sqlcrudtest-331", + "dataMaskingPolicyName": "Default", + "api-version": "2019-06-01-preview", + "dataMaskingRuleName": "rule1", + "parameters": { + "properties": { + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "maskingFunction": "Text", + "prefixSize": "1", + "suffixSize": "0", + "replacementString": "asdf" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": null, + "maskingFunction": "Text", + "numberFrom": null, + "numberTo": null, + "prefixSize": "1", + "suffixSize": "0", + "replacementString": "asdf" + } + } + }, + "201": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": null, + "maskingFunction": "Text", + "numberFrom": null, + "numberTo": null, + "prefixSize": "1", + "suffixSize": "0", + "replacementString": "asdf" + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleList.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleList.json new file mode 100644 index 000000000000..72777db7a200 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/DataMaskingRuleList.json @@ -0,0 +1,60 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "sqlcrudtest-6852", + "workspaceName": "sqlcrudtest-2080", + "sqlPoolName": "sqlcrudtest-331", + "dataMaskingPolicyName": "Default", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": null, + "maskingFunction": "Text", + "numberFrom": null, + "numberTo": null, + "prefixSize": "1", + "suffixSize": "0", + "replacementString": "asdf" + } + }, + { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/sqlcrudtest-6852/providers/Microsoft.Synapse/workspaces/sqlcrudtest-6852/sqlPools/sqlcrudtest-331/dataMaskingPolicies/Default/rules/", + "name": null, + "type": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules", + "location": "Central US", + "kind": null, + "properties": { + "id": "dbo_Table_1_test1", + "ruleState": "Enabled", + "schemaName": "dbo", + "tableName": "Table_1", + "columnName": "test1", + "aliasName": null, + "maskingFunction": "Number", + "numberFrom": "0", + "numberTo": "2", + "prefixSize": null, + "suffixSize": null, + "replacementString": null + } + } + ] + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/GetSqlPoolColumnSensitivityLabelGet.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/GetSqlPoolColumnSensitivityLabelGet.json new file mode 100644 index 000000000000..deb5fc3b0953 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/GetSqlPoolColumnSensitivityLabelGet.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "myRG", + "workspaceName": "myServer", + "sqlPoolName": "myDatabase", + "schemaName": "dbo", + "tableName": "myTable", + "columnName": "myColumn", + "sensitivityLabelSource": "current", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/myRG/providers/Microsoft.Synapse/workspaces/myServer/sqlPools/myDatabase/schemas/dbo/tables/myTable/columns/myColumn/sensitivityLabels/current", + "name": "current", + "type": "Microsoft.Synapse/workspaces/sqlPools/schemas/tables/columns/sensitivityLabels", + "properties": { + "informationType": "PhoneNumber", + "informationTypeId": "d22fa6e9-5ee4-3bde-4c2b-a409604c4646", + "labelId": "bf91e08c-f4f0-478a-b016-25164b2a65ff", + "labelName": "PII" + } + } + } + } +} From eecee40165675cd4e0d8f289c0e63593a2ce833e Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Thu, 1 Oct 2020 15:55:41 -0700 Subject: [PATCH 04/13] Added SqlPoolAuditingSettingsList --- .../examples/SqlPoolAuditingSettingsList.json | 32 +++++++++ .../preview/2019-06-01-preview/sqlPool.json | 70 ++++++++++++++++++- 2 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolAuditingSettingsList.json diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolAuditingSettingsList.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolAuditingSettingsList.json new file mode 100644 index 000000000000..87d770c69af9 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolAuditingSettingsList.json @@ -0,0 +1,32 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "blobauditingtest-6852", + "workspaceName": "blobauditingtest-2080", + "sqlPoolName": "testdb", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/blobauditingtest-6852/providers/Microsoft.Synapse/workspaces/blobauditingtest-2080/sqlPools/testdb", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/auditingSettings", + "kind": "V12", + "properties": { + "state": "Disabled", + "storageEndpoint": "", + "retentionDays": 0, + "auditActionsAndGroups": [], + "storageAccountSubscriptionId": "00000000-0000-0000-0000-000000000000", + "isStorageSecondaryKeyInUse": false, + "isAzureMonitorTargetEnabled": false + } + } + ] + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json index eb5fa87e3057..0500fd7c3376 100644 --- a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json @@ -3360,7 +3360,7 @@ "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/dataMaskingPolicies/{dataMaskingPolicyName}/rules": { "get": { "tags": [ - "DataMaskingRules" + "SqlPools, DataMaskingRules" ], "operationId": "DataMaskingRules_ListBySqlPool", "description": "Gets a list of Sql pool data masking rules.", @@ -3409,6 +3409,55 @@ "nextLinkName": null } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/auditingSettings": { + "get": { + "tags": [ + "SqlPools, BlobAuditing" + ], + "description": "Lists auditing settings of a Sql pool.", + "operationId": "SqlPoolBlobAuditingPolicies_ListBySqlPool", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + } + ], + "responses": { + "200": { + "description": "Successfully retrieved Sql pool auditing settings.", + "schema": { + "$ref": "#/definitions/SqlPoolBlobAuditingPolicyListResult" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 BlobAuditingIsNotSupportedOnResourceType - Blob Auditing is currently not supported for this resource type.\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later." + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List audit settings of a database": { + "$ref": "./examples/SqlPoolAuditingSettingsList.json" + } + } + } } }, "definitions": { @@ -5264,6 +5313,25 @@ } }, "description": "The response to a list data masking rules request." + }, + "SqlPoolBlobAuditingPolicyListResult": { + "description": "A list of Sql pool auditing settings.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolBlobAuditingPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } } }, "parameters": { From cf144b33e7ca5816119636421df1cf9f865c1377 Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Fri, 2 Oct 2020 11:14:41 -0700 Subject: [PATCH 05/13] Schemas tables columns vulnerabilityassesmentBaseline GET documentation --- .../examples/SqlPoolColumnGet.json | 24 + .../examples/SqlPoolSchemaGet.json | 19 + .../examples/SqlPoolTableGet.json | 20 + ...ulnerabilityAssessmentRuleBaselineGet.json | 44 + .../preview/2019-06-01-preview/sqlPool.json | 3827 +++++++++-------- 5 files changed, 2158 insertions(+), 1776 deletions(-) create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolColumnGet.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolSchemaGet.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolTableGet.json create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolVulnerabilityAssessmentRuleBaselineGet.json diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolColumnGet.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolColumnGet.json new file mode 100644 index 000000000000..a80da2ee5428 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolColumnGet.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "myRG", + "workspaceName": "serverName", + "sqlPoolName": "myDatabase", + "schemaName": "dbo", + "tableName": "table1", + "columnName": "column1", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/myRG/providers/Microsoft.Synapse/workspaces/serverName/sqlPools/myDatabase/schemas/dbo/tables/table1/columns/column1", + "name": "column1", + "type": "Microsoft.Synapse/workspaces/sqlPools/schemas/tables/columns", + "properties": { + "columnType": "bit" + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolSchemaGet.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolSchemaGet.json new file mode 100644 index 000000000000..3ddaa4d2d73e --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolSchemaGet.json @@ -0,0 +1,19 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "myRG", + "workspaceName": "serverName", + "sqlPoolName": "myDatabase", + "schemaName": "dbo", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/myRG/providers/Microsoft.Synapse/workspaces/serverName/sqlPools/myDatabase/schemas/dbo", + "name": "dbo", + "type": "Microsoft.Synapse/workspaces/sqlPools/schemas" + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolTableGet.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolTableGet.json new file mode 100644 index 000000000000..e0b78cb45f01 --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolTableGet.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "myRG", + "workspaceName": "serverName", + "sqlPoolName": "myDatabase", + "schemaName": "dbo", + "tableName": "table1", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/myRG/providers/Microsoft.Synapse/workspaces/serverName/sqlPools/myDatabase/schemas/dbo/tables/table1", + "name": "table1", + "type": "Microsoft.Synapse/workspaces/sqlPools/schemas/tables" + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolVulnerabilityAssessmentRuleBaselineGet.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolVulnerabilityAssessmentRuleBaselineGet.json new file mode 100644 index 000000000000..106bd5dbf4fc --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolVulnerabilityAssessmentRuleBaselineGet.json @@ -0,0 +1,44 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "vulnerabilityaseessmenttest-4711", + "workspaceName": "vulnerabilityaseessmenttest-6411", + "sqlPoolName": "testdb", + "vulnerabilityAssessmentName": "default", + "ruleId": "VA1001", + "baselineName": "master", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityaseessmenttest-4799/providers/Microsoft.Synapse/workspaces/vulnerabilityaseessmenttest-6440/sqlPools/testdb/vulnerabilityAssessments/default/rules/VA1001/baselines/default", + "name": "default", + "type": "Microsoft.Synapse/workspaces/sqlPools/vulnerabilityAssessments/rules/baselines", + "properties": { + "baselineResults": [ + { + "result": [ + "userA", + "SELECT" + ] + }, + { + "result": [ + "userB", + "SELECT" + ] + }, + { + "result": [ + "userC", + "SELECT", + "tableId_4" + ] + } + ] + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json index 0500fd7c3376..af72b55a9b88 100644 --- a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json @@ -2761,6 +2761,86 @@ "$ref": "./examples/DeleteSqlPoolVulnerabilityAssessmentRuleBaseline.json" } } + }, + "get": { + "tags": [ + "SqlPools, SqlPoolVulnerabilityAssesmentRuleBaselines" + ], + "description": "Gets a SqlPool's vulnerability assessment rule baseline.", + "operationId": "SqlPoolVulnerabilityAssessmentRuleBaselines_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "name": "vulnerabilityAssessmentName", + "in": "path", + "description": "The name of the vulnerability assessment.", + "required": true, + "type": "string", + "enum": [ + "default" + ], + "x-ms-enum": { + "name": "VulnerabilityAssessmentName", + "modelAsString": true + } + }, + { + "name": "ruleId", + "in": "path", + "description": "The vulnerability assessment rule ID.", + "required": true, + "type": "string" + }, + { + "name": "baselineName", + "in": "path", + "description": "The name of the vulnerability assessment rule baseline (default implies a baseline on a Sql pool level rule and master for server level rule).", + "required": true, + "type": "string", + "enum": [ + "master", + "default" + ], + "x-ms-enum": { + "name": "VulnerabilityAssessmentPolicyBaselineName", + "modelAsString": false + } + } + ], + "responses": { + "200": { + "description": "Successfully got the vulnerability assessment rule baseline.", + "schema": { + "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaseline" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 VulnerabilityAssessmentStorageAuthenticationFailed - Could not authenticate to storage account '{0}' .\n\n * 400 VulnerabilityAssessmentInvalidPolicy - Vulnerability Assessment settings don't exist or invalid storage specified in settings. \n\n * 400 VulnerabilityAssessmentDatawarehouseDatabaseIsDeactivated - Could not execute Vulnerability Assessment operation because the database is paused. Please resume it.\n\n * 400 InvalidVulnerabilityAssessmentOperationRequest - The vulnerability assessment operation request does not exist or has no properties object.\n\n * 400 DataSecurityInvalidUserSuppliedParameter - An invalid parameter value was provided by the client.\n\n * 404 VulnerabilityAssessmentInvalidStorageAccount - The storage account '{0}' that was defined in the policy is invalid.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 VulnerabilityAssessmentRuleDoesNotExists - Rule '{0}' does not exist.\n\n * 404 VulnerabilityAssessmentBaselineDoesNotExists - Baseline does not exist for rule '{0}'\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later." + } + }, + "x-ms-examples": { + "Gets a Sql pool's vulnerability assessment rule baseline.": { + "$ref": "./examples/SqlPoolVulnerabilityAssessmentRuleBaselineGet.json" + } + } } }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/vulnerabilityAssessments/{vulnerabilityAssessmentName}": { @@ -3438,6 +3518,10 @@ "required": true } ], + "consumes": [], + "produces": [ + "application/json" + ], "responses": { "200": { "description": "Successfully retrieved Sql pool auditing settings.", @@ -3458,1897 +3542,2088 @@ } } } - } - }, - "definitions": { - "SqlPoolInfoListResult": { - "type": "object", - "title": "SQL pool collection", - "description": "List of SQL pools", - "properties": { - "nextLink": { - "type": "string", - "description": "Link to the next page of results" - }, - "value": { - "type": "array", - "description": "List of SQL pools", - "items": { - "$ref": "#/definitions/SqlPool" - } - } - } - }, - "SqlPool": { - "type": "object", - "title": "SQL pool", - "description": "A SQL Analytics pool", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/TrackedResource" - } - ], - "properties": { - "sku": { - "$ref": "#/definitions/Sku", - "description": "SQL pool SKU" - }, - "properties": { - "$ref": "#/definitions/SqlPoolResourceProperties", - "description": "SQL pool properties", - "x-ms-client-flatten": true - } - } }, - "SqlPoolPatchInfo": { - "type": "object", - "title": "SQL pool patch info", - "description": "A SQL Analytics pool patch info", - "properties": { - "tags": { - "type": "object", - "additionalProperties": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/schemas/{schemaName}": { + "get": { + "tags": [ + "SqlPools, SqlPoolSchemas" + ], + "description": "Get Sql Pool schema", + "operationId": "SqlPoolSchemas_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "name": "schemaName", + "in": "path", + "description": "The name of the schema.", + "required": true, "type": "string" + } + ], + "consumes": [], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "Successfully retrieved Sql Pool schema.", + "schema": { + "$ref": "#/definitions/SqlPoolSchema" + } }, - "description": "Resource tags." - }, - "location": { - "type": "string", - "description": "The geo-location where the resource lives" - }, - "sku": { - "$ref": "#/definitions/Sku", - "description": "SQL pool SKU" - }, - "properties": { - "$ref": "#/definitions/SqlPoolResourceProperties", - "description": "SQL pool properties", - "x-ms-client-flatten": true - } - } - }, - "Sku": { - "type": "object", - "title": "Sku", - "description": "SQL pool SKU", - "properties": { - "tier": { - "type": "string", - "description": "The service tier" - }, - "name": { - "type": "string", - "description": "The SKU name" - }, - "capacity": { - "type": "integer", - "format": "int32", - "description": "If the SKU supports scale out/in then the capacity integer should be included. If scale out/in is not possible for the resource this may be omitted." - } - } - }, - "SqlPoolResourceProperties": { - "type": "object", - "title": "SQL pool properties", - "description": "Properties of a SQL Analytics pool", - "properties": { - "maxSizeBytes": { - "type": "integer", - "description": "Maximum size in bytes", - "format": "int64" - }, - "collation": { - "type": "string", - "description": "Collation mode" - }, - "sourceDatabaseId": { - "type": "string", - "description": "Source database to create from" - }, - "recoverableDatabaseId": { - "type": "string", - "description": "Backup database to restore from" - }, - "provisioningState": { - "type": "string", - "description": "Resource state" - }, - "status": { - "type": "string", - "description": "Resource status" - }, - "restorePointInTime": { - "type": "string", - "description": "Snapshot time to restore", - "format": "date-time" - }, - "createMode": { - "type": "string", - "description": "What is this?" + "default": { + "description": "*** Error Responses: ***\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 InvalidDatabaseSchema - Schema is missing in database.\n\n * 404 InvalidDatabaseTable - Table is missing in database.\n\n * 404 InvalidDatabaseColumn - Column is missing in table." + } }, - "creationDate": { - "type": "string", - "description": "Date the SQL pool was created", - "format": "date-time" + "x-ms-examples": { + "Get database schema": { + "$ref": "./examples/SqlPoolSchemaGet.json" + } } } }, - "MetadataSyncConfig": { - "type": "object", - "title": "Metadata sync configuration", - "description": "Configuration for metadata sync", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "properties": { - "title": "Metadata Sync Config properties", - "description": "Metadata Sync Config properties", - "properties": { - "enabled": { - "type": "boolean", - "description": "Indicates whether the metadata sync is enabled or disabled" + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/schemas/{schemaName}/tables/{tableName}": { + "get": { + "tags": [ + "SqlPools, SqlPoolTables" + ], + "description": "Get Sql pool table", + "operationId": "SqlPoolTables_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "name": "schemaName", + "in": "path", + "description": "The name of the schema.", + "required": true, + "type": "string" + }, + { + "name": "tableName", + "in": "path", + "description": "The name of the table.", + "required": true, + "type": "string" + } + ], + "consumes": [], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "Successfully retrieved Sql pool's table.", + "schema": { + "$ref": "#/definitions/SqlPoolTable" } }, - "x-ms-client-flatten": true - } - }, - "x-ms-azure-resource": true - }, - "GeoBackupPolicyProperties": { - "properties": { - "state": { - "type": "string", - "description": "The state of the geo backup policy.", - "enum": [ - "Disabled", - "Enabled" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "GeoBackupPolicyState" + "default": { + "description": "*** Error Responses: ***\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 InvalidDatabaseSchema - Schema is missing in database.\n\n * 404 InvalidDatabaseTable - Table is missing in database.\n\n * 404 InvalidDatabaseColumn - Column is missing in table." } }, - "storageType": { - "type": "string", - "description": "The storage type of the geo backup policy.", - "readOnly": true - } - }, - "required": [ - "state" - ], - "description": "The properties of the geo backup policy." - }, - "GeoBackupPolicy": { - "properties": { - "properties": { - "$ref": "#/definitions/GeoBackupPolicyProperties", - "description": "The properties of the geo backup policy.", - "x-ms-client-flatten": true - }, - "kind": { - "readOnly": true, - "type": "string", - "description": "Kind of geo backup policy. This is metadata used for the Azure portal experience." - }, - "location": { - "type": "string", - "readOnly": true, - "description": "Backup policy location." - } - }, - "required": [ - "properties" - ], - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + "x-ms-examples": { + "Get database table": { + "$ref": "./examples/SqlPoolTableGet.json" + } } - ], - "description": "A database geo backup policy." + } }, - "TopQueries": { - "properties": { - "aggregationFunction": { - "description": "The function that is used to aggregate each query's metrics.", - "type": "string", - "enum": [ - "min", - "max", - "avg", - "sum" - ], - "x-ms-enum": { - "name": "QueryAggregationFunction", - "modelAsString": false - }, - "readOnly": true - }, - "executionType": { - "description": "The execution type that is used to filter the query instances that are returned.", - "type": "string", - "enum": [ - "any", - "regular", - "irregular", - "aborted", - "exception" - ], - "x-ms-enum": { - "name": "QueryExecutionType", - "modelAsString": false - }, - "readOnly": true - }, - "intervalType": { - "description": "The duration of the interval (ISO8601 duration format).", - "type": "string", - "readOnly": true - }, - "numberOfTopQueries": { - "description": "The number of requested queries.", - "type": "number", - "format": "int32", - "readOnly": true - }, - "observationStartTime": { - "description": "The start time for queries that are returned (ISO8601 format)", - "type": "string", - "format": "date-time", - "readOnly": true - }, - "observationEndTime": { - "description": "The end time for queries that are returned (ISO8601 format)", - "type": "string", - "format": "date-time", - "readOnly": true - }, - "observedMetric": { - "description": "The type of metric to use for ordering the top metrics.", - "type": "string", - "enum": [ - "cpu", - "io", - "logio", - "duration", - "executionCount" - ], - "x-ms-enum": { - "name": "QueryObservedMetricType", - "modelAsString": false - }, - "readOnly": true - }, - "queries": { - "type": "array", - "items": { - "$ref": "#/definitions/QueryStatistic" + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/schemas/{schemaName}/tables/{tableName}/columns/{columnName}": { + "get": { + "tags": [ + "SqlPools, SqlPoolColumns" + ], + "description": "Get Sql pool column", + "operationId": "SqlPoolColumns_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" }, - "description": "The list of queries.", - "readOnly": true - } - }, - "description": "A database query." - }, - "QueryStatistic": { - "properties": { - "queryId": { - "description": "The id of the query", - "type": "string", - "readOnly": true - }, - "intervals": { - "type": "array", - "items": { - "$ref": "#/definitions/QueryInterval" + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" }, - "description": "The list of query intervals.", - "readOnly": true - } - }, - "description": "A database query." - }, - "QueryInterval": { - "properties": { - "intervalStartTime": { - "description": "The start time of the measurement interval (ISO8601 format).", - "type": "string", - "format": "date-time", - "readOnly": true - }, - "executionCount": { - "description": "The number of times the query was executed during this interval.", - "type": "number", - "format": "int32", - "readOnly": true - }, - "metrics": { - "type": "array", - "items": { - "$ref": "#/definitions/QueryMetric" + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" }, - "description": "The list of query metrics during this interval.", - "readOnly": true - } - }, - "description": "A database query." - }, - "QueryMetric": { - "properties": { - "name": { - "description": "The name of the metric", - "type": "string", - "readOnly": true - }, - "displayName": { - "description": "The name of the metric for display in user interface", - "type": "string", - "readOnly": true - }, - "unit": { - "description": "The unit of measurement", - "type": "string", - "enum": [ - "percentage", - "KB", - "microseconds" - ], - "x-ms-enum": { - "name": "QueryMetricUnit", - "modelAsString": false - }, - "readOnly": true - }, - "value": { - "description": "The measured value", - "type": "number", - "format": "double", - "readOnly": true - } - }, - "description": "A database query." - }, - "TopQueriesListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/TopQueries" - }, - "description": "The list of top queries." - } - }, - "required": [ - "value" - ], - "description": "Represents the response to a get top queries request." - }, - "DataWarehouseUserActivitiesProperties": { - "description": "User activities of a data warehouse. This currently includes the count of running or suspended queries. For more information, please view the sys.dm_pdw_exec_requests dynamic management view (DMV).", - "type": "object", - "properties": { - "activeQueriesCount": { - "format": "int32", - "description": "Count of running and suspended queries.", - "type": "integer", - "readOnly": true - } - } - }, - "DataWarehouseUserActivities": { - "description": "User activities of a data warehouse", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "properties": { - "$ref": "#/definitions/DataWarehouseUserActivitiesProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "RestorePointListResult": { - "description": "A list of long term retention backups.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/RestorePoint" - }, - "readOnly": true + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "name": "schemaName", + "in": "path", + "description": "The name of the schema.", + "required": true, + "type": "string" + }, + { + "name": "tableName", + "in": "path", + "description": "The name of the table.", + "required": true, + "type": "string" + }, + { + "name": "columnName", + "in": "path", + "description": "The name of the column.", + "required": true, + "type": "string" + } + ], + "consumes": [], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "Successfully retrieved Sql pool column.", + "schema": { + "$ref": "#/definitions/SqlPoolColumn" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 404 InvalidDatabaseSchema - Schema is missing in database.\n\n * 404 InvalidDatabaseTable - Table is missing in database.\n\n * 404 InvalidDatabaseColumn - Column is missing in table." + } }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true + "x-ms-examples": { + "Get database column": { + "$ref": "./examples/SqlPoolColumnGet.json" + } } } }, - "RestorePointProperties": { - "description": "Properties of a database restore point", - "type": "object", - "properties": { - "restorePointType": { - "description": "The type of restore point", - "enum": [ - "CONTINUOUS", - "DISCRETE" - ], - "type": "string", - "readOnly": true, - "x-ms-enum": { - "name": "RestorePointType", - "modelAsString": false + "definitions": { + "SqlPoolInfoListResult": { + "type": "object", + "title": "SQL pool collection", + "description": "List of SQL pools", + "properties": { + "nextLink": { + "type": "string", + "description": "Link to the next page of results" + }, + "value": { + "type": "array", + "description": "List of SQL pools", + "items": { + "$ref": "#/definitions/SqlPool" + } + } + } + }, + "SqlPool": { + "type": "object", + "title": "SQL pool", + "description": "A SQL Analytics pool", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/TrackedResource" + } + ], + "properties": { + "sku": { + "$ref": "#/definitions/Sku", + "description": "SQL pool SKU" + }, + "properties": { + "$ref": "#/definitions/SqlPoolResourceProperties", + "description": "SQL pool properties", + "x-ms-client-flatten": true + } + } + }, + "SqlPoolPatchInfo": { + "type": "object", + "title": "SQL pool patch info", + "description": "A SQL Analytics pool patch info", + "properties": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Resource tags." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "sku": { + "$ref": "#/definitions/Sku", + "description": "SQL pool SKU" + }, + "properties": { + "$ref": "#/definitions/SqlPoolResourceProperties", + "description": "SQL pool properties", + "x-ms-client-flatten": true + } + } + }, + "Sku": { + "type": "object", + "title": "Sku", + "description": "SQL pool SKU", + "properties": { + "tier": { + "type": "string", + "description": "The service tier" + }, + "name": { + "type": "string", + "description": "The SKU name" + }, + "capacity": { + "type": "integer", + "format": "int32", + "description": "If the SKU supports scale out/in then the capacity integer should be included. If scale out/in is not possible for the resource this may be omitted." + } + } + }, + "SqlPoolResourceProperties": { + "type": "object", + "title": "SQL pool properties", + "description": "Properties of a SQL Analytics pool", + "properties": { + "maxSizeBytes": { + "type": "integer", + "description": "Maximum size in bytes", + "format": "int64" + }, + "collation": { + "type": "string", + "description": "Collation mode" + }, + "sourceDatabaseId": { + "type": "string", + "description": "Source database to create from" + }, + "recoverableDatabaseId": { + "type": "string", + "description": "Backup database to restore from" + }, + "provisioningState": { + "type": "string", + "description": "Resource state" + }, + "status": { + "type": "string", + "description": "Resource status" + }, + "restorePointInTime": { + "type": "string", + "description": "Snapshot time to restore", + "format": "date-time" + }, + "createMode": { + "type": "string", + "description": "What is this?" + }, + "creationDate": { + "type": "string", + "description": "Date the SQL pool was created", + "format": "date-time" + } + } + }, + "MetadataSyncConfig": { + "type": "object", + "title": "Metadata sync configuration", + "description": "Configuration for metadata sync", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "title": "Metadata Sync Config properties", + "description": "Metadata Sync Config properties", + "properties": { + "enabled": { + "type": "boolean", + "description": "Indicates whether the metadata sync is enabled or disabled" + } + }, + "x-ms-client-flatten": true } }, - "earliestRestoreDate": { - "format": "date-time", - "description": "The earliest time to which this database can be restored", - "type": "string", - "readOnly": true + "x-ms-azure-resource": true + }, + "GeoBackupPolicyProperties": { + "properties": { + "state": { + "type": "string", + "description": "The state of the geo backup policy.", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "GeoBackupPolicyState" + } + }, + "storageType": { + "type": "string", + "description": "The storage type of the geo backup policy.", + "readOnly": true + } }, - "restorePointCreationDate": { - "format": "date-time", - "description": "The time the backup was taken", - "type": "string", - "readOnly": true + "required": [ + "state" + ], + "description": "The properties of the geo backup policy." + }, + "GeoBackupPolicy": { + "properties": { + "properties": { + "$ref": "#/definitions/GeoBackupPolicyProperties", + "description": "The properties of the geo backup policy.", + "x-ms-client-flatten": true + }, + "kind": { + "readOnly": true, + "type": "string", + "description": "Kind of geo backup policy. This is metadata used for the Azure portal experience." + }, + "location": { + "type": "string", + "readOnly": true, + "description": "Backup policy location." + } }, - "restorePointLabel": { - "description": "The label of restore point for backup request by user", - "type": "string", - "readOnly": true - } - } - }, - "RestorePoint": { - "description": "Database restore points.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "location": { - "description": "Resource location.", - "type": "string", - "readOnly": true + "required": [ + "properties" + ], + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "A database geo backup policy." + }, + "TopQueries": { + "properties": { + "aggregationFunction": { + "description": "The function that is used to aggregate each query's metrics.", + "type": "string", + "enum": [ + "min", + "max", + "avg", + "sum" + ], + "x-ms-enum": { + "name": "QueryAggregationFunction", + "modelAsString": false + }, + "readOnly": true + }, + "executionType": { + "description": "The execution type that is used to filter the query instances that are returned.", + "type": "string", + "enum": [ + "any", + "regular", + "irregular", + "aborted", + "exception" + ], + "x-ms-enum": { + "name": "QueryExecutionType", + "modelAsString": false + }, + "readOnly": true + }, + "intervalType": { + "description": "The duration of the interval (ISO8601 duration format).", + "type": "string", + "readOnly": true + }, + "numberOfTopQueries": { + "description": "The number of requested queries.", + "type": "number", + "format": "int32", + "readOnly": true + }, + "observationStartTime": { + "description": "The start time for queries that are returned (ISO8601 format)", + "type": "string", + "format": "date-time", + "readOnly": true + }, + "observationEndTime": { + "description": "The end time for queries that are returned (ISO8601 format)", + "type": "string", + "format": "date-time", + "readOnly": true + }, + "observedMetric": { + "description": "The type of metric to use for ordering the top metrics.", + "type": "string", + "enum": [ + "cpu", + "io", + "logio", + "duration", + "executionCount" + ], + "x-ms-enum": { + "name": "QueryObservedMetricType", + "modelAsString": false + }, + "readOnly": true + }, + "queries": { + "type": "array", + "items": { + "$ref": "#/definitions/QueryStatistic" + }, + "description": "The list of queries.", + "readOnly": true + } }, + "description": "A database query." + }, + "QueryStatistic": { "properties": { - "$ref": "#/definitions/RestorePointProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "ReplicationLinkProperties": { - "properties": { - "isTerminationAllowed": { - "readOnly": true, - "type": "boolean", - "description": "Legacy value indicating whether termination is allowed. Currently always returns true." + "queryId": { + "description": "The id of the query", + "type": "string", + "readOnly": true + }, + "intervals": { + "type": "array", + "items": { + "$ref": "#/definitions/QueryInterval" + }, + "description": "The list of query intervals.", + "readOnly": true + } }, - "replicationMode": { - "readOnly": true, - "type": "string", - "description": "Replication mode of this replication link." + "description": "A database query." + }, + "QueryInterval": { + "properties": { + "intervalStartTime": { + "description": "The start time of the measurement interval (ISO8601 format).", + "type": "string", + "format": "date-time", + "readOnly": true + }, + "executionCount": { + "description": "The number of times the query was executed during this interval.", + "type": "number", + "format": "int32", + "readOnly": true + }, + "metrics": { + "type": "array", + "items": { + "$ref": "#/definitions/QueryMetric" + }, + "description": "The list of query metrics during this interval.", + "readOnly": true + } }, - "partnerServer": { - "readOnly": true, - "type": "string", - "description": "The name of the workspace hosting the partner Sql pool." + "description": "A database query." + }, + "QueryMetric": { + "properties": { + "name": { + "description": "The name of the metric", + "type": "string", + "readOnly": true + }, + "displayName": { + "description": "The name of the metric for display in user interface", + "type": "string", + "readOnly": true + }, + "unit": { + "description": "The unit of measurement", + "type": "string", + "enum": [ + "percentage", + "KB", + "microseconds" + ], + "x-ms-enum": { + "name": "QueryMetricUnit", + "modelAsString": false + }, + "readOnly": true + }, + "value": { + "description": "The measured value", + "type": "number", + "format": "double", + "readOnly": true + } }, - "partnerDatabase": { - "readOnly": true, - "type": "string", - "description": "The name of the partner Sql pool." + "description": "A database query." + }, + "TopQueriesListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/TopQueries" + }, + "description": "The list of top queries." + } }, - "partnerLocation": { - "readOnly": true, - "type": "string", - "description": "The Azure Region of the partner Sql pool." + "required": [ + "value" + ], + "description": "Represents the response to a get top queries request." + }, + "DataWarehouseUserActivitiesProperties": { + "description": "User activities of a data warehouse. This currently includes the count of running or suspended queries. For more information, please view the sys.dm_pdw_exec_requests dynamic management view (DMV).", + "type": "object", + "properties": { + "activeQueriesCount": { + "format": "int32", + "description": "Count of running and suspended queries.", + "type": "integer", + "readOnly": true + } + } + }, + "DataWarehouseUserActivities": { + "description": "User activities of a data warehouse", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/DataWarehouseUserActivitiesProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "RestorePointListResult": { + "description": "A list of long term retention backups.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/RestorePoint" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } + }, + "RestorePointProperties": { + "description": "Properties of a database restore point", + "type": "object", + "properties": { + "restorePointType": { + "description": "The type of restore point", + "enum": [ + "CONTINUOUS", + "DISCRETE" + ], + "type": "string", + "readOnly": true, + "x-ms-enum": { + "name": "RestorePointType", + "modelAsString": false + } + }, + "earliestRestoreDate": { + "format": "date-time", + "description": "The earliest time to which this database can be restored", + "type": "string", + "readOnly": true + }, + "restorePointCreationDate": { + "format": "date-time", + "description": "The time the backup was taken", + "type": "string", + "readOnly": true + }, + "restorePointLabel": { + "description": "The label of restore point for backup request by user", + "type": "string", + "readOnly": true + } + } + }, + "RestorePoint": { + "description": "Database restore points.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "location": { + "description": "Resource location.", + "type": "string", + "readOnly": true + }, + "properties": { + "$ref": "#/definitions/RestorePointProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "ReplicationLinkProperties": { + "properties": { + "isTerminationAllowed": { + "readOnly": true, + "type": "boolean", + "description": "Legacy value indicating whether termination is allowed. Currently always returns true." + }, + "replicationMode": { + "readOnly": true, + "type": "string", + "description": "Replication mode of this replication link." + }, + "partnerServer": { + "readOnly": true, + "type": "string", + "description": "The name of the workspace hosting the partner Sql pool." + }, + "partnerDatabase": { + "readOnly": true, + "type": "string", + "description": "The name of the partner Sql pool." + }, + "partnerLocation": { + "readOnly": true, + "type": "string", + "description": "The Azure Region of the partner Sql pool." + }, + "role": { + "readOnly": true, + "type": "string", + "description": "The role of the Sql pool in the replication link.", + "enum": [ + "Primary", + "Secondary", + "NonReadableSecondary", + "Source", + "Copy" + ], + "x-ms-enum": { + "name": "ReplicationRole" + } + }, + "partnerRole": { + "readOnly": true, + "type": "string", + "description": "The role of the partner Sql pool in the replication link.", + "enum": [ + "Primary", + "Secondary", + "NonReadableSecondary", + "Source", + "Copy" + ], + "x-ms-enum": { + "name": "ReplicationRole" + } + }, + "startTime": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The start time for the replication link." + }, + "percentComplete": { + "readOnly": true, + "type": "integer", + "format": "int32", + "description": "The percentage of seeding complete for the replication link." + }, + "replicationState": { + "readOnly": true, + "type": "string", + "description": "The replication state for the replication link.", + "enum": [ + "PENDING", + "SEEDING", + "CATCH_UP", + "SUSPENDED" + ], + "x-ms-enum": { + "name": "ReplicationState", + "modelAsString": true + } + } }, - "role": { - "readOnly": true, - "type": "string", - "description": "The role of the Sql pool in the replication link.", - "enum": [ - "Primary", - "Secondary", - "NonReadableSecondary", - "Source", - "Copy" - ], - "x-ms-enum": { - "name": "ReplicationRole" + "description": "Represents the properties of a Sql pool replication link." + }, + "ReplicationLink": { + "properties": { + "location": { + "type": "string", + "description": "Location of the workspace that contains this firewall rule.", + "readOnly": true + }, + "type": { + "type": "string", + "description": "Type of resource this is.", + "readOnly": true + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/ReplicationLinkProperties", + "description": "The properties representing the resource." } }, - "partnerRole": { - "readOnly": true, - "type": "string", - "description": "The role of the partner Sql pool in the replication link.", - "enum": [ - "Primary", - "Secondary", - "NonReadableSecondary", - "Source", - "Copy" - ], - "x-ms-enum": { - "name": "ReplicationRole" + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Represents a Sql pool replication link." + }, + "ReplicationLinkListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/ReplicationLink" + }, + "description": "The list of Sql pool replication links housed in the Sql pool." + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true } }, - "startTime": { - "readOnly": true, - "type": "string", - "format": "date-time", - "description": "The start time for the replication link." + "description": "Represents the response to a List Sql pool replication link request." + }, + "TransparentDataEncryptionProperties": { + "properties": { + "status": { + "type": "string", + "description": "The status of the database transparent data encryption.", + "enum": [ + "Enabled", + "Disabled" + ], + "x-ms-enum": { + "name": "TransparentDataEncryptionStatus" + } + } }, - "percentComplete": { - "readOnly": true, - "type": "integer", - "format": "int32", - "description": "The percentage of seeding complete for the replication link." + "description": "Represents the properties of a database transparent data encryption." + }, + "TransparentDataEncryption": { + "properties": { + "location": { + "type": "string", + "readOnly": true, + "description": "Resource location." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/TransparentDataEncryptionProperties", + "description": "Represents the properties of the resource." + } }, - "replicationState": { - "readOnly": true, - "type": "string", - "description": "The replication state for the replication link.", - "enum": [ - "PENDING", - "SEEDING", - "CATCH_UP", - "SUSPENDED" - ], - "x-ms-enum": { - "name": "ReplicationState", - "modelAsString": true + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Represents a Sql pool transparent data encryption configuration." + }, + "SqlPoolBlobAuditingPolicyProperties": { + "description": "Properties of a Sql pool blob auditing policy.", + "required": [ + "state" + ], + "type": "object", + "properties": { + "state": { + "description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.", + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "BlobAuditingPolicyState", + "modelAsString": false + } + }, + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required.", + "type": "string" + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, storageAccountAccessKey is required.", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the audit logs in the storage account.", + "type": "integer" + }, + "auditActionsAndGroups": { + "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)", + "type": "array", + "items": { + "type": "string" + } + }, + "storageAccountSubscriptionId": { + "format": "uuid", + "description": "Specifies the blob storage subscription Id.", + "type": "string" + }, + "isStorageSecondaryKeyInUse": { + "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.", + "type": "boolean" + }, + "isAzureMonitorTargetEnabled": { + "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n", + "type": "boolean" + } + } + }, + "SqlPoolBlobAuditingPolicy": { + "description": "A Sql pool blob auditing policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "kind": { + "description": "Resource kind.", + "type": "string", + "readOnly": true + }, + "properties": { + "$ref": "#/definitions/SqlPoolBlobAuditingPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "SqlPoolBlobAuditingPolicySqlPoolOperationListResult": { + "description": "The response to a list Sql pool operations request", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolOperation" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } + }, + "SqlPoolOperationProperties": { + "description": "The properties of a Sql pool operation.", + "type": "object", + "properties": { + "databaseName": { + "description": "The name of the Sql pool the operation is being performed on.", + "type": "string", + "readOnly": true + }, + "operation": { + "description": "The name of operation.", + "type": "string", + "readOnly": true + }, + "operationFriendlyName": { + "description": "The friendly name of operation.", + "type": "string", + "readOnly": true + }, + "percentComplete": { + "format": "int32", + "description": "The percentage of the operation completed.", + "type": "integer", + "readOnly": true + }, + "serverName": { + "description": "The name of the server.", + "type": "string", + "readOnly": true + }, + "startTime": { + "format": "date-time", + "description": "The operation start time.", + "type": "string", + "readOnly": true + }, + "state": { + "description": "The operation state.", + "enum": [ + "Pending", + "InProgress", + "Succeeded", + "Failed", + "CancelInProgress", + "Cancelled" + ], + "type": "string", + "readOnly": true, + "x-ms-enum": { + "name": "ManagementOperationState", + "modelAsString": true + } + }, + "errorCode": { + "format": "int32", + "description": "The operation error code.", + "type": "integer", + "readOnly": true + }, + "errorDescription": { + "description": "The operation error description.", + "type": "string", + "readOnly": true + }, + "errorSeverity": { + "format": "int32", + "description": "The operation error severity.", + "type": "integer", + "readOnly": true + }, + "isUserError": { + "description": "Whether or not the error is a user error.", + "type": "boolean", + "readOnly": true + }, + "estimatedCompletionTime": { + "format": "date-time", + "description": "The estimated completion time of the operation.", + "type": "string", + "readOnly": true + }, + "description": { + "description": "The operation description.", + "type": "string", + "readOnly": true + }, + "isCancellable": { + "description": "Whether the operation can be cancelled.", + "type": "boolean", + "readOnly": true + } + } + }, + "SqlPoolOperation": { + "description": "A Sql pool operation.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/SqlPoolOperationProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "SqlPoolUsage": { + "properties": { + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the usage metric." + }, + "resourceName": { + "readOnly": true, + "type": "string", + "description": "The name of the resource." + }, + "displayName": { + "readOnly": true, + "type": "string", + "description": "The usage metric display name." + }, + "currentValue": { + "readOnly": true, + "type": "number", + "format": "double", + "description": "The current value of the usage metric." + }, + "limit": { + "readOnly": true, + "type": "number", + "format": "double", + "description": "The current limit of the usage metric." + }, + "unit": { + "readOnly": true, + "type": "string", + "description": "The units of the usage metric." + }, + "nextResetTime": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The next reset time for the usage metric (ISO8601 format)." + } + }, + "description": "The Sql pool usages." + }, + "SqlPoolUsageListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolUsage" + }, + "description": "The list of usages for the Sql pool." + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + }, + "required": [ + "value" + ], + "description": "The response to a list Sql pool usages request." + }, + "SensitivityLabelProperties": { + "description": "Properties of a sensitivity label.", + "type": "object", + "properties": { + "labelName": { + "description": "The label name.", + "type": "string" + }, + "labelId": { + "description": "The label ID.", + "type": "string" + }, + "informationType": { + "description": "The information type.", + "type": "string" + }, + "informationTypeId": { + "description": "The information type ID.", + "type": "string" + }, + "isDisabled": { + "description": "Is sensitivity recommendation disabled. Applicable for recommended sensitivity label only. Specifies whether the sensitivity recommendation on this column is disabled (dismissed) or not.", + "type": "boolean", + "readOnly": true + } + } + }, + "SensitivityLabel": { + "description": "A sensitivity label.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/SensitivityLabelProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "SensitivityLabelListResult": { + "description": "A list of sensitivity labels.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SensitivityLabel" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } + }, + "SqlPoolSchema": { + "description": "A Sql pool schema resource.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ] + }, + "SqlPoolSchemaListResult": { + "description": "A list of Sql pool schemas.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolSchema" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true } } }, - "description": "Represents the properties of a Sql pool replication link." - }, - "ReplicationLink": { - "properties": { - "location": { - "type": "string", - "description": "Location of the workspace that contains this firewall rule.", - "readOnly": true - }, - "type": { - "type": "string", - "description": "Type of resource this is.", - "readOnly": true - }, + "SqlPoolTable": { + "description": "A Sql pool table resource.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ] + }, + "SqlPoolTableListResult": { + "description": "A list of Sql pool tables.", + "type": "object", "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/ReplicationLinkProperties", - "description": "The properties representing the resource." + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolTable" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } } }, - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "description": "Represents a Sql pool replication link." - }, - "ReplicationLinkListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/ReplicationLink" - }, - "description": "The list of Sql pool replication links housed in the Sql pool." - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true + "SqlPoolColumnProperties": { + "description": "Sql pool column properties.", + "type": "object", + "properties": { + "columnType": { + "description": "The column data type.", + "enum": [ + "image", + "text", + "uniqueidentifier", + "date", + "time", + "datetime2", + "datetimeoffset", + "tinyint", + "smallint", + "int", + "smalldatetime", + "real", + "money", + "datetime", + "float", + "sql_variant", + "ntext", + "bit", + "decimal", + "numeric", + "smallmoney", + "bigint", + "hierarchyid", + "geometry", + "geography", + "varbinary", + "varchar", + "binary", + "char", + "timestamp", + "nvarchar", + "nchar", + "xml", + "sysname" + ], + "type": "string", + "x-ms-enum": { + "name": "ColumnDataType", + "modelAsString": true + } + } } }, - "description": "Represents the response to a List Sql pool replication link request." - }, - "TransparentDataEncryptionProperties": { - "properties": { - "status": { - "type": "string", - "description": "The status of the database transparent data encryption.", - "enum": [ - "Enabled", - "Disabled" - ], - "x-ms-enum": { - "name": "TransparentDataEncryptionStatus" + "SqlPoolColumn": { + "description": "A Sql pool column resource.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/SqlPoolColumnProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } } }, - "description": "Represents the properties of a database transparent data encryption." - }, - "TransparentDataEncryption": { - "properties": { - "location": { - "type": "string", - "readOnly": true, - "description": "Resource location." - }, + "SqlPoolColumnListResult": { + "description": "A list of Sql pool columns.", + "type": "object", "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/TransparentDataEncryptionProperties", - "description": "Represents the properties of the resource." + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolColumn" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } } }, - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "description": "Represents a Sql pool transparent data encryption configuration." - }, - "SqlPoolBlobAuditingPolicyProperties": { - "description": "Properties of a Sql pool blob auditing policy.", - "required": [ - "state" - ], - "type": "object", - "properties": { - "state": { - "description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.", - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string", - "x-ms-enum": { - "name": "BlobAuditingPolicyState", - "modelAsString": false - } - }, - "storageEndpoint": { - "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required.", - "type": "string" - }, - "storageAccountAccessKey": { - "description": "Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, storageAccountAccessKey is required.", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "retentionDays": { - "format": "int32", - "description": "Specifies the number of days to keep in the audit logs in the storage account.", - "type": "integer" - }, - "auditActionsAndGroups": { - "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)", - "type": "array", - "items": { + "SqlPoolConnectionPolicyProperties": { + "description": "Properties of a Sql pool connection policy.", + "type": "object", + "properties": { + "securityEnabledAccess": { + "description": "The state of security access.", + "type": "string" + }, + "proxyDnsName": { + "description": "The fully qualified host name of the auditing proxy.", + "type": "string" + }, + "proxyPort": { + "description": "The port number of the auditing proxy.", + "type": "string" + }, + "visibility": { + "description": "The visibility of the auditing proxy.", + "type": "string" + }, + "useServerDefault": { + "description": "Whether server default is enabled or disabled.", + "type": "string" + }, + "redirectionState": { + "description": "The state of proxy redirection.", + "type": "string" + }, + "state": { + "description": "The connection policy state.", "type": "string" } - }, - "storageAccountSubscriptionId": { - "format": "uuid", - "description": "Specifies the blob storage subscription Id.", - "type": "string" - }, - "isStorageSecondaryKeyInUse": { - "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.", - "type": "boolean" - }, - "isAzureMonitorTargetEnabled": { - "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n", - "type": "boolean" - } - } - }, - "SqlPoolBlobAuditingPolicy": { - "description": "A Sql pool blob auditing policy.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - ], - "properties": { - "kind": { - "description": "Resource kind.", - "type": "string", - "readOnly": true - }, + }, + "SqlPoolConnectionPolicy": { + "description": "A Sql pool connection policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], "properties": { - "$ref": "#/definitions/SqlPoolBlobAuditingPolicyProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "SqlPoolBlobAuditingPolicySqlPoolOperationListResult": { - "description": "The response to a list Sql pool operations request", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolOperation" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } - } - }, - "SqlPoolOperationProperties": { - "description": "The properties of a Sql pool operation.", - "type": "object", - "properties": { - "databaseName": { - "description": "The name of the Sql pool the operation is being performed on.", - "type": "string", - "readOnly": true - }, - "operation": { - "description": "The name of operation.", - "type": "string", - "readOnly": true - }, - "operationFriendlyName": { - "description": "The friendly name of operation.", - "type": "string", - "readOnly": true - }, - "percentComplete": { - "format": "int32", - "description": "The percentage of the operation completed.", - "type": "integer", - "readOnly": true - }, - "serverName": { - "description": "The name of the server.", - "type": "string", - "readOnly": true - }, - "startTime": { - "format": "date-time", - "description": "The operation start time.", - "type": "string", - "readOnly": true - }, - "state": { - "description": "The operation state.", - "enum": [ - "Pending", - "InProgress", - "Succeeded", - "Failed", - "CancelInProgress", - "Cancelled" - ], - "type": "string", - "readOnly": true, - "x-ms-enum": { - "name": "ManagementOperationState", - "modelAsString": true + "kind": { + "description": "Resource kind.", + "type": "string", + "readOnly": true + }, + "location": { + "type": "string", + "readOnly": true, + "description": "Resource location." + }, + "properties": { + "$ref": "#/definitions/SqlPoolConnectionPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } - }, - "errorCode": { - "format": "int32", - "description": "The operation error code.", - "type": "integer", - "readOnly": true - }, - "errorDescription": { - "description": "The operation error description.", - "type": "string", - "readOnly": true - }, - "errorSeverity": { - "format": "int32", - "description": "The operation error severity.", - "type": "integer", - "readOnly": true - }, - "isUserError": { - "description": "Whether or not the error is a user error.", - "type": "boolean", - "readOnly": true - }, - "estimatedCompletionTime": { - "format": "date-time", - "description": "The estimated completion time of the operation.", - "type": "string", - "readOnly": true - }, - "description": { - "description": "The operation description.", - "type": "string", - "readOnly": true - }, - "isCancellable": { - "description": "Whether the operation can be cancelled.", - "type": "boolean", - "readOnly": true - } - } - }, - "SqlPoolOperation": { - "description": "A Sql pool operation.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - ], - "properties": { + }, + "SqlPoolVulnerabilityAssessmentProperties": { + "description": "Properties of a Sql pool Vulnerability Assessment.", + "type": "object", "properties": { - "$ref": "#/definitions/SqlPoolOperationProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "SqlPoolUsage": { - "properties": { - "name": { - "readOnly": true, - "type": "string", - "description": "The name of the usage metric." - }, - "resourceName": { - "readOnly": true, - "type": "string", - "description": "The name of the resource." - }, - "displayName": { - "readOnly": true, - "type": "string", - "description": "The usage metric display name." - }, - "currentValue": { - "readOnly": true, - "type": "number", - "format": "double", - "description": "The current value of the usage metric." - }, - "limit": { - "readOnly": true, - "type": "number", - "format": "double", - "description": "The current limit of the usage metric." - }, - "unit": { - "readOnly": true, - "type": "string", - "description": "The units of the usage metric." - }, - "nextResetTime": { - "readOnly": true, - "type": "string", - "format": "date-time", - "description": "The next reset time for the usage metric (ISO8601 format)." + "storageContainerPath": { + "description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "storageContainerSasKey": { + "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required.", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required.", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "recurringScans": { + "$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties", + "description": "The recurring scans settings" + } } }, - "description": "The Sql pool usages." - }, - "SqlPoolUsageListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolUsage" - }, - "description": "The list of usages for the Sql pool." - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true + "VulnerabilityAssessmentRecurringScansProperties": { + "description": "Properties of a Vulnerability Assessment recurring scans.", + "type": "object", + "properties": { + "isEnabled": { + "description": "Recurring scans state.", + "type": "boolean" + }, + "emailSubscriptionAdmins": { + "description": "Specifies that the schedule scan notification will be is sent to the subscription administrators.", + "default": true, + "type": "boolean" + }, + "emails": { + "description": "Specifies an array of e-mail addresses to which the scan notification is sent.", + "type": "array", + "items": { + "type": "string" + } + } } }, - "required": [ - "value" - ], - "description": "The response to a list Sql pool usages request." - }, - "SensitivityLabelProperties": { - "description": "Properties of a sensitivity label.", - "type": "object", - "properties": { - "labelName": { - "description": "The label name.", - "type": "string" - }, - "labelId": { - "description": "The label ID.", - "type": "string" - }, - "informationType": { - "description": "The information type.", - "type": "string" - }, - "informationTypeId": { - "description": "The information type ID.", - "type": "string" - }, - "isDisabled": { - "description": "Is sensitivity recommendation disabled. Applicable for recommended sensitivity label only. Specifies whether the sensitivity recommendation on this column is disabled (dismissed) or not.", - "type": "boolean", - "readOnly": true - } - } - }, - "SensitivityLabel": { - "description": "A sensitivity label.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { + "SqlPoolVulnerabilityAssessment": { + "description": "A Sql pool vulnerability assessment.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], "properties": { - "$ref": "#/definitions/SensitivityLabelProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "SensitivityLabelListResult": { - "description": "A list of sensitivity labels.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SensitivityLabel" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } - } - }, - "SqlPoolSchema": { - "description": "A Sql pool schema resource.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ] - }, - "SqlPoolSchemaListResult": { - "description": "A list of Sql pool schemas.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolSchema" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } - } - }, - "SqlPoolTable": { - "description": "A Sql pool table resource.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ] - }, - "SqlPoolTableListResult": { - "description": "A list of Sql pool tables.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolTable" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } - } - }, - "SqlPoolColumnProperties": { - "description": "Sql pool column properties.", - "type": "object", - "properties": { - "columnType": { - "description": "The column data type.", - "enum": [ - "image", - "text", - "uniqueidentifier", - "date", - "time", - "datetime2", - "datetimeoffset", - "tinyint", - "smallint", - "int", - "smalldatetime", - "real", - "money", - "datetime", - "float", - "sql_variant", - "ntext", - "bit", - "decimal", - "numeric", - "smallmoney", - "bigint", - "hierarchyid", - "geometry", - "geography", - "varbinary", - "varchar", - "binary", - "char", - "timestamp", - "nvarchar", - "nchar", - "xml", - "sysname" - ], - "type": "string", - "x-ms-enum": { - "name": "ColumnDataType", - "modelAsString": true + "properties": { + "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } } - } - }, - "SqlPoolColumn": { - "description": "A Sql pool column resource.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { + }, + "SqlPoolVulnerabilityAssessmentListResult": { + "description": "A list of the Sql pool's vulnerability assessments.", + "type": "object", "properties": { - "$ref": "#/definitions/SqlPoolColumnProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "SqlPoolColumnListResult": { - "description": "A list of Sql pool columns.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolColumn" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } - } - }, - "SqlPoolConnectionPolicyProperties": { - "description": "Properties of a Sql pool connection policy.", - "type": "object", - "properties": { - "securityEnabledAccess": { - "description": "The state of security access.", - "type": "string" - }, - "proxyDnsName": { - "description": "The fully qualified host name of the auditing proxy.", - "type": "string" - }, - "proxyPort": { - "description": "The port number of the auditing proxy.", - "type": "string" - }, - "visibility": { - "description": "The visibility of the auditing proxy.", - "type": "string" - }, - "useServerDefault": { - "description": "Whether server default is enabled or disabled.", - "type": "string" - }, - "redirectionState": { - "description": "The state of proxy redirection.", - "type": "string" - }, - "state": { - "description": "The connection policy state.", - "type": "string" + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolVulnerabilityAssessment" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } } - } - }, - "SqlPoolConnectionPolicy": { - "description": "A Sql pool connection policy.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + }, + "VulnerabilityAssessmentScanRecordListResult": { + "description": "A list of vulnerability assessment scan records.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/VulnerabilityAssessmentScanRecord" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } } - ], - "properties": { - "kind": { - "description": "Resource kind.", - "type": "string", - "readOnly": true - }, - "location": { - "type": "string", - "readOnly": true, - "description": "Resource location." - }, + }, + "VulnerabilityAssessmentScanRecord": { + "description": "A vulnerability assessment scan record.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], "properties": { - "$ref": "#/definitions/SqlPoolConnectionPolicyProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true + "properties": { + "$ref": "#/definitions/VulnerabilityAssessmentScanRecordProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } } - } - }, - "SqlPoolVulnerabilityAssessmentProperties": { - "description": "Properties of a Sql pool Vulnerability Assessment.", - "type": "object", - "properties": { - "storageContainerPath": { - "description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "storageContainerSasKey": { - "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required.", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "storageAccountAccessKey": { - "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required.", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "recurringScans": { - "$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties", - "description": "The recurring scans settings" + }, + "VulnerabilityAssessmentScanRecordProperties": { + "description": "Properties of a vulnerability assessment scan record.", + "type": "object", + "properties": { + "scanId": { + "description": "The scan ID.", + "type": "string", + "readOnly": true + }, + "triggerType": { + "description": "The scan trigger type.", + "enum": [ + "OnDemand", + "Recurring" + ], + "type": "string", + "readOnly": true, + "x-ms-enum": { + "name": "VulnerabilityAssessmentScanTriggerType", + "modelAsString": true + } + }, + "state": { + "description": "The scan status.", + "enum": [ + "Passed", + "Failed", + "FailedToRun", + "InProgress" + ], + "type": "string", + "readOnly": true, + "x-ms-enum": { + "name": "VulnerabilityAssessmentScanState", + "modelAsString": true + } + }, + "startTime": { + "format": "date-time", + "description": "The scan start time (UTC).", + "type": "string", + "readOnly": true + }, + "endTime": { + "format": "date-time", + "description": "The scan end time (UTC).", + "type": "string", + "readOnly": true + }, + "errors": { + "description": "The scan errors.", + "type": "array", + "items": { + "$ref": "#/definitions/VulnerabilityAssessmentScanError" + }, + "readOnly": true + }, + "storageContainerPath": { + "description": "The scan results storage container path.", + "type": "string", + "readOnly": true + }, + "numberOfFailedSecurityChecks": { + "format": "int32", + "description": "The number of failed security checks.", + "type": "integer", + "readOnly": true + } } - } - }, - "VulnerabilityAssessmentRecurringScansProperties": { - "description": "Properties of a Vulnerability Assessment recurring scans.", - "type": "object", - "properties": { - "isEnabled": { - "description": "Recurring scans state.", - "type": "boolean" - }, - "emailSubscriptionAdmins": { - "description": "Specifies that the schedule scan notification will be is sent to the subscription administrators.", - "default": true, - "type": "boolean" - }, - "emails": { - "description": "Specifies an array of e-mail addresses to which the scan notification is sent.", - "type": "array", - "items": { - "type": "string" + }, + "VulnerabilityAssessmentScanError": { + "description": "Properties of a vulnerability assessment scan error.", + "type": "object", + "properties": { + "code": { + "description": "The error code.", + "type": "string", + "readOnly": true + }, + "message": { + "description": "The error message.", + "type": "string", + "readOnly": true } } - } - }, - "SqlPoolVulnerabilityAssessment": { - "description": "A Sql pool vulnerability assessment.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + }, + "SecurityAlertPolicyProperties": { + "description": "Properties of a security alert policy.", + "required": [ + "state" + ], + "type": "object", + "properties": { + "state": { + "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific Sql pool.", + "enum": [ + "New", + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "SecurityAlertPolicyState", + "modelAsString": false + } + }, + "disabledAlerts": { + "description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action", + "type": "array", + "items": { + "type": "string" + } + }, + "emailAddresses": { + "description": "Specifies an array of e-mail addresses to which the alert is sent.", + "type": "array", + "items": { + "type": "string" + } + }, + "emailAccountAdmins": { + "description": "Specifies that the alert is sent to the account administrators.", + "type": "boolean" + }, + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.", + "type": "string" + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the Threat Detection audit storage account.", + "type": "string" + }, + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the Threat Detection audit logs.", + "type": "integer" + }, + "creationTime": { + "format": "date-time", + "description": "Specifies the UTC creation time of the policy.", + "type": "string", + "readOnly": true + } } - ], - "properties": { + }, + "SqlPoolSecurityAlertPolicy": { + "description": "A Sql pool security alert policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], "properties": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "SqlPoolVulnerabilityAssessmentListResult": { - "description": "A list of the Sql pool's vulnerability assessments.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessment" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } - } - }, - "VulnerabilityAssessmentScanRecordListResult": { - "description": "A list of vulnerability assessment scan records.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/VulnerabilityAssessmentScanRecord" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } - } - }, - "VulnerabilityAssessmentScanRecord": { - "description": "A vulnerability assessment scan record.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + "properties": { + "$ref": "#/definitions/SecurityAlertPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } } - ], - "properties": { + }, + "SqlPoolVulnerabilityAssessmentRuleBaselineProperties": { + "description": "Properties of a Sql pool vulnerability assessment rule baseline.", + "required": [ + "baselineResults" + ], + "type": "object", "properties": { - "$ref": "#/definitions/VulnerabilityAssessmentScanRecordProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "VulnerabilityAssessmentScanRecordProperties": { - "description": "Properties of a vulnerability assessment scan record.", - "type": "object", - "properties": { - "scanId": { - "description": "The scan ID.", - "type": "string", - "readOnly": true - }, - "triggerType": { - "description": "The scan trigger type.", - "enum": [ - "OnDemand", - "Recurring" - ], - "type": "string", - "readOnly": true, - "x-ms-enum": { - "name": "VulnerabilityAssessmentScanTriggerType", - "modelAsString": true - } - }, - "state": { - "description": "The scan status.", - "enum": [ - "Passed", - "Failed", - "FailedToRun", - "InProgress" - ], - "type": "string", - "readOnly": true, - "x-ms-enum": { - "name": "VulnerabilityAssessmentScanState", - "modelAsString": true + "baselineResults": { + "description": "The rule baseline result", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineItem" + } } - }, - "startTime": { - "format": "date-time", - "description": "The scan start time (UTC).", - "type": "string", - "readOnly": true - }, - "endTime": { - "format": "date-time", - "description": "The scan end time (UTC).", - "type": "string", - "readOnly": true - }, - "errors": { - "description": "The scan errors.", - "type": "array", - "items": { - "$ref": "#/definitions/VulnerabilityAssessmentScanError" - }, - "readOnly": true - }, - "storageContainerPath": { - "description": "The scan results storage container path.", - "type": "string", - "readOnly": true - }, - "numberOfFailedSecurityChecks": { - "format": "int32", - "description": "The number of failed security checks.", - "type": "integer", - "readOnly": true - } - } - }, - "VulnerabilityAssessmentScanError": { - "description": "Properties of a vulnerability assessment scan error.", - "type": "object", - "properties": { - "code": { - "description": "The error code.", - "type": "string", - "readOnly": true - }, - "message": { - "description": "The error message.", - "type": "string", - "readOnly": true } - } - }, - "SecurityAlertPolicyProperties": { - "description": "Properties of a security alert policy.", - "required": [ - "state" - ], - "type": "object", - "properties": { - "state": { - "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific Sql pool.", - "enum": [ - "New", - "Enabled", - "Disabled" - ], - "type": "string", - "x-ms-enum": { - "name": "SecurityAlertPolicyState", - "modelAsString": false + }, + "SqlPoolVulnerabilityAssessmentRuleBaselineItem": { + "description": "Properties for an Sql pool vulnerability assessment rule baseline's result.", + "required": [ + "result" + ], + "type": "object", + "properties": { + "result": { + "description": "The rule baseline result", + "type": "array", + "items": { + "type": "string" + } } - }, - "disabledAlerts": { - "description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action", - "type": "array", - "items": { - "type": "string" + } + }, + "SqlPoolVulnerabilityAssessmentRuleBaseline": { + "description": "A Sql pool vulnerability assessment rule baseline.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "emailAddresses": { - "description": "Specifies an array of e-mail addresses to which the alert is sent.", - "type": "array", - "items": { - "type": "string" + ], + "properties": { + "properties": { + "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } - }, - "emailAccountAdmins": { - "description": "Specifies that the alert is sent to the account administrators.", - "type": "boolean" - }, - "storageEndpoint": { - "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.", - "type": "string" - }, - "storageAccountAccessKey": { - "description": "Specifies the identifier key of the Threat Detection audit storage account.", - "type": "string" - }, - "retentionDays": { - "format": "int32", - "description": "Specifies the number of days to keep in the Threat Detection audit logs.", - "type": "integer" - }, - "creationTime": { - "format": "date-time", - "description": "Specifies the UTC creation time of the policy.", - "type": "string", - "readOnly": true - } - } - }, - "SqlPoolSecurityAlertPolicy": { - "description": "A Sql pool security alert policy.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - ], - "properties": { + }, + "SqlPoolVulnerabilityAssessmentScanExportProperties": { + "description": "Properties of the export operation's result.", + "type": "object", "properties": { - "$ref": "#/definitions/SecurityAlertPolicyProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true + "exportedReportLocation": { + "description": "Location of the exported report (e.g. https://myStorage.blob.core.windows.net/VaScans/scans/serverName/databaseName/scan_scanId.xlsx).", + "type": "string", + "readOnly": true + } } - } - }, - "SqlPoolVulnerabilityAssessmentRuleBaselineProperties": { - "description": "Properties of a Sql pool vulnerability assessment rule baseline.", - "required": [ - "baselineResults" - ], - "type": "object", - "properties": { - "baselineResults": { - "description": "The rule baseline result", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineItem" + }, + "SqlPoolVulnerabilityAssessmentScansExport": { + "description": "A Sql pool Vulnerability Assessment scan export resource.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentScanExportProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } } - } - }, - "SqlPoolVulnerabilityAssessmentRuleBaselineItem": { - "description": "Properties for an Sql pool vulnerability assessment rule baseline's result.", - "required": [ - "result" - ], - "type": "object", - "properties": { - "result": { - "description": "The rule baseline result", - "type": "array", - "items": { + }, + "ResourceMoveDefinition": { + "description": "Contains the information necessary to perform a resource move (rename).", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "The target ID for the resource", "type": "string" } } - } - }, - "SqlPoolVulnerabilityAssessmentRuleBaseline": { - "description": "A Sql pool vulnerability assessment rule baseline.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { + }, + "CreateSqlPoolRestorePointDefinition": { + "description": "Contains the information necessary to perform a create Sql pool restore point operation.", + "required": [ + "restorePointLabel" + ], + "type": "object", "properties": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "SqlPoolVulnerabilityAssessmentScanExportProperties": { - "description": "Properties of the export operation's result.", - "type": "object", - "properties": { - "exportedReportLocation": { - "description": "Location of the exported report (e.g. https://myStorage.blob.core.windows.net/VaScans/scans/serverName/databaseName/scan_scanId.xlsx).", - "type": "string", - "readOnly": true - } - } - }, - "SqlPoolVulnerabilityAssessmentScansExport": { - "description": "A Sql pool Vulnerability Assessment scan export resource.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + "restorePointLabel": { + "description": "The restore point label to apply", + "type": "string" + } } - ], - "properties": { + }, + "ExtendedSqlPoolBlobAuditingPolicy": { + "description": "An extended Sql pool blob auditing policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], "properties": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentScanExportProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "ResourceMoveDefinition": { - "description": "Contains the information necessary to perform a resource move (rename).", - "required": [ - "id" - ], - "type": "object", - "properties": { - "id": { - "description": "The target ID for the resource", - "type": "string" - } - } - }, - "CreateSqlPoolRestorePointDefinition": { - "description": "Contains the information necessary to perform a create Sql pool restore point operation.", - "required": [ - "restorePointLabel" - ], - "type": "object", - "properties": { - "restorePointLabel": { - "description": "The restore point label to apply", - "type": "string" - } - } - }, - "ExtendedSqlPoolBlobAuditingPolicy": { - "description": "An extended Sql pool blob auditing policy.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + "properties": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } } - ], - "properties": { + }, + "ExtendedSqlPoolBlobAuditingPolicyProperties": { + "description": "Properties of an extended Sql pool blob auditing policy.", + "required": [ + "state" + ], + "type": "object", "properties": { - "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicyProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } - } - }, - "ExtendedSqlPoolBlobAuditingPolicyProperties": { - "description": "Properties of an extended Sql pool blob auditing policy.", - "required": [ - "state" - ], - "type": "object", - "properties": { - "predicateExpression": { - "description": "Specifies condition of where clause when creating an audit.", - "type": "string" - }, - "state": { - "description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.", - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string", - "x-ms-enum": { - "name": "BlobAuditingPolicyState", - "modelAsString": false - } - }, - "storageEndpoint": { - "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.", - "type": "string" - }, - "storageAccountAccessKey": { - "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "retentionDays": { - "format": "int32", - "description": "Specifies the number of days to keep in the audit logs in the storage account.", - "type": "integer" - }, - "auditActionsAndGroups": { - "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)", - "type": "array", - "items": { + "predicateExpression": { + "description": "Specifies condition of where clause when creating an audit.", + "type": "string" + }, + "state": { + "description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.", + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "BlobAuditingPolicyState", + "modelAsString": false + } + }, + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.", + "type": "string" + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the audit logs in the storage account.", + "type": "integer" + }, + "auditActionsAndGroups": { + "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)", + "type": "array", + "items": { + "type": "string" + } + }, + "storageAccountSubscriptionId": { + "format": "uuid", + "description": "Specifies the blob storage subscription Id.", "type": "string" + }, + "isStorageSecondaryKeyInUse": { + "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.", + "type": "boolean" + }, + "isAzureMonitorTargetEnabled": { + "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n", + "type": "boolean" + }, + "queueDelayMs": { + "format": "int32", + "description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.", + "type": "integer" } - }, - "storageAccountSubscriptionId": { - "format": "uuid", - "description": "Specifies the blob storage subscription Id.", - "type": "string" - }, - "isStorageSecondaryKeyInUse": { - "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.", - "type": "boolean" - }, - "isAzureMonitorTargetEnabled": { - "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n", - "type": "boolean" - }, - "queueDelayMs": { - "format": "int32", - "description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.", - "type": "integer" - } - } - }, - "ExtendedSqlPoolBlobAuditingPolicyListResult": { - "description": "A list of sql pool extended auditing settings.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicy" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true } - } - }, - "DataMaskingPolicy": { - "properties": { + }, + "ExtendedSqlPoolBlobAuditingPolicyListResult": { + "description": "A list of sql pool extended auditing settings.", + "type": "object", "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/DataMaskingPolicyProperties", - "description": "The properties of the data masking policy." - }, - "location": { - "type": "string", - "readOnly": true, - "description": "The location of the data masking policy." - }, - "kind": { - "type": "string", - "readOnly": true, - "description": "The kind of data masking policy. Metadata, used for Azure portal." + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } } }, - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "description": "Represents a database data masking policy." - }, - "DataMaskingPolicyProperties": { - "properties": { - "dataMaskingState": { - "type": "string", - "description": "The state of the data masking policy.", - "enum": [ - "Disabled", - "Enabled" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "DataMaskingState" + "DataMaskingPolicy": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/DataMaskingPolicyProperties", + "description": "The properties of the data masking policy." + }, + "location": { + "type": "string", + "readOnly": true, + "description": "The location of the data masking policy." + }, + "kind": { + "type": "string", + "readOnly": true, + "description": "The kind of data masking policy. Metadata, used for Azure portal." } }, - "exemptPrincipals": { - "type": "string", - "description": "The list of the exempt principals. Specifies the semicolon-separated list of database users for which the data masking policy does not apply. The specified users receive data results without masking for all of the database queries." - }, - "applicationPrincipals": { - "type": "string", - "description": "The list of the application principals. This is a legacy parameter and is no longer used.", - "readOnly": true - }, - "maskingLevel": { - "type": "string", - "description": "The masking level. This is a legacy parameter and is no longer used.", - "readOnly": true - } + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Represents a database data masking policy." }, - "required": [ - "dataMaskingState" - ], - "description": "The properties of a database data masking policy." - }, - "DataMaskingRule": { - "properties": { + "DataMaskingPolicyProperties": { "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/DataMaskingRuleProperties", - "description": "The properties of the resource." - }, - "location": { - "type": "string", - "readOnly": true, - "description": "The location of the data masking rule." + "dataMaskingState": { + "type": "string", + "description": "The state of the data masking policy.", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingState" + } + }, + "exemptPrincipals": { + "type": "string", + "description": "The list of the exempt principals. Specifies the semicolon-separated list of database users for which the data masking policy does not apply. The specified users receive data results without masking for all of the database queries." + }, + "applicationPrincipals": { + "type": "string", + "description": "The list of the application principals. This is a legacy parameter and is no longer used.", + "readOnly": true + }, + "maskingLevel": { + "type": "string", + "description": "The masking level. This is a legacy parameter and is no longer used.", + "readOnly": true + } }, - "kind": { - "type": "string", - "readOnly": true, - "description": "The kind of Data Masking Rule. Metadata, used for Azure portal." - } + "required": [ + "dataMaskingState" + ], + "description": "The properties of a database data masking policy." }, - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "description": "Represents a Sql pool data masking rule." - }, - "DataMaskingRuleProperties": { - "properties": { - "id": { - "type": "string", - "description": "The rule Id.", - "readOnly": true - }, - "aliasName": { - "type": "string", - "description": "The alias name. This is a legacy parameter and is no longer used." - }, - "ruleState": { - "type": "string", - "description": "The rule state. Used to delete a rule. To delete an existing rule, specify the schemaName, tableName, columnName, maskingFunction, and specify ruleState as disabled. However, if the rule doesn't already exist, the rule will be created with ruleState set to enabled, regardless of the provided value of ruleState.", - "enum": [ - "Disabled", - "Enabled" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "DataMaskingRuleState" + "DataMaskingRule": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/DataMaskingRuleProperties", + "description": "The properties of the resource." + }, + "location": { + "type": "string", + "readOnly": true, + "description": "The location of the data masking rule." + }, + "kind": { + "type": "string", + "readOnly": true, + "description": "The kind of Data Masking Rule. Metadata, used for Azure portal." } }, - "schemaName": { - "type": "string", - "description": "The schema name on which the data masking rule is applied." - }, - "tableName": { - "type": "string", - "description": "The table name on which the data masking rule is applied." - }, - "columnName": { - "type": "string", - "description": "The column name on which the data masking rule is applied." - }, - "maskingFunction": { - "type": "string", - "description": "The masking function that is used for the data masking rule.", - "enum": [ - "Default", - "CCN", - "Email", - "Number", - "SSN", - "Text" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "DataMaskingFunction" + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Represents a Sql pool data masking rule." + }, + "DataMaskingRuleProperties": { + "properties": { + "id": { + "type": "string", + "description": "The rule Id.", + "readOnly": true + }, + "aliasName": { + "type": "string", + "description": "The alias name. This is a legacy parameter and is no longer used." + }, + "ruleState": { + "type": "string", + "description": "The rule state. Used to delete a rule. To delete an existing rule, specify the schemaName, tableName, columnName, maskingFunction, and specify ruleState as disabled. However, if the rule doesn't already exist, the rule will be created with ruleState set to enabled, regardless of the provided value of ruleState.", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingRuleState" + } + }, + "schemaName": { + "type": "string", + "description": "The schema name on which the data masking rule is applied." + }, + "tableName": { + "type": "string", + "description": "The table name on which the data masking rule is applied." + }, + "columnName": { + "type": "string", + "description": "The column name on which the data masking rule is applied." + }, + "maskingFunction": { + "type": "string", + "description": "The masking function that is used for the data masking rule.", + "enum": [ + "Default", + "CCN", + "Email", + "Number", + "SSN", + "Text" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingFunction" + } + }, + "numberFrom": { + "type": "string", + "description": "The numberFrom property of the masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." + }, + "numberTo": { + "type": "string", + "description": "The numberTo property of the data masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." + }, + "prefixSize": { + "type": "string", + "description": "If maskingFunction is set to Text, the number of characters to show unmasked in the beginning of the string. Otherwise, this parameter will be ignored." + }, + "suffixSize": { + "type": "string", + "description": "If maskingFunction is set to Text, the number of characters to show unmasked at the end of the string. Otherwise, this parameter will be ignored." + }, + "replacementString": { + "type": "string", + "description": "If maskingFunction is set to Text, the character to use for masking the unexposed part of the string. Otherwise, this parameter will be ignored." } }, - "numberFrom": { - "type": "string", - "description": "The numberFrom property of the masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." - }, - "numberTo": { - "type": "string", - "description": "The numberTo property of the data masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." - }, - "prefixSize": { - "type": "string", - "description": "If maskingFunction is set to Text, the number of characters to show unmasked in the beginning of the string. Otherwise, this parameter will be ignored." - }, - "suffixSize": { - "type": "string", - "description": "If maskingFunction is set to Text, the number of characters to show unmasked at the end of the string. Otherwise, this parameter will be ignored." + "required": [ + "maskingFunction", + "schemaName", + "tableName", + "columnName" + ], + "description": "The properties of a Sql pool data masking rule." + }, + "DataMaskingRuleListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/DataMaskingRule" + }, + "description": "The list of Sql pool data masking rules." + } }, - "replacementString": { - "type": "string", - "description": "If maskingFunction is set to Text, the character to use for masking the unexposed part of the string. Otherwise, this parameter will be ignored." - } + "description": "The response to a list data masking rules request." }, - "required": [ - "maskingFunction", - "schemaName", - "tableName", - "columnName" - ], - "description": "The properties of a Sql pool data masking rule." - }, - "DataMaskingRuleListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/DataMaskingRule" - }, - "description": "The list of Sql pool data masking rules." + "SqlPoolBlobAuditingPolicyListResult": { + "description": "A list of Sql pool auditing settings.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolBlobAuditingPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } } - }, - "description": "The response to a list data masking rules request." + } }, - "SqlPoolBlobAuditingPolicyListResult": { - "description": "A list of Sql pool auditing settings.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolBlobAuditingPolicy" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + "parameters": { + "DataMaskingPolicyNameParameter": { + "name": "dataMaskingPolicyName", + "in": "path", + "required": true, + "type": "string", + "enum": [ + "Default" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingPolicyName" + }, + "description": "The name of the data masking policy for which the masking rule applies.", + "x-ms-parameter-location": "method" } } - }, - "parameters": { - "DataMaskingPolicyNameParameter": { - "name": "dataMaskingPolicyName", - "in": "path", - "required": true, - "type": "string", - "enum": [ - "Default" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "DataMaskingPolicyName" - }, - "description": "The name of the data masking policy for which the masking rule applies.", - "x-ms-parameter-location": "method" - } } -} From 7f91225fffc34c78dcd58f78b93f16527ed12561 Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Fri, 2 Oct 2020 14:48:17 -0700 Subject: [PATCH 06/13] Added SqlPoolVulnerabilityAssessmentScanRecordsGet --- ...VulnerabilityAssessmentScanRecordsGet.json | 30 ++++++++ .../preview/2019-06-01-preview/sqlPool.json | 71 +++++++++++++++++++ 2 files changed, 101 insertions(+) create mode 100644 specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolVulnerabilityAssessmentScanRecordsGet.json diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolVulnerabilityAssessmentScanRecordsGet.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolVulnerabilityAssessmentScanRecordsGet.json new file mode 100644 index 000000000000..322b7e04bcbc --- /dev/null +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/examples/SqlPoolVulnerabilityAssessmentScanRecordsGet.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "vulnerabilityassessmenttest-4711", + "workspaceName": "vulnerabilityassessmenttest-6411", + "sqlPoolName": "testdb", + "vulnerabilityAssessmentName": "default", + "scanId": "scan001", + "api-version": "2019-06-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/vulnerabilityassessmenttest-4799/providers/Microsoft.Synapse/workspaces/vulnerabilityassessmenttest-6440/sqlPools/testdb/vulnerabilityAssessments/default/scans/scan001", + "name": "scan001", + "type": "Microsoft.Synapse/workspaces/sqlPools/vulnerabilityAssessments/scans", + "properties": { + "scanId": "scan001", + "triggerType": "OnDemand", + "state": "Passed", + "startTime": "2017-12-12T17:45:06Z", + "endTime": "2017-12-12T17:47:06Z", + "errors": [], + "storageContainerPath": "https://myaccount.blob.core.windows.net/vulnerability-assessment", + "numberOfFailedSecurityChecks": 9 + } + } + } + } +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json index af72b55a9b88..bfd7b5feadd3 100644 --- a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json @@ -3735,6 +3735,77 @@ } } }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Synapse/workspaces/{workspaceName}/sqlPools/{sqlPoolName}/vulnerabilityAssessments/{vulnerabilityAssessmentName}/scans/{scanId}": { + "get": { + "tags": [ + "SqlPools,SqlPoolVulnerabilityAssessmentScans" + ], + "description": "Gets a vulnerability assessment scan record of a Sql pool.", + "operationId": "SqlPoolVulnerabilityAssessmentScans_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./workspace.json#/parameters/workspaceNameParameter" + }, + { + "type": "string", + "in": "path", + "name": "sqlPoolName", + "description": "SQL pool name", + "required": true + }, + { + "name": "vulnerabilityAssessmentName", + "in": "path", + "description": "The name of the vulnerability assessment.", + "required": true, + "type": "string", + "enum": [ + "default" + ], + "x-ms-enum": { + "name": "VulnerabilityAssessmentName", + "modelAsString": true + } + }, + { + "name": "scanId", + "in": "path", + "description": "The vulnerability assessment scan Id of the scan to retrieve.", + "required": true, + "type": "string" + } + ], + "consumes": [], + "produces": [ + "application/json" + ], + "responses": { + "200": { + "description": "Successfully retrieved the Sql pool vulnerability assessment scan record.", + "schema": { + "$ref": "#/definitions/VulnerabilityAssessmentScanRecord" + } + }, + "default": { + "description": "*** Error Responses: ***\n\n * 400 InvalidStorageAccountName - The provided storage account is not valid or does not exist.\n\n * 400 InvalidStorageAccountCredentials - The provided storage account shared access signature or account storage key is not valid.\n\n * 400 VulnerabilityAssessmentInvalidPolicy - Vulnerability Assessment settings don't exist or invalid storage specified in settings. \n\n * 400 DatabaseVulnerabilityAssessmentMissingStorageContainerPath - Storage container path must be provided if it isn't set in server level policy\n\n * 400 VulnerabilityAssessmentDatawarehouseDatabaseIsDeactivated - Could not execute Vulnerability Assessment operation because the database is paused. Please resume it.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 SourceDatabaseNotFound - The source database does not exist.\n\n * 404 DatabaseDoesNotExist - User has specified a database name that does not exist on this server instance.\n\n * 409 DatabaseVulnerabilityAssessmentScanIsAlreadyInProgress - Vulnerability Assessment scan is already in progress.\n\n * 500 DatabaseIsUnavailable - Loading failed. Please try again later." + } + }, + "x-ms-examples": { + "Gets a database vulnerability assessment scan record by scan ID": { + "$ref": "./examples/SqlPoolVulnerabilityAssessmentScanRecordsGet.json" + } + } + } + }, "definitions": { "SqlPoolInfoListResult": { "type": "object", From dbf367cb775f97b7e205a32e82c8f62438be38a0 Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Sun, 4 Oct 2020 11:36:52 -0700 Subject: [PATCH 07/13] Fixed a missint content type section --- .../preview/2019-06-01-preview/sqlPool.json | 3527 +++++++++-------- 1 file changed, 1766 insertions(+), 1761 deletions(-) diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json index bfd7b5feadd3..66f357fa600a 100644 --- a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json @@ -2825,6 +2825,10 @@ } } ], + "consumes": [], + "produces": [ + "application/json" + ], "responses": { "200": { "description": "Successfully got the vulnerability assessment rule baseline.", @@ -3805,1896 +3809,1897 @@ } } } + } + }, + "definitions": { + "SqlPoolInfoListResult": { + "type": "object", + "title": "SQL pool collection", + "description": "List of SQL pools", + "properties": { + "nextLink": { + "type": "string", + "description": "Link to the next page of results" + }, + "value": { + "type": "array", + "description": "List of SQL pools", + "items": { + "$ref": "#/definitions/SqlPool" + } + } + } }, - "definitions": { - "SqlPoolInfoListResult": { - "type": "object", - "title": "SQL pool collection", - "description": "List of SQL pools", + "SqlPool": { + "type": "object", + "title": "SQL pool", + "description": "A SQL Analytics pool", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/TrackedResource" + } + ], + "properties": { + "sku": { + "$ref": "#/definitions/Sku", + "description": "SQL pool SKU" + }, "properties": { - "nextLink": { - "type": "string", - "description": "Link to the next page of results" + "$ref": "#/definitions/SqlPoolResourceProperties", + "description": "SQL pool properties", + "x-ms-client-flatten": true + } + } + }, + "SqlPoolPatchInfo": { + "type": "object", + "title": "SQL pool patch info", + "description": "A SQL Analytics pool patch info", + "properties": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" }, - "value": { - "type": "array", - "description": "List of SQL pools", - "items": { - "$ref": "#/definitions/SqlPool" - } - } + "description": "Resource tags." + }, + "location": { + "type": "string", + "description": "The geo-location where the resource lives" + }, + "sku": { + "$ref": "#/definitions/Sku", + "description": "SQL pool SKU" + }, + "properties": { + "$ref": "#/definitions/SqlPoolResourceProperties", + "description": "SQL pool properties", + "x-ms-client-flatten": true } - }, - "SqlPool": { - "type": "object", - "title": "SQL pool", - "description": "A SQL Analytics pool", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/TrackedResource" - } - ], + } + }, + "Sku": { + "type": "object", + "title": "Sku", + "description": "SQL pool SKU", + "properties": { + "tier": { + "type": "string", + "description": "The service tier" + }, + "name": { + "type": "string", + "description": "The SKU name" + }, + "capacity": { + "type": "integer", + "format": "int32", + "description": "If the SKU supports scale out/in then the capacity integer should be included. If scale out/in is not possible for the resource this may be omitted." + } + } + }, + "SqlPoolResourceProperties": { + "type": "object", + "title": "SQL pool properties", + "description": "Properties of a SQL Analytics pool", + "properties": { + "maxSizeBytes": { + "type": "integer", + "description": "Maximum size in bytes", + "format": "int64" + }, + "collation": { + "type": "string", + "description": "Collation mode" + }, + "sourceDatabaseId": { + "type": "string", + "description": "Source database to create from" + }, + "recoverableDatabaseId": { + "type": "string", + "description": "Backup database to restore from" + }, + "provisioningState": { + "type": "string", + "description": "Resource state" + }, + "status": { + "type": "string", + "description": "Resource status" + }, + "restorePointInTime": { + "type": "string", + "description": "Snapshot time to restore", + "format": "date-time" + }, + "createMode": { + "type": "string", + "description": "What is this?" + }, + "creationDate": { + "type": "string", + "description": "Date the SQL pool was created", + "format": "date-time" + } + } + }, + "MetadataSyncConfig": { + "type": "object", + "title": "Metadata sync configuration", + "description": "Configuration for metadata sync", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { "properties": { - "sku": { - "$ref": "#/definitions/Sku", - "description": "SQL pool SKU" - }, + "title": "Metadata Sync Config properties", + "description": "Metadata Sync Config properties", "properties": { - "$ref": "#/definitions/SqlPoolResourceProperties", - "description": "SQL pool properties", - "x-ms-client-flatten": true - } + "enabled": { + "type": "boolean", + "description": "Indicates whether the metadata sync is enabled or disabled" + } + }, + "x-ms-client-flatten": true } }, - "SqlPoolPatchInfo": { - "type": "object", - "title": "SQL pool patch info", - "description": "A SQL Analytics pool patch info", - "properties": { - "tags": { - "type": "object", - "additionalProperties": { - "type": "string" - }, - "description": "Resource tags." - }, - "location": { - "type": "string", - "description": "The geo-location where the resource lives" - }, - "sku": { - "$ref": "#/definitions/Sku", - "description": "SQL pool SKU" - }, - "properties": { - "$ref": "#/definitions/SqlPoolResourceProperties", - "description": "SQL pool properties", - "x-ms-client-flatten": true + "x-ms-azure-resource": true + }, + "GeoBackupPolicyProperties": { + "properties": { + "state": { + "type": "string", + "description": "The state of the geo backup policy.", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "GeoBackupPolicyState" } + }, + "storageType": { + "type": "string", + "description": "The storage type of the geo backup policy.", + "readOnly": true } }, - "Sku": { - "type": "object", - "title": "Sku", - "description": "SQL pool SKU", + "required": [ + "state" + ], + "description": "The properties of the geo backup policy." + }, + "GeoBackupPolicy": { + "properties": { "properties": { - "tier": { - "type": "string", - "description": "The service tier" - }, - "name": { - "type": "string", - "description": "The SKU name" - }, - "capacity": { - "type": "integer", - "format": "int32", - "description": "If the SKU supports scale out/in then the capacity integer should be included. If scale out/in is not possible for the resource this may be omitted." - } + "$ref": "#/definitions/GeoBackupPolicyProperties", + "description": "The properties of the geo backup policy.", + "x-ms-client-flatten": true + }, + "kind": { + "readOnly": true, + "type": "string", + "description": "Kind of geo backup policy. This is metadata used for the Azure portal experience." + }, + "location": { + "type": "string", + "readOnly": true, + "description": "Backup policy location." } }, - "SqlPoolResourceProperties": { - "type": "object", - "title": "SQL pool properties", - "description": "Properties of a SQL Analytics pool", - "properties": { - "maxSizeBytes": { - "type": "integer", - "description": "Maximum size in bytes", - "format": "int64" - }, - "collation": { - "type": "string", - "description": "Collation mode" - }, - "sourceDatabaseId": { - "type": "string", - "description": "Source database to create from" - }, - "recoverableDatabaseId": { - "type": "string", - "description": "Backup database to restore from" - }, - "provisioningState": { - "type": "string", - "description": "Resource state" - }, - "status": { - "type": "string", - "description": "Resource status" - }, - "restorePointInTime": { - "type": "string", - "description": "Snapshot time to restore", - "format": "date-time" - }, - "createMode": { - "type": "string", - "description": "What is this?" + "required": [ + "properties" + ], + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "A database geo backup policy." + }, + "TopQueries": { + "properties": { + "aggregationFunction": { + "description": "The function that is used to aggregate each query's metrics.", + "type": "string", + "enum": [ + "min", + "max", + "avg", + "sum" + ], + "x-ms-enum": { + "name": "QueryAggregationFunction", + "modelAsString": false + }, + "readOnly": true + }, + "executionType": { + "description": "The execution type that is used to filter the query instances that are returned.", + "type": "string", + "enum": [ + "any", + "regular", + "irregular", + "aborted", + "exception" + ], + "x-ms-enum": { + "name": "QueryExecutionType", + "modelAsString": false + }, + "readOnly": true + }, + "intervalType": { + "description": "The duration of the interval (ISO8601 duration format).", + "type": "string", + "readOnly": true + }, + "numberOfTopQueries": { + "description": "The number of requested queries.", + "type": "number", + "format": "int32", + "readOnly": true + }, + "observationStartTime": { + "description": "The start time for queries that are returned (ISO8601 format)", + "type": "string", + "format": "date-time", + "readOnly": true + }, + "observationEndTime": { + "description": "The end time for queries that are returned (ISO8601 format)", + "type": "string", + "format": "date-time", + "readOnly": true + }, + "observedMetric": { + "description": "The type of metric to use for ordering the top metrics.", + "type": "string", + "enum": [ + "cpu", + "io", + "logio", + "duration", + "executionCount" + ], + "x-ms-enum": { + "name": "QueryObservedMetricType", + "modelAsString": false + }, + "readOnly": true + }, + "queries": { + "type": "array", + "items": { + "$ref": "#/definitions/QueryStatistic" }, - "creationDate": { - "type": "string", - "description": "Date the SQL pool was created", - "format": "date-time" - } + "description": "The list of queries.", + "readOnly": true } }, - "MetadataSyncConfig": { - "type": "object", - "title": "Metadata sync configuration", - "description": "Configuration for metadata sync", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "properties": { - "title": "Metadata Sync Config properties", - "description": "Metadata Sync Config properties", - "properties": { - "enabled": { - "type": "boolean", - "description": "Indicates whether the metadata sync is enabled or disabled" - } - }, - "x-ms-client-flatten": true - } + "description": "A database query." + }, + "QueryStatistic": { + "properties": { + "queryId": { + "description": "The id of the query", + "type": "string", + "readOnly": true }, - "x-ms-azure-resource": true - }, - "GeoBackupPolicyProperties": { - "properties": { - "state": { - "type": "string", - "description": "The state of the geo backup policy.", - "enum": [ - "Disabled", - "Enabled" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "GeoBackupPolicyState" - } + "intervals": { + "type": "array", + "items": { + "$ref": "#/definitions/QueryInterval" }, - "storageType": { - "type": "string", - "description": "The storage type of the geo backup policy.", - "readOnly": true - } - }, - "required": [ - "state" - ], - "description": "The properties of the geo backup policy." + "description": "The list of query intervals.", + "readOnly": true + } }, - "GeoBackupPolicy": { - "properties": { - "properties": { - "$ref": "#/definitions/GeoBackupPolicyProperties", - "description": "The properties of the geo backup policy.", - "x-ms-client-flatten": true - }, - "kind": { - "readOnly": true, - "type": "string", - "description": "Kind of geo backup policy. This is metadata used for the Azure portal experience." - }, - "location": { - "type": "string", - "readOnly": true, - "description": "Backup policy location." - } + "description": "A database query." + }, + "QueryInterval": { + "properties": { + "intervalStartTime": { + "description": "The start time of the measurement interval (ISO8601 format).", + "type": "string", + "format": "date-time", + "readOnly": true }, - "required": [ - "properties" - ], - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "description": "A database geo backup policy." - }, - "TopQueries": { - "properties": { - "aggregationFunction": { - "description": "The function that is used to aggregate each query's metrics.", - "type": "string", - "enum": [ - "min", - "max", - "avg", - "sum" - ], - "x-ms-enum": { - "name": "QueryAggregationFunction", - "modelAsString": false - }, - "readOnly": true - }, - "executionType": { - "description": "The execution type that is used to filter the query instances that are returned.", - "type": "string", - "enum": [ - "any", - "regular", - "irregular", - "aborted", - "exception" - ], - "x-ms-enum": { - "name": "QueryExecutionType", - "modelAsString": false - }, - "readOnly": true - }, - "intervalType": { - "description": "The duration of the interval (ISO8601 duration format).", - "type": "string", - "readOnly": true - }, - "numberOfTopQueries": { - "description": "The number of requested queries.", - "type": "number", - "format": "int32", - "readOnly": true - }, - "observationStartTime": { - "description": "The start time for queries that are returned (ISO8601 format)", - "type": "string", - "format": "date-time", - "readOnly": true - }, - "observationEndTime": { - "description": "The end time for queries that are returned (ISO8601 format)", - "type": "string", - "format": "date-time", - "readOnly": true - }, - "observedMetric": { - "description": "The type of metric to use for ordering the top metrics.", - "type": "string", - "enum": [ - "cpu", - "io", - "logio", - "duration", - "executionCount" - ], - "x-ms-enum": { - "name": "QueryObservedMetricType", - "modelAsString": false - }, - "readOnly": true - }, - "queries": { - "type": "array", - "items": { - "$ref": "#/definitions/QueryStatistic" - }, - "description": "The list of queries.", - "readOnly": true - } + "executionCount": { + "description": "The number of times the query was executed during this interval.", + "type": "number", + "format": "int32", + "readOnly": true }, - "description": "A database query." - }, - "QueryStatistic": { - "properties": { - "queryId": { - "description": "The id of the query", - "type": "string", - "readOnly": true + "metrics": { + "type": "array", + "items": { + "$ref": "#/definitions/QueryMetric" }, - "intervals": { - "type": "array", - "items": { - "$ref": "#/definitions/QueryInterval" - }, - "description": "The list of query intervals.", - "readOnly": true - } + "description": "The list of query metrics during this interval.", + "readOnly": true + } + }, + "description": "A database query." + }, + "QueryMetric": { + "properties": { + "name": { + "description": "The name of the metric", + "type": "string", + "readOnly": true + }, + "displayName": { + "description": "The name of the metric for display in user interface", + "type": "string", + "readOnly": true + }, + "unit": { + "description": "The unit of measurement", + "type": "string", + "enum": [ + "percentage", + "KB", + "microseconds" + ], + "x-ms-enum": { + "name": "QueryMetricUnit", + "modelAsString": false + }, + "readOnly": true }, - "description": "A database query." + "value": { + "description": "The measured value", + "type": "number", + "format": "double", + "readOnly": true + } + }, + "description": "A database query." + }, + "TopQueriesListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/TopQueries" + }, + "description": "The list of top queries." + } }, - "QueryInterval": { + "required": [ + "value" + ], + "description": "Represents the response to a get top queries request." + }, + "DataWarehouseUserActivitiesProperties": { + "description": "User activities of a data warehouse. This currently includes the count of running or suspended queries. For more information, please view the sys.dm_pdw_exec_requests dynamic management view (DMV).", + "type": "object", + "properties": { + "activeQueriesCount": { + "format": "int32", + "description": "Count of running and suspended queries.", + "type": "integer", + "readOnly": true + } + } + }, + "DataWarehouseUserActivities": { + "description": "User activities of a data warehouse", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { "properties": { - "intervalStartTime": { - "description": "The start time of the measurement interval (ISO8601 format).", - "type": "string", - "format": "date-time", - "readOnly": true - }, - "executionCount": { - "description": "The number of times the query was executed during this interval.", - "type": "number", - "format": "int32", - "readOnly": true - }, - "metrics": { - "type": "array", - "items": { - "$ref": "#/definitions/QueryMetric" - }, - "description": "The list of query metrics during this interval.", - "readOnly": true + "$ref": "#/definitions/DataWarehouseUserActivitiesProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "RestorePointListResult": { + "description": "A list of long term retention backups.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/RestorePoint" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } + }, + "RestorePointProperties": { + "description": "Properties of a database restore point", + "type": "object", + "properties": { + "restorePointType": { + "description": "The type of restore point", + "enum": [ + "CONTINUOUS", + "DISCRETE" + ], + "type": "string", + "readOnly": true, + "x-ms-enum": { + "name": "RestorePointType", + "modelAsString": false } }, - "description": "A database query." - }, - "QueryMetric": { + "earliestRestoreDate": { + "format": "date-time", + "description": "The earliest time to which this database can be restored", + "type": "string", + "readOnly": true + }, + "restorePointCreationDate": { + "format": "date-time", + "description": "The time the backup was taken", + "type": "string", + "readOnly": true + }, + "restorePointLabel": { + "description": "The label of restore point for backup request by user", + "type": "string", + "readOnly": true + } + } + }, + "RestorePoint": { + "description": "Database restore points.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "location": { + "description": "Resource location.", + "type": "string", + "readOnly": true + }, "properties": { - "name": { - "description": "The name of the metric", - "type": "string", - "readOnly": true - }, - "displayName": { - "description": "The name of the metric for display in user interface", - "type": "string", - "readOnly": true - }, - "unit": { - "description": "The unit of measurement", - "type": "string", - "enum": [ - "percentage", - "KB", - "microseconds" - ], - "x-ms-enum": { - "name": "QueryMetricUnit", - "modelAsString": false - }, - "readOnly": true - }, - "value": { - "description": "The measured value", - "type": "number", - "format": "double", - "readOnly": true + "$ref": "#/definitions/RestorePointProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "ReplicationLinkProperties": { + "properties": { + "isTerminationAllowed": { + "readOnly": true, + "type": "boolean", + "description": "Legacy value indicating whether termination is allowed. Currently always returns true." + }, + "replicationMode": { + "readOnly": true, + "type": "string", + "description": "Replication mode of this replication link." + }, + "partnerServer": { + "readOnly": true, + "type": "string", + "description": "The name of the workspace hosting the partner Sql pool." + }, + "partnerDatabase": { + "readOnly": true, + "type": "string", + "description": "The name of the partner Sql pool." + }, + "partnerLocation": { + "readOnly": true, + "type": "string", + "description": "The Azure Region of the partner Sql pool." + }, + "role": { + "readOnly": true, + "type": "string", + "description": "The role of the Sql pool in the replication link.", + "enum": [ + "Primary", + "Secondary", + "NonReadableSecondary", + "Source", + "Copy" + ], + "x-ms-enum": { + "name": "ReplicationRole" } }, - "description": "A database query." - }, - "TopQueriesListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/TopQueries" - }, - "description": "The list of top queries." + "partnerRole": { + "readOnly": true, + "type": "string", + "description": "The role of the partner Sql pool in the replication link.", + "enum": [ + "Primary", + "Secondary", + "NonReadableSecondary", + "Source", + "Copy" + ], + "x-ms-enum": { + "name": "ReplicationRole" } }, - "required": [ - "value" - ], - "description": "Represents the response to a get top queries request." - }, - "DataWarehouseUserActivitiesProperties": { - "description": "User activities of a data warehouse. This currently includes the count of running or suspended queries. For more information, please view the sys.dm_pdw_exec_requests dynamic management view (DMV).", - "type": "object", - "properties": { - "activeQueriesCount": { - "format": "int32", - "description": "Count of running and suspended queries.", - "type": "integer", - "readOnly": true + "startTime": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The start time for the replication link." + }, + "percentComplete": { + "readOnly": true, + "type": "integer", + "format": "int32", + "description": "The percentage of seeding complete for the replication link." + }, + "replicationState": { + "readOnly": true, + "type": "string", + "description": "The replication state for the replication link.", + "enum": [ + "PENDING", + "SEEDING", + "CATCH_UP", + "SUSPENDED" + ], + "x-ms-enum": { + "name": "ReplicationState", + "modelAsString": true } } }, - "DataWarehouseUserActivities": { - "description": "User activities of a data warehouse", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], + "description": "Represents the properties of a Sql pool replication link." + }, + "ReplicationLink": { + "properties": { + "location": { + "type": "string", + "description": "Location of the workspace that contains this firewall rule.", + "readOnly": true + }, + "type": { + "type": "string", + "description": "Type of resource this is.", + "readOnly": true + }, "properties": { - "properties": { - "$ref": "#/definitions/DataWarehouseUserActivitiesProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } + "x-ms-client-flatten": true, + "$ref": "#/definitions/ReplicationLinkProperties", + "description": "The properties representing the resource." } }, - "RestorePointListResult": { - "description": "A list of long term retention backups.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/RestorePoint" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Represents a Sql pool replication link." + }, + "ReplicationLinkListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/ReplicationLink" + }, + "description": "The list of Sql pool replication links housed in the Sql pool." + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + }, + "description": "Represents the response to a List Sql pool replication link request." + }, + "TransparentDataEncryptionProperties": { + "properties": { + "status": { + "type": "string", + "description": "The status of the database transparent data encryption.", + "enum": [ + "Enabled", + "Disabled" + ], + "x-ms-enum": { + "name": "TransparentDataEncryptionStatus" } } }, - "RestorePointProperties": { - "description": "Properties of a database restore point", - "type": "object", + "description": "Represents the properties of a database transparent data encryption." + }, + "TransparentDataEncryption": { + "properties": { + "location": { + "type": "string", + "readOnly": true, + "description": "Resource location." + }, "properties": { - "restorePointType": { - "description": "The type of restore point", - "enum": [ - "CONTINUOUS", - "DISCRETE" - ], - "type": "string", - "readOnly": true, - "x-ms-enum": { - "name": "RestorePointType", - "modelAsString": false - } - }, - "earliestRestoreDate": { - "format": "date-time", - "description": "The earliest time to which this database can be restored", - "type": "string", - "readOnly": true - }, - "restorePointCreationDate": { - "format": "date-time", - "description": "The time the backup was taken", - "type": "string", - "readOnly": true - }, - "restorePointLabel": { - "description": "The label of restore point for backup request by user", - "type": "string", - "readOnly": true - } + "x-ms-client-flatten": true, + "$ref": "#/definitions/TransparentDataEncryptionProperties", + "description": "Represents the properties of the resource." } }, - "RestorePoint": { - "description": "Database restore points.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "location": { - "description": "Resource location.", - "type": "string", - "readOnly": true - }, - "properties": { - "$ref": "#/definitions/RestorePointProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "ReplicationLinkProperties": { - "properties": { - "isTerminationAllowed": { - "readOnly": true, - "type": "boolean", - "description": "Legacy value indicating whether termination is allowed. Currently always returns true." - }, - "replicationMode": { - "readOnly": true, - "type": "string", - "description": "Replication mode of this replication link." - }, - "partnerServer": { - "readOnly": true, - "type": "string", - "description": "The name of the workspace hosting the partner Sql pool." - }, - "partnerDatabase": { - "readOnly": true, - "type": "string", - "description": "The name of the partner Sql pool." - }, - "partnerLocation": { - "readOnly": true, - "type": "string", - "description": "The Azure Region of the partner Sql pool." - }, - "role": { - "readOnly": true, - "type": "string", - "description": "The role of the Sql pool in the replication link.", - "enum": [ - "Primary", - "Secondary", - "NonReadableSecondary", - "Source", - "Copy" - ], - "x-ms-enum": { - "name": "ReplicationRole" - } - }, - "partnerRole": { - "readOnly": true, - "type": "string", - "description": "The role of the partner Sql pool in the replication link.", - "enum": [ - "Primary", - "Secondary", - "NonReadableSecondary", - "Source", - "Copy" - ], - "x-ms-enum": { - "name": "ReplicationRole" - } - }, - "startTime": { - "readOnly": true, - "type": "string", - "format": "date-time", - "description": "The start time for the replication link." - }, - "percentComplete": { - "readOnly": true, - "type": "integer", - "format": "int32", - "description": "The percentage of seeding complete for the replication link." - }, - "replicationState": { - "readOnly": true, - "type": "string", - "description": "The replication state for the replication link.", - "enum": [ - "PENDING", - "SEEDING", - "CATCH_UP", - "SUSPENDED" - ], - "x-ms-enum": { - "name": "ReplicationState", - "modelAsString": true - } + ], + "description": "Represents a Sql pool transparent data encryption configuration." + }, + "SqlPoolBlobAuditingPolicyProperties": { + "description": "Properties of a Sql pool blob auditing policy.", + "required": [ + "state" + ], + "type": "object", + "properties": { + "state": { + "description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.", + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "BlobAuditingPolicyState", + "modelAsString": false } }, - "description": "Represents the properties of a Sql pool replication link." - }, - "ReplicationLink": { - "properties": { - "location": { - "type": "string", - "description": "Location of the workspace that contains this firewall rule.", - "readOnly": true - }, - "type": { - "type": "string", - "description": "Type of resource this is.", - "readOnly": true - }, - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/ReplicationLinkProperties", - "description": "The properties representing the resource." - } + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required.", + "type": "string" }, - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "description": "Represents a Sql pool replication link." - }, - "ReplicationLinkListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/ReplicationLink" - }, - "description": "The list of Sql pool replication links housed in the Sql pool." - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, storageAccountAccessKey is required.", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] }, - "description": "Represents the response to a List Sql pool replication link request." - }, - "TransparentDataEncryptionProperties": { - "properties": { - "status": { - "type": "string", - "description": "The status of the database transparent data encryption.", - "enum": [ - "Enabled", - "Disabled" - ], - "x-ms-enum": { - "name": "TransparentDataEncryptionStatus" - } - } + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the audit logs in the storage account.", + "type": "integer" }, - "description": "Represents the properties of a database transparent data encryption." - }, - "TransparentDataEncryption": { - "properties": { - "location": { - "type": "string", - "readOnly": true, - "description": "Resource location." - }, - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/TransparentDataEncryptionProperties", - "description": "Represents the properties of the resource." - } - }, - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "description": "Represents a Sql pool transparent data encryption configuration." - }, - "SqlPoolBlobAuditingPolicyProperties": { - "description": "Properties of a Sql pool blob auditing policy.", - "required": [ - "state" - ], - "type": "object", - "properties": { - "state": { - "description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.", - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string", - "x-ms-enum": { - "name": "BlobAuditingPolicyState", - "modelAsString": false - } - }, - "storageEndpoint": { - "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required.", - "type": "string" - }, - "storageAccountAccessKey": { - "description": "Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, storageAccountAccessKey is required.", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "retentionDays": { - "format": "int32", - "description": "Specifies the number of days to keep in the audit logs in the storage account.", - "type": "integer" - }, - "auditActionsAndGroups": { - "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)", - "type": "array", - "items": { - "type": "string" - } - }, - "storageAccountSubscriptionId": { - "format": "uuid", - "description": "Specifies the blob storage subscription Id.", + "auditActionsAndGroups": { + "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)", + "type": "array", + "items": { "type": "string" - }, - "isStorageSecondaryKeyInUse": { - "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.", - "type": "boolean" - }, - "isAzureMonitorTargetEnabled": { - "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n", - "type": "boolean" - } - } - }, - "SqlPoolBlobAuditingPolicy": { - "description": "A Sql pool blob auditing policy.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "kind": { - "description": "Resource kind.", - "type": "string", - "readOnly": true - }, - "properties": { - "$ref": "#/definitions/SqlPoolBlobAuditingPolicyProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true } + }, + "storageAccountSubscriptionId": { + "format": "uuid", + "description": "Specifies the blob storage subscription Id.", + "type": "string" + }, + "isStorageSecondaryKeyInUse": { + "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.", + "type": "boolean" + }, + "isAzureMonitorTargetEnabled": { + "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n", + "type": "boolean" } - }, - "SqlPoolBlobAuditingPolicySqlPoolOperationListResult": { - "description": "The response to a list Sql pool operations request", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolOperation" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + } + }, + "SqlPoolBlobAuditingPolicy": { + "description": "A Sql pool blob auditing policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "SqlPoolOperationProperties": { - "description": "The properties of a Sql pool operation.", - "type": "object", + ], + "properties": { + "kind": { + "description": "Resource kind.", + "type": "string", + "readOnly": true + }, "properties": { - "databaseName": { - "description": "The name of the Sql pool the operation is being performed on.", - "type": "string", - "readOnly": true - }, - "operation": { - "description": "The name of operation.", - "type": "string", - "readOnly": true - }, - "operationFriendlyName": { - "description": "The friendly name of operation.", - "type": "string", - "readOnly": true - }, - "percentComplete": { - "format": "int32", - "description": "The percentage of the operation completed.", - "type": "integer", - "readOnly": true - }, - "serverName": { - "description": "The name of the server.", - "type": "string", - "readOnly": true - }, - "startTime": { - "format": "date-time", - "description": "The operation start time.", - "type": "string", - "readOnly": true - }, - "state": { - "description": "The operation state.", - "enum": [ - "Pending", - "InProgress", - "Succeeded", - "Failed", - "CancelInProgress", - "Cancelled" - ], - "type": "string", - "readOnly": true, - "x-ms-enum": { - "name": "ManagementOperationState", - "modelAsString": true - } - }, - "errorCode": { - "format": "int32", - "description": "The operation error code.", - "type": "integer", - "readOnly": true - }, - "errorDescription": { - "description": "The operation error description.", - "type": "string", - "readOnly": true - }, - "errorSeverity": { - "format": "int32", - "description": "The operation error severity.", - "type": "integer", - "readOnly": true - }, - "isUserError": { - "description": "Whether or not the error is a user error.", - "type": "boolean", - "readOnly": true - }, - "estimatedCompletionTime": { - "format": "date-time", - "description": "The estimated completion time of the operation.", - "type": "string", - "readOnly": true - }, - "description": { - "description": "The operation description.", - "type": "string", - "readOnly": true - }, - "isCancellable": { - "description": "Whether the operation can be cancelled.", - "type": "boolean", - "readOnly": true - } + "$ref": "#/definitions/SqlPoolBlobAuditingPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } - }, - "SqlPoolOperation": { - "description": "A Sql pool operation.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "properties": { - "$ref": "#/definitions/SqlPoolOperationProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } + } + }, + "SqlPoolBlobAuditingPolicySqlPoolOperationListResult": { + "description": "The response to a list Sql pool operations request", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolOperation" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true } - }, - "SqlPoolUsage": { - "properties": { - "name": { - "readOnly": true, - "type": "string", - "description": "The name of the usage metric." - }, - "resourceName": { - "readOnly": true, - "type": "string", - "description": "The name of the resource." - }, - "displayName": { - "readOnly": true, - "type": "string", - "description": "The usage metric display name." - }, - "currentValue": { - "readOnly": true, - "type": "number", - "format": "double", - "description": "The current value of the usage metric." - }, - "limit": { - "readOnly": true, - "type": "number", - "format": "double", - "description": "The current limit of the usage metric." - }, - "unit": { - "readOnly": true, - "type": "string", - "description": "The units of the usage metric." - }, - "nextResetTime": { - "readOnly": true, - "type": "string", - "format": "date-time", - "description": "The next reset time for the usage metric (ISO8601 format)." - } + } + }, + "SqlPoolOperationProperties": { + "description": "The properties of a Sql pool operation.", + "type": "object", + "properties": { + "databaseName": { + "description": "The name of the Sql pool the operation is being performed on.", + "type": "string", + "readOnly": true }, - "description": "The Sql pool usages." - }, - "SqlPoolUsageListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolUsage" - }, - "description": "The list of usages for the Sql pool." - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + "operation": { + "description": "The name of operation.", + "type": "string", + "readOnly": true }, - "required": [ - "value" - ], - "description": "The response to a list Sql pool usages request." - }, - "SensitivityLabelProperties": { - "description": "Properties of a sensitivity label.", - "type": "object", - "properties": { - "labelName": { - "description": "The label name.", - "type": "string" - }, - "labelId": { - "description": "The label ID.", - "type": "string" - }, - "informationType": { - "description": "The information type.", - "type": "string" - }, - "informationTypeId": { - "description": "The information type ID.", - "type": "string" - }, - "isDisabled": { - "description": "Is sensitivity recommendation disabled. Applicable for recommended sensitivity label only. Specifies whether the sensitivity recommendation on this column is disabled (dismissed) or not.", - "type": "boolean", - "readOnly": true + "operationFriendlyName": { + "description": "The friendly name of operation.", + "type": "string", + "readOnly": true + }, + "percentComplete": { + "format": "int32", + "description": "The percentage of the operation completed.", + "type": "integer", + "readOnly": true + }, + "serverName": { + "description": "The name of the server.", + "type": "string", + "readOnly": true + }, + "startTime": { + "format": "date-time", + "description": "The operation start time.", + "type": "string", + "readOnly": true + }, + "state": { + "description": "The operation state.", + "enum": [ + "Pending", + "InProgress", + "Succeeded", + "Failed", + "CancelInProgress", + "Cancelled" + ], + "type": "string", + "readOnly": true, + "x-ms-enum": { + "name": "ManagementOperationState", + "modelAsString": true } + }, + "errorCode": { + "format": "int32", + "description": "The operation error code.", + "type": "integer", + "readOnly": true + }, + "errorDescription": { + "description": "The operation error description.", + "type": "string", + "readOnly": true + }, + "errorSeverity": { + "format": "int32", + "description": "The operation error severity.", + "type": "integer", + "readOnly": true + }, + "isUserError": { + "description": "Whether or not the error is a user error.", + "type": "boolean", + "readOnly": true + }, + "estimatedCompletionTime": { + "format": "date-time", + "description": "The estimated completion time of the operation.", + "type": "string", + "readOnly": true + }, + "description": { + "description": "The operation description.", + "type": "string", + "readOnly": true + }, + "isCancellable": { + "description": "Whether the operation can be cancelled.", + "type": "boolean", + "readOnly": true } - }, - "SensitivityLabel": { - "description": "A sensitivity label.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "properties": { - "$ref": "#/definitions/SensitivityLabelProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } + } + }, + "SqlPoolOperation": { + "description": "A Sql pool operation.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "SensitivityLabelListResult": { - "description": "A list of sensitivity labels.", - "type": "object", + ], + "properties": { "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SensitivityLabel" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + "$ref": "#/definitions/SqlPoolOperationProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } - }, - "SqlPoolSchema": { - "description": "A Sql pool schema resource.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ] - }, - "SqlPoolSchemaListResult": { - "description": "A list of Sql pool schemas.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolSchema" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + } + }, + "SqlPoolUsage": { + "properties": { + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the usage metric." + }, + "resourceName": { + "readOnly": true, + "type": "string", + "description": "The name of the resource." + }, + "displayName": { + "readOnly": true, + "type": "string", + "description": "The usage metric display name." + }, + "currentValue": { + "readOnly": true, + "type": "number", + "format": "double", + "description": "The current value of the usage metric." + }, + "limit": { + "readOnly": true, + "type": "number", + "format": "double", + "description": "The current limit of the usage metric." + }, + "unit": { + "readOnly": true, + "type": "string", + "description": "The units of the usage metric." + }, + "nextResetTime": { + "readOnly": true, + "type": "string", + "format": "date-time", + "description": "The next reset time for the usage metric (ISO8601 format)." } }, - "SqlPoolTable": { - "description": "A Sql pool table resource.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ] - }, - "SqlPoolTableListResult": { - "description": "A list of Sql pool tables.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolTable" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + "description": "The Sql pool usages." + }, + "SqlPoolUsageListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolUsage" + }, + "description": "The list of usages for the Sql pool." + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true } }, - "SqlPoolColumnProperties": { - "description": "Sql pool column properties.", - "type": "object", - "properties": { - "columnType": { - "description": "The column data type.", - "enum": [ - "image", - "text", - "uniqueidentifier", - "date", - "time", - "datetime2", - "datetimeoffset", - "tinyint", - "smallint", - "int", - "smalldatetime", - "real", - "money", - "datetime", - "float", - "sql_variant", - "ntext", - "bit", - "decimal", - "numeric", - "smallmoney", - "bigint", - "hierarchyid", - "geometry", - "geography", - "varbinary", - "varchar", - "binary", - "char", - "timestamp", - "nvarchar", - "nchar", - "xml", - "sysname" - ], - "type": "string", - "x-ms-enum": { - "name": "ColumnDataType", - "modelAsString": true - } - } + "required": [ + "value" + ], + "description": "The response to a list Sql pool usages request." + }, + "SensitivityLabelProperties": { + "description": "Properties of a sensitivity label.", + "type": "object", + "properties": { + "labelName": { + "description": "The label name.", + "type": "string" + }, + "labelId": { + "description": "The label ID.", + "type": "string" + }, + "informationType": { + "description": "The information type.", + "type": "string" + }, + "informationTypeId": { + "description": "The information type ID.", + "type": "string" + }, + "isDisabled": { + "description": "Is sensitivity recommendation disabled. Applicable for recommended sensitivity label only. Specifies whether the sensitivity recommendation on this column is disabled (dismissed) or not.", + "type": "boolean", + "readOnly": true } - }, - "SqlPoolColumn": { - "description": "A Sql pool column resource.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "properties": { - "$ref": "#/definitions/SqlPoolColumnProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } + } + }, + "SensitivityLabel": { + "description": "A sensitivity label.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "SqlPoolColumnListResult": { - "description": "A list of Sql pool columns.", - "type": "object", + ], + "properties": { "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolColumn" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + "$ref": "#/definitions/SensitivityLabelProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } - }, - "SqlPoolConnectionPolicyProperties": { - "description": "Properties of a Sql pool connection policy.", - "type": "object", - "properties": { - "securityEnabledAccess": { - "description": "The state of security access.", - "type": "string" - }, - "proxyDnsName": { - "description": "The fully qualified host name of the auditing proxy.", - "type": "string" - }, - "proxyPort": { - "description": "The port number of the auditing proxy.", - "type": "string" - }, - "visibility": { - "description": "The visibility of the auditing proxy.", - "type": "string" - }, - "useServerDefault": { - "description": "Whether server default is enabled or disabled.", - "type": "string" - }, - "redirectionState": { - "description": "The state of proxy redirection.", - "type": "string" - }, - "state": { - "description": "The connection policy state.", - "type": "string" - } + } + }, + "SensitivityLabelListResult": { + "description": "A list of sensitivity labels.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SensitivityLabel" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true } - }, - "SqlPoolConnectionPolicy": { - "description": "A Sql pool connection policy.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "kind": { - "description": "Resource kind.", - "type": "string", - "readOnly": true - }, - "location": { - "type": "string", - "readOnly": true, - "description": "Resource location." - }, - "properties": { - "$ref": "#/definitions/SqlPoolConnectionPolicyProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } + } + }, + "SqlPoolSchema": { + "description": "A Sql pool schema resource.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "SqlPoolVulnerabilityAssessmentProperties": { - "description": "Properties of a Sql pool Vulnerability Assessment.", - "type": "object", - "properties": { - "storageContainerPath": { - "description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "storageContainerSasKey": { - "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required.", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "storageAccountAccessKey": { - "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required.", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "recurringScans": { - "$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties", - "description": "The recurring scans settings" - } + ] + }, + "SqlPoolSchemaListResult": { + "description": "A list of Sql pool schemas.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolSchema" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true } - }, - "VulnerabilityAssessmentRecurringScansProperties": { - "description": "Properties of a Vulnerability Assessment recurring scans.", - "type": "object", - "properties": { - "isEnabled": { - "description": "Recurring scans state.", - "type": "boolean" - }, - "emailSubscriptionAdmins": { - "description": "Specifies that the schedule scan notification will be is sent to the subscription administrators.", - "default": true, - "type": "boolean" - }, - "emails": { - "description": "Specifies an array of e-mail addresses to which the scan notification is sent.", - "type": "array", - "items": { - "type": "string" - } - } + } + }, + "SqlPoolTable": { + "description": "A Sql pool table resource.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "SqlPoolVulnerabilityAssessment": { - "description": "A Sql pool vulnerability assessment.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "properties": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } + ] + }, + "SqlPoolTableListResult": { + "description": "A list of Sql pool tables.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolTable" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true } - }, - "SqlPoolVulnerabilityAssessmentListResult": { - "description": "A list of the Sql pool's vulnerability assessments.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessment" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true + } + }, + "SqlPoolColumnProperties": { + "description": "Sql pool column properties.", + "type": "object", + "properties": { + "columnType": { + "description": "The column data type.", + "enum": [ + "image", + "text", + "uniqueidentifier", + "date", + "time", + "datetime2", + "datetimeoffset", + "tinyint", + "smallint", + "int", + "smalldatetime", + "real", + "money", + "datetime", + "float", + "sql_variant", + "ntext", + "bit", + "decimal", + "numeric", + "smallmoney", + "bigint", + "hierarchyid", + "geometry", + "geography", + "varbinary", + "varchar", + "binary", + "char", + "timestamp", + "nvarchar", + "nchar", + "xml", + "sysname" + ], + "type": "string", + "x-ms-enum": { + "name": "ColumnDataType", + "modelAsString": true } } - }, - "VulnerabilityAssessmentScanRecordListResult": { - "description": "A list of vulnerability assessment scan records.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/VulnerabilityAssessmentScanRecord" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + } + }, + "SqlPoolColumn": { + "description": "A Sql pool column resource.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "VulnerabilityAssessmentScanRecord": { - "description": "A vulnerability assessment scan record.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], + ], + "properties": { "properties": { - "properties": { - "$ref": "#/definitions/VulnerabilityAssessmentScanRecordProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } + "$ref": "#/definitions/SqlPoolColumnProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } - }, - "VulnerabilityAssessmentScanRecordProperties": { - "description": "Properties of a vulnerability assessment scan record.", - "type": "object", - "properties": { - "scanId": { - "description": "The scan ID.", - "type": "string", - "readOnly": true - }, - "triggerType": { - "description": "The scan trigger type.", - "enum": [ - "OnDemand", - "Recurring" - ], - "type": "string", - "readOnly": true, - "x-ms-enum": { - "name": "VulnerabilityAssessmentScanTriggerType", - "modelAsString": true - } - }, - "state": { - "description": "The scan status.", - "enum": [ - "Passed", - "Failed", - "FailedToRun", - "InProgress" - ], - "type": "string", - "readOnly": true, - "x-ms-enum": { - "name": "VulnerabilityAssessmentScanState", - "modelAsString": true - } - }, - "startTime": { - "format": "date-time", - "description": "The scan start time (UTC).", - "type": "string", - "readOnly": true - }, - "endTime": { - "format": "date-time", - "description": "The scan end time (UTC).", - "type": "string", - "readOnly": true - }, - "errors": { - "description": "The scan errors.", - "type": "array", - "items": { - "$ref": "#/definitions/VulnerabilityAssessmentScanError" - }, - "readOnly": true - }, - "storageContainerPath": { - "description": "The scan results storage container path.", - "type": "string", - "readOnly": true - }, - "numberOfFailedSecurityChecks": { - "format": "int32", - "description": "The number of failed security checks.", - "type": "integer", - "readOnly": true - } + } + }, + "SqlPoolColumnListResult": { + "description": "A list of Sql pool columns.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolColumn" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true } - }, - "VulnerabilityAssessmentScanError": { - "description": "Properties of a vulnerability assessment scan error.", - "type": "object", - "properties": { - "code": { - "description": "The error code.", - "type": "string", - "readOnly": true - }, - "message": { - "description": "The error message.", - "type": "string", - "readOnly": true - } + } + }, + "SqlPoolConnectionPolicyProperties": { + "description": "Properties of a Sql pool connection policy.", + "type": "object", + "properties": { + "securityEnabledAccess": { + "description": "The state of security access.", + "type": "string" + }, + "proxyDnsName": { + "description": "The fully qualified host name of the auditing proxy.", + "type": "string" + }, + "proxyPort": { + "description": "The port number of the auditing proxy.", + "type": "string" + }, + "visibility": { + "description": "The visibility of the auditing proxy.", + "type": "string" + }, + "useServerDefault": { + "description": "Whether server default is enabled or disabled.", + "type": "string" + }, + "redirectionState": { + "description": "The state of proxy redirection.", + "type": "string" + }, + "state": { + "description": "The connection policy state.", + "type": "string" } - }, - "SecurityAlertPolicyProperties": { - "description": "Properties of a security alert policy.", - "required": [ - "state" - ], - "type": "object", - "properties": { - "state": { - "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific Sql pool.", - "enum": [ - "New", - "Enabled", - "Disabled" - ], - "type": "string", - "x-ms-enum": { - "name": "SecurityAlertPolicyState", - "modelAsString": false - } - }, - "disabledAlerts": { - "description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action", - "type": "array", - "items": { - "type": "string" - } - }, - "emailAddresses": { - "description": "Specifies an array of e-mail addresses to which the alert is sent.", - "type": "array", - "items": { - "type": "string" - } - }, - "emailAccountAdmins": { - "description": "Specifies that the alert is sent to the account administrators.", - "type": "boolean" - }, - "storageEndpoint": { - "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.", - "type": "string" - }, - "storageAccountAccessKey": { - "description": "Specifies the identifier key of the Threat Detection audit storage account.", - "type": "string" - }, - "retentionDays": { - "format": "int32", - "description": "Specifies the number of days to keep in the Threat Detection audit logs.", - "type": "integer" - }, - "creationTime": { - "format": "date-time", - "description": "Specifies the UTC creation time of the policy.", - "type": "string", - "readOnly": true - } + } + }, + "SqlPoolConnectionPolicy": { + "description": "A Sql pool connection policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "SqlPoolSecurityAlertPolicy": { - "description": "A Sql pool security alert policy.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], + ], + "properties": { + "kind": { + "description": "Resource kind.", + "type": "string", + "readOnly": true + }, + "location": { + "type": "string", + "readOnly": true, + "description": "Resource location." + }, "properties": { - "properties": { - "$ref": "#/definitions/SecurityAlertPolicyProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true + "$ref": "#/definitions/SqlPoolConnectionPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "SqlPoolVulnerabilityAssessmentProperties": { + "description": "Properties of a Sql pool Vulnerability Assessment.", + "type": "object", + "properties": { + "storageContainerPath": { + "description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "storageContainerSasKey": { + "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required.", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required.", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "recurringScans": { + "$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties", + "description": "The recurring scans settings" + } + } + }, + "VulnerabilityAssessmentRecurringScansProperties": { + "description": "Properties of a Vulnerability Assessment recurring scans.", + "type": "object", + "properties": { + "isEnabled": { + "description": "Recurring scans state.", + "type": "boolean" + }, + "emailSubscriptionAdmins": { + "description": "Specifies that the schedule scan notification will be is sent to the subscription administrators.", + "default": true, + "type": "boolean" + }, + "emails": { + "description": "Specifies an array of e-mail addresses to which the scan notification is sent.", + "type": "array", + "items": { + "type": "string" } } - }, - "SqlPoolVulnerabilityAssessmentRuleBaselineProperties": { - "description": "Properties of a Sql pool vulnerability assessment rule baseline.", - "required": [ - "baselineResults" - ], - "type": "object", - "properties": { - "baselineResults": { - "description": "The rule baseline result", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineItem" - } - } + } + }, + "SqlPoolVulnerabilityAssessment": { + "description": "A Sql pool vulnerability assessment.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" } - }, - "SqlPoolVulnerabilityAssessmentRuleBaselineItem": { - "description": "Properties for an Sql pool vulnerability assessment rule baseline's result.", - "required": [ - "result" - ], - "type": "object", + ], + "properties": { "properties": { - "result": { - "description": "The rule baseline result", - "type": "array", - "items": { - "type": "string" - } - } + "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } - }, - "SqlPoolVulnerabilityAssessmentRuleBaseline": { - "description": "A Sql pool vulnerability assessment rule baseline.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "properties": { - "properties": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true - } + } + }, + "SqlPoolVulnerabilityAssessmentListResult": { + "description": "A list of the Sql pool's vulnerability assessments.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolVulnerabilityAssessment" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true } - }, - "SqlPoolVulnerabilityAssessmentScanExportProperties": { - "description": "Properties of the export operation's result.", - "type": "object", + } + }, + "VulnerabilityAssessmentScanRecordListResult": { + "description": "A list of vulnerability assessment scan records.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/VulnerabilityAssessmentScanRecord" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } + }, + "VulnerabilityAssessmentScanRecord": { + "description": "A vulnerability assessment scan record.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { "properties": { - "exportedReportLocation": { - "description": "Location of the exported report (e.g. https://myStorage.blob.core.windows.net/VaScans/scans/serverName/databaseName/scan_scanId.xlsx).", - "type": "string", - "readOnly": true - } + "$ref": "#/definitions/VulnerabilityAssessmentScanRecordProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } - }, - "SqlPoolVulnerabilityAssessmentScansExport": { - "description": "A Sql pool Vulnerability Assessment scan export resource.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + }, + "VulnerabilityAssessmentScanRecordProperties": { + "description": "Properties of a vulnerability assessment scan record.", + "type": "object", + "properties": { + "scanId": { + "description": "The scan ID.", + "type": "string", + "readOnly": true + }, + "triggerType": { + "description": "The scan trigger type.", + "enum": [ + "OnDemand", + "Recurring" + ], + "type": "string", + "readOnly": true, + "x-ms-enum": { + "name": "VulnerabilityAssessmentScanTriggerType", + "modelAsString": true } - ], - "properties": { - "properties": { - "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentScanExportProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true + }, + "state": { + "description": "The scan status.", + "enum": [ + "Passed", + "Failed", + "FailedToRun", + "InProgress" + ], + "type": "string", + "readOnly": true, + "x-ms-enum": { + "name": "VulnerabilityAssessmentScanState", + "modelAsString": true } + }, + "startTime": { + "format": "date-time", + "description": "The scan start time (UTC).", + "type": "string", + "readOnly": true + }, + "endTime": { + "format": "date-time", + "description": "The scan end time (UTC).", + "type": "string", + "readOnly": true + }, + "errors": { + "description": "The scan errors.", + "type": "array", + "items": { + "$ref": "#/definitions/VulnerabilityAssessmentScanError" + }, + "readOnly": true + }, + "storageContainerPath": { + "description": "The scan results storage container path.", + "type": "string", + "readOnly": true + }, + "numberOfFailedSecurityChecks": { + "format": "int32", + "description": "The number of failed security checks.", + "type": "integer", + "readOnly": true } - }, - "ResourceMoveDefinition": { - "description": "Contains the information necessary to perform a resource move (rename).", - "required": [ - "id" - ], - "type": "object", - "properties": { - "id": { - "description": "The target ID for the resource", + } + }, + "VulnerabilityAssessmentScanError": { + "description": "Properties of a vulnerability assessment scan error.", + "type": "object", + "properties": { + "code": { + "description": "The error code.", + "type": "string", + "readOnly": true + }, + "message": { + "description": "The error message.", + "type": "string", + "readOnly": true + } + } + }, + "SecurityAlertPolicyProperties": { + "description": "Properties of a security alert policy.", + "required": [ + "state" + ], + "type": "object", + "properties": { + "state": { + "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific Sql pool.", + "enum": [ + "New", + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "SecurityAlertPolicyState", + "modelAsString": false + } + }, + "disabledAlerts": { + "description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action", + "type": "array", + "items": { "type": "string" } - } - }, - "CreateSqlPoolRestorePointDefinition": { - "description": "Contains the information necessary to perform a create Sql pool restore point operation.", - "required": [ - "restorePointLabel" - ], - "type": "object", - "properties": { - "restorePointLabel": { - "description": "The restore point label to apply", + }, + "emailAddresses": { + "description": "Specifies an array of e-mail addresses to which the alert is sent.", + "type": "array", + "items": { "type": "string" } + }, + "emailAccountAdmins": { + "description": "Specifies that the alert is sent to the account administrators.", + "type": "boolean" + }, + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.", + "type": "string" + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the Threat Detection audit storage account.", + "type": "string" + }, + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the Threat Detection audit logs.", + "type": "integer" + }, + "creationTime": { + "format": "date-time", + "description": "Specifies the UTC creation time of the policy.", + "type": "string", + "readOnly": true } - }, - "ExtendedSqlPoolBlobAuditingPolicy": { - "description": "An extended Sql pool blob auditing policy.", - "type": "object", - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], + } + }, + "SqlPoolSecurityAlertPolicy": { + "description": "A Sql pool security alert policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { "properties": { - "properties": { - "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicyProperties", - "description": "Resource properties.", - "x-ms-client-flatten": true + "$ref": "#/definitions/SecurityAlertPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "SqlPoolVulnerabilityAssessmentRuleBaselineProperties": { + "description": "Properties of a Sql pool vulnerability assessment rule baseline.", + "required": [ + "baselineResults" + ], + "type": "object", + "properties": { + "baselineResults": { + "description": "The rule baseline result", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineItem" } } - }, - "ExtendedSqlPoolBlobAuditingPolicyProperties": { - "description": "Properties of an extended Sql pool blob auditing policy.", - "required": [ - "state" - ], - "type": "object", - "properties": { - "predicateExpression": { - "description": "Specifies condition of where clause when creating an audit.", - "type": "string" - }, - "state": { - "description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.", - "enum": [ - "Enabled", - "Disabled" - ], - "type": "string", - "x-ms-enum": { - "name": "BlobAuditingPolicyState", - "modelAsString": false - } - }, - "storageEndpoint": { - "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.", - "type": "string" - }, - "storageAccountAccessKey": { - "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)", - "type": "string", - "x-ms-mutability": [ - "create", - "update" - ] - }, - "retentionDays": { - "format": "int32", - "description": "Specifies the number of days to keep in the audit logs in the storage account.", - "type": "integer" - }, - "auditActionsAndGroups": { - "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)", - "type": "array", - "items": { - "type": "string" - } - }, - "storageAccountSubscriptionId": { - "format": "uuid", - "description": "Specifies the blob storage subscription Id.", + } + }, + "SqlPoolVulnerabilityAssessmentRuleBaselineItem": { + "description": "Properties for an Sql pool vulnerability assessment rule baseline's result.", + "required": [ + "result" + ], + "type": "object", + "properties": { + "result": { + "description": "The rule baseline result", + "type": "array", + "items": { "type": "string" - }, - "isStorageSecondaryKeyInUse": { - "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.", - "type": "boolean" - }, - "isAzureMonitorTargetEnabled": { - "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n", - "type": "boolean" - }, - "queueDelayMs": { - "format": "int32", - "description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.", - "type": "integer" } } - }, - "ExtendedSqlPoolBlobAuditingPolicyListResult": { - "description": "A list of sql pool extended auditing settings.", - "type": "object", + } + }, + "SqlPoolVulnerabilityAssessmentRuleBaseline": { + "description": "A Sql pool vulnerability assessment rule baseline.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicy" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true - } + "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true } - }, - "DataMaskingPolicy": { + } + }, + "SqlPoolVulnerabilityAssessmentScanExportProperties": { + "description": "Properties of the export operation's result.", + "type": "object", + "properties": { + "exportedReportLocation": { + "description": "Location of the exported report (e.g. https://myStorage.blob.core.windows.net/VaScans/scans/serverName/databaseName/scan_scanId.xlsx).", + "type": "string", + "readOnly": true + } + } + }, + "SqlPoolVulnerabilityAssessmentScansExport": { + "description": "A Sql pool Vulnerability Assessment scan export resource.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/DataMaskingPolicyProperties", - "description": "The properties of the data masking policy." - }, - "location": { - "type": "string", - "readOnly": true, - "description": "The location of the data masking policy." - }, - "kind": { - "type": "string", - "readOnly": true, - "description": "The kind of data masking policy. Metadata, used for Azure portal." + "$ref": "#/definitions/SqlPoolVulnerabilityAssessmentScanExportProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "ResourceMoveDefinition": { + "description": "Contains the information necessary to perform a resource move (rename).", + "required": [ + "id" + ], + "type": "object", + "properties": { + "id": { + "description": "The target ID for the resource", + "type": "string" + } + } + }, + "CreateSqlPoolRestorePointDefinition": { + "description": "Contains the information necessary to perform a create Sql pool restore point operation.", + "required": [ + "restorePointLabel" + ], + "type": "object", + "properties": { + "restorePointLabel": { + "description": "The restore point label to apply", + "type": "string" + } + } + }, + "ExtendedSqlPoolBlobAuditingPolicy": { + "description": "An extended Sql pool blob auditing policy.", + "type": "object", + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } + }, + "ExtendedSqlPoolBlobAuditingPolicyProperties": { + "description": "Properties of an extended Sql pool blob auditing policy.", + "required": [ + "state" + ], + "type": "object", + "properties": { + "predicateExpression": { + "description": "Specifies condition of where clause when creating an audit.", + "type": "string" + }, + "state": { + "description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.", + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "BlobAuditingPolicyState", + "modelAsString": false } }, - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.", + "type": "string" + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)", + "type": "string", + "x-ms-mutability": [ + "create", + "update" + ] + }, + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the audit logs in the storage account.", + "type": "integer" + }, + "auditActionsAndGroups": { + "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)", + "type": "array", + "items": { + "type": "string" } - ], - "description": "Represents a database data masking policy." - }, - "DataMaskingPolicyProperties": { + }, + "storageAccountSubscriptionId": { + "format": "uuid", + "description": "Specifies the blob storage subscription Id.", + "type": "string" + }, + "isStorageSecondaryKeyInUse": { + "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.", + "type": "boolean" + }, + "isAzureMonitorTargetEnabled": { + "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n", + "type": "boolean" + }, + "queueDelayMs": { + "format": "int32", + "description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.", + "type": "integer" + } + } + }, + "ExtendedSqlPoolBlobAuditingPolicyListResult": { + "description": "A list of sql pool extended auditing settings.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } + } + }, + "DataMaskingPolicy": { + "properties": { "properties": { - "dataMaskingState": { - "type": "string", - "description": "The state of the data masking policy.", - "enum": [ - "Disabled", - "Enabled" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "DataMaskingState" - } - }, - "exemptPrincipals": { - "type": "string", - "description": "The list of the exempt principals. Specifies the semicolon-separated list of database users for which the data masking policy does not apply. The specified users receive data results without masking for all of the database queries." - }, - "applicationPrincipals": { - "type": "string", - "description": "The list of the application principals. This is a legacy parameter and is no longer used.", - "readOnly": true - }, - "maskingLevel": { - "type": "string", - "description": "The masking level. This is a legacy parameter and is no longer used.", - "readOnly": true - } + "x-ms-client-flatten": true, + "$ref": "#/definitions/DataMaskingPolicyProperties", + "description": "The properties of the data masking policy." }, - "required": [ - "dataMaskingState" - ], - "description": "The properties of a database data masking policy." + "location": { + "type": "string", + "readOnly": true, + "description": "The location of the data masking policy." + }, + "kind": { + "type": "string", + "readOnly": true, + "description": "The kind of data masking policy. Metadata, used for Azure portal." + } }, - "DataMaskingRule": { - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/DataMaskingRuleProperties", - "description": "The properties of the resource." - }, - "location": { - "type": "string", - "readOnly": true, - "description": "The location of the data masking rule." - }, - "kind": { - "type": "string", - "readOnly": true, - "description": "The kind of Data Masking Rule. Metadata, used for Azure portal." + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Represents a database data masking policy." + }, + "DataMaskingPolicyProperties": { + "properties": { + "dataMaskingState": { + "type": "string", + "description": "The state of the data masking policy.", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingState" } }, - "allOf": [ - { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" - } - ], - "description": "Represents a Sql pool data masking rule." + "exemptPrincipals": { + "type": "string", + "description": "The list of the exempt principals. Specifies the semicolon-separated list of database users for which the data masking policy does not apply. The specified users receive data results without masking for all of the database queries." + }, + "applicationPrincipals": { + "type": "string", + "description": "The list of the application principals. This is a legacy parameter and is no longer used.", + "readOnly": true + }, + "maskingLevel": { + "type": "string", + "description": "The masking level. This is a legacy parameter and is no longer used.", + "readOnly": true + } }, - "DataMaskingRuleProperties": { + "required": [ + "dataMaskingState" + ], + "description": "The properties of a database data masking policy." + }, + "DataMaskingRule": { + "properties": { "properties": { - "id": { - "type": "string", - "description": "The rule Id.", - "readOnly": true - }, - "aliasName": { - "type": "string", - "description": "The alias name. This is a legacy parameter and is no longer used." - }, - "ruleState": { - "type": "string", - "description": "The rule state. Used to delete a rule. To delete an existing rule, specify the schemaName, tableName, columnName, maskingFunction, and specify ruleState as disabled. However, if the rule doesn't already exist, the rule will be created with ruleState set to enabled, regardless of the provided value of ruleState.", - "enum": [ - "Disabled", - "Enabled" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "DataMaskingRuleState" - } - }, - "schemaName": { - "type": "string", - "description": "The schema name on which the data masking rule is applied." - }, - "tableName": { - "type": "string", - "description": "The table name on which the data masking rule is applied." - }, - "columnName": { - "type": "string", - "description": "The column name on which the data masking rule is applied." - }, - "maskingFunction": { - "type": "string", - "description": "The masking function that is used for the data masking rule.", - "enum": [ - "Default", - "CCN", - "Email", - "Number", - "SSN", - "Text" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "DataMaskingFunction" - } - }, - "numberFrom": { - "type": "string", - "description": "The numberFrom property of the masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." - }, - "numberTo": { - "type": "string", - "description": "The numberTo property of the data masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." - }, - "prefixSize": { - "type": "string", - "description": "If maskingFunction is set to Text, the number of characters to show unmasked in the beginning of the string. Otherwise, this parameter will be ignored." - }, - "suffixSize": { - "type": "string", - "description": "If maskingFunction is set to Text, the number of characters to show unmasked at the end of the string. Otherwise, this parameter will be ignored." - }, - "replacementString": { - "type": "string", - "description": "If maskingFunction is set to Text, the character to use for masking the unexposed part of the string. Otherwise, this parameter will be ignored." - } + "x-ms-client-flatten": true, + "$ref": "#/definitions/DataMaskingRuleProperties", + "description": "The properties of the resource." }, - "required": [ - "maskingFunction", - "schemaName", - "tableName", - "columnName" - ], - "description": "The properties of a Sql pool data masking rule." + "location": { + "type": "string", + "readOnly": true, + "description": "The location of the data masking rule." + }, + "kind": { + "type": "string", + "readOnly": true, + "description": "The kind of Data Masking Rule. Metadata, used for Azure portal." + } }, - "DataMaskingRuleListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/DataMaskingRule" - }, - "description": "The list of Sql pool data masking rules." + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Represents a Sql pool data masking rule." + }, + "DataMaskingRuleProperties": { + "properties": { + "id": { + "type": "string", + "description": "The rule Id.", + "readOnly": true + }, + "aliasName": { + "type": "string", + "description": "The alias name. This is a legacy parameter and is no longer used." + }, + "ruleState": { + "type": "string", + "description": "The rule state. Used to delete a rule. To delete an existing rule, specify the schemaName, tableName, columnName, maskingFunction, and specify ruleState as disabled. However, if the rule doesn't already exist, the rule will be created with ruleState set to enabled, regardless of the provided value of ruleState.", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingRuleState" } }, - "description": "The response to a list data masking rules request." - }, - "SqlPoolBlobAuditingPolicyListResult": { - "description": "A list of Sql pool auditing settings.", - "type": "object", - "properties": { - "value": { - "description": "Array of results.", - "type": "array", - "items": { - "$ref": "#/definitions/SqlPoolBlobAuditingPolicy" - }, - "readOnly": true - }, - "nextLink": { - "description": "Link to retrieve next page of results.", - "type": "string", - "readOnly": true + "schemaName": { + "type": "string", + "description": "The schema name on which the data masking rule is applied." + }, + "tableName": { + "type": "string", + "description": "The table name on which the data masking rule is applied." + }, + "columnName": { + "type": "string", + "description": "The column name on which the data masking rule is applied." + }, + "maskingFunction": { + "type": "string", + "description": "The masking function that is used for the data masking rule.", + "enum": [ + "Default", + "CCN", + "Email", + "Number", + "SSN", + "Text" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingFunction" } + }, + "numberFrom": { + "type": "string", + "description": "The numberFrom property of the masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." + }, + "numberTo": { + "type": "string", + "description": "The numberTo property of the data masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." + }, + "prefixSize": { + "type": "string", + "description": "If maskingFunction is set to Text, the number of characters to show unmasked in the beginning of the string. Otherwise, this parameter will be ignored." + }, + "suffixSize": { + "type": "string", + "description": "If maskingFunction is set to Text, the number of characters to show unmasked at the end of the string. Otherwise, this parameter will be ignored." + }, + "replacementString": { + "type": "string", + "description": "If maskingFunction is set to Text, the character to use for masking the unexposed part of the string. Otherwise, this parameter will be ignored." } - } + }, + "required": [ + "maskingFunction", + "schemaName", + "tableName", + "columnName" + ], + "description": "The properties of a Sql pool data masking rule." }, - "parameters": { - "DataMaskingPolicyNameParameter": { - "name": "dataMaskingPolicyName", - "in": "path", - "required": true, - "type": "string", - "enum": [ - "Default" - ], - "x-ms-enum": { - "modelAsString": false, - "name": "DataMaskingPolicyName" - }, - "description": "The name of the data masking policy for which the masking rule applies.", - "x-ms-parameter-location": "method" + "DataMaskingRuleListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/DataMaskingRule" + }, + "description": "The list of Sql pool data masking rules." + } + }, + "description": "The response to a list data masking rules request." + }, + "SqlPoolBlobAuditingPolicyListResult": { + "description": "A list of Sql pool auditing settings.", + "type": "object", + "properties": { + "value": { + "description": "Array of results.", + "type": "array", + "items": { + "$ref": "#/definitions/SqlPoolBlobAuditingPolicy" + }, + "readOnly": true + }, + "nextLink": { + "description": "Link to retrieve next page of results.", + "type": "string", + "readOnly": true + } } } + }, + "parameters": { + "DataMaskingPolicyNameParameter": { + "name": "dataMaskingPolicyName", + "in": "path", + "required": true, + "type": "string", + "enum": [ + "Default" + ], + "x-ms-enum": { + "modelAsString": false, + "name": "DataMaskingPolicyName" + }, + "description": "The name of the data masking policy for which the masking rule applies.", + "x-ms-parameter-location": "method" + } } +} From e3b097dcce55ec498e7d2720eb0737dca82e23dd Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Mon, 12 Oct 2020 13:44:23 -0700 Subject: [PATCH 08/13] Adding definition for default responses --- specification/synapse/common/v1/types.json | 31 ++++++++++++++++++- .../preview/2019-06-01-preview/sqlPool.json | 26 +++++++++++++++- 2 files changed, 55 insertions(+), 2 deletions(-) diff --git a/specification/synapse/common/v1/types.json b/specification/synapse/common/v1/types.json index 6aaf16bf83f5..cd1e83980e9e 100644 --- a/specification/synapse/common/v1/types.json +++ b/specification/synapse/common/v1/types.json @@ -84,6 +84,35 @@ } }, "x-ms-azure-resource": true + }, + "CloudError": { + "x-ms-external": true, + "type": "object", + "description": "Error response structure.", + "properties": { + "error": { + "x-ms-client-flatten": true, + "description": "Error data", + "$ref": "#/definitions/CloudErrorBody" + } + } + }, + "CloudErrorBody": { + "x-ms-external": true, + "type": "object", + "description": "Error details.", + "properties": { + "code": { + "readOnly": true, + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "readOnly": true, + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + } } }, "parameters": { @@ -112,4 +141,4 @@ "x-ms-parameter-location": "method" } } -} +} \ No newline at end of file diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json index 66f357fa600a..55c87848d910 100644 --- a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json @@ -3308,6 +3308,12 @@ "schema": { "$ref": "#/definitions/DataMaskingPolicy" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } } } }, @@ -3356,6 +3362,12 @@ "schema": { "$ref": "#/definitions/DataMaskingPolicy" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } } } } @@ -3437,6 +3449,12 @@ "schema": { "$ref": "#/definitions/DataMaskingRule" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } } } } @@ -3487,6 +3505,12 @@ "schema": { "$ref": "#/definitions/DataMaskingRuleListResult" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/v1/types.json#/definitions/CloudError" + } } }, "x-ms-pageable": { @@ -5702,4 +5726,4 @@ "x-ms-parameter-location": "method" } } -} +} \ No newline at end of file From 7b155c97410e6fc71436b2a979b1212eff3a8f31 Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Mon, 12 Oct 2020 20:24:29 -0700 Subject: [PATCH 09/13] moved clouderror to local definition file --- specification/synapse/common/v1/types.json | 29 --------------- .../preview/2019-06-01-preview/sqlPool.json | 37 +++++++++++++++++-- 2 files changed, 33 insertions(+), 33 deletions(-) diff --git a/specification/synapse/common/v1/types.json b/specification/synapse/common/v1/types.json index cd1e83980e9e..c1e40a8ab67c 100644 --- a/specification/synapse/common/v1/types.json +++ b/specification/synapse/common/v1/types.json @@ -84,35 +84,6 @@ } }, "x-ms-azure-resource": true - }, - "CloudError": { - "x-ms-external": true, - "type": "object", - "description": "Error response structure.", - "properties": { - "error": { - "x-ms-client-flatten": true, - "description": "Error data", - "$ref": "#/definitions/CloudErrorBody" - } - } - }, - "CloudErrorBody": { - "x-ms-external": true, - "type": "object", - "description": "Error details.", - "properties": { - "code": { - "readOnly": true, - "type": "string", - "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." - }, - "message": { - "readOnly": true, - "type": "string", - "description": "A message describing the error, intended to be suitable for display in a user interface." - } - } } }, "parameters": { diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json index 55c87848d910..46925cbd1133 100644 --- a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json @@ -3312,7 +3312,7 @@ "default": { "description": "Error response describing why the operation failed.", "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" + "$ref": "#/definitions/CloudError" } } } @@ -3366,7 +3366,7 @@ "default": { "description": "Error response describing why the operation failed.", "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" + "$ref": "#/definitions/CloudError" } } } @@ -3453,7 +3453,7 @@ "default": { "description": "Error response describing why the operation failed.", "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" + "$ref": "#/definitions/CloudError" } } } @@ -3509,7 +3509,7 @@ "default": { "description": "Error response describing why the operation failed.", "schema": { - "$ref": "../../../common/v1/types.json#/definitions/CloudError" + "$ref": "#/definitions/CloudError" } } }, @@ -5707,6 +5707,35 @@ "readOnly": true } } + }, + "CloudError": { + "x-ms-external": true, + "type": "object", + "description": "Error response structure.", + "properties": { + "error": { + "x-ms-client-flatten": true, + "description": "Error data", + "$ref": "#/definitions/CloudErrorBody" + } + } + }, + "CloudErrorBody": { + "x-ms-external": true, + "type": "object", + "description": "Error details.", + "properties": { + "code": { + "readOnly": true, + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "readOnly": true, + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + } } }, "parameters": { From 430f23239ad6f0b2bb6ca19b047ae8edcd63334e Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Tue, 13 Oct 2020 12:13:16 -0700 Subject: [PATCH 10/13] Fixed cloud error related validation errors --- specification/synapse/common/v1/types.json | 2 +- .../preview/2019-06-01-preview/sqlPool.json | 38 +++++++++++++------ 2 files changed, 28 insertions(+), 12 deletions(-) diff --git a/specification/synapse/common/v1/types.json b/specification/synapse/common/v1/types.json index c1e40a8ab67c..6aaf16bf83f5 100644 --- a/specification/synapse/common/v1/types.json +++ b/specification/synapse/common/v1/types.json @@ -112,4 +112,4 @@ "x-ms-parameter-location": "method" } } -} \ No newline at end of file +} diff --git a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json index 46925cbd1133..4529f02a7bcc 100644 --- a/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json +++ b/specification/synapse/resource-manager/Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json @@ -5710,32 +5710,48 @@ }, "CloudError": { "x-ms-external": true, + "description": "The object that defines the structure of an Azure Synapse error response.", "type": "object", - "description": "Error response structure.", "properties": { "error": { "x-ms-client-flatten": true, "description": "Error data", "$ref": "#/definitions/CloudErrorBody" } - } + }, + "required": [ + "error" + ] }, "CloudErrorBody": { "x-ms-external": true, + "description": "The object that defines the structure of an Azure Synapse error.", "type": "object", - "description": "Error details.", "properties": { "code": { - "readOnly": true, - "type": "string", - "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + "description": "Error code.", + "type": "string" }, "message": { - "readOnly": true, - "type": "string", - "description": "A message describing the error, intended to be suitable for display in a user interface." + "description": "Error message.", + "type": "string" + }, + "target": { + "description": "Property name/path in request associated with error.", + "type": "string" + }, + "details": { + "description": "Array with additional error details.", + "type": "array", + "items": { + "$ref": "#/definitions/CloudError" + } } - } + }, + "required": [ + "code", + "message" + ] } }, "parameters": { @@ -5755,4 +5771,4 @@ "x-ms-parameter-location": "method" } } -} \ No newline at end of file +} From 4b52de85973f958edd57893a6c227dc91ebb64bf Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Wed, 14 Oct 2020 10:07:01 -0700 Subject: [PATCH 11/13] Followed the suppression approval process, and added a suppressions --- specification/synapse/resource-manager/readme.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/specification/synapse/resource-manager/readme.md b/specification/synapse/resource-manager/readme.md index 68da597e5e27..44c76c4e2838 100644 --- a/specification/synapse/resource-manager/readme.md +++ b/specification/synapse/resource-manager/readme.md @@ -73,6 +73,12 @@ directive: reason: Does not apply to sqlPool and bigDataPool as they are nested tracked resources - suppress: TrackedResourceListBySubscription reason: Does not apply to sqlPool and bigDataPool as they are nested tracked resources + - suppress: NestedResourcesMustHaveListOperation + reason: SQL doesn't support 'list' operation everywhere, so we cannot support List for certain Sql pool operations + from: Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json + where: + - $.definitions.SqlPoolVulnerabilityAssessmentRuleBaseline + - $.definitions.DataMaskingPolicy ``` --- From 382de2a0155aa22f4ba537be62c67ca6e1e16f18 Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Wed, 14 Oct 2020 15:39:17 -0700 Subject: [PATCH 12/13] Incorporated PR feedback on fixing thr ARM suppression syntax --- specification/synapse/resource-manager/readme.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/specification/synapse/resource-manager/readme.md b/specification/synapse/resource-manager/readme.md index 44c76c4e2838..a204731fc824 100644 --- a/specification/synapse/resource-manager/readme.md +++ b/specification/synapse/resource-manager/readme.md @@ -73,12 +73,13 @@ directive: reason: Does not apply to sqlPool and bigDataPool as they are nested tracked resources - suppress: TrackedResourceListBySubscription reason: Does not apply to sqlPool and bigDataPool as they are nested tracked resources - - suppress: NestedResourcesMustHaveListOperation - reason: SQL doesn't support 'list' operation everywhere, so we cannot support List for certain Sql pool operations - from: Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json + - from: Microsoft.Synapse/preview/2019-06-01-preview/sqlPool.json where: - $.definitions.SqlPoolVulnerabilityAssessmentRuleBaseline - $.definitions.DataMaskingPolicy + suppress: + - NestedResourcesMustHaveListOperation + reason: SQL doesn't support 'list' operation everywhere, so we cannot support List for certain Sql pool operations ``` --- From 882339737009e1963fc4a369598172440e40113f Mon Sep 17 00:00:00 2001 From: Shreya Roy Chowdhury Date: Thu, 15 Oct 2020 08:17:35 -0700 Subject: [PATCH 13/13] Used the suppression code instead of suppression message as communicated by a member of the ARM team --- specification/synapse/resource-manager/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/synapse/resource-manager/readme.md b/specification/synapse/resource-manager/readme.md index a204731fc824..5ae9da8e960e 100644 --- a/specification/synapse/resource-manager/readme.md +++ b/specification/synapse/resource-manager/readme.md @@ -78,7 +78,7 @@ directive: - $.definitions.SqlPoolVulnerabilityAssessmentRuleBaseline - $.definitions.DataMaskingPolicy suppress: - - NestedResourcesMustHaveListOperation + - R4015 reason: SQL doesn't support 'list' operation everywhere, so we cannot support List for certain Sql pool operations ```