diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicyQuerySignatureOverrides.json b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicyQuerySignatureOverrides.json new file mode 100644 index 000000000000..deac9766fd6a --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicyQuerySignatureOverrides.json @@ -0,0 +1,68 @@ +{ + "parameters": { + "api-version": "2021-05-01", + "subscriptionId": "e747cc13-97d4-4a79-b463-42d7f4e558f2", + "resourceGroupName": "rg1", + "firewallPolicyName": "firewallPolicy", + "parameters": { + "filters": [ + { + "field": "Mode", + "values": [ + "Deny" + ] + } + ], + "search": "", + "orderBy": { + "field": "severity", + "order": "Ascending" + }, + "resultsPerPage": 20, + "skip": 0 + } + }, + "responses": { + "200": { + "body": { + "signatures": [ + { + "signatureId": 2000015, + "mode": 2, + "severity": 1, + "direction": 2, + "group": "A Network Trojan was detected", + "description": "P2P Phatbot Control Connection", + "sourcePorts": [ + "any" + ], + "destinationPorts": [ + "any" + ], + "lastUpdated": "2010-07-30T00:00:00", + "inheritedFromParentPolicy": false, + "protocol": "tcp" + }, + { + "signatureId": 2000106, + "mode": 2, + "severity": 1, + "direction": 1, + "group": "Attempted User Privilege Gain", + "description": "WEB_SERVER SQL sp_delete_alert attempt", + "sourcePorts": [ + "any" + ], + "destinationPorts": [ + "any" + ], + "lastUpdated": "2019-09-27T00:00:00", + "inheritedFromParentPolicy": false, + "protocol": "http" + } + ], + "matchingRecordsCount": 2 + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicyQuerySignatureOverridesFilterValues.json b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicyQuerySignatureOverridesFilterValues.json new file mode 100644 index 000000000000..a9ca25f1e30c --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicyQuerySignatureOverridesFilterValues.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "api-version": "2021-05-01", + "subscriptionId": "e747cc13-97d4-4a79-b463-42d7f4e558f2", + "resourceGroupName": "rg1", + "firewallPolicyName": "firewallPolicy", + "parameters": { + "filterName": "severity" + } + }, + "responses": { + "200": { + "body": { + "filterValues": [ + "low", + "medium", + "high" + ] + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesGet.json b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesGet.json new file mode 100644 index 000000000000..fc818b22637f --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesGet.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "api-version": "2021-05-01", + "subscriptionId": "e747cc13-97d4-4a79-b463-42d7f4e558f2", + "resourceGroupName": "rg1", + "firewallPolicyName": "firewallPolicy", + "parameters": {} + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/signatureOverrides/default", + "name": "default", + "type": "Microsoft.Network/firewallPolicies/signatureOverrides", + "properties": { + "signatures": { + "2000105": "Off", + "2000106": "Deny" + } + } + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesList.json b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesList.json new file mode 100644 index 000000000000..2f542f59f74c --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesList.json @@ -0,0 +1,28 @@ +{ + "parameters": { + "api-version": "2021-05-01", + "subscriptionId": "e747cc13-97d4-4a79-b463-42d7f4e558f2", + "resourceGroupName": "rg1", + "firewallPolicyName": "firewallPolicy", + "parameters": {} + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/signatureOverrides/default", + "name": "default", + "type": "Microsoft.Network/firewallPolicies/signatureOverrides", + "properties": { + "signatures": { + "2000105": "Off", + "2000106": "Deny" + } + } + } + ] + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesPatch.json b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesPatch.json new file mode 100644 index 000000000000..bb52718e2845 --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesPatch.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "api-version": "2021-05-01", + "subscriptionId": "e747cc13-97d4-4a79-b463-42d7f4e558f2", + "resourceGroupName": "rg1", + "firewallPolicyName": "firewallPolicy", + "parameters": { + "id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/signatureOverrides/default", + "name": "default", + "type": "Microsoft.Network/firewallPolicies/signatureOverrides", + "properties": { + "signatures": { + "2000105": "Off", + "2000106": "Deny" + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/signatureOverrides/default", + "name": "default", + "type": "Microsoft.Network/firewallPolicies/signatureOverrides", + "properties": { + "signatures": { + "2000105": "Off", + "2000106": "Deny" + } + } + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesPut.json b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesPut.json new file mode 100644 index 000000000000..bb52718e2845 --- /dev/null +++ b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/examples/FirewallPolicySignatureOverridesPut.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "api-version": "2021-05-01", + "subscriptionId": "e747cc13-97d4-4a79-b463-42d7f4e558f2", + "resourceGroupName": "rg1", + "firewallPolicyName": "firewallPolicy", + "parameters": { + "id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/signatureOverrides/default", + "name": "default", + "type": "Microsoft.Network/firewallPolicies/signatureOverrides", + "properties": { + "signatures": { + "2000105": "Off", + "2000106": "Deny" + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/e747cc13-97d4-4a79-b463-42d7f4e558f2/resourceGroups/rg1/providers/Microsoft.Network/firewallPolicies/firewallPolicy/signatureOverrides/default", + "name": "default", + "type": "Microsoft.Network/firewallPolicies/signatureOverrides", + "properties": { + "signatures": { + "2000105": "Off", + "2000106": "Deny" + } + } + } + } + } +} diff --git a/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/firewallPolicy.json b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/firewallPolicy.json index 1de4d3fccc5a..e988debe0e94 100644 --- a/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/firewallPolicy.json +++ b/specification/network/resource-manager/Microsoft.Network/stable/2021-05-01/firewallPolicy.json @@ -567,6 +567,300 @@ "nextLinkName": "nextLink" } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}/listIdpsSignatures": { + "post": { + "operationId": "FirewallPolicyIdpsSignatures_List", + "description": "Retrieves the current status of IDPS signatures for the relevant policy", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group." + }, + { + "name": "firewallPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Firewall Policy." + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/IDPSQueryObject" + } + } + ], + "responses": { + "200": { + "description": "Success. The operation returns an IDPS Query Response", + "schema": { + "$ref": "#/definitions/QueryResults" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./network.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "query signature overrides": { + "$ref": "./examples/FirewallPolicyQuerySignatureOverrides.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}/signatureOverrides/default": { + "patch": { + "operationId": "FirewallPolicyIdpsSignaturesOverrides_Patch", + "description": "Will update the status of policy's signature overrides for IDPS", + "parameters": [ + { + "name": "parameters", + "in": "body", + "required": true, + "description": "Will contain all properties of the object to put", + "schema": { + "$ref": "#/definitions/SignaturesOverrides" + } + }, + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group." + }, + { + "name": "firewallPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Firewall Policy." + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Will return the policy current signature overrides object", + "schema": { + "$ref": "#/definitions/SignaturesOverrides" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./network.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "patch signature overrides": { + "$ref": "./examples/FirewallPolicySignatureOverridesPatch.json" + } + } + }, + "put": { + "description": "Will override/create a new signature overrides for the policy's IDPS", + "operationId": "FirewallPolicyIdpsSignaturesOverrides_Put", + "parameters": [ + { + "name": "parameters", + "in": "body", + "required": true, + "description": "Will contain all properties of the object to put", + "schema": { + "$ref": "#/definitions/SignaturesOverrides" + } + }, + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group." + }, + { + "name": "firewallPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Firewall Policy." + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Describes the new state of the signature overrides after the PUT operation", + "schema": { + "$ref": "#/definitions/SignaturesOverrides" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./network.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "put signature overrides": { + "$ref": "./examples/FirewallPolicySignatureOverridesPut.json" + } + } + }, + "get": { + "description": "Returns all signatures overrides for a specific policy.", + "operationId": "FirewallPolicyIdpsSignaturesOverrides_Get", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group." + }, + { + "name": "firewallPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Firewall Policy." + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Will return the policy current signature overrides object", + "schema": { + "$ref": "#/definitions/SignaturesOverrides" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./network.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "get signature overrides": { + "$ref": "./examples/FirewallPolicySignatureOverridesGet.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}/listIdpsFilterOptions": { + "post": { + "operationId": "FirewallPolicyIdpsSignaturesFilterValues_List", + "description": "Retrieves the current filter values for the signatures overrides", + "parameters": [ + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/SignatureOverridesFilterValuesQuery" + } + }, + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group." + }, + { + "name": "firewallPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Firewall Policy." + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Success. The operation returns a list of all valid filter values for the requested column", + "schema": { + "$ref": "#/definitions/SignatureOverridesFilterValuesResponse" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./network.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "query signature overrides": { + "$ref": "./examples/FirewallPolicyQuerySignatureOverridesFilterValues.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/firewallPolicies/{firewallPolicyName}/signatureOverrides": { + "get": { + "description": "Returns all signatures overrides objects for a specific policy as a list containing a single value.", + "operationId": "FirewallPolicyIdpsSignaturesOverrides_List", + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group." + }, + { + "name": "firewallPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the Firewall Policy." + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "Will return the policy current signature overrides object inside a list", + "schema": { + "$ref": "#/definitions/SignaturesOverridesList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "./network.json#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "get signature overrides": { + "$ref": "./examples/FirewallPolicySignatureOverridesList.json" + } + } + } } }, "definitions": { @@ -1464,6 +1758,250 @@ "description": "The workspace Id for Firewall Policy Insights." } } + }, + "IDPSQueryObject": { + "description": "Will describe the query to run against the IDPS signatures DB", + "type": "object", + "properties": { + "filters": { + "type": "object", + "description": "Contain all filters names and values", + "$ref": "#/definitions/Filters" + }, + "search": { + "type": "string", + "description": "Search term in all columns" + }, + "orderBy": { + "type": "object", + "$ref": "#/definitions/OrderBy", + "description": "Column to sort response by" + }, + "resultsPerPage": { + "type": "integer", + "format": "int32", + "minimum": 1, + "maximum": 1000, + "description": "The number of the results to return in each page" + }, + "skip": { + "type": "integer", + "format": "int32", + "description": "The number of records matching the filter to skip" + } + } + }, + "Filters": { + "description": "Describers the filters to filter response by", + "type": "array", + "items": { + "$ref": "#/definitions/FilterItems" + } + }, + "FilterItems": { + "description": "Will contain the filter name and values to operate on", + "type": "object", + "properties": { + "field": { + "type": "string", + "description": "The name of the field we would like to filter" + }, + "values": { + "type": "array", + "description": "List of values to filter the current field by", + "items": { + "type": "string", + "description": "Value of the field to filter by" + } + } + } + }, + "OrderBy": { + "description": "Describes a column to sort", + "type": "object", + "properties": { + "field": { + "type": "string", + "description": "Describes the actual column name to sort by" + }, + "order": { + "type": "string", + "description": "Describes if results should be in ascending/descending order", + "enum": [ + "Ascending", + "Descending" + ] + } + } + }, + "QueryResults": { + "description": "Query result", + "type": "object", + "properties": { + "matchingRecordsCount": { + "type": "integer", + "format": "int64", + "description": "Number of total records matching the query." + }, + "signatures": { + "type": "array", + "items": { + "$ref": "#/definitions/SingleQueryResult" + }, + "description": "Array containing the results of the query" + } + } + }, + "SingleQueryResult": { + "type": "object", + "properties": { + "signatureId": { + "type": "integer", + "format": "int32", + "description": "The ID of the signature" + }, + "mode": { + "type": "integer", + "format": "int32", + "description": "The current mode enforced, 0 - Disabled, 1 - Alert, 2 -Deny", + "enum": [ + 0, + 1, + 2 + ] + }, + "severity": { + "type": "integer", + "format": "int32", + "description": "Describes the severity of signature: 1 - Low, 2 - Medium, 3 - High", + "enum": [ + 1, + 2, + 3 + ] + }, + "direction": { + "type": "integer", + "format": "int32", + "description": "Describes in which direction signature is being enforced: 0 - Inbound, 1 - OutBound, 2 - Bidirectional", + "enum": [ + 0, + 1, + 2 + ] + }, + "group": { + "type": "string", + "description": "Describes the groups the signature belongs to" + }, + "description": { + "type": "string", + "description": "Describes what is the signature enforces" + }, + "protocol": { + "type": "string", + "description": "Describes the protocol the signatures is being enforced in" + }, + "sourcePorts": { + "type": "array", + "items": { + "$ref": "#/definitions/PortsList" + }, + "description": "Describes the list of source ports related to this signature" + }, + "destinationPorts": { + "type": "array", + "items": { + "$ref": "#/definitions/PortsList" + }, + "description": "Describes the list of destination ports related to this signature" + }, + "lastUpdated": { + "type": "string", + "description": "Describes the last updated time of the signature (provided from 3rd party vendor)" + }, + "inheritedFromParentPolicy": { + "type": "boolean", + "description": "Describes if this override is inherited from base policy or not" + } + } + }, + "PortsList": { + "type": "string", + "description": "Describes a port, port range, or negation of a port" + }, + "Signatures": { + "type": "object", + "additionalProperties": { + "type": "string" + } + }, + "SignaturesOverridesList": { + "type": "object", + "description": "Describes an object containing an array with a single item", + "properties": { + "value": { + "type": "array", + "description": "Describes a list consisting exactly one item describing the policy's signature override status", + "items": { + "description": "Describes the single signatures overrides object related to that policy.", + "$ref": "#/definitions/SignaturesOverrides" + } + } + } + }, + "SignaturesOverrides": { + "x-ms-azure-resource": true, + "type": "object", + "description": "Contains all specific policy signatures overrides for the IDPS", + "properties": { + "name": { + "type": "string", + "description": "Contains the name of the resource (default)" + }, + "id": { + "description": "Will contain the resource id of the signature override resource", + "type": "string" + }, + "type": { + "type": "string", + "description": "Will contain the type of the resource: Microsoft.Network/firewallPolicies/intrusionDetectionSignaturesOverrides" + }, + "properties": { + "type": "object", + "description": "Will contain the properties of the resource (the actual signature overrides)", + "properties": { + "signatures": { + "type": "object", + "$ref": "#/definitions/Signatures" + } + } + } + } + }, + "SignatureOverridesFilterValuesQuery": { + "description": "Describes the filter values possibles for a given column", + "type": "object", + "properties": { + "filterName": { + "type": "string", + "description": "Describes the name of the column which values will be returned" + } + } + }, + "SignatureOverridesFilterValuesResponse": { + "description": "Describes the list of all possible values for a specific filter value", + "type": "object", + "properties": { + "filterValues": { + "description": "Describes the possible values", + "type": "array", + "items": { + "description": "Describes a single value of the filter", + "type": "string" + } + } + } } } }