diff --git a/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/policy.json b/specification/resources/resource-manager/Microsoft.Authorization/2016-12-01/policyAssignments.json similarity index 57% rename from specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/policy.json rename to specification/resources/resource-manager/Microsoft.Authorization/2016-12-01/policyAssignments.json index fff17e13cd6a..181ee40089b4 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/policy.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/2016-12-01/policyAssignments.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "PolicyClient", - "version": "2017-06-01-preview", + "version": "2016-12-01", "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." }, "host": "management.azure.com", @@ -71,13 +71,7 @@ } }, "204": { - "description": "No Content - the policy assignment doesn't exist." - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } + "description": "No Content" } } }, @@ -123,12 +117,6 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } } } }, @@ -164,12 +152,6 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } } } } @@ -213,12 +195,6 @@ "schema": { "$ref": "#/definitions/PolicyAssignmentListResult" } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } } }, "x-ms-pageable": { @@ -295,12 +271,6 @@ "schema": { "$ref": "#/definitions/PolicyAssignmentListResult" } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } } }, "x-ms-pageable": { @@ -337,12 +307,6 @@ "schema": { "$ref": "#/definitions/PolicyAssignmentListResult" } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } } }, "x-ms-pageable": { @@ -378,12 +342,6 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } } } }, @@ -422,12 +380,6 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } } } }, @@ -457,291 +409,12 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } - } - } - } - }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policysetdefinitions/{policySetDefinitionName}": { - "put": { - "tags": [ - "PolicySetDefinitions" - ], - "operationId": "PolicySetDefinitions_CreateOrUpdate", - "description": "Creates or updates a policy set definition.", - "x-ms-examples": { - "Put a policy set definition": { - "$ref": "./examples/createOrUpdatePolicySetDefinition.json" - } - }, - "parameters": [ - { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the policy set definition to create." - }, - { - "name": "parameters", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/PolicySetDefinition" - }, - "description": "The policy set definition properties." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "201": { - "description": "Created - Returns information about the policy set definition.", - "schema": { - "$ref": "#/definitions/PolicySetDefinition" - } - }, - "200": { - "description": "OK - Returns information about the policy set definition.", - "schema": { - "$ref": "#/definitions/PolicySetDefinition" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } - } - } - }, - "delete": { - "tags": [ - "PolicySetDefinitions" - ], - "operationId": "PolicySetDefinitions_Delete", - "description": "Deletes a policy set definition.", - "parameters": [ - { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the policy set definition to delete." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "204": { - "description": "No Content - the policy set definition doesn't exist in the subscription." - }, - "200": { - "description": "OK" - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } - } - } - }, - "get": { - "tags": [ - "PolicySetDefinitions" - ], - "operationId": "PolicySetDefinitions_Get", - "description": "Gets the policy set definition.", - "x-ms-examples": { - "Get a policy set definition": { - "$ref": "./examples/getPolicySetDefinition.json" - } - }, - "parameters": [ - { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the policy set definition to get." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the policy set definition.", - "schema": { - "$ref": "#/definitions/PolicySetDefinition" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } } } } - }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policysetdefinitions": { - "get": { - "tags": [ - "PolicySetDefinitions" - ], - "operationId": "PolicySetDefinitions_List", - "description": "Gets all the policy set definitions for a subscription.", - "x-ms-examples": { - "List policy set definitions": { - "$ref": "./examples/listPolicySetDefinitions.json" - } - }, - "parameters": [ - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of policy set definitions.", - "schema": { - "$ref": "#/definitions/PolicySetDefinitionListResult" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/PolicySetDefinition" - } } }, "definitions": { - "PolicySetDefinitionProperties": { - "properties": { - "policyType": { - "type": "string", - "description": "The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.", - "enum": [ - "NotSpecified", - "BuiltIn", - "Custom" - ], - "x-ms-enum": { - "name": "policyType", - "modelAsString": true - } - }, - "displayName": { - "type": "string", - "description": "The display name of the policy set definition." - }, - "description": { - "type": "string", - "description": "The policy set definition description." - }, - "metadata": { - "type": "object", - "description": "The policy set definition metadata." - }, - "parameters": { - "type": "object", - "description": "The policy set definition parameters that can be used in policy definition references." - }, - "policyDefinitions": { - "type": "array", - "items": { - "$ref": "#/definitions/PolicyDefinitionReference" - }, - "description": "An array of policy definition references." - } - }, - "required": [ - "policyDefinitions" - ], - "description": "The policy set definition properties." - }, - "PolicyDefinitionReference": { - "properties": { - "policyDefinitionId": { - "type": "string", - "description": "The ID of the policy definition or policy set definition." - }, - "parameters": { - "type": "object", - "description": "Required if a parameter is used in policy rule." - } - }, - "description": "The policy definition reference." - }, - "PolicySetDefinition": { - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/PolicySetDefinitionProperties", - "description": "The policy definition properties." - }, - "id": { - "readOnly": true, - "type": "string", - "description": "The ID of the policy set definition." - }, - "name": { - "type": "string", - "description": "The name of the policy set definition. If you do not specify a value for name, the value is inferred from the name value in the request URI." - }, - "type": { - "readOnly": true, - "type": "string", - "description": "The type of the resource (Microsoft.Authorization/policySetDefinitions)." - } - }, - "description": "The policy set definition.", - "x-ms-azure-resource": true - }, - "PolicySetDefinitionListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/PolicySetDefinition" - }, - "description": "An array of policy set definitions." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "List of policy set definitions." - }, "PolicyAssignmentProperties": { "properties": { "displayName": { @@ -756,13 +429,6 @@ "type": "string", "description": "The scope for the policy assignment." }, - "notScopes": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The policy's excluded scopes." - }, "parameters": { "type": "object", "description": "Required if a parameter is used in policy rule." @@ -770,30 +436,10 @@ "description": { "type": "string", "description": "This message will be part of response in case of policy violation." - }, - "metadata": { - "type": "object", - "description": "The policy assignment metadata." } }, "description": "The policy assignment properties." }, - "PolicySku": { - "properties": { - "name": { - "type": "string", - "description": "The name of the policy sku. Possible values are A0 and A1." - }, - "tier": { - "type": "string", - "description": "The policy sku tier. Possible values are Free and Standard." - } - }, - "required": [ - "name" - ], - "description": "The policy sku." - }, "PolicyAssignment": { "properties": { "properties": { @@ -802,6 +448,7 @@ "description": "Properties for the policy assignment." }, "id": { + "readOnly": true, "type": "string", "description": "The ID of the policy assignment." }, @@ -812,10 +459,6 @@ "name": { "type": "string", "description": "The name of the policy assignment." - }, - "sku": { - "$ref": "#/definitions/PolicySku", - "description": "The policy sku." } }, "description": "The policy assignment.", @@ -836,24 +479,6 @@ } }, "description": "List of policy assignments." - }, - "ErrorResponse": { - "description": "Error reponse indicates ARM is not able to process the incoming request. The reason is provided in the error message.", - "type": "object", - "properties": { - "httpStatus": { - "description": "Http status code.", - "type": "string" - }, - "errorCode": { - "description": "Error code.", - "type": "string" - }, - "errorMessage": { - "description": "Error message indicating why the operation failed.", - "type": "string" - } - } } }, "parameters": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/2016-12-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/2016-12-01/policyDefinitions.json new file mode 100644 index 000000000000..be3a6a6593c0 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/2016-12-01/policyDefinitions.json @@ -0,0 +1,283 @@ +{ + "swagger": "2.0", + "info": { + "title": "PolicyClient", + "version": "2016-12-01", + "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json", + "text/json" + ], + "produces": [ + "application/json", + "text/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policydefinitions/{policyDefinitionName}": { + "put": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_CreateOrUpdate", + "description": "Creates or updates a policy definition.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicyDefinition" + }, + "description": "The policy definition properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinition" + } + } + } + }, + "delete": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_Delete", + "description": "Deletes a policy definition.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "200": { + "description": "OK" + } + } + }, + "get": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_Get", + "description": "Gets the policy definition.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinition" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policydefinitions": { + "get": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_List", + "description": "Gets all the policy definitions for a subscription.", + "parameters": [ + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns ana array of policy definitions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/PolicyDefinition" + } + } + }, + "definitions": { + "PolicyDefinitionProperties": { + "properties": { + "policyType": { + "type": "string", + "description": "The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.", + "enum": [ + "NotSpecified", + "BuiltIn", + "Custom" + ], + "x-ms-enum": { + "name": "policyType", + "modelAsString": true + } + }, + "mode": { + "type": "string", + "description": "The policy definition mode. Possible values are NotSpecified, Indexed, and All.", + "enum": [ + "NotSpecified", + "Indexed", + "All" + ], + "x-ms-enum": { + "name": "policyMode", + "modelAsString": true + } + }, + "displayName": { + "type": "string", + "description": "The display name of the policy definition." + }, + "description": { + "type": "string", + "description": "The policy definition description." + }, + "policyRule": { + "type": "object", + "description": "The policy rule." + }, + "metadata": { + "type": "object", + "description": "The policy definition metadata." + }, + "parameters": { + "type": "object", + "description": "Required if a parameter is used in policy rule." + } + }, + "description": "The policy definition properties." + }, + "PolicyDefinition": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PolicyDefinitionProperties", + "description": "The policy definition properties." + }, + "id": { + "readOnly": true, + "type": "string", + "description": "The ID of the policy definition." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the policy definition." + } + }, + "description": "The policy definition.", + "x-ms-azure-resource": true + }, + "PolicyDefinitionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicyDefinition" + }, + "description": "An array of policy definitions." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "List of policy definitions." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for the operation." + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/createPolicyAssignment.json b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/createPolicyAssignment.json new file mode 100644 index 000000000000..dd58800f7d06 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/createPolicyAssignment.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "api-version": "2017-06-01-preview", + "policyAssignmentName": "costManagement", + "scope": "/subscriptions/subId", + "parameters": { + "properties": { + "displayName": "Storage Cost Management", + "description": "Policies required to minimize the risk of accidental cost overruns", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionId": "/subscriptions/subId/providers/Microsoft.Authorization/policyDefinitions/storageSkus", + "parameters": { "allowedSkus": { "type": "Array" } }, + "notScopes": [ "/subscriptions/subId/resourcegroups/testingResourceGroup" ] + }, + "sku": { + "name": "A0", + "tier": "Free" + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/subscriptions/subId/providers/Microsoft.Authorization/policyAssignments/costManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "costManagement", + "properties": { + "displayName": "Storage Cost Management", + "description": "Policies required to minimize the risk of accidental cost overruns", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionId": "/subscriptions/subId/providers/Microsoft.Authorization/policyDefinitions/storageSkus", + "parameters": { "allowedSkus": { "type": "Array" } }, + "notScopes": [ "/subscriptions/subId/resourcegroups/testingResourceGroup" ], + "scope": "/subscriptions/subId" + }, + "sku": { + "name": "A0", + "tier": "Free" + } + } + } + } +} \ No newline at end of file diff --git a/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/getPolicyAssignment.json b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/getPolicyAssignment.json new file mode 100644 index 000000000000..181a58356659 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/getPolicyAssignment.json @@ -0,0 +1,32 @@ +{ + "parameters": { + "api-version": "2017-06-01-preview", + "policyAssignmentName": "costManagement", + "scope": "/subscriptions/subId" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/subId/providers/Microsoft.Authorization/policyAssignments/costManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "costManagement", + "properties": { + "displayName": "Storage Cost Management", + "description": "Policies required to minimize the risk of accidental cost overruns", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionId": "/subscriptions/subId/providers/Microsoft.Authorization/policyDefinitions/storageSkus", + "parameters": { "allowedSkus": { "type": "Array" } }, + "notScopes": [ "/subscriptions/subId/resourcegroups/testingResourceGroup" ], + "scope": "/subscriptions/subId" + }, + "sku": { + "name": "A0", + "tier": "Free" + } + } + } + } +} \ No newline at end of file diff --git a/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/listPolicyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/listPolicyAssignments.json new file mode 100644 index 000000000000..1efa7d579fff --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/listPolicyAssignments.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "subscriptionId": "subId", + "api-version": "2017-06-01-preview", + "$filter": "atScope()" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/subscriptions/subId/providers/Microsoft.Authorization/policyAssignments/costManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "costManagement", + "properties": { + "displayName": "Storage Cost Management", + "description": "Policies required to minimize the risk of accidental cost overruns", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionId": "/subscriptions/subId/providers/Microsoft.Authorization/policyDefinitions/storageSkus", + "parameters": { "allowedSkus": { "type": "Array" } }, + "notScopes": [ "/subscriptions/subId/resourcegroups/testingResourceGroup" ], + "scope": "/subscriptions/subId" + }, + "sku": { + "name": "A0", + "tier": "Free" + } + }, + { + "id": "/subscriptions/subId/providers/Microsoft.Authorization/policyAssignments/tagEnforcement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "tagEnforcement", + "properties": { + "displayName": "Enforces a tag key and value", + "description": "Policy that ensures a given tag key and value are present on all resources", + "policyDefinitionId": "/subscriptions/subId/providers/Microsoft.Authorization/policyDefinitions/tagKeyValue", + "scope": "/subscriptions/subId" + }, + "sku": { + "name": "A0", + "tier": "Free" + } + } + ] + } + } + } +} \ No newline at end of file diff --git a/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/listPolicySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/listPolicySetDefinitions.json index 3ba2d5f2c502..0759c52a1ee2 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/listPolicySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/examples/listPolicySetDefinitions.json @@ -31,7 +31,7 @@ { "policyDefinitionId": "/subscriptions/subid/providers/Microsoft.Authorization/policyDefinitions/storageSkus", "parameters": { - "allowedLocations": { + "locations": { "value": "[parameters('allowedLocations')]" } } diff --git a/specification/resources/resource-manager/Microsoft.Authorization/2016-12-01/policy.json b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/policyAssignments.json similarity index 71% rename from specification/resources/resource-manager/Microsoft.Authorization/2016-12-01/policy.json rename to specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/policyAssignments.json index 13d8420d0f0e..ef5fd87cfde7 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/2016-12-01/policy.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/policyAssignments.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "PolicyClient", - "version": "2016-12-01", + "version": "2017-06-01-preview", "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." }, "host": "management.azure.com", @@ -71,7 +71,13 @@ } }, "204": { - "description": "No Content" + "description": "No Content - the policy assignment doesn't exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } } } }, @@ -82,6 +88,11 @@ "operationId": "PolicyAssignments_Create", "summary": "Creates a policy assignment.", "description": "Policy assignments are inherited by child resources. For example, when you apply a policy to a resource group that policy is assigned to all resources in the group.", + "x-ms-examples": { + "Put a policy assignment": { + "$ref": "./examples/createPolicyAssignment.json" + } + }, "parameters": [ { "name": "scope", @@ -117,6 +128,12 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } } } }, @@ -126,6 +143,11 @@ ], "operationId": "PolicyAssignments_Get", "description": "Gets a policy assignment.", + "x-ms-examples": { + "Get a policy assignment": { + "$ref": "./examples/getPolicyAssignment.json" + } + }, "parameters": [ { "name": "scope", @@ -152,6 +174,12 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } } } } @@ -195,14 +223,20 @@ "schema": { "$ref": "#/definitions/PolicyAssignmentListResult" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } } }, "x-ms-pageable": { "nextLinkName": "nextLink" } } - }, - "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/policyAssignments": { + }, + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/policyAssignments": { "get": { "tags": [ "PolicyAssignments" @@ -271,6 +305,12 @@ "schema": { "$ref": "#/definitions/PolicyAssignmentListResult" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } } }, "x-ms-pageable": { @@ -286,6 +326,11 @@ ], "operationId": "PolicyAssignments_List", "description": "Gets all the policy assignments for a subscription.", + "x-ms-examples": { + "List policy assignments": { + "$ref": "./examples/listPolicyAssignments.json" + } + }, "parameters": [ { "name": "$filter", @@ -307,6 +352,12 @@ "schema": { "$ref": "#/definitions/PolicyAssignmentListResult" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } } }, "x-ms-pageable": { @@ -342,6 +393,12 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } } } }, @@ -380,6 +437,12 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } } } }, @@ -409,236 +472,18 @@ "schema": { "$ref": "#/definitions/PolicyAssignment" } - } - } - } - }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policydefinitions/{policyDefinitionName}": { - "put": { - "tags": [ - "PolicyDefinitions" - ], - "operationId": "PolicyDefinitions_CreateOrUpdate", - "description": "Creates or updates a policy definition.", - "parameters": [ - { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the policy definition to create." - }, - { - "name": "parameters", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/PolicyDefinition" - }, - "description": "The policy definition properties." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "201": { - "description": "Created - Returns information about the policy definition.", - "schema": { - "$ref": "#/definitions/PolicyDefinition" - } - } - } - }, - "delete": { - "tags": [ - "PolicyDefinitions" - ], - "operationId": "PolicyDefinitions_Delete", - "description": "Deletes a policy definition.", - "parameters": [ - { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the policy definition to delete." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "204": { - "description": "No Content" - }, - "200": { - "description": "OK" - } - } - }, - "get": { - "tags": [ - "PolicyDefinitions" - ], - "operationId": "PolicyDefinitions_Get", - "description": "Gets the policy definition.", - "parameters": [ - { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the policy definition to get." - }, - { - "$ref": "#/parameters/ApiVersionParameter" }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the policy definition.", + "default": { + "description": "Error response describing why the operation failed.", "schema": { - "$ref": "#/definitions/PolicyDefinition" + "$ref": "#/definitions/ErrorResponse" } } } } - }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policydefinitions": { - "get": { - "tags": [ - "PolicyDefinitions" - ], - "operationId": "PolicyDefinitions_List", - "description": "Gets all the policy definitions for a subscription.", - "parameters": [ - { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns ana array of policy definitions.", - "schema": { - "$ref": "#/definitions/PolicyDefinitionListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/PolicyDefinition" - } } }, "definitions": { - "PolicyDefinitionProperties": { - "properties": { - "policyType": { - "type": "string", - "description": "The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.", - "enum": [ - "NotSpecified", - "BuiltIn", - "Custom" - ], - "x-ms-enum": { - "name": "policyType", - "modelAsString": true - } - }, - "mode": { - "type": "string", - "description": "The policy definition mode. Possible values are NotSpecified, Indexed, and All.", - "enum": [ - "NotSpecified", - "Indexed", - "All" - ], - "x-ms-enum": { - "name": "policyMode", - "modelAsString": true - } - }, - "displayName": { - "type": "string", - "description": "The display name of the policy definition." - }, - "description": { - "type": "string", - "description": "The policy definition description." - }, - "policyRule": { - "type": "object", - "description": "The policy rule." - }, - "metadata": { - "type": "object", - "description": "The policy definition metadata." - }, - "parameters": { - "type": "object", - "description": "Required if a parameter is used in policy rule." - } - }, - "description": "The policy definition properties." - }, - "PolicyDefinition": { - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/PolicyDefinitionProperties", - "description": "The policy definition properties." - }, - "id": { - "readOnly": true, - "type": "string", - "description": "The ID of the policy definition." - }, - "name": { - "type": "string", - "description": "The name of the policy definition. If you do not specify a value for name, the value is inferred from the name value in the request URI." - } - }, - "description": "The policy definition.", - "x-ms-azure-resource": true - }, - "PolicyDefinitionListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/PolicyDefinition" - }, - "description": "An array of policy definitions." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "List of policy definitions." - }, "PolicyAssignmentProperties": { "properties": { "displayName": { @@ -664,13 +509,13 @@ "type": "object", "description": "Required if a parameter is used in policy rule." }, - "metadata": { - "type": "object", - "description": "The policy assignment metadata." - }, "description": { "type": "string", "description": "This message will be part of response in case of policy violation." + }, + "metadata": { + "type": "object", + "description": "The policy assignment metadata." } }, "description": "The policy assignment properties." @@ -699,17 +544,19 @@ "description": "Properties for the policy assignment." }, "id": { - "readOnly": true, "type": "string", - "description": "The ID of the policy assignment." + "description": "The ID of the policy assignment.", + "readOnly": true }, "type": { "type": "string", - "description": "The type of the policy assignment." + "description": "The type of the policy assignment.", + "readOnly": true }, "name": { "type": "string", - "description": "The name of the policy assignment." + "description": "The name of the policy assignment.", + "readOnly": true }, "sku": { "$ref": "#/definitions/PolicySku", @@ -734,6 +581,24 @@ } }, "description": "List of policy assignments." + }, + "ErrorResponse": { + "description": "Error reponse indicates ARM is not able to process the incoming request. The reason is provided in the error message.", + "type": "object", + "properties": { + "httpStatus": { + "description": "Http status code.", + "type": "string" + }, + "errorCode": { + "description": "Error code.", + "type": "string" + }, + "errorMessage": { + "description": "Error message indicating why the operation failed.", + "type": "string" + } + } } }, "parameters": { @@ -752,4 +617,4 @@ "description": "The API version to use for the operation." } } -} +} \ No newline at end of file diff --git a/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/policySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/policySetDefinitions.json new file mode 100644 index 000000000000..9d1d0c55caf5 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/2017-06-01-preview/policySetDefinitions.json @@ -0,0 +1,349 @@ +{ + "swagger": "2.0", + "info": { + "title": "PolicyClient", + "version": "2017-06-01-preview", + "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json", + "text/json" + ], + "produces": [ + "application/json", + "text/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policysetdefinitions/{policySetDefinitionName}": { + "put": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_CreateOrUpdate", + "description": "Creates or updates a policy set definition.", + "x-ms-examples": { + "Put a policy set definition": { + "$ref": "./examples/createOrUpdatePolicySetDefinition.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + }, + "description": "The policy set definition properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "200": { + "description": "OK - Returns information about the policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + } + }, + "delete": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_Delete", + "description": "Deletes a policy set definition.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content - the policy set definition doesn't exist in the subscription." + }, + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + } + }, + "get": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_Get", + "description": "Gets the policy set definition.", + "x-ms-examples": { + "Get a policy set definition": { + "$ref": "./examples/getPolicySetDefinition.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policysetdefinitions": { + "get": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_List", + "description": "Gets all the policy set definitions for a subscription.", + "x-ms-examples": { + "List policy set definitions": { + "$ref": "./examples/listPolicySetDefinitions.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy set definitions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + } + }, + "definitions": { + "PolicySetDefinitionProperties": { + "properties": { + "policyType": { + "type": "string", + "description": "The type of policy definition. Possible values are NotSpecified, BuiltIn, and Custom.", + "enum": [ + "NotSpecified", + "BuiltIn", + "Custom" + ], + "x-ms-enum": { + "name": "policyType", + "modelAsString": true + } + }, + "displayName": { + "type": "string", + "description": "The display name of the policy set definition." + }, + "description": { + "type": "string", + "description": "The policy set definition description." + }, + "metadata": { + "type": "object", + "description": "The policy set definition metadata." + }, + "parameters": { + "type": "object", + "description": "The policy set definition parameters that can be used in policy definition references." + }, + "policyDefinitions": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicyDefinitionReference" + }, + "description": "An array of policy definition references." + } + }, + "required": [ + "policyDefinitions" + ], + "description": "The policy set definition properties." + }, + "PolicyDefinitionReference": { + "properties": { + "policyDefinitionId": { + "type": "string", + "description": "The ID of the policy definition or policy set definition." + }, + "parameters": { + "type": "object", + "description": "Required if a parameter is used in policy rule." + } + }, + "description": "The policy definition reference." + }, + "PolicySetDefinition": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PolicySetDefinitionProperties", + "description": "The policy definition properties." + }, + "id": { + "readOnly": true, + "type": "string", + "description": "The ID of the policy set definition." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the policy set definition." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The type of the resource (Microsoft.Authorization/policySetDefinitions)." + } + }, + "description": "The policy set definition.", + "x-ms-azure-resource": true + }, + "PolicySetDefinitionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicySetDefinition" + }, + "description": "An array of policy set definitions." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "List of policy set definitions." + }, + "ErrorResponse": { + "description": "Error reponse indicates ARM is not able to process the incoming request. The reason is provided in the error message.", + "type": "object", + "properties": { + "httpStatus": { + "description": "Http status code.", + "type": "string" + }, + "errorCode": { + "description": "Error code.", + "type": "string" + }, + "errorMessage": { + "description": "Error message indicating why the operation failed.", + "type": "string" + } + } + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for the operation." + } + } +} \ No newline at end of file diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index 670fcc386116..8319129b7877 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -85,7 +85,13 @@ These settings apply only when `--tag=package-policy-2017-06` is specified on th ``` yaml $(tag) == 'package-policy-2017-06' input-file: -- Microsoft.Authorization/2017-06-01-preview/policy.json +- Microsoft.Authorization/2017-06-01-preview/policyAssignments.json +- Microsoft.Authorization/2017-06-01-preview/policySetDefinitions.json +- Microsoft.Authorization/2016-12-01/policyDefinitions.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient ``` ### Tag: package-policy-2016-12 @@ -93,7 +99,12 @@ These settings apply only when `--tag=package-policy-2016-12` is specified on th ``` yaml $(tag) == 'package-policy-2016-12' input-file: -- Microsoft.Authorization/2016-12-01/policy.json +- Microsoft.Authorization/2016-12-01/policyDefinitions.json +- Microsoft.Authorization/2016-12-01/policyAssignments.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient ``` ### Tag: package-policy-2016-04