From aa66b739fcebc7391abc01092edea45c77f3b6d1 Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Fri, 13 May 2022 09:19:53 -0700 Subject: [PATCH 01/28] Adds base for updating Microsoft.Network from version stable/2020-11-01 to version 2022-05-01 --- .../examples/WafListManagedRuleSets.json | 69 ++ .../2022-05-01/examples/WafListPolicies.json | 134 +++ .../examples/WafPolicyCreateOrUpdate.json | 515 +++++++++ .../2022-05-01/examples/WafPolicyDelete.json | 13 + .../2022-05-01/examples/WafPolicyGet.json | 135 +++ .../stable/2022-05-01/network.json | 167 +++ .../2022-05-01/webapplicationfirewall.json | 973 ++++++++++++++++++ 7 files changed, 2006 insertions(+) create mode 100644 specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListManagedRuleSets.json create mode 100644 specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListPolicies.json create mode 100644 specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyCreateOrUpdate.json create mode 100644 specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyDelete.json create mode 100644 specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyGet.json create mode 100644 specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json create mode 100644 specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListManagedRuleSets.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListManagedRuleSets.json new file mode 100644 index 000000000000..33b2d9853927 --- /dev/null +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListManagedRuleSets.json @@ -0,0 +1,69 @@ +{ + "parameters": { + "api-version": "2020-11-01", + "subscriptionId": "subid" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "name": "DefaultRuleSet_1.0", + "id": "/subscriptions/subid/providers/Microsoft.Network/FrontDoorWebApplicationFirewallManagedRuleSets", + "type": "Microsoft.Network/frontdoorwebapplicationfirewallmanagedrulesets", + "properties": { + "provisioningState": "Succeeded", + "ruleSetId": "8125d145-ddc5-4d90-9bc3-24c5f2de69a2", + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "ruleGroups": [ + { + "ruleGroupName": "SQLI", + "description": "SQL injection", + "rules": [ + { + "ruleId": "942100", + "description": "SQL Injection Attack Detected via libinjection", + "defaultState": "Enabled", + "defaultAction": "Block" + }, + { + "ruleId": "942110", + "description": "SQL Injection Attack: Common Injection Testing Detected", + "defaultState": "Enabled", + "defaultAction": "Block" + } + ] + }, + { + "ruleGroupName": "XSS", + "description": "Cross-site scripting", + "rules": [ + { + "ruleId": "941100", + "description": "XSS Attack Detected via libinjection", + "defaultState": "Enabled", + "defaultAction": "Block" + }, + { + "ruleId": "941101", + "description": "XSS Attack Detected via libinjection", + "defaultState": "Enabled", + "defaultAction": "Block" + }, + { + "ruleId": "941110", + "description": "XSS Filter - Category 1: Script Tag Vector", + "defaultState": "Enabled", + "defaultAction": "Block" + } + ] + } + ] + } + } + ] + } + } + } +} diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListPolicies.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListPolicies.json new file mode 100644 index 000000000000..c78fafc9aa29 --- /dev/null +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListPolicies.json @@ -0,0 +1,134 @@ +{ + "parameters": { + "api-version": "2020-11-01", + "subscriptionId": "subid", + "resourceGroupName": "rg1" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "name": "Policy1", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", + "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", + "tags": { + "key1": "value1", + "key2": "value2" + }, + "location": "WestUs", + "sku": { + "name": "Classic_AzureFrontDoor" + }, + "properties": { + "resourceState": "Enabled", + "provisioningState": "Succeeded", + "policySettings": { + "enabledState": "Enabled", + "mode": "Prevention", + "redirectUrl": "http://www.bing.com", + "customBlockResponseStatusCode": 499, + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==" + }, + "customRules": { + "rules": [ + { + "name": "Rule1", + "priority": 1, + "enabledState": "Enabled", + "ruleType": "RateLimitRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 1000, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "IPMatch", + "negateCondition": false, + "matchValue": [ + "192.168.1.0/24", + "10.0.0.0/24" + ], + "transforms": [] + } + ], + "action": "Block" + }, + { + "name": "Rule2", + "priority": 2, + "enabledState": "Enabled", + "ruleType": "MatchRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 0, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "GeoMatch", + "negateCondition": false, + "matchValue": [ + "CH" + ] + }, + { + "matchVariable": "RequestHeader", + "selector": "UserAgent", + "operator": "Contains", + "negateCondition": false, + "matchValue": [ + "windows" + ], + "transforms": [ + "Lowercase" + ] + } + ], + "action": "Block" + } + ] + }, + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "exclusions": [ + { + "matchVariable": "RequestHeaderNames", + "selectorMatchOperator": "Equals", + "selector": "User-Agent" + } + ], + "ruleGroupOverrides": [ + { + "ruleGroupName": "SQLI", + "rules": [ + { + "ruleId": "942100", + "enabledState": "Enabled", + "action": "Redirect" + }, + { + "ruleId": "942110", + "enabledState": "Disabled" + } + ] + } + ] + } + ] + }, + "frontendEndpointLinks": [ + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/frontdoors/fd1/frontendendpoints/fd1-azurefd-net" + } + ], + "securityPolicyLinks": [] + } + } + ] + } + } + } +} diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyCreateOrUpdate.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyCreateOrUpdate.json new file mode 100644 index 000000000000..81b6585cd89b --- /dev/null +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyCreateOrUpdate.json @@ -0,0 +1,515 @@ +{ + "parameters": { + "api-version": "2020-11-01", + "subscriptionId": "subid", + "resourceGroupName": "rg1", + "policyName": "Policy1", + "parameters": { + "properties": { + "policySettings": { + "enabledState": "Enabled", + "mode": "Prevention", + "redirectUrl": "http://www.bing.com", + "customBlockResponseStatusCode": 499, + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==", + "requestBodyCheck": "Disabled" + }, + "customRules": { + "rules": [ + { + "name": "Rule1", + "priority": 1, + "ruleType": "RateLimitRule", + "rateLimitThreshold": 1000, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "operator": "IPMatch", + "matchValue": [ + "192.168.1.0/24", + "10.0.0.0/24" + ] + } + ], + "action": "Block" + }, + { + "name": "Rule2", + "priority": 2, + "ruleType": "MatchRule", + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "operator": "GeoMatch", + "matchValue": [ + "CH" + ] + }, + { + "matchVariable": "RequestHeader", + "operator": "Contains", + "selector": "UserAgent", + "matchValue": [ + "windows" + ], + "transforms": [ + "Lowercase" + ] + } + ], + "action": "Block" + } + ] + }, + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "ruleSetAction": "Block", + "exclusions": [ + { + "matchVariable": "RequestHeaderNames", + "selectorMatchOperator": "Equals", + "selector": "User-Agent" + } + ], + "ruleGroupOverrides": [ + { + "ruleGroupName": "SQLI", + "exclusions": [ + { + "matchVariable": "RequestCookieNames", + "selectorMatchOperator": "StartsWith", + "selector": "token" + } + ], + "rules": [ + { + "ruleId": "942100", + "enabledState": "Enabled", + "action": "Redirect", + "exclusions": [ + { + "matchVariable": "QueryStringArgNames", + "selectorMatchOperator": "Equals", + "selector": "query" + } + ] + }, + { + "ruleId": "942110", + "enabledState": "Disabled" + } + ] + } + ] + } + ] + } + }, + "sku": { + "name": "Classic_AzureFrontDoor" + } + } + }, + "responses": { + "200": { + "body": { + "name": "Policy1", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", + "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", + "tags": { + "key1": "value1", + "key2": "value2" + }, + "location": "WestUs", + "properties": { + "resourceState": "Enabled", + "provisioningState": "Succeeded", + "policySettings": { + "enabledState": "Enabled", + "mode": "Prevention", + "redirectUrl": "http://www.bing.com", + "customBlockResponseStatusCode": 499, + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==", + "requestBodyCheck": "Disabled" + }, + "customRules": { + "rules": [ + { + "name": "Rule1", + "priority": 1, + "enabledState": "Enabled", + "ruleType": "RateLimitRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 1000, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "IPMatch", + "negateCondition": false, + "matchValue": [ + "192.168.1.0/24", + "10.0.0.0/24" + ], + "transforms": [] + } + ], + "action": "Block" + }, + { + "name": "Rule2", + "priority": 2, + "enabledState": "Enabled", + "ruleType": "MatchRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 0, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "GeoMatch", + "negateCondition": false, + "matchValue": [ + "CH" + ] + }, + { + "matchVariable": "RequestHeader", + "selector": "UserAgent", + "operator": "Contains", + "negateCondition": false, + "matchValue": [ + "windows" + ], + "transforms": [ + "Lowercase" + ] + } + ], + "action": "Block" + } + ] + }, + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "ruleSetAction": "Block", + "exclusions": [ + { + "matchVariable": "RequestHeaderNames", + "selectorMatchOperator": "Equals", + "selector": "User-Agent" + } + ], + "ruleGroupOverrides": [ + { + "ruleGroupName": "SQLI", + "exclusions": [ + { + "matchVariable": "RequestCookieNames", + "selectorMatchOperator": "StartsWith", + "selector": "token" + } + ], + "rules": [ + { + "ruleId": "942100", + "enabledState": "Enabled", + "action": "Redirect", + "exclusions": [ + { + "matchVariable": "QueryStringArgNames", + "selectorMatchOperator": "Equals", + "selector": "query" + } + ] + }, + { + "ruleId": "942110", + "enabledState": "Disabled" + } + ] + } + ] + } + ] + }, + "frontendEndpointLinks": [], + "securityPolicyLinks": [] + }, + "sku": { + "name": "Classic_AzureFrontDoor" + } + } + }, + "201": { + "body": { + "name": "Policy1", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", + "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", + "tags": { + "key1": "value1", + "key2": "value2" + }, + "location": "WestUs", + "properties": { + "resourceState": "Enabled", + "provisioningState": "Succeeded", + "policySettings": { + "enabledState": "Enabled", + "mode": "Prevention", + "redirectUrl": "http://www.bing.com", + "customBlockResponseStatusCode": 499, + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==" + }, + "customRules": { + "rules": [ + { + "name": "Rule1", + "priority": 1, + "enabledState": "Enabled", + "ruleType": "RateLimitRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 1000, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "IPMatch", + "negateCondition": false, + "matchValue": [ + "192.168.1.0/24", + "10.0.0.0/24" + ], + "transforms": [] + } + ], + "action": "Block" + }, + { + "name": "Rule2", + "priority": 2, + "enabledState": "Enabled", + "ruleType": "MatchRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 0, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "GeoMatch", + "negateCondition": false, + "matchValue": [ + "CH" + ] + }, + { + "matchVariable": "RequestHeader", + "selector": "UserAgent", + "operator": "Contains", + "negateCondition": false, + "matchValue": [ + "windows" + ], + "transforms": [ + "Lowercase" + ] + } + ], + "action": "Block" + } + ] + }, + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "exclusions": [ + { + "matchVariable": "RequestHeaderNames", + "selectorMatchOperator": "Equals", + "selector": "User-Agent" + } + ], + "ruleGroupOverrides": [ + { + "ruleGroupName": "SQLI", + "exclusions": [ + { + "matchVariable": "RequestCookieNames", + "selectorMatchOperator": "StartsWith", + "selector": "token" + } + ], + "rules": [ + { + "ruleId": "942100", + "enabledState": "Enabled", + "action": "Redirect", + "exclusions": [ + { + "matchVariable": "QueryStringArgNames", + "selectorMatchOperator": "Equals", + "selector": "query" + } + ] + }, + { + "ruleId": "942110", + "enabledState": "Disabled" + } + ] + } + ] + } + ] + }, + "frontendEndpointLinks": [], + "securityPolicyLinks": [] + }, + "sku": { + "name": "Classic_AzureFrontDoor" + } + } + }, + "202": { + "body": { + "name": "Policy1", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", + "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", + "tags": { + "key1": "value1", + "key2": "value2" + }, + "location": "WestUs", + "properties": { + "resourceState": "Enabled", + "provisioningState": "Succeeded", + "policySettings": { + "enabledState": "Enabled", + "mode": "Prevention", + "redirectUrl": "http://www.bing.com", + "customBlockResponseStatusCode": 499, + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==", + "requestBodyCheck": "Disabled" + }, + "customRules": { + "rules": [ + { + "name": "Rule1", + "priority": 1, + "enabledState": "Enabled", + "ruleType": "RateLimitRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 1000, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "IPMatch", + "negateCondition": false, + "matchValue": [ + "192.168.1.0/24", + "10.0.0.0/24" + ], + "transforms": [] + } + ], + "action": "Block" + }, + { + "name": "Rule2", + "priority": 2, + "enabledState": "Enabled", + "ruleType": "MatchRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 0, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "GeoMatch", + "negateCondition": false, + "matchValue": [ + "CH" + ] + }, + { + "matchVariable": "RequestHeader", + "selector": "UserAgent", + "operator": "Contains", + "negateCondition": false, + "matchValue": [ + "windows" + ], + "transforms": [ + "Lowercase" + ] + } + ], + "action": "Block" + } + ] + }, + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "ruleSetAction": "Block", + "exclusions": [ + { + "matchVariable": "RequestHeaderNames", + "selectorMatchOperator": "Equals", + "selector": "User-Agent" + } + ], + "ruleGroupOverrides": [ + { + "ruleGroupName": "SQLI", + "exclusions": [ + { + "matchVariable": "RequestCookieNames", + "selectorMatchOperator": "StartsWith", + "selector": "token" + } + ], + "rules": [ + { + "ruleId": "942100", + "enabledState": "Enabled", + "action": "Redirect", + "exclusions": [ + { + "matchVariable": "QueryStringArgNames", + "selectorMatchOperator": "Equals", + "selector": "query" + } + ] + }, + { + "ruleId": "942110", + "enabledState": "Disabled" + } + ] + } + ] + } + ] + }, + "frontendEndpointLinks": [], + "securityPolicyLinks": [] + }, + "sku": { + "name": "Classic_AzureFrontDoor" + } + } + } + } +} diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyDelete.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyDelete.json new file mode 100644 index 000000000000..c12d7c752edb --- /dev/null +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyDelete.json @@ -0,0 +1,13 @@ +{ + "parameters": { + "api-version": "2020-11-01", + "subscriptionId": "subid", + "resourceGroupName": "rg1", + "policyName": "Policy1" + }, + "responses": { + "200": {}, + "202": {}, + "204": {} + } +} diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyGet.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyGet.json new file mode 100644 index 000000000000..4b6988dcc038 --- /dev/null +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyGet.json @@ -0,0 +1,135 @@ +{ + "parameters": { + "api-version": "2020-11-01", + "subscriptionId": "subid", + "resourceGroupName": "rg1", + "policyName": "Policy1" + }, + "responses": { + "200": { + "body": { + "name": "Policy1", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", + "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", + "tags": { + "key1": "value1", + "key2": "value2" + }, + "location": "WestUs", + "properties": { + "resourceState": "Enabled", + "provisioningState": "Succeeded", + "policySettings": { + "enabledState": "Enabled", + "mode": "Prevention", + "redirectUrl": "http://www.bing.com", + "customBlockResponseStatusCode": 499, + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==", + "requestBodyCheck": "Disabled" + }, + "customRules": { + "rules": [ + { + "name": "Rule1", + "priority": 1, + "enabledState": "Enabled", + "ruleType": "RateLimitRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 1000, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "IPMatch", + "negateCondition": false, + "matchValue": [ + "192.168.1.0/24", + "10.0.0.0/24" + ], + "transforms": [] + } + ], + "action": "Block" + }, + { + "name": "Rule2", + "priority": 2, + "enabledState": "Enabled", + "ruleType": "MatchRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 0, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "GeoMatch", + "negateCondition": false, + "matchValue": [ + "CH" + ] + }, + { + "matchVariable": "RequestHeader", + "selector": "UserAgent", + "operator": "Contains", + "negateCondition": false, + "matchValue": [ + "windows" + ], + "transforms": [ + "Lowercase" + ] + } + ], + "action": "Block" + } + ] + }, + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "ruleSetAction": "Block", + "exclusions": [ + { + "matchVariable": "RequestHeaderNames", + "selectorMatchOperator": "Equals", + "selector": "User-Agent" + } + ], + "ruleGroupOverrides": [ + { + "ruleGroupName": "SQLI", + "exclusions": [], + "rules": [ + { + "ruleId": "942100", + "enabledState": "Enabled", + "action": "Redirect", + "exclusions": [] + }, + { + "ruleId": "942110", + "enabledState": "Disabled" + } + ] + } + ] + } + ] + }, + "frontendEndpointLinks": [ + { + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/frontdoors/fd1/frontendendpoints/fd1-azurefd-net" + } + ], + "securityPolicyLinks": [] + }, + "sku": { + "name": "Classic_AzureFrontDoor" + } + } + } + } +} diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json new file mode 100644 index 000000000000..a956ee683b89 --- /dev/null +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json @@ -0,0 +1,167 @@ +{ + "swagger": "2.0", + "info": { + "title": "NetworkManagementClient", + "description": "The Microsoft Azure Network management API provides a RESTful set of web services that interact with Microsoft Azure Networks service to manage your network resources. The API has entities that capture the relationship between an end user and the Microsoft Azure Networks service.", + "version": "2020-11-01" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json", + "text/json" + ], + "produces": [ + "application/json", + "text/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": {}, + "definitions": { + "ErrorDetails": { + "properties": { + "code": { + "type": "string" + }, + "target": { + "type": "string" + }, + "message": { + "type": "string" + } + } + }, + "Error": { + "properties": { + "code": { + "type": "string" + }, + "message": { + "type": "string" + }, + "target": { + "type": "string" + }, + "details": { + "type": "array", + "items": { + "$ref": "#/definitions/ErrorDetails" + } + }, + "innerError": { + "type": "string" + } + } + }, + "AzureAsyncOperationResult": { + "properties": { + "status": { + "type": "string", + "description": "Status of the Azure async operation.", + "enum": [ + "InProgress", + "Succeeded", + "Failed" + ], + "x-ms-enum": { + "name": "NetworkOperationStatus", + "modelAsString": true + } + }, + "error": { + "$ref": "#/definitions/Error" + } + }, + "description": "The response body contains the status of the specified asynchronous operation, indicating whether it has succeeded, is in progress, or has failed. Note that this status is distinct from the HTTP status code returned for the Get Operation Status operation itself. If the asynchronous operation succeeded, the response body includes the HTTP status code for the successful request. If the asynchronous operation failed, the response body includes the HTTP status code for the failed request and error information regarding the failure." + }, + "Resource": { + "properties": { + "id": { + "readOnly": true, + "type": "string", + "description": "Resource ID." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "Resource name." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "Resource type." + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Resource tags." + } + }, + "description": "Common resource representation.", + "x-ms-azure-resource": true + }, + "SubResource": { + "properties": { + "id": { + "type": "string", + "description": "Resource ID." + } + }, + "description": "Reference to another subresource.", + "x-ms-azure-resource": true + }, + "TagsObject": { + "properties": { + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "description": "Resource tags." + } + }, + "description": "Tags object for patch operations." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The subscription credentials which uniquely identify the Microsoft Azure subscription. The subscription ID forms part of the URI for every service call." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "Client API version." + } + } +} diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json new file mode 100644 index 000000000000..556639767a44 --- /dev/null +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -0,0 +1,973 @@ +{ + "swagger": "2.0", + "info": { + "version": "2020-11-01", + "title": "WebApplicationFirewallManagement", + "description": "APIs to manage web application firewall rules." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/frontDoorWebApplicationFirewallPolicies": { + "get": { + "tags": [ + "WebApplicationFirewallPolicies" + ], + "description": "Lists all of the protection policies within a resource group.", + "operationId": "Policies_List", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "./network.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The request has succeeded.", + "schema": { + "$ref": "#/definitions/WebApplicationFirewallPolicyList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List Policies in a Resource Group": { + "$ref": "./examples/WafListPolicies.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}": { + "get": { + "tags": [ + "WebApplicationFirewallPolicies" + ], + "description": "Retrieve protection policy with specified name within a resource group.", + "operationId": "Policies_Get", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/PolicyNameParameter" + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "./network.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The request has succeeded.", + "schema": { + "$ref": "#/definitions/WebApplicationFirewallPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Get Policy": { + "$ref": "./examples/WafPolicyGet.json" + } + } + }, + "put": { + "tags": [ + "WebApplicationFirewallPolicies" + ], + "description": "Create or update policy with specified rule set name within a resource group.", + "operationId": "Policies_CreateOrUpdate", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/PolicyNameParameter" + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "./network.json#/parameters/ApiVersionParameter" + }, + { + "description": "Policy to be created.", + "in": "body", + "name": "parameters", + "required": true, + "schema": { + "$ref": "#/definitions/WebApplicationFirewallPolicy" + } + } + ], + "responses": { + "200": { + "description": "OK. The request has succeeded.", + "schema": { + "$ref": "#/definitions/WebApplicationFirewallPolicy" + } + }, + "201": { + "description": "Created. The request has been fulfilled and a new protection policy has been created.", + "schema": { + "$ref": "#/definitions/WebApplicationFirewallPolicy" + } + }, + "202": { + "description": "Accepted. The request has been accepted for processing and the operation will complete asynchronously.", + "schema": { + "$ref": "#/definitions/WebApplicationFirewallPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Creates specific policy": { + "$ref": "./examples/WafPolicyCreateOrUpdate.json" + } + }, + "x-ms-long-running-operation": true + }, + "delete": { + "tags": [ + "WebApplicationFirewallPolicies" + ], + "description": "Deletes Policy", + "operationId": "Policies_Delete", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/PolicyNameParameter" + }, + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "./network.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Delete successful." + }, + "202": { + "description": "Accepted. The request has been accepted for processing and the operation will complete asynchronously." + }, + "204": { + "description": "No Content. The request has been accepted but the policy was not found." + } + }, + "x-ms-examples": { + "Delete protection policy": { + "$ref": "./examples/WafPolicyDelete.json" + } + }, + "x-ms-long-running-operation": true + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallManagedRuleSets": { + "get": { + "tags": [ + "WebApplicationFirewallManagedRuleSets" + ], + "description": "Lists all available managed rule sets.", + "operationId": "ManagedRuleSets_List", + "parameters": [ + { + "$ref": "./network.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "./network.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Success. The operation returns a list of all available web application firewall managed rule sets.", + "schema": { + "$ref": "#/definitions/ManagedRuleSetDefinitionList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "List Policies in a Resource Group": { + "$ref": "./examples/WafListManagedRuleSets.json" + } + } + } + } + }, + "definitions": { + "WebApplicationFirewallPolicy": { + "description": "Defines web application firewall policy.", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "Properties of the web application firewall policy.", + "$ref": "#/definitions/WebApplicationFirewallPolicyProperties" + }, + "etag": { + "type": "string", + "description": "Gets a unique read-only string that changes whenever the resource is updated." + }, + "sku": { + "description": "The pricing tier of web application firewall policy. Defaults to Classic_AzureFrontDoor if not specified.", + "$ref": "#/definitions/Sku" + } + }, + "allOf": [ + { + "$ref": "./network.json#/definitions/Resource" + } + ] + }, + "WebApplicationFirewallPolicyProperties": { + "description": "Defines web application firewall policy properties.", + "properties": { + "policySettings": { + "description": "Describes settings for the policy.", + "$ref": "#/definitions/PolicySettings" + }, + "customRules": { + "description": "Describes custom rules inside the policy.", + "$ref": "#/definitions/CustomRuleList" + }, + "managedRules": { + "description": "Describes managed rules inside the policy.", + "$ref": "#/definitions/ManagedRuleSetList" + }, + "frontendEndpointLinks": { + "description": "Describes Frontend Endpoints associated with this Web Application Firewall policy.", + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/FrontendEndpointLink" + } + }, + "routingRuleLinks": { + "description": "Describes Routing Rules associated with this Web Application Firewall policy.", + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/RoutingRuleLink" + } + }, + "securityPolicyLinks": { + "description": "Describes Security Policy associated with this Web Application Firewall policy.", + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/SecurityPolicyLink" + } + }, + "provisioningState": { + "readOnly": true, + "type": "string", + "description": "Provisioning state of the policy." + }, + "resourceState": { + "title": "Resource status of the policy.", + "readOnly": true, + "enum": [ + "Creating", + "Enabling", + "Enabled", + "Disabling", + "Disabled", + "Deleting" + ], + "type": "string", + "x-ms-enum": { + "name": "PolicyResourceState", + "modelAsString": true + } + } + } + }, + "Sku": { + "description": "The pricing tier of the web application firewall policy.", + "properties": { + "name": { + "description": "Name of the pricing tier.", + "enum": [ + "Classic_AzureFrontDoor", + "Standard_AzureFrontDoor", + "Premium_AzureFrontDoor" + ], + "type": "string", + "x-ms-enum": { + "name": "SkuName", + "modelAsString": true + } + } + }, + "type": "object" + }, + "WebApplicationFirewallPolicyList": { + "description": "Defines a list of WebApplicationFirewallPolicies. It contains a list of WebApplicationFirewallPolicy objects and a URL link to get the next set of results.", + "properties": { + "value": { + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/WebApplicationFirewallPolicy" + }, + "description": "List of WebApplicationFirewallPolicies within a resource group." + }, + "nextLink": { + "type": "string", + "description": "URL to get the next set of WebApplicationFirewallPolicy objects if there are any." + } + } + }, + "PolicySettings": { + "description": "Defines top-level WebApplicationFirewallPolicy configuration settings.", + "properties": { + "enabledState": { + "description": "Describes if the policy is in enabled or disabled state. Defaults to Enabled if not specified.", + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "name": "PolicyEnabledState", + "modelAsString": true + } + }, + "mode": { + "description": "Describes if it is in detection mode or prevention mode at policy level.", + "type": "string", + "enum": [ + "Prevention", + "Detection" + ], + "x-ms-enum": { + "name": "PolicyMode", + "modelAsString": true + } + }, + "redirectUrl": { + "description": "If action type is redirect, this field represents redirect URL for the client.", + "type": "string" + }, + "customBlockResponseStatusCode": { + "description": "If the action type is block, customer can override the response status code.", + "type": "integer" + }, + "customBlockResponseBody": { + "description": "If the action type is block, customer can override the response body. The body must be specified in base64 encoding.", + "type": "string", + "pattern": "^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=|[A-Za-z0-9+/]{4})$" + }, + "requestBodyCheck": { + "description": "Describes if policy managed rules will inspect the request body content.", + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "name": "PolicyRequestBodyCheck", + "modelAsString": true + } + } + } + }, + "CustomRuleList": { + "description": "Defines contents of custom rules", + "properties": { + "rules": { + "description": "List of rules", + "type": "array", + "items": { + "$ref": "#/definitions/CustomRule" + } + } + } + }, + "CustomRule": { + "description": "Defines contents of a web application rule", + "required": [ + "priority", + "ruleType", + "matchConditions", + "action" + ], + "properties": { + "name": { + "type": "string", + "description": "Describes the name of the rule.", + "maxLength": 128 + }, + "priority": { + "description": "Describes priority of the rule. Rules with a lower value will be evaluated before rules with a higher value.", + "type": "integer" + }, + "enabledState": { + "description": "Describes if the custom rule is in enabled or disabled state. Defaults to Enabled if not specified.", + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "name": "CustomRuleEnabledState", + "modelAsString": true + } + }, + "ruleType": { + "description": "Describes type of rule.", + "type": "string", + "enum": [ + "MatchRule", + "RateLimitRule" + ], + "x-ms-enum": { + "name": "RuleType", + "modelAsString": true + } + }, + "rateLimitDurationInMinutes": { + "description": "Time window for resetting the rate limit count. Default is 1 minute.", + "type": "integer", + "minimum": 0, + "maximum": 5 + }, + "rateLimitThreshold": { + "description": "Number of allowed requests per client within the time window.", + "type": "integer", + "minimum": 0 + }, + "matchConditions": { + "description": "List of match conditions.", + "type": "array", + "items": { + "$ref": "#/definitions/MatchCondition" + } + }, + "action": { + "description": "Describes what action to be applied when rule matches.", + "$ref": "#/definitions/ActionType" + } + } + }, + "TransformType": { + "description": "Describes what transforms applied before matching.", + "type": "string", + "enum": [ + "Lowercase", + "Uppercase", + "Trim", + "UrlDecode", + "UrlEncode", + "RemoveNulls" + ], + "x-ms-enum": { + "name": "TransformType", + "modelAsString": true + } + }, + "MatchCondition": { + "description": "Define a match condition.", + "required": [ + "matchVariable", + "operator", + "matchValue" + ], + "properties": { + "matchVariable": { + "description": "Request variable to compare with.", + "type": "string", + "enum": [ + "RemoteAddr", + "RequestMethod", + "QueryString", + "PostArgs", + "RequestUri", + "RequestHeader", + "RequestBody", + "Cookies", + "SocketAddr" + ], + "x-ms-enum": { + "name": "MatchVariable", + "modelAsString": true + } + }, + "selector": { + "description": "Match against a specific key from the QueryString, PostArgs, RequestHeader or Cookies variables. Default is null.", + "type": "string" + }, + "operator": { + "description": "Comparison type to use for matching with the variable value.", + "type": "string", + "enum": [ + "Any", + "IPMatch", + "GeoMatch", + "Equal", + "Contains", + "LessThan", + "GreaterThan", + "LessThanOrEqual", + "GreaterThanOrEqual", + "BeginsWith", + "EndsWith", + "RegEx" + ], + "x-ms-enum": { + "name": "Operator", + "modelAsString": true + } + }, + "negateCondition": { + "description": "Describes if the result of this condition should be negated.", + "type": "boolean" + }, + "matchValue": { + "description": "List of possible match values.", + "type": "array", + "items": { + "type": "string" + } + }, + "transforms": { + "description": "List of transforms.", + "type": "array", + "items": { + "$ref": "#/definitions/TransformType" + } + } + } + }, + "ManagedRuleSetList": { + "description": "Defines the list of managed rule sets for the policy.", + "properties": { + "managedRuleSets": { + "description": "List of rule sets.", + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleSet" + } + } + } + }, + "ManagedRuleSet": { + "type": "object", + "description": "Defines a managed rule set.", + "required": [ + "ruleSetType", + "ruleSetVersion" + ], + "properties": { + "ruleSetType": { + "description": "Defines the rule set type to use.", + "type": "string" + }, + "ruleSetVersion": { + "description": "Defines the version of the rule set to use.", + "type": "string" + }, + "ruleSetAction": { + "$ref": "#/definitions/ManagedRuleSetActionType" + }, + "exclusions": { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleExclusion" + }, + "description": "Describes the exclusions that are applied to all rules in the set." + }, + "ruleGroupOverrides": { + "description": "Defines the rule group overrides to apply to the rule set.", + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleGroupOverride" + } + } + } + }, + "ManagedRuleGroupOverride": { + "description": "Defines a managed rule group override setting.", + "required": [ + "ruleGroupName" + ], + "properties": { + "ruleGroupName": { + "description": "Describes the managed rule group to override.", + "type": "string" + }, + "exclusions": { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleExclusion" + }, + "description": "Describes the exclusions that are applied to all rules in the group." + }, + "rules": { + "description": "List of rules that will be disabled. If none specified, all rules in the group will be disabled.", + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleOverride" + } + } + } + }, + "ManagedRuleOverride": { + "description": "Defines a managed rule group override setting.", + "required": [ + "ruleId" + ], + "properties": { + "ruleId": { + "description": "Identifier for the managed rule.", + "type": "string" + }, + "enabledState": { + "description": "Describes if the managed rule is in enabled or disabled state. Defaults to Disabled if not specified.", + "$ref": "#/definitions/ManagedRuleEnabledState" + }, + "action": { + "description": "Describes the override action to be applied when rule matches.", + "$ref": "#/definitions/ActionType" + }, + "exclusions": { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleExclusion" + }, + "description": "Describes the exclusions that are applied to this specific rule." + } + } + }, + "ManagedRuleSetDefinitionList": { + "description": "List of managed rule set definitions available for use in a policy.", + "properties": { + "value": { + "description": "List of managed rule set definitions.", + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/ManagedRuleSetDefinition" + } + }, + "nextLink": { + "type": "string", + "description": "URL to retrieve next set of managed rule set definitions." + } + } + }, + "ManagedRuleSetDefinition": { + "description": "Describes the a managed rule set definition.", + "properties": { + "properties": { + "description": "Properties for a managed rule set definition.", + "x-ms-client-flatten": true, + "$ref": "#/definitions/ManagedRuleSetDefinitionProperties" + } + }, + "allOf": [ + { + "$ref": "./network.json#/definitions/Resource" + } + ] + }, + "ManagedRuleSetDefinitionProperties": { + "description": "Properties for a managed rule set definition.", + "properties": { + "provisioningState": { + "type": "string", + "readOnly": true, + "description": "Provisioning state of the managed rule set." + }, + "ruleSetId": { + "type": "string", + "readOnly": true, + "description": "Id of the managed rule set." + }, + "ruleSetType": { + "type": "string", + "readOnly": true, + "description": "Type of the managed rule set." + }, + "ruleSetVersion": { + "type": "string", + "readOnly": true, + "description": "Version of the managed rule set type." + }, + "ruleGroups": { + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/ManagedRuleGroupDefinition" + }, + "description": "Rule groups of the managed rule set." + } + } + }, + "ManagedRuleGroupDefinition": { + "description": "Describes a managed rule group.", + "properties": { + "ruleGroupName": { + "type": "string", + "readOnly": true, + "description": "Name of the managed rule group." + }, + "description": { + "type": "string", + "readOnly": true, + "description": "Description of the managed rule group." + }, + "rules": { + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/ManagedRuleDefinition" + }, + "description": "List of rules within the managed rule group." + } + } + }, + "ManagedRuleDefinition": { + "description": "Describes a managed rule definition.", + "properties": { + "ruleId": { + "description": "Identifier for the managed rule.", + "readOnly": true, + "type": "string" + }, + "defaultState": { + "description": "Describes the default state for the managed rule.", + "readOnly": true, + "$ref": "#/definitions/ManagedRuleEnabledState" + }, + "defaultAction": { + "description": "Describes the default action to be applied when the managed rule matches.", + "readOnly": true, + "$ref": "#/definitions/ActionType" + }, + "description": { + "description": "Describes the functionality of the managed rule.", + "readOnly": true, + "type": "string" + } + } + }, + "ManagedRuleExclusion": { + "required": [ + "matchVariable", + "selectorMatchOperator", + "selector" + ], + "description": "Exclude variables from managed rule evaluation.", + "properties": { + "matchVariable": { + "type": "string", + "enum": [ + "RequestHeaderNames", + "RequestCookieNames", + "QueryStringArgNames", + "RequestBodyPostArgNames", + "RequestBodyJsonArgNames" + ], + "description": "The variable type to be excluded.", + "x-ms-enum": { + "name": "ManagedRuleExclusionMatchVariable", + "modelAsString": true + } + }, + "selectorMatchOperator": { + "type": "string", + "enum": [ + "Equals", + "Contains", + "StartsWith", + "EndsWith", + "EqualsAny" + ], + "description": "Comparison operator to apply to the selector when specifying which elements in the collection this exclusion applies to.", + "x-ms-enum": { + "name": "ManagedRuleExclusionSelectorMatchOperator", + "modelAsString": true + } + }, + "selector": { + "type": "string", + "description": "Selector value for which elements in the collection this exclusion applies to." + } + } + }, + "ActionType": { + "description": "Defines the action to take on rule match.", + "type": "string", + "enum": [ + "Allow", + "Block", + "Log", + "Redirect" + ], + "x-ms-enum": { + "name": "ActionType", + "modelAsString": true + } + }, + "ManagedRuleSetActionType": { + "description": "Defines the action to take when a managed rule set score threshold is met.", + "type": "string", + "enum": [ + "Block", + "Log", + "Redirect" + ], + "x-ms-enum": { + "name": "ManagedRuleSetActionType", + "modelAsString": true + } + }, + "ManagedRuleEnabledState": { + "description": "Describes if the managed rule is in enabled or disabled state.", + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ], + "x-ms-enum": { + "name": "ManagedRuleEnabledState", + "modelAsString": true + } + }, + "ErrorResponse": { + "description": "Error response indicates Front Door service is not able to process the incoming request. The reason is provided in the error message.", + "type": "object", + "properties": { + "code": { + "description": "Error code.", + "readOnly": true, + "type": "string" + }, + "message": { + "description": "Error message indicating why the operation failed.", + "readOnly": true, + "type": "string" + } + } + }, + "FrontendEndpointLink": { + "description": "Defines the Resource ID for a Frontend Endpoint.", + "type": "object", + "readOnly": true, + "properties": { + "id": { + "type": "string", + "description": "Resource ID." + } + } + }, + "RoutingRuleLink": { + "description": "Defines the Resource ID for a Routing Rule.", + "type": "object", + "readOnly": true, + "properties": { + "id": { + "type": "string", + "description": "Resource ID." + } + } + }, + "SecurityPolicyLink": { + "description": "Defines the Resource ID for a Security Policy.", + "type": "object", + "readOnly": true, + "properties": { + "id": { + "type": "string", + "description": "Resource ID." + } + } + } + }, + "parameters": { + "PolicyNameParameter": { + "name": "policyName", + "in": "path", + "required": true, + "type": "string", + "maxLength": 128, + "x-ms-parameter-location": "method", + "description": "The name of the Web Application Firewall Policy." + }, + "ResourceGroupNameParameter": { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[a-zA-Z0-9_\\-\\(\\)\\.]*[^\\.]$", + "minLength": 1, + "maxLength": 80, + "x-ms-parameter-location": "method", + "description": "Name of the Resource group within the Azure subscription." + } + } +} From 513aff18037001d9f37faa1e4c0540a4ccf53142 Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Fri, 13 May 2022 09:19:55 -0700 Subject: [PATCH 02/28] Updates readme --- .../frontdoor/resource-manager/readme.md | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 5256ad47118c..3c7bf87c9a62 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -28,21 +28,31 @@ These are the global settings for the FrontDoor API. title: FrontDoorManagementClient description: FrontDoor Client openapi-type: arm -tag: package-2020-11 +tag: package-2022-05 ``` +### Tag: package-2022-05 + +These settings apply only when `--tag=package-2022-05` is specified on the command line. + +```yaml $(tag) == 'package-2022-05' +input-file: + - Microsoft.Network/stable/2022-05-01/network.json + - Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +``` ### Tag: package-2020-11 These settings apply only when `--tag=package-2020-11` is specified on the command line. -```yaml $(tag) == 'package-2020-11' +``` yaml $(tag) == 'package-2020-11' input-file: - Microsoft.Network/stable/2020-11-01/network.json - Microsoft.Network/stable/2019-11-01/networkexperiment.json - Microsoft.Network/stable/2020-05-01/frontdoor.json - Microsoft.Network/stable/2020-11-01/webapplicationfirewall.json ``` + ### Tag: package-2020-05 These settings apply only when `--tag=package-2020-05` is specified on the command line. @@ -259,5 +269,3 @@ directive: suppress: EnumInsteadOfBoolean reason: Direct copy of ValidateCustomDomain API in CDN Resource Provider. ``` - - From f045164b17c874730c979cd9cf3ac1376483fd6e Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Fri, 13 May 2022 09:19:57 -0700 Subject: [PATCH 03/28] Updates API version in new specs and examples --- .../stable/2022-05-01/examples/WafListManagedRuleSets.json | 2 +- .../stable/2022-05-01/examples/WafListPolicies.json | 2 +- .../stable/2022-05-01/examples/WafPolicyCreateOrUpdate.json | 2 +- .../stable/2022-05-01/examples/WafPolicyDelete.json | 2 +- .../stable/2022-05-01/examples/WafPolicyGet.json | 2 +- .../Microsoft.Network/stable/2022-05-01/network.json | 2 +- .../stable/2022-05-01/webapplicationfirewall.json | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListManagedRuleSets.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListManagedRuleSets.json index 33b2d9853927..11707536a6cb 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListManagedRuleSets.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListManagedRuleSets.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2020-11-01", + "api-version": "2022-05-01", "subscriptionId": "subid" }, "responses": { diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListPolicies.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListPolicies.json index c78fafc9aa29..2c7f1cf47636 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListPolicies.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafListPolicies.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2020-11-01", + "api-version": "2022-05-01", "subscriptionId": "subid", "resourceGroupName": "rg1" }, diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyCreateOrUpdate.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyCreateOrUpdate.json index 81b6585cd89b..bcd73edcc02e 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyCreateOrUpdate.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyCreateOrUpdate.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2020-11-01", + "api-version": "2022-05-01", "subscriptionId": "subid", "resourceGroupName": "rg1", "policyName": "Policy1", diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyDelete.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyDelete.json index c12d7c752edb..332076658c76 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyDelete.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyDelete.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2020-11-01", + "api-version": "2022-05-01", "subscriptionId": "subid", "resourceGroupName": "rg1", "policyName": "Policy1" diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyGet.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyGet.json index 4b6988dcc038..b39ba1900452 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyGet.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyGet.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2020-11-01", + "api-version": "2022-05-01", "subscriptionId": "subid", "resourceGroupName": "rg1", "policyName": "Policy1" diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json index a956ee683b89..ac690b8b9255 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json @@ -3,7 +3,7 @@ "info": { "title": "NetworkManagementClient", "description": "The Microsoft Azure Network management API provides a RESTful set of web services that interact with Microsoft Azure Networks service to manage your network resources. The API has entities that capture the relationship between an end user and the Microsoft Azure Networks service.", - "version": "2020-11-01" + "version": "2022-05-01" }, "host": "management.azure.com", "schemes": [ diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index 556639767a44..cc3488f0d8ea 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -1,7 +1,7 @@ { "swagger": "2.0", "info": { - "version": "2020-11-01", + "version": "2022-05-01", "title": "WebApplicationFirewallManagement", "description": "APIs to manage web application firewall rules." }, From c146fb44d45279b583e1833ccefdf3b1ddf6dc89 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Sun, 15 May 2022 23:48:04 -0700 Subject: [PATCH 04/28] Add frontdoor waf Patch version 2022-05-01 --- .../2022-05-01/examples/WafPolicyPatch.json | 413 ++++++++++++++++++ .../2022-05-01/webapplicationfirewall.json | 49 +++ 2 files changed, 462 insertions(+) create mode 100644 specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyPatch.json diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyPatch.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyPatch.json new file mode 100644 index 000000000000..dfb9d866a6ce --- /dev/null +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyPatch.json @@ -0,0 +1,413 @@ +{ + "parameters": { + "api-version": "2022-05-01", + "subscriptionId": "subid", + "resourceGroupName": "rg1", + "policyName": "Policy1", + "parameters": { + "tags": { + "key1": "value1", + "key2": "value2" + } + } + }, + "responses": { + "200": { + "body": { + "name": "Policy1", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", + "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", + "tags": { + "key1": "value1", + "key2": "value2" + }, + "location": "WestUs", + "properties": { + "resourceState": "Enabled", + "provisioningState": "Succeeded", + "policySettings": { + "enabledState": "Enabled", + "mode": "Prevention", + "redirectUrl": "http://www.bing.com", + "customBlockResponseStatusCode": 499, + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==", + "requestBodyCheck": "Disabled" + }, + "customRules": { + "rules": [ + { + "name": "Rule1", + "priority": 1, + "enabledState": "Enabled", + "ruleType": "RateLimitRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 1000, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "IPMatch", + "negateCondition": false, + "matchValue": [ + "192.168.1.0/24", + "10.0.0.0/24" + ], + "transforms": [] + } + ], + "action": "Block" + }, + { + "name": "Rule2", + "priority": 2, + "enabledState": "Enabled", + "ruleType": "MatchRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 0, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "GeoMatch", + "negateCondition": false, + "matchValue": [ + "CH" + ] + }, + { + "matchVariable": "RequestHeader", + "selector": "UserAgent", + "operator": "Contains", + "negateCondition": false, + "matchValue": [ + "windows" + ], + "transforms": [ + "Lowercase" + ] + } + ], + "action": "Block" + } + ] + }, + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "ruleSetAction": "Block", + "exclusions": [ + { + "matchVariable": "RequestHeaderNames", + "selectorMatchOperator": "Equals", + "selector": "User-Agent" + } + ], + "ruleGroupOverrides": [ + { + "ruleGroupName": "SQLI", + "exclusions": [ + { + "matchVariable": "RequestCookieNames", + "selectorMatchOperator": "StartsWith", + "selector": "token" + } + ], + "rules": [ + { + "ruleId": "942100", + "enabledState": "Enabled", + "action": "Redirect", + "exclusions": [ + { + "matchVariable": "QueryStringArgNames", + "selectorMatchOperator": "Equals", + "selector": "query" + } + ] + }, + { + "ruleId": "942110", + "enabledState": "Disabled" + } + ] + } + ] + } + ] + }, + "frontendEndpointLinks": [], + "securityPolicyLinks": [] + }, + "sku": { + "name": "Classic_AzureFrontDoor" + } + } + }, + "201": { + "body": { + "name": "Policy1", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", + "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", + "tags": { + "key1": "value1", + "key2": "value2" + }, + "location": "WestUs", + "properties": { + "resourceState": "Enabled", + "provisioningState": "Succeeded", + "policySettings": { + "enabledState": "Enabled", + "mode": "Prevention", + "redirectUrl": "http://www.bing.com", + "customBlockResponseStatusCode": 499, + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==" + }, + "customRules": { + "rules": [ + { + "name": "Rule1", + "priority": 1, + "enabledState": "Enabled", + "ruleType": "RateLimitRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 1000, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "IPMatch", + "negateCondition": false, + "matchValue": [ + "192.168.1.0/24", + "10.0.0.0/24" + ], + "transforms": [] + } + ], + "action": "Block" + }, + { + "name": "Rule2", + "priority": 2, + "enabledState": "Enabled", + "ruleType": "MatchRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 0, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "GeoMatch", + "negateCondition": false, + "matchValue": [ + "CH" + ] + }, + { + "matchVariable": "RequestHeader", + "selector": "UserAgent", + "operator": "Contains", + "negateCondition": false, + "matchValue": [ + "windows" + ], + "transforms": [ + "Lowercase" + ] + } + ], + "action": "Block" + } + ] + }, + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "exclusions": [ + { + "matchVariable": "RequestHeaderNames", + "selectorMatchOperator": "Equals", + "selector": "User-Agent" + } + ], + "ruleGroupOverrides": [ + { + "ruleGroupName": "SQLI", + "exclusions": [ + { + "matchVariable": "RequestCookieNames", + "selectorMatchOperator": "StartsWith", + "selector": "token" + } + ], + "rules": [ + { + "ruleId": "942100", + "enabledState": "Enabled", + "action": "Redirect", + "exclusions": [ + { + "matchVariable": "QueryStringArgNames", + "selectorMatchOperator": "Equals", + "selector": "query" + } + ] + }, + { + "ruleId": "942110", + "enabledState": "Disabled" + } + ] + } + ] + } + ] + }, + "frontendEndpointLinks": [], + "securityPolicyLinks": [] + }, + "sku": { + "name": "Classic_AzureFrontDoor" + } + } + }, + "202": { + "body": { + "name": "Policy1", + "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", + "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", + "tags": { + "key1": "value1", + "key2": "value2" + }, + "location": "WestUs", + "properties": { + "resourceState": "Enabled", + "provisioningState": "Succeeded", + "policySettings": { + "enabledState": "Enabled", + "mode": "Prevention", + "redirectUrl": "http://www.bing.com", + "customBlockResponseStatusCode": 499, + "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==", + "requestBodyCheck": "Disabled" + }, + "customRules": { + "rules": [ + { + "name": "Rule1", + "priority": 1, + "enabledState": "Enabled", + "ruleType": "RateLimitRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 1000, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "IPMatch", + "negateCondition": false, + "matchValue": [ + "192.168.1.0/24", + "10.0.0.0/24" + ], + "transforms": [] + } + ], + "action": "Block" + }, + { + "name": "Rule2", + "priority": 2, + "enabledState": "Enabled", + "ruleType": "MatchRule", + "rateLimitDurationInMinutes": 0, + "rateLimitThreshold": 0, + "matchConditions": [ + { + "matchVariable": "RemoteAddr", + "selector": null, + "operator": "GeoMatch", + "negateCondition": false, + "matchValue": [ + "CH" + ] + }, + { + "matchVariable": "RequestHeader", + "selector": "UserAgent", + "operator": "Contains", + "negateCondition": false, + "matchValue": [ + "windows" + ], + "transforms": [ + "Lowercase" + ] + } + ], + "action": "Block" + } + ] + }, + "managedRules": { + "managedRuleSets": [ + { + "ruleSetType": "DefaultRuleSet", + "ruleSetVersion": "1.0", + "ruleSetAction": "Block", + "exclusions": [ + { + "matchVariable": "RequestHeaderNames", + "selectorMatchOperator": "Equals", + "selector": "User-Agent" + } + ], + "ruleGroupOverrides": [ + { + "ruleGroupName": "SQLI", + "exclusions": [ + { + "matchVariable": "RequestCookieNames", + "selectorMatchOperator": "StartsWith", + "selector": "token" + } + ], + "rules": [ + { + "ruleId": "942100", + "enabledState": "Enabled", + "action": "Redirect", + "exclusions": [ + { + "matchVariable": "QueryStringArgNames", + "selectorMatchOperator": "Equals", + "selector": "query" + } + ] + }, + { + "ruleId": "942110", + "enabledState": "Disabled" + } + ] + } + ] + } + ] + }, + "frontendEndpointLinks": [], + "securityPolicyLinks": [] + }, + "sku": { + "name": "Classic_AzureFrontDoor" + } + } + } + } +} diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index cc3488f0d8ea..ad3c8f0dcb77 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -178,6 +178,55 @@ } }, "x-ms-long-running-operation": true + }, "patch": { + "tags": [ + "WebApplicationFirewallPolicies" + ], + "description": "Patch a specific frontdoor webApplicationFirewall policy for tags update under the specified subscription and resource group.", + "operationId": "Policies_Update", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/PolicyNameParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "description": "FrontdoorWebApplicationFirewallPolicy parameters to be patched.", + "in": "body", + "name": "parameters", + "required": true, + "schema": { + "$ref": "./network.json#/definitions/Resource/tags" + } + } + ], + "responses": { + "200": { + "description": "OK. The request has succeeded.", + "schema": { + "$ref": "#/definitions/WebApplicationFirewallPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } + } + }, + "x-ms-examples": { + "Patches specific policy": { + "$ref": "./examples/WafPolicyPatch.json" + } + }, + "x-ms-long-running-operation": true }, "delete": { "tags": [ From 9c377199eab3c671c6e722d56ad86bb5bd2ffab4 Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Mon, 16 May 2022 00:26:10 -0700 Subject: [PATCH 05/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 3c7bf87c9a62..0af726bf961f 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -31,16 +31,16 @@ openapi-type: arm tag: package-2022-05 ``` - ### Tag: package-2022-05 These settings apply only when `--tag=package-2022-05` is specified on the command line. -```yaml $(tag) == 'package-2022-05' +``` yaml $(tag) == 'package-2022-05' input-file: - Microsoft.Network/stable/2022-05-01/network.json - Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json ``` + ### Tag: package-2020-11 These settings apply only when `--tag=package-2020-11` is specified on the command line. @@ -269,3 +269,13 @@ directive: suppress: EnumInsteadOfBoolean reason: Direct copy of ValidateCustomDomain API in CDN Resource Provider. ``` + +## Suppression + +``` yaml +directive: + - suppress: TopLevelResourcesListBySubscription + where: $.definitions.WebApplicationFirewallPolicy + from: webapplicationfirewall.json + reason: 'We don''t have Top Level list resource by subscription api yet. ' +``` From e9fe7922365ed4eddf7b7289f78c0e4a5a47f727 Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Mon, 16 May 2022 00:29:52 -0700 Subject: [PATCH 06/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 0af726bf961f..71488a51271c 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -278,4 +278,8 @@ directive: where: $.definitions.WebApplicationFirewallPolicy from: webapplicationfirewall.json reason: 'We don''t have Top Level list resource by subscription api yet. ' + - suppress: PathResourceTypeNameCamelCase + where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"]' + from: webapplicationfirewall.json + reason: The resource type name FrontDoorWebApplicationFirewallPolicies was already defined for all the versions. ``` From 43db15fc661f4607b5ea16622dd07de35c1d0440 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 16 May 2022 08:08:25 -0700 Subject: [PATCH 07/28] Fix format errors --- .../stable/2022-05-01/network.json | 22 +++++++++++++++++++ .../2022-05-01/webapplicationfirewall.json | 14 +++++++----- 2 files changed, 31 insertions(+), 5 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json index ac690b8b9255..24d92e437973 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json @@ -38,36 +38,56 @@ "paths": {}, "definitions": { "ErrorDetails": { + "description": "Error properties", + "title": "ErrorDetails", "properties": { "code": { + "description": "Code", + "title": "Code", "type": "string" }, "target": { + "description": "Target", + "title": "Target", "type": "string" }, "message": { + "description": "Message", + "title": "Message", "type": "string" } } }, "Error": { + "description": "Error", + "title": "Error", "properties": { "code": { + "description": "Code", + "title": "Code", "type": "string" }, "message": { + "description": "Message", + "title": "Message", "type": "string" }, "target": { + "description": "Target", + "title": "Target", "type": "string" }, "details": { + "description": "Details", + "title": "Details", "type": "array", "items": { "$ref": "#/definitions/ErrorDetails" } }, "innerError": { + "description": "InnerError", + "title": "InnerError", "type": "string" } } @@ -88,6 +108,8 @@ } }, "error": { + "description": "error", + "title": "error", "$ref": "#/definitions/Error" } }, diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index ad3c8f0dcb77..b99382893c85 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -64,19 +64,20 @@ "schema": { "$ref": "#/definitions/ErrorResponse" } - } + }, + "systemData": {} }, "x-ms-pageable": { "nextLinkName": "nextLink" }, "x-ms-examples": { - "List Policies in a Resource Group": { + "Get all Policies in a Resource Group": { "$ref": "./examples/WafListPolicies.json" } } } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/frontDoorWebApplicationFirewallPolicies/{policyName}": { "get": { "tags": [ "WebApplicationFirewallPolicies" @@ -170,7 +171,8 @@ "schema": { "$ref": "#/definitions/ErrorResponse" } - } + }, + "systemData": {} }, "x-ms-examples": { "Creates specific policy": { @@ -300,7 +302,7 @@ "nextLinkName": "nextLink" }, "x-ms-examples": { - "List Policies in a Resource Group": { + "List Policies ManagedRuleSets in a Resource Group": { "$ref": "./examples/WafListManagedRuleSets.json" } } @@ -680,6 +682,8 @@ "type": "string" }, "ruleSetAction": { + "description": "Defines the rule set action.", + "title": "ruleSetAction", "$ref": "#/definitions/ManagedRuleSetActionType" }, "exclusions": { From 6b606bc94ca7ae9751eae5d1f33e5c04bf34ade3 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 16 May 2022 17:25:27 -0700 Subject: [PATCH 08/28] Fix validation issues --- .../stable/2022-05-01/webapplicationfirewall.json | 8 +++----- specification/frontdoor/resource-manager/readme.md | 3 +++ 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index b99382893c85..ead691c1a2f8 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -64,8 +64,7 @@ "schema": { "$ref": "#/definitions/ErrorResponse" } - }, - "systemData": {} + } }, "x-ms-pageable": { "nextLinkName": "nextLink" @@ -171,8 +170,7 @@ "schema": { "$ref": "#/definitions/ErrorResponse" } - }, - "systemData": {} + } }, "x-ms-examples": { "Creates specific policy": { @@ -194,7 +192,7 @@ "$ref": "#/parameters/PolicyNameParameter" }, { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "./network.json#/parameters/SubscriptionIdParameter" }, { "$ref": "#/parameters/ApiVersionParameter" diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 71488a51271c..6e8d84812b8c 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -39,6 +39,9 @@ These settings apply only when `--tag=package-2022-05` is specified on the comma input-file: - Microsoft.Network/stable/2022-05-01/network.json - Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json + - Microsoft.Network/stable/2020-11-01/webapplicationfirewall.json + - Microsoft.Network/stable/2020-05-01/frontdoor.json + - Microsoft.Network/stable/2019-11-01/networkexperiment.json ``` ### Tag: package-2020-11 From ddb8af23a03f583461619f5990316d329bd6ad0c Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 16 May 2022 18:22:01 -0700 Subject: [PATCH 09/28] Fix ModelValidation error --- .../stable/2022-05-01/webapplicationfirewall.json | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index ead691c1a2f8..63f78fb3f4c1 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -195,7 +195,7 @@ "$ref": "./network.json#/parameters/SubscriptionIdParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "./network.json#/parameters/ApiVersionParameter" }, { "description": "FrontdoorWebApplicationFirewallPolicy parameters to be patched.", @@ -257,6 +257,12 @@ }, "204": { "description": "No Content. The request has been accepted but the policy was not found." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/ErrorResponse" + } } }, "x-ms-examples": { @@ -267,7 +273,7 @@ "x-ms-long-running-operation": true } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallManagedRuleSets": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Network/frontDoorWebApplicationFirewallManagedRuleSets": { "get": { "tags": [ "WebApplicationFirewallManagedRuleSets" @@ -463,7 +469,8 @@ }, "customBlockResponseStatusCode": { "description": "If the action type is block, customer can override the response status code.", - "type": "integer" + "type": "integer", + "format": "int64" }, "customBlockResponseBody": { "description": "If the action type is block, customer can override the response body. The body must be specified in base64 encoding.", From 20b5cbce322ab2778ad5931634c039a0a4888c41 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 16 May 2022 19:14:11 -0700 Subject: [PATCH 10/28] fix valiation errors --- .../stable/2022-05-01/webapplicationfirewall.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index 63f78fb3f4c1..dbfab955c20f 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -203,7 +203,7 @@ "name": "parameters", "required": true, "schema": { - "$ref": "./network.json#/definitions/Resource/tags" + "$ref": "./network.json#/definitions/Resource/properties/tags" } } ], From 351816b2826fd02b9a3fed9d2c8a6fa38e1872dd Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Mon, 16 May 2022 19:27:24 -0700 Subject: [PATCH 11/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 6e8d84812b8c..5668296da2c0 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -285,4 +285,8 @@ directive: where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"]' from: webapplicationfirewall.json reason: The resource type name FrontDoorWebApplicationFirewallPolicies was already defined for all the versions. + - suppress: INVALID_TYPE + where: $.definitions.Resource.properties.tags.additionalProperties + from: network.json + reason: 'Same as version in 2020-11-01, will not change since it will involves breaking change. ' ``` From 1f7dd5930c8f6534fb7fc11f43056da62cfa6097 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 16 May 2022 20:59:18 -0700 Subject: [PATCH 12/28] Fix valiation error --- .../2022-05-01/examples/WafPolicyPatch.json | 264 ------------------ .../2022-05-01/webapplicationfirewall.json | 28 +- .../frontdoor/resource-manager/readme.md | 2 +- 3 files changed, 17 insertions(+), 277 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyPatch.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyPatch.json index dfb9d866a6ce..04d57b5253e0 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyPatch.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/examples/WafPolicyPatch.json @@ -144,270 +144,6 @@ "name": "Classic_AzureFrontDoor" } } - }, - "201": { - "body": { - "name": "Policy1", - "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", - "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", - "tags": { - "key1": "value1", - "key2": "value2" - }, - "location": "WestUs", - "properties": { - "resourceState": "Enabled", - "provisioningState": "Succeeded", - "policySettings": { - "enabledState": "Enabled", - "mode": "Prevention", - "redirectUrl": "http://www.bing.com", - "customBlockResponseStatusCode": 499, - "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==" - }, - "customRules": { - "rules": [ - { - "name": "Rule1", - "priority": 1, - "enabledState": "Enabled", - "ruleType": "RateLimitRule", - "rateLimitDurationInMinutes": 0, - "rateLimitThreshold": 1000, - "matchConditions": [ - { - "matchVariable": "RemoteAddr", - "selector": null, - "operator": "IPMatch", - "negateCondition": false, - "matchValue": [ - "192.168.1.0/24", - "10.0.0.0/24" - ], - "transforms": [] - } - ], - "action": "Block" - }, - { - "name": "Rule2", - "priority": 2, - "enabledState": "Enabled", - "ruleType": "MatchRule", - "rateLimitDurationInMinutes": 0, - "rateLimitThreshold": 0, - "matchConditions": [ - { - "matchVariable": "RemoteAddr", - "selector": null, - "operator": "GeoMatch", - "negateCondition": false, - "matchValue": [ - "CH" - ] - }, - { - "matchVariable": "RequestHeader", - "selector": "UserAgent", - "operator": "Contains", - "negateCondition": false, - "matchValue": [ - "windows" - ], - "transforms": [ - "Lowercase" - ] - } - ], - "action": "Block" - } - ] - }, - "managedRules": { - "managedRuleSets": [ - { - "ruleSetType": "DefaultRuleSet", - "ruleSetVersion": "1.0", - "exclusions": [ - { - "matchVariable": "RequestHeaderNames", - "selectorMatchOperator": "Equals", - "selector": "User-Agent" - } - ], - "ruleGroupOverrides": [ - { - "ruleGroupName": "SQLI", - "exclusions": [ - { - "matchVariable": "RequestCookieNames", - "selectorMatchOperator": "StartsWith", - "selector": "token" - } - ], - "rules": [ - { - "ruleId": "942100", - "enabledState": "Enabled", - "action": "Redirect", - "exclusions": [ - { - "matchVariable": "QueryStringArgNames", - "selectorMatchOperator": "Equals", - "selector": "query" - } - ] - }, - { - "ruleId": "942110", - "enabledState": "Disabled" - } - ] - } - ] - } - ] - }, - "frontendEndpointLinks": [], - "securityPolicyLinks": [] - }, - "sku": { - "name": "Classic_AzureFrontDoor" - } - } - }, - "202": { - "body": { - "name": "Policy1", - "id": "/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/Policy1", - "type": "Microsoft.Network/frontdoorwebapplicationfirewallpolicies", - "tags": { - "key1": "value1", - "key2": "value2" - }, - "location": "WestUs", - "properties": { - "resourceState": "Enabled", - "provisioningState": "Succeeded", - "policySettings": { - "enabledState": "Enabled", - "mode": "Prevention", - "redirectUrl": "http://www.bing.com", - "customBlockResponseStatusCode": 499, - "customBlockResponseBody": "PGh0bWw+CjxoZWFkZXI+PHRpdGxlPkhlbGxvPC90aXRsZT48L2hlYWRlcj4KPGJvZHk+CkhlbGxvIHdvcmxkCjwvYm9keT4KPC9odG1sPg==", - "requestBodyCheck": "Disabled" - }, - "customRules": { - "rules": [ - { - "name": "Rule1", - "priority": 1, - "enabledState": "Enabled", - "ruleType": "RateLimitRule", - "rateLimitDurationInMinutes": 0, - "rateLimitThreshold": 1000, - "matchConditions": [ - { - "matchVariable": "RemoteAddr", - "selector": null, - "operator": "IPMatch", - "negateCondition": false, - "matchValue": [ - "192.168.1.0/24", - "10.0.0.0/24" - ], - "transforms": [] - } - ], - "action": "Block" - }, - { - "name": "Rule2", - "priority": 2, - "enabledState": "Enabled", - "ruleType": "MatchRule", - "rateLimitDurationInMinutes": 0, - "rateLimitThreshold": 0, - "matchConditions": [ - { - "matchVariable": "RemoteAddr", - "selector": null, - "operator": "GeoMatch", - "negateCondition": false, - "matchValue": [ - "CH" - ] - }, - { - "matchVariable": "RequestHeader", - "selector": "UserAgent", - "operator": "Contains", - "negateCondition": false, - "matchValue": [ - "windows" - ], - "transforms": [ - "Lowercase" - ] - } - ], - "action": "Block" - } - ] - }, - "managedRules": { - "managedRuleSets": [ - { - "ruleSetType": "DefaultRuleSet", - "ruleSetVersion": "1.0", - "ruleSetAction": "Block", - "exclusions": [ - { - "matchVariable": "RequestHeaderNames", - "selectorMatchOperator": "Equals", - "selector": "User-Agent" - } - ], - "ruleGroupOverrides": [ - { - "ruleGroupName": "SQLI", - "exclusions": [ - { - "matchVariable": "RequestCookieNames", - "selectorMatchOperator": "StartsWith", - "selector": "token" - } - ], - "rules": [ - { - "ruleId": "942100", - "enabledState": "Enabled", - "action": "Redirect", - "exclusions": [ - { - "matchVariable": "QueryStringArgNames", - "selectorMatchOperator": "Equals", - "selector": "query" - } - ] - }, - { - "ruleId": "942110", - "enabledState": "Disabled" - } - ] - } - ] - } - ] - }, - "frontendEndpointLinks": [], - "securityPolicyLinks": [] - }, - "sku": { - "name": "Classic_AzureFrontDoor" - } - } } } } diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index dbfab955c20f..588b4f74562e 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -203,7 +203,7 @@ "name": "parameters", "required": true, "schema": { - "$ref": "./network.json#/definitions/Resource/properties/tags" + "$ref": "./network.json#/definitions/TagsObject" } } ], @@ -957,18 +957,22 @@ } }, "ErrorResponse": { - "description": "Error response indicates Front Door service is not able to process the incoming request. The reason is provided in the error message.", - "type": "object", "properties": { - "code": { - "description": "Error code.", - "readOnly": true, - "type": "string" - }, - "message": { - "description": "Error message indicating why the operation failed.", - "readOnly": true, - "type": "string" + "error": { + "type": "object", + "description": "The error object.", + "properties": { + "code": { + "readOnly": true, + "type": "string", + "description": "The error code." + }, + "message": { + "readOnly": true, + "type": "string", + "description": "The error message." + } + } } } }, diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 6e8d84812b8c..1ab66b627254 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -60,7 +60,7 @@ input-file: These settings apply only when `--tag=package-2020-05` is specified on the command line. -``` yaml $(tag) == 'package-2020-05' +```yaml $(tag) == 'package-2020-05' input-file: - Microsoft.Network/stable/2020-05-01/network.json - Microsoft.Network/stable/2019-11-01/networkexperiment.json From 4954eadcde3561068f2b8fc160d72dc161ed0ad4 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 16 May 2022 23:10:59 -0700 Subject: [PATCH 13/28] Fix lintdiff error --- .../2022-05-01/webapplicationfirewall.json | 33 ++++++++----------- .../frontdoor/resource-manager/readme.md | 1 - 2 files changed, 14 insertions(+), 20 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index 588b4f74562e..50081441e162 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -76,7 +76,7 @@ } } }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/frontDoorWebApplicationFirewallPolicies/{policyName}": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}": { "get": { "tags": [ "WebApplicationFirewallPolicies" @@ -273,7 +273,7 @@ "x-ms-long-running-operation": true } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Network/frontDoorWebApplicationFirewallManagedRuleSets": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallManagedRuleSets": { "get": { "tags": [ "WebApplicationFirewallManagedRuleSets" @@ -469,8 +469,7 @@ }, "customBlockResponseStatusCode": { "description": "If the action type is block, customer can override the response status code.", - "type": "integer", - "format": "int64" + "type": "integer" }, "customBlockResponseBody": { "description": "If the action type is block, customer can override the response body. The body must be specified in base64 encoding.", @@ -957,22 +956,18 @@ } }, "ErrorResponse": { + "description": "Error response indicates Front Door service is not able to process the incoming request. The reason is provided in the error message.", + "type": "object", "properties": { - "error": { - "type": "object", - "description": "The error object.", - "properties": { - "code": { - "readOnly": true, - "type": "string", - "description": "The error code." - }, - "message": { - "readOnly": true, - "type": "string", - "description": "The error message." - } - } + "code": { + "description": "Error code.", + "readOnly": true, + "type": "string" + }, + "message": { + "description": "Error message indicating why the operation failed.", + "readOnly": true, + "type": "string" } } }, diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 6c94fcad6f01..2bd73ae4cfed 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -39,7 +39,6 @@ These settings apply only when `--tag=package-2022-05` is specified on the comma input-file: - Microsoft.Network/stable/2022-05-01/network.json - Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json - - Microsoft.Network/stable/2020-11-01/webapplicationfirewall.json - Microsoft.Network/stable/2020-05-01/frontdoor.json - Microsoft.Network/stable/2019-11-01/networkexperiment.json ``` From 20ca61729707580df9a39ff27ba4a19eb47e3bc0 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 16 May 2022 23:32:09 -0700 Subject: [PATCH 14/28] Fix lintdiff error --- .../stable/2022-05-01/network.json | 18 +++++++++--------- .../2022-05-01/webapplicationfirewall.json | 6 ------ 2 files changed, 9 insertions(+), 15 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json index 24d92e437973..c34e3f642e45 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json @@ -42,17 +42,17 @@ "title": "ErrorDetails", "properties": { "code": { - "description": "Code", + "description": "Error detail code", "title": "Code", "type": "string" }, "target": { - "description": "Target", + "description": "Target object", "title": "Target", "type": "string" }, "message": { - "description": "Message", + "description": "Message object", "title": "Message", "type": "string" } @@ -63,22 +63,22 @@ "title": "Error", "properties": { "code": { - "description": "Code", + "description": "Error code", "title": "Code", "type": "string" }, "message": { - "description": "Message", + "description": "Message object", "title": "Message", "type": "string" }, "target": { - "description": "Target", + "description": "Target object", "title": "Target", "type": "string" }, "details": { - "description": "Details", + "description": "Details object", "title": "Details", "type": "array", "items": { @@ -86,7 +86,7 @@ } }, "innerError": { - "description": "InnerError", + "description": "InnerError object", "title": "InnerError", "type": "string" } @@ -108,7 +108,7 @@ } }, "error": { - "description": "error", + "description": "error object", "title": "error", "$ref": "#/definitions/Error" } diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index 50081441e162..645fc11a4a6b 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -257,12 +257,6 @@ }, "204": { "description": "No Content. The request has been accepted but the policy was not found." - }, - "default": { - "description": "Error response describing why the operation failed.", - "schema": { - "$ref": "#/definitions/ErrorResponse" - } } }, "x-ms-examples": { From 9a212659bae611ef2253f060752e9233151f1931 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 16 May 2022 23:39:40 -0700 Subject: [PATCH 15/28] Fix lintdiff error --- .../Microsoft.Network/stable/2022-05-01/network.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json index c34e3f642e45..27bf075d1e83 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json @@ -59,7 +59,7 @@ } }, "Error": { - "description": "Error", + "description": "Error properties", "title": "Error", "properties": { "code": { From 351e714ffa734c5ca9fe43c4cba42fc3c04628aa Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 16 May 2022 23:49:57 -0700 Subject: [PATCH 16/28] Fix code format --- .../stable/2022-05-01/webapplicationfirewall.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index 645fc11a4a6b..c4bf363e1659 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -178,7 +178,8 @@ } }, "x-ms-long-running-operation": true - }, "patch": { + }, + "patch": { "tags": [ "WebApplicationFirewallPolicies" ], From b21f1523cd5bfc11dfc4841ae39e251b9148b651 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 23 May 2022 19:41:04 -0700 Subject: [PATCH 17/28] Fix DefaultErrorResponseSchema lintDiff --- .../2022-05-01/webapplicationfirewall.json | 28 +++++++++++-------- 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index c4bf363e1659..aed6188f4365 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -951,19 +951,23 @@ } }, "ErrorResponse": { - "description": "Error response indicates Front Door service is not able to process the incoming request. The reason is provided in the error message.", - "type": "object", "properties": { - "code": { - "description": "Error code.", - "readOnly": true, - "type": "string" - }, - "message": { - "description": "Error message indicating why the operation failed.", - "readOnly": true, - "type": "string" - } + "error": { + "type": "object", + "description": "The error object.", + "properties": { + "code": { + "readOnly": true, + "type": "string", + "description": "The error code." + }, + "message": { + "readOnly": true, + "type": "string", + "description": "Error message indicating why the operation failed." + } + } + } } }, "FrontendEndpointLink": { From 2d9fbdda6af0c8777ebb51c84b6ea39d1ca15e87 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Mon, 23 May 2022 19:53:56 -0700 Subject: [PATCH 18/28] Fix PrettierCheck error --- .../2022-05-01/webapplicationfirewall.json | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index aed6188f4365..0f68376569c3 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -952,22 +952,22 @@ }, "ErrorResponse": { "properties": { - "error": { - "type": "object", - "description": "The error object.", - "properties": { - "code": { - "readOnly": true, - "type": "string", - "description": "The error code." - }, - "message": { - "readOnly": true, - "type": "string", - "description": "Error message indicating why the operation failed." - } - } + "error": { + "type": "object", + "description": "The error object.", + "properties": { + "code": { + "readOnly": true, + "type": "string", + "description": "The error code." + }, + "message": { + "readOnly": true, + "type": "string", + "description": "Error message indicating why the operation failed." + } } + } } }, "FrontendEndpointLink": { From 6ba2acf518ce2ab4a8300d92c6cd92f92833c1d5 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Tue, 24 May 2022 18:16:20 -0700 Subject: [PATCH 19/28] Change ErrorResponse schema --- .../2022-05-01/webapplicationfirewall.json | 26 ++++++++----------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json index 0f68376569c3..c4bf363e1659 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/webapplicationfirewall.json @@ -951,22 +951,18 @@ } }, "ErrorResponse": { + "description": "Error response indicates Front Door service is not able to process the incoming request. The reason is provided in the error message.", + "type": "object", "properties": { - "error": { - "type": "object", - "description": "The error object.", - "properties": { - "code": { - "readOnly": true, - "type": "string", - "description": "The error code." - }, - "message": { - "readOnly": true, - "type": "string", - "description": "Error message indicating why the operation failed." - } - } + "code": { + "description": "Error code.", + "readOnly": true, + "type": "string" + }, + "message": { + "description": "Error message indicating why the operation failed.", + "readOnly": true, + "type": "string" } } }, From 6fd69349f97ae1271d6f9b5fdfafce1c344c1724 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Wed, 25 May 2022 21:05:06 -0700 Subject: [PATCH 20/28] Update network.json --- .../stable/2022-05-01/network.json | 22 ------------------- 1 file changed, 22 deletions(-) diff --git a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json index 27bf075d1e83..ac690b8b9255 100644 --- a/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json +++ b/specification/frontdoor/resource-manager/Microsoft.Network/stable/2022-05-01/network.json @@ -38,56 +38,36 @@ "paths": {}, "definitions": { "ErrorDetails": { - "description": "Error properties", - "title": "ErrorDetails", "properties": { "code": { - "description": "Error detail code", - "title": "Code", "type": "string" }, "target": { - "description": "Target object", - "title": "Target", "type": "string" }, "message": { - "description": "Message object", - "title": "Message", "type": "string" } } }, "Error": { - "description": "Error properties", - "title": "Error", "properties": { "code": { - "description": "Error code", - "title": "Code", "type": "string" }, "message": { - "description": "Message object", - "title": "Message", "type": "string" }, "target": { - "description": "Target object", - "title": "Target", "type": "string" }, "details": { - "description": "Details object", - "title": "Details", "type": "array", "items": { "$ref": "#/definitions/ErrorDetails" } }, "innerError": { - "description": "InnerError object", - "title": "InnerError", "type": "string" } } @@ -108,8 +88,6 @@ } }, "error": { - "description": "error object", - "title": "error", "$ref": "#/definitions/Error" } }, From 490b81383f961528a3f1bd4c18ff649e9b5cb1a5 Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Wed, 15 Jun 2022 00:39:27 -0700 Subject: [PATCH 21/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 2bd73ae4cfed..1bdea4b5bbed 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -59,7 +59,7 @@ input-file: These settings apply only when `--tag=package-2020-05` is specified on the command line. -```yaml $(tag) == 'package-2020-05' +``` yaml $(tag) == 'package-2020-05' input-file: - Microsoft.Network/stable/2020-05-01/network.json - Microsoft.Network/stable/2019-11-01/networkexperiment.json @@ -288,4 +288,8 @@ directive: where: $.definitions.Resource.properties.tags.additionalProperties from: network.json reason: 'Same as version in 2020-11-01, will not change since it will involves breaking change. ' + - suppress: RequiredSystemDataInNewApiVersions + where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' + from: webapplicationfirewall.json + reason: 'Same as the old versions. ' ``` From ef1220fed300f2ada838d032e0510f8c597c380a Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Wed, 15 Jun 2022 00:44:54 -0700 Subject: [PATCH 22/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 1bdea4b5bbed..3452e65a4dac 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -292,4 +292,8 @@ directive: where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' from: webapplicationfirewall.json reason: 'Same as the old versions. ' + - suppress: RequiredSystemDataInNewApiVersions + where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' + from: webapplicationfirewall.json + reason: 'Same as old versions. ' ``` From 6a31405c32c88eedb63bf3268ecff04c72ecfd67 Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Wed, 15 Jun 2022 00:45:28 -0700 Subject: [PATCH 23/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 3452e65a4dac..01acf736cf03 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -296,4 +296,8 @@ directive: where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' from: webapplicationfirewall.json reason: 'Same as old versions. ' + - suppress: RequiredSystemDataInNewApiVersions + where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' + from: webapplicationfirewall.json + reason: 'same as old versions. ' ``` From 6dd9f9a2779f097fd59b60c0f2cba9d1e2efba4e Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Wed, 15 Jun 2022 00:49:41 -0700 Subject: [PATCH 24/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 01acf736cf03..56efe31595b3 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -300,4 +300,8 @@ directive: where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' from: webapplicationfirewall.json reason: 'same as old versions. ' + - suppress: DefaultErrorResponseSchema + where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/NetworkExperimentProfiles/{profileName}"].put.responses.default' + from: networkexperiment.json + reason: 'same as old versions. ' ``` From f8922073fe9c5a1da8536096afefc0292c15d585 Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Wed, 15 Jun 2022 00:55:17 -0700 Subject: [PATCH 25/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 56efe31595b3..f102f99d9be6 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -304,4 +304,8 @@ directive: where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/NetworkExperimentProfiles/{profileName}"].put.responses.default' from: networkexperiment.json reason: 'same as old versions. ' + - suppress: RequiredSystemDataInNewApiVersions + where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' + from: webapplicationfirewall.json + reason: Same as old versions. ``` From 7f5bcb541cf2e2b2e1d778ab39c465b616e7f506 Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Wed, 15 Jun 2022 00:55:50 -0700 Subject: [PATCH 26/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index f102f99d9be6..a0b0b6e7eb6c 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -308,4 +308,8 @@ directive: where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' from: webapplicationfirewall.json reason: Same as old versions. + - suppress: RequiredSystemDataInNewApiVersions + where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].put' + from: webapplicationfirewall.json + reason: Same as old versions. ``` From 7c1f58a3c14e8bf8c2cf91621ca90bacb502b1b2 Mon Sep 17 00:00:00 2001 From: jielichen <104466380+jielichen@users.noreply.github.com> Date: Wed, 15 Jun 2022 01:02:03 -0700 Subject: [PATCH 27/28] Adds suppression to readme --- specification/frontdoor/resource-manager/readme.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index a0b0b6e7eb6c..04e44be80681 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -312,4 +312,8 @@ directive: where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].put' from: webapplicationfirewall.json reason: Same as old versions. + - suppress: RequiredSystemDataInNewApiVersions + where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' + from: webapplicationfirewall.json + reason: same as old versions. ``` From fc81fac8903b8a5aab1d889703a52f46c6c59611 Mon Sep 17 00:00:00 2001 From: Jieli Chen Date: Wed, 15 Jun 2022 01:23:50 -0700 Subject: [PATCH 28/28] suppress LintDiff --- specification/frontdoor/resource-manager/readme.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/specification/frontdoor/resource-manager/readme.md b/specification/frontdoor/resource-manager/readme.md index 04e44be80681..cea25bc2f45f 100644 --- a/specification/frontdoor/resource-manager/readme.md +++ b/specification/frontdoor/resource-manager/readme.md @@ -316,4 +316,7 @@ directive: where: '$.paths["/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Network/FrontDoorWebApplicationFirewallPolicies/{policyName}"].get' from: webapplicationfirewall.json reason: same as old versions. + - suppress: R4007 + from: webapplicationfirewall.json + reason: we will be Implementing in new API version ```