From 4e60e37bed2fccbd49915556089f334704a1e755 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Fri, 18 Feb 2022 18:49:36 +0000 Subject: [PATCH 1/5] Add spec for PIM /validate --- .../RoleAssignmentScheduleRequest.json | 57 +++++++++++++ .../RoleEligibilityScheduleRequest.json | 57 +++++++++++++ ...teRoleAssignmentScheduleRequestByName.json | 80 +++++++++++++++++++ ...eRoleEligibilityScheduleRequestByName.json | 79 ++++++++++++++++++ 4 files changed, 273 insertions(+) create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json index 70527b318b19..e66d236e4594 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json @@ -233,6 +233,63 @@ } } } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/validate": { + "post": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Validate", + "description": "Validates a new role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment request to validate.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment request to validate." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Parameters for the role assignment schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment request.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "ValidateRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/ValidateRoleAssignmentScheduleRequestByName.json" + } + } + } } }, "definitions": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json index bfd5c9995aaa..268035e1befe 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json @@ -233,6 +233,63 @@ } } } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/validate": { + "post": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Validate", + "description": "Validates a new role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility request to validate.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility request to validate." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Parameters for the role eligibility schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "ValidateRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/ValidateRoleEligibilityScheduleRequestByName.json" + } + } + } } }, "definitions": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..d707e9718c6f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,80 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "SelfActivate", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..33223b23ada8 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,79 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "AdminAssign", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityScheduleRequests" + } + } + } +} From dd6ad0e7445a4af81cdb61568d568af559057f1a Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Fri, 18 Feb 2022 19:24:52 +0000 Subject: [PATCH 2/5] Updates --- .../RoleAssignmentScheduleRequest.json | 57 -- .../RoleEligibilityScheduleRequest.json | 57 -- .../RoleAssignmentScheduleRequest.json | 641 ++++++++++++++++++ .../RoleEligibilityScheduleRequest.json | 637 +++++++++++++++++ ...elRoleAssignmentScheduleRequestByName.json | 10 + ...lRoleEligibilityScheduleRequestByName.json | 10 + ...etRoleAssignmentScheduleRequestByName.json | 62 ++ ...tRoleAssignmentScheduleRequestByScope.json | 66 ++ ...tRoleEligibilityScheduleRequestByName.json | 62 ++ ...RoleEligibilityScheduleRequestByScope.json | 66 ++ .../PutRoleAssignmentScheduleRequest.json | 80 +++ .../PutRoleEligibilityScheduleRequest.json | 79 +++ ...teRoleAssignmentScheduleRequestByName.json | 0 ...eRoleEligibilityScheduleRequestByName.json | 0 14 files changed, 1713 insertions(+), 114 deletions(-) create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleAssignmentScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleEligibilityScheduleRequest.json rename specification/authorization/resource-manager/Microsoft.Authorization/preview/{2020-10-01-preview => 2022-04-01-preview}/examples/ValidateRoleAssignmentScheduleRequestByName.json (100%) rename specification/authorization/resource-manager/Microsoft.Authorization/preview/{2020-10-01-preview => 2022-04-01-preview}/examples/ValidateRoleEligibilityScheduleRequestByName.json (100%) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json index e66d236e4594..70527b318b19 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleAssignmentScheduleRequest.json @@ -233,63 +233,6 @@ } } } - }, - "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/validate": { - "post": { - "tags": [ - "RoleAssignmentScheduleRequests" - ], - "operationId": "RoleAssignmentScheduleRequests_Validate", - "description": "Validates a new role assignment schedule request.", - "parameters": [ - { - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role assignment request to validate.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleAssignmentScheduleRequestName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the role assignment request to validate." - }, - { - "name": "parameters", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/RoleAssignmentScheduleRequest" - }, - "description": "Parameters for the role assignment schedule request." - }, - { - "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role assignment request.", - "schema": { - "$ref": "#/definitions/RoleAssignmentScheduleRequest" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/CloudError" - } - } - }, - "x-ms-examples": { - "ValidateRoleAssignmentScheduleRequestByName": { - "$ref": "./examples/ValidateRoleAssignmentScheduleRequestByName.json" - } - } - } } }, "definitions": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json index 268035e1befe..bfd5c9995aaa 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/RoleEligibilityScheduleRequest.json @@ -233,63 +233,6 @@ } } } - }, - "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/validate": { - "post": { - "tags": [ - "RoleEligibilityScheduleRequests" - ], - "operationId": "RoleEligibilityScheduleRequests_Validate", - "description": "Validates a new role eligibility schedule request.", - "parameters": [ - { - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role eligibility request to validate.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleEligibilityScheduleRequestName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the role eligibility request to validate." - }, - { - "name": "parameters", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/RoleEligibilityScheduleRequest" - }, - "description": "Parameters for the role eligibility schedule request." - }, - { - "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role eligibility schedule request.", - "schema": { - "$ref": "#/definitions/RoleEligibilityScheduleRequest" - } - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/CloudError" - } - } - }, - "x-ms-examples": { - "ValidateRoleEligibilityScheduleRequestByName": { - "$ref": "./examples/ValidateRoleEligibilityScheduleRequestByName.json" - } - } - } } }, "definitions": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json new file mode 100644 index 000000000000..e66d236e4594 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json @@ -0,0 +1,641 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}": { + "put": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Create", + "description": "Creates a role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule request to create. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' for a subscription, '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "A GUID for the role assignment to create. The name must be unique and different for each role assignment." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Parameters for the role assignment schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleAssignmentScheduleRequest": { + "$ref": "./examples/PutRoleAssignmentScheduleRequest.json" + } + } + }, + "get": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Get", + "description": "Get the specified role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule request.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role assignment schedule request to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule request.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/GetRoleAssignmentScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests": { + "get": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_ListForScope", + "description": "Gets role assignment schedule requests for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedule requests.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedule requests at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role assignment schedule requests requested by the current user. Use $filter=asTarget() to return all role assignment schedule requests created for the current user. Use $filter=asApprover() to return all role assignment schedule requests where the current user is an approver." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments schedule requests.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequestListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleRequestFilter", + "x-ms-examples": { + "GetRoleAssignmentScheduleRequestByScope": { + "$ref": "./examples/GetRoleAssignmentScheduleRequestByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/cancel": { + "post": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Cancel", + "description": "Cancels a pending role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment request to cancel.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment request to cancel." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns success." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "CancelRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/CancelRoleAssignmentScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/validate": { + "post": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Validate", + "description": "Validates a new role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment request to validate.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment request to validate." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Parameters for the role assignment schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment request.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "ValidateRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/ValidateRoleAssignmentScheduleRequestByName.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleRequestFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment requests of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment requests of the specific role definition." + }, + "requestorId": { + "type": "string", + "description": "Returns role assignment requests created by specific principal." + }, + "status": { + "type": "string", + "description": "Returns role assignment requests of specific status." + } + }, + "type": "object", + "description": "Role assignment schedule request filter" + }, + "RoleAssignmentScheduleRequestProperties": { + "properties": { + "scope": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "readOnly": true, + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "requestType": { + "type": "string", + "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc", + "enum": [ + "AdminAssign", + "AdminRemove", + "AdminUpdate", + "AdminExtend", + "AdminRenew", + "SelfActivate", + "SelfDeactivate", + "SelfExtend", + "SelfRenew" + ], + "x-ms-enum": { + "name": "RequestType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "readOnly": true, + "description": "The status of the role assignment schedule request.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "approvalId": { + "type": "string", + "readOnly": true, + "description": "The approvalId of the role assignment schedule request." + }, + "targetRoleAssignmentScheduleId": { + "type": "string", + "description": "The resultant role assignment schedule id or the role assignment schedule id being updated" + }, + "targetRoleAssignmentScheduleInstanceId": { + "type": "string", + "description": "The role assignment schedule instance id being updated" + }, + "scheduleInfo": { + "properties": { + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime of the role assignment schedule." + }, + "expiration": { + "properties": { + "type": { + "type": "string", + "description": "Type of the role assignment schedule expiration", + "enum": [ + "AfterDuration", + "AfterDateTime", + "NoExpiration" + ], + "x-ms-enum": { + "name": "Type", + "modelAsString": true + } + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime of the role assignment schedule." + }, + "duration": { + "type": "string", + "description": "Duration of the role assignment schedule in TimeSpan." + } + }, + "type": "object", + "description": "Expiration of the role assignment schedule" + } + }, + "type": "object", + "description": "Schedule info of the role assignment schedule" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "The linked role eligibility schedule id - to activate an eligibility." + }, + "justification": { + "type": "string", + "description": "Justification for the role assignment" + }, + "ticketInfo": { + "properties": { + "ticketNumber": { + "type": "string", + "description": "Ticket number for the role assignment" + }, + "ticketSystem": { + "type": "string", + "description": "Ticket system name for the role assignment" + } + }, + "type": "object", + "description": "Ticket Info of the role assignment" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "readOnly": true, + "description": "DateTime when role assignment schedule request was created" + }, + "requestorId": { + "type": "string", + "readOnly": true, + "description": "Id of the user who created this request" + }, + "expandedProperties": { + "type": "object", + "readOnly": true, + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "required": [ + "roleDefinitionId", + "principalId", + "requestType" + ], + "type": "object", + "description": "Role assignment schedule request properties with scope." + }, + "RoleAssignmentScheduleRequest": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleRequestProperties", + "description": "Role assignment schedule request properties." + } + }, + "type": "object", + "description": "Role Assignment schedule request" + }, + "RoleAssignmentScheduleRequestListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Role assignment schedule request list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role assignment schedule request list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json new file mode 100644 index 000000000000..268035e1befe --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json @@ -0,0 +1,637 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}": { + "put": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Create", + "description": "Creates a role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule request to create. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' for a subscription, '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility to create. It can be any valid GUID." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Parameters for the role eligibility schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleEligibilityScheduleRequest": { + "$ref": "./examples/PutRoleEligibilityScheduleRequest.json" + } + } + }, + "get": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Get", + "description": "Get the specified role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule request.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role eligibility schedule request to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/GetRoleEligibilityScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests": { + "get": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_ListForScope", + "description": "Gets role eligibility schedule requests for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule requests.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedule requests at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role eligibility schedule requests requested by the current user. Use $filter=asTarget() to return all role eligibility schedule requests created for the current user. Use $filter=asApprover() to return all role eligibility schedule requests where the current user is an approver." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role eligibility schedule requests.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequestListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleRequestFilter", + "x-ms-examples": { + "GetRoleEligibilityScheduleRequestByScope": { + "$ref": "./examples/GetRoleEligibilityScheduleRequestByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/cancel": { + "post": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Cancel", + "description": "Cancels a pending role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility request to cancel.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility request to cancel." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns success." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "CancelRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/CancelRoleEligibilityScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/validate": { + "post": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Validate", + "description": "Validates a new role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility request to validate.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility request to validate." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Parameters for the role eligibility schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "ValidateRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/ValidateRoleEligibilityScheduleRequestByName.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleRequestFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility requests of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility requests of the specific role definition." + }, + "requestorId": { + "type": "string", + "description": "Returns role eligibility requests created by specific principal." + }, + "status": { + "type": "string", + "description": "Returns role eligibility requests of specific status." + } + }, + "type": "object", + "description": "Role eligibility schedule request filter" + }, + "RoleEligibilityScheduleRequestProperties": { + "properties": { + "scope": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "readOnly": true, + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "requestType": { + "type": "string", + "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc", + "enum": [ + "AdminAssign", + "AdminRemove", + "AdminUpdate", + "AdminExtend", + "AdminRenew", + "SelfActivate", + "SelfDeactivate", + "SelfExtend", + "SelfRenew" + ], + "x-ms-enum": { + "name": "RequestType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "readOnly": true, + "description": "The status of the role eligibility schedule request.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "approvalId": { + "type": "string", + "readOnly": true, + "description": "The approvalId of the role eligibility schedule request." + }, + "scheduleInfo": { + "properties": { + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime of the role eligibility schedule." + }, + "expiration": { + "properties": { + "type": { + "type": "string", + "description": "Type of the role eligibility schedule expiration", + "enum": [ + "AfterDuration", + "AfterDateTime", + "NoExpiration" + ], + "x-ms-enum": { + "name": "Type", + "modelAsString": true + } + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime of the role eligibility schedule." + }, + "duration": { + "type": "string", + "description": "Duration of the role eligibility schedule in TimeSpan." + } + }, + "type": "object", + "description": "Expiration of the role eligibility schedule" + } + }, + "type": "object", + "description": "Schedule info of the role eligibility schedule" + }, + "targetRoleEligibilityScheduleId": { + "type": "string", + "description": "The resultant role eligibility schedule id or the role eligibility schedule id being updated" + }, + "targetRoleEligibilityScheduleInstanceId": { + "type": "string", + "description": "The role eligibility schedule instance id being updated" + }, + "justification": { + "type": "string", + "description": "Justification for the role eligibility" + }, + "ticketInfo": { + "properties": { + "ticketNumber": { + "type": "string", + "description": "Ticket number for the role eligibility" + }, + "ticketSystem": { + "type": "string", + "description": "Ticket system name for the role eligibility" + } + }, + "type": "object", + "description": "Ticket Info of the role eligibility" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "DateTime when role eligibility schedule request was created" + }, + "requestorId": { + "type": "string", + "readOnly": true, + "description": "Id of the user who created this request" + }, + "expandedProperties": { + "readOnly": true, + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "required": [ + "roleDefinitionId", + "principalId", + "requestType" + ], + "type": "object", + "description": "Role eligibility schedule request properties with scope." + }, + "RoleEligibilityScheduleRequest": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleRequestProperties", + "description": "Role eligibility schedule request properties." + } + }, + "type": "object", + "description": "Role Eligibility schedule request" + }, + "RoleEligibilityScheduleRequestListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Role eligibility schedule request list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role eligibility schedule request list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..12010a0260c3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,10 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..81c5d55f7320 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,10 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..a9f0442b637f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,62 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json new file mode 100644 index 000000000000..b15b3cc2edec --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json @@ -0,0 +1,66 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..53f10851ec93 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,62 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json new file mode 100644 index 000000000000..9bfca5590185 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json @@ -0,0 +1,66 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityRequests" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleAssignmentScheduleRequest.json new file mode 100644 index 000000000000..e374bb892137 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleAssignmentScheduleRequest.json @@ -0,0 +1,80 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "SelfActivate", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01-preview" + }, + "responses": { + "201": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleEligibilityScheduleRequest.json new file mode 100644 index 000000000000..5d8dc971105d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleEligibilityScheduleRequest.json @@ -0,0 +1,79 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "AdminAssign", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01-preview" + }, + "responses": { + "201": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json similarity index 100% rename from specification/authorization/resource-manager/Microsoft.Authorization/preview/2020-10-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json rename to specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json From a330fbcb75d26c27b3ab3b047063819bf0afd8ae Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Fri, 18 Feb 2022 19:36:58 +0000 Subject: [PATCH 3/5] Updates --- .../CancelRoleAssignmentScheduleRequestByName.json | 2 +- .../CancelRoleEligibilityScheduleRequestByName.json | 2 +- .../examples/GetRoleAssignmentScheduleRequestByName.json | 2 +- .../examples/GetRoleAssignmentScheduleRequestByScope.json | 2 +- .../examples/GetRoleEligibilityScheduleRequestByName.json | 2 +- .../GetRoleEligibilityScheduleRequestByScope.json | 2 +- .../examples/PutRoleAssignmentScheduleRequest.json | 2 +- .../examples/PutRoleEligibilityScheduleRequest.json | 2 +- .../ValidateRoleAssignmentScheduleRequestByName.json | 2 +- .../ValidateRoleEligibilityScheduleRequestByName.json | 2 +- specification/authorization/resource-manager/readme.md | 8 ++++++++ 11 files changed, 18 insertions(+), 10 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json index 12010a0260c3..aa0d1d6d1338 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleAssignmentScheduleRequestByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "200": {} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json index 81c5d55f7320..d1334f5847ae 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/CancelRoleEligibilityScheduleRequestByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "200": {} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json index a9f0442b637f..001b93d45d1c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json index b15b3cc2edec..5ed301f86b28 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleAssignmentScheduleRequestByScope.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json index 53f10851ec93..6ba1defe83ef 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json index 9bfca5590185..7ef0d80877fa 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/GetRoleEligibilityScheduleRequestByScope.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleAssignmentScheduleRequest.json index e374bb892137..f1aa9fe12e1c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleAssignmentScheduleRequest.json @@ -20,7 +20,7 @@ "conditionVersion": "1.0" } }, - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "201": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleEligibilityScheduleRequest.json index 5d8dc971105d..b5f4cd0434d2 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/PutRoleEligibilityScheduleRequest.json @@ -19,7 +19,7 @@ "conditionVersion": "1.0" } }, - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "201": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json index d707e9718c6f..5b9903ca6643 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleAssignmentScheduleRequestByName.json @@ -20,7 +20,7 @@ "conditionVersion": "1.0" } }, - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json index 33223b23ada8..7b33893dd44b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/examples/ValidateRoleEligibilityScheduleRequestByName.json @@ -19,7 +19,7 @@ "conditionVersion": "1.0" } }, - "api-version": "2020-10-01-preview" + "api-version": "2022-04-01-preview" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index bb116fdb1658..c45c137823a8 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -81,7 +81,15 @@ directive: from: common-types.json reason: common-types doesn't need to reference api version. ``` +### Tag: package-2022-04-01-preview-only +These settings apply only when `--tag=package-2022-04-01-preview-only` is specified on the command line. + +```yaml $(tag) == 'package-2022-04-01-preview-only' +input-file: +- Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json +``` ### Tag: package-preview-2021-11 From 647feeb35980423bd99f78b813f0549743ae19a3 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Fri, 18 Feb 2022 19:41:35 +0000 Subject: [PATCH 4/5] Fix --- .../2022-04-01-preview/RoleAssignmentScheduleRequest.json | 2 +- .../2022-04-01-preview/RoleEligibilityScheduleRequest.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json index e66d236e4594..212931f3f209 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2022-04-01-preview", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json index 268035e1befe..f872eb1523e9 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2022-04-01-preview", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." }, "host": "management.azure.com", From e53d87cb9724410531d333b4064030a7c23ca823 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Fri, 18 Feb 2022 19:52:41 +0000 Subject: [PATCH 5/5] Fixes --- .../2022-04-01-preview/RoleAssignmentScheduleRequest.json | 3 ++- .../2022-04-01-preview/RoleEligibilityScheduleRequest.json | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json index 212931f3f209..e3671f2e90c6 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleAssignmentScheduleRequest.json @@ -635,7 +635,8 @@ } } }, - "type": "object" + "type": "object", + "description": "Expanded info of resource, role and principal" } } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json index f872eb1523e9..065f80a7f27f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2022-04-01-preview/RoleEligibilityScheduleRequest.json @@ -631,7 +631,8 @@ } } }, - "type": "object" + "type": "object", + "description": "Expanded info of resource, role and principal" } } }