diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/AlertRules.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/AlertRules.json index 7674b79d725a..7071a01c04ee 100644 --- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/AlertRules.json +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/AlertRules.json @@ -1137,9 +1137,6 @@ "x-ms-identifiers": [] } }, - "required": [ - "productFilter" - ], "type": "object" }, "MicrosoftSecurityProductName": { diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentPackages.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentPackages.json new file mode 100644 index 000000000000..8fc491bf6b68 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentPackages.json @@ -0,0 +1,319 @@ +{ + "swagger": "2.0", + "info": { + "title": "Security Insights", + "description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider", + "version": "2023-11-01" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages": { + "get": { + "x-ms-examples": { + "Get all available packages.": { + "$ref": "./examples/contentPackages/GetPackages.json" + } + }, + "tags": [ + "ContentPackages" + ], + "description": "Gets all installed packages.", + "operationId": "ContentPackages_List", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataFilter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataOrderBy" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSearch" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataCount" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataTop" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSkip" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSkipToken" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/packageList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}": { + "get": { + "x-ms-examples": { + "Get installed packages by id.": { + "$ref": "./examples/contentPackages/GetPackageById.json" + } + }, + "tags": [ + "ContentPackages" + ], + "description": "Gets an installed packages by its id.", + "operationId": "ContentPackages_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/PackageIdParameter" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/packageModel" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Install a package to the workspace.": { + "$ref": "./examples/contentPackages/InstallPackage.json" + } + }, + "tags": [ + "ContentPackages" + ], + "description": "Install a package to the workspace.", + "operationId": "ContentPackage_Install", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/PackageIdParameter" + }, + { + "$ref": "#/parameters/PackageInstallationProperties" + } + ], + "responses": { + "200": { + "description": "OK, a package is updated.", + "schema": { + "$ref": "#/definitions/packageModel" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/packageModel" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + }, + "delete": { + "x-ms-examples": { + "Uninstall a package from the workspace.": { + "$ref": "./examples/contentPackages/UninstallPackage.json" + } + }, + "tags": [ + "ContentPackages" + ], + "description": "Uninstall a package from the workspace.", + "operationId": "ContentPackage_Uninstall", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/PackageIdParameter" + } + ], + "responses": { + "200": { + "description": "OK" + }, + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "packageList": { + "description": "List available packages.", + "properties": { + "nextLink": { + "description": "URL to fetch the next set of packages.", + "readOnly": true, + "type": "string" + }, + "value": { + "description": "Array of packages.", + "items": { + "$ref": "#/definitions/packageModel" + }, + "type": "array" + } + }, + "required": [ + "value" + ], + "type": "object" + }, + "packageModel": { + "allOf": [ + { + "$ref": "../../../common/2.0/types.json#/definitions/ResourceWithEtag" + } + ], + "description": "Represents a Package in Azure Security Insights.", + "properties": { + "properties": { + "description": "package properties", + "$ref": "#/definitions/packageProperties", + "x-ms-client-flatten": true + } + }, + "type": "object" + }, + "packageProperties": { + "description": "Describes package properties", + "allOf": [ + { + "$ref": "./common/ContentCommonTypes.json#/definitions/packageBaseProperties" + } + ], + "required": [ + "contentId", + "contentProductId", + "contentKind", + "version", + "displayName" + ], + "type": "object" + } + }, + "parameters": { + "PackageIdParameter": { + "description": "package Id", + "in": "path", + "name": "packageId", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "PackageInstallationProperties": { + "description": "Package installation properties", + "in": "body", + "name": "packageInstallationProperties", + "required": true, + "schema": { + "$ref": "#/definitions/packageModel" + }, + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentProductPackages.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentProductPackages.json new file mode 100644 index 000000000000..bd335a6dcaf0 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentProductPackages.json @@ -0,0 +1,232 @@ +{ + "swagger": "2.0", + "info": { + "title": "Security Insights", + "description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider", + "version": "2023-11-01" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages": { + "get": { + "x-ms-examples": { + "Get all available packages.": { + "$ref": "./examples/contentPackages/GetProductPackages.json" + } + }, + "tags": [ + "ContentProductPackages" + ], + "description": "Gets all packages from the catalog.\nExpandable properties:\n- properties/installed\n- properties/packagedContent", + "operationId": "ProductPackages_List", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataFilter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataOrderBy" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataTop" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSkipToken" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/productPackageList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages/{packageId}": { + "get": { + "x-ms-examples": { + "Get a package.": { + "$ref": "./examples/contentPackages/GetProductPackageById.json" + } + }, + "tags": [ + "ContentProductPackages" + ], + "description": "Gets a package by its identifier from the catalog.", + "operationId": "ProductPackage_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/PackageIdParameter" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/productPackageModel" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "productPackageList": { + "description": "List available packages.", + "properties": { + "nextLink": { + "description": "URL to fetch the next set of packages.", + "readOnly": true, + "type": "string" + }, + "value": { + "description": "Array of packages.", + "items": { + "$ref": "#/definitions/productPackageModel" + }, + "type": "array" + } + }, + "required": [ + "value" + ], + "type": "object" + }, + "productPackageModel": { + "allOf": [ + { + "$ref": "../../../common/2.0/types.json#/definitions/ResourceWithEtag" + } + ], + "description": "Represents a Package in Azure Security Insights.", + "properties": { + "properties": { + "description": "package properties", + "$ref": "#/definitions/productPackageProperties", + "x-ms-client-flatten": true + } + }, + "type": "object" + }, + "productPackageProperties": { + "description": "Describes package properties", + "allOf": [ + { + "$ref": "./common/ContentCommonTypes.json#/definitions/packageBaseProperties", + "description": "The content id of the package" + }, + { + "$ref": "#/definitions/productPackageAdditionalProperties", + "description": "The package kind" + } + ], + "required": [ + "contentId", + "contentKind", + "version", + "displayName" + ], + "type": "object" + }, + "productPackageAdditionalProperties": { + "description": "product package additional properties", + "properties": { + "installedVersion": { + "$ref": "./common/ContentCommonTypes.json#/definitions/metadataVersion", + "description": "The version of the installed package, null or absent means not installed." + }, + "metadataResourceId": { + "description": "The metadata resource id.", + "type": "string", + "format": "arm-id" + }, + "packagedContent": { + "$ref": "#/definitions/packagedContent", + "description": "The json of the ARM template to deploy. Expandable." + } + }, + "type": "object" + }, + "packagedContent": { + "type": "object", + "description": "The json of the ARM template to deploy" + } + }, + "parameters": { + "PackageIdParameter": { + "description": "package Id", + "in": "path", + "name": "packageId", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentProductTemplates.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentProductTemplates.json new file mode 100644 index 000000000000..95392e5f6cb4 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentProductTemplates.json @@ -0,0 +1,226 @@ +{ + "swagger": "2.0", + "info": { + "title": "Security Insights", + "description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider", + "version": "2023-11-01" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductTemplates": { + "get": { + "x-ms-examples": { + "Get all installed templates.": { + "$ref": "./examples/contentTemplates/GetProductTemplates.json" + } + }, + "tags": [ + "ContentProductTemplates" + ], + "description": "Gets all templates in the catalog.", + "operationId": "ProductTemplates_List", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataFilter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataOrderBy" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSearch" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataCount" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataTop" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSkip" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSkipToken" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/productTemplateList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentproducttemplates/{templateId}": { + "get": { + "x-ms-examples": { + "Get a template.": { + "$ref": "./examples/contentTemplates/GetProductTemplateById.json" + } + }, + "tags": [ + "ContentProductTemplates" + ], + "description": "Gets a template by its identifier.", + "operationId": "ProductTemplate_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/templateIdParameter" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/productTemplateModel" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "productTemplateList": { + "description": "List of all the template.", + "type": "object", + "properties": { + "value": { + "description": "Array of templates.", + "items": { + "$ref": "#/definitions/productTemplateModel" + }, + "type": "array" + }, + "nextLink": { + "description": "URL to fetch the next page of template.", + "readOnly": true, + "type": "string" + } + }, + "required": [ + "value" + ] + }, + "productTemplateModel": { + "allOf": [ + { + "$ref": "../../../common/2.0/types.json#/definitions/ResourceWithEtag" + } + ], + "description": "Template resource definition.", + "properties": { + "properties": { + "description": "template properties", + "$ref": "#/definitions/productTemplateProperties", + "x-ms-client-flatten": true + } + }, + "type": "object" + }, + "productTemplateProperties": { + "allOf": [ + { + "$ref": "./common/ContentCommonTypes.json#/definitions/templateBaseProperties" + }, + { + "$ref": "#/definitions/productTemplateAdditionalProperties" + } + ], + "description": "Template property bag.", + "required": [ + "contentId", + "version", + "displayName", + "contentKind", + "source" + ] + }, + "productTemplateAdditionalProperties": { + "description": "additional properties of product template.", + "type": "object", + "properties": { + "packagedContent": { + "type": "object", + "description": "The json of the ARM template to deploy" + } + } + } + }, + "parameters": { + "templateIdParameter": { + "description": "template Id", + "in": "path", + "name": "templateId", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentTemplates.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentTemplates.json new file mode 100644 index 000000000000..520c01ae5213 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/ContentTemplates.json @@ -0,0 +1,353 @@ +{ + "swagger": "2.0", + "info": { + "title": "Security Insights", + "description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider", + "version": "2023-11-01" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates": { + "get": { + "x-ms-examples": { + "Get all installed templates.": { + "$ref": "./examples/contentTemplates/GetTemplates.json" + } + }, + "tags": [ + "ContentTemplates" + ], + "description": "Gets all installed templates.\nExpandable properties:\n- properties/mainTemplate\n- properties/dependantTemplates", + "operationId": "ContentTemplates_List", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataFilter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataOrderBy" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataExpand" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSearch" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataCount" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataTop" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSkip" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/ODataSkipToken" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/templateList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}": { + "put": { + "x-ms-examples": { + "Get a template.": { + "$ref": "./examples/contentTemplates/InstallTemplate.json" + } + }, + "tags": [ + "ContentTemplates" + ], + "description": "Install a template.", + "operationId": "ContentTemplate_Install", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/templateIdParameter" + }, + { + "$ref": "#/parameters/templateInstallationProperties" + } + ], + "responses": { + "200": { + "description": "OK, a template is updated.", + "schema": { + "$ref": "#/definitions/templateModel" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/templateModel" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + }, + "get": { + "x-ms-examples": { + "Get a template.": { + "$ref": "./examples/contentTemplates/GetTemplateById.json" + } + }, + "tags": [ + "ContentTemplates" + ], + "description": "Gets a template byt its identifier.\nExpandable properties:\n- properties/mainTemplate\n- properties/dependantTemplates", + "operationId": "ContentTemplate_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/templateIdParameter" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/templateModel" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + }, + "delete": { + "x-ms-examples": { + "Delete metadata.": { + "$ref": "./examples/contentTemplates/DeleteTemplate.json" + } + }, + "tags": [ + "ContentTemplates" + ], + "description": "Delete an installed template.", + "operationId": "ContentTemplate_Delete", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/templateIdParameter" + } + ], + "responses": { + "200": { + "description": "OK" + }, + "204": { + "description": "No Content" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "templateList": { + "description": "List of all the template.", + "type": "object", + "properties": { + "value": { + "description": "Array of templates.", + "items": { + "$ref": "#/definitions/templateModel" + }, + "type": "array" + }, + "nextLink": { + "description": "URL to fetch the next page of template.", + "readOnly": true, + "type": "string" + } + }, + "required": [ + "value" + ] + }, + "templateModel": { + "allOf": [ + { + "$ref": "../../../common/2.0/types.json#/definitions/ResourceWithEtag" + } + ], + "description": "Template resource definition.", + "properties": { + "properties": { + "description": "template properties", + "$ref": "#/definitions/templateProperties", + "x-ms-client-flatten": true + } + }, + "type": "object" + }, + "templateProperties": { + "allOf": [ + { + "$ref": "./common/ContentCommonTypes.json#/definitions/templateBaseProperties" + }, + { + "$ref": "#/definitions/templateAdditionalProperties" + } + ], + "description": "Template property bag.", + "required": [ + "contentId", + "version", + "displayName", + "contentKind", + "source", + "packageId", + "packageVersion", + "contentProductId" + ], + "type": "object" + }, + "templateAdditionalProperties": { + "description": "additional properties of product template.", + "type": "object", + "properties": { + "mainTemplate": { + "$ref": "#/definitions/mainTemplate", + "description": "The JSON of the ARM template to deploy active content. Expandable." + }, + "dependantTemplates": { + "type": "array", + "items": { + "$ref": "#/definitions/templateProperties" + }, + "description": "Dependant templates. Expandable.", + "readOnly": true, + "x-ms-identifiers": [ + "contentId" + ] + } + } + }, + "mainTemplate": { + "description": "The JSON of the ARM template to deploy active content", + "type": "object" + } + }, + "parameters": { + "templateIdParameter": { + "description": "template Id", + "in": "path", + "name": "templateId", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "templateInstallationProperties": { + "description": "Template installation properties", + "in": "body", + "name": "templateInstallationProperties", + "required": true, + "schema": { + "$ref": "#/definitions/templateModel" + }, + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/SourceControls.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/SourceControls.json new file mode 100644 index 000000000000..c1d60af2bb9b --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/SourceControls.json @@ -0,0 +1,1005 @@ +{ + "swagger": "2.0", + "info": { + "title": "Security Insights", + "description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider", + "version": "2023-11-01" + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/listRepositories": { + "post": { + "x-ms-examples": { + "Get repository list.": { + "$ref": "./examples/repositories/GetRepositories.json" + } + }, + "tags": [ + "Repositories" + ], + "description": "Gets a list of repositories metadata.", + "operationId": "SourceControl_listRepositories", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/RepositoryAccess" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/RepoList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols": { + "get": { + "x-ms-examples": { + "Get all source controls.": { + "$ref": "./examples/sourcecontrols/GetSourceControls.json" + } + }, + "tags": [ + "SourceControls" + ], + "description": "Gets all source controls, without source control items.", + "operationId": "SourceControls_List", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SourceControlList" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}": { + "get": { + "x-ms-examples": { + "Get a source control.": { + "$ref": "./examples/sourcecontrols/GetSourceControlById.json" + } + }, + "tags": [ + "SourceControls" + ], + "description": "Gets a source control byt its identifier.", + "operationId": "SourceControls_Get", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/SourceControlIdParameter" + } + ], + "responses": { + "200": { + "description": "OK", + "schema": { + "$ref": "#/definitions/SourceControl" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + }, + "put": { + "x-ms-examples": { + "Creates or updates a source control.": { + "$ref": "./examples/sourcecontrols/CreateSourceControl.json" + } + }, + "tags": [ + "SourceControls" + ], + "description": "Creates a source control.", + "operationId": "SourceControls_Create", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/SourceControlIdParameter" + }, + { + "$ref": "#/parameters/SourceControl" + } + ], + "responses": { + "200": { + "description": "Updated", + "schema": { + "$ref": "#/definitions/SourceControl" + } + }, + "201": { + "description": "Created", + "schema": { + "$ref": "#/definitions/SourceControl" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/sourcecontrols/{sourceControlId}/delete": { + "post": { + "x-ms-examples": { + "Delete a source control.": { + "$ref": "./examples/sourcecontrols/DeleteSourceControl.json" + } + }, + "tags": [ + "SourceControls" + ], + "description": "Delete a source control.", + "operationId": "SourceControls_Delete", + "parameters": [ + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "../../../common/2.0/types.json#/parameters/WorkspaceName" + }, + { + "$ref": "#/parameters/SourceControlIdParameter" + }, + { + "$ref": "#/parameters/RepositoryAccess" + } + ], + "responses": { + "200": { + "description": "Source control deleted.", + "schema": { + "$ref": "#/definitions/Warning" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "../../../common/2.0/types.json#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "RepoList": { + "description": "List all the source controls.", + "properties": { + "nextLink": { + "description": "URL to fetch the next set of repositories.", + "readOnly": true, + "type": "string" + }, + "value": { + "description": "Array of repositories.", + "items": { + "$ref": "#/definitions/Repo" + }, + "type": "array", + "x-ms-identifiers": [] + } + }, + "required": [ + "value" + ], + "type": "object" + }, + "Repo": { + "description": "Represents a repository.", + "properties": { + "url": { + "description": "The url to access the repository.", + "type": "string" + }, + "fullName": { + "description": "The name of the repository.", + "type": "string" + }, + "installationId": { + "description": "The installation id of the repository.", + "type": "integer", + "format": "int64" + }, + "branches": { + "description": "Array of branches.", + "items": { + "description": "name of branch.", + "type": "string" + }, + "type": "array" + } + }, + "x-ms-azure-resource": false, + "type": "object" + }, + "SourceControlList": { + "description": "List all the source controls.", + "properties": { + "nextLink": { + "description": "URL to fetch the next set of source controls.", + "readOnly": true, + "type": "string" + }, + "value": { + "description": "Array of source controls.", + "items": { + "$ref": "#/definitions/SourceControl" + }, + "type": "array" + } + }, + "required": [ + "value" + ], + "type": "object" + }, + "SourceControl": { + "allOf": [ + { + "$ref": "../../../common/2.0/types.json#/definitions/ResourceWithEtag" + } + ], + "description": "Represents a SourceControl in Azure Security Insights.", + "required": [ + "properties" + ], + "properties": { + "properties": { + "description": "source control properties", + "$ref": "#/definitions/SourceControlProperties", + "x-ms-client-flatten": true + } + }, + "type": "object" + }, + "SourceControlProperties": { + "description": "Describes source control properties", + "properties": { + "id": { + "description": "The id (a Guid) of the source control", + "type": "string", + "readOnly": true + }, + "version": { + "$ref": "#/definitions/Version", + "description": "The version number associated with the source control", + "type": "string" + }, + "displayName": { + "description": "The display name of the source control", + "type": "string" + }, + "description": { + "description": "A description of the source control", + "type": "string" + }, + "repoType": { + "$ref": "#/definitions/RepoType", + "description": "The repository type of the source control", + "type": "string" + }, + "contentTypes": { + "description": "Array of source control content types.", + "items": { + "$ref": "#/definitions/ContentType" + }, + "type": "array" + }, + "repository": { + "description": "Repository metadata.", + "$ref": "#/definitions/Repository" + }, + "servicePrincipal": { + "description": "Service principal metadata.", + "$ref": "#/definitions/ServicePrincipal" + }, + "repositoryAccess": { + "description": "Repository access credentials. This is write-only object and it never returns back to a user.", + "x-ms-mutability": [ + "create", + "update" + ], + "$ref": "#/definitions/RepositoryAccess" + }, + "repositoryResourceInfo": { + "description": "Information regarding the resources created in user's repository.", + "$ref": "#/definitions/RepositoryResourceInfo" + }, + "lastDeploymentInfo": { + "description": "Information regarding the latest deployment for the source control.", + "$ref": "#/definitions/DeploymentInfo" + }, + "pullRequest": { + "description": "Information regarding the pull request of the source control.", + "$ref": "#/definitions/PullRequest" + } + }, + "required": [ + "displayName", + "repoType", + "contentTypes", + "repository" + ], + "type": "object" + }, + "RepositoryAccess": { + "type": "object", + "description": "Credentials to access repository.", + "required": [ + "kind" + ], + "properties": { + "kind": { + "description": "The kind of repository access credentials", + "$ref": "#/definitions/RepositoryAccessKind" + }, + "code": { + "x-ms-secret": true, + "type": "string", + "description": "OAuth Code. Required when `kind` is `OAuth`" + }, + "state": { + "x-ms-secret": true, + "type": "string", + "description": "OAuth State. Required when `kind` is `OAuth`" + }, + "clientId": { + "type": "string", + "description": "OAuth ClientId. Required when `kind` is `OAuth`" + }, + "token": { + "x-ms-secret": true, + "type": "string", + "description": "Personal Access Token. Required when `kind` is `PAT`" + }, + "installationId": { + "type": "string", + "description": "Application installation ID. Required when `kind` is `App`. Supported by `GitHub` only." + } + } + }, + "RepositoryAccessObject": { + "description": "Credentials to access repository.", + "type": "object", + "required": [ + "repositoryAccess" + ], + "properties": { + "repositoryAccess": { + "description": "RepositoryAccess properties", + "$ref": "#/definitions/RepositoryAccess", + "x-ms-client-flatten": true + } + } + }, + "RepositoryAccessProperties": { + "description": "Credentials to access repository.", + "type": "object", + "required": [ + "properties" + ], + "properties": { + "properties": { + "description": "RepositoryAccess properties", + "$ref": "#/definitions/RepositoryAccessObject", + "x-ms-client-flatten": true + } + } + }, + "Repository": { + "type": "object", + "required": [ + "url", + "branch" + ], + "description": "metadata of a repository.", + "properties": { + "url": { + "description": "Url of repository.", + "type": "string" + }, + "branch": { + "description": "Branch name of repository.", + "type": "string" + }, + "displayUrl": { + "description": "Display url of repository.", + "type": "string" + }, + "deploymentLogsUrl": { + "description": "Url to access repository action logs.", + "type": "string", + "readOnly": true + } + } + }, + "ServicePrincipal": { + "type": "object", + "description": "Service principal metadata.", + "properties": { + "id": { + "description": "Id of service principal.", + "type": "string", + "readOnly": true + }, + "tenantId": { + "description": "Tenant id of service principal.", + "type": "string", + "readOnly": true + }, + "appId": { + "description": "App id of service principal.", + "type": "string", + "readOnly": true + }, + "credentialsExpireOn": { + "format": "date-time", + "description": "Expiration time of service principal credentials.", + "type": "string" + } + } + }, + "RepositoryResourceInfo": { + "type": "object", + "description": "Resources created in user's repository for the source-control.", + "properties": { + "webhook": { + "type": "object", + "description": "The webhook object created for the source-control.", + "$ref": "#/definitions/Webhook" + }, + "gitHubResourceInfo": { + "type": "object", + "description": "Resources created in GitHub for this source-control.", + "$ref": "#/definitions/GitHubResourceInfo" + }, + "azureDevOpsResourceInfo": { + "type": "object", + "description": "Resources created in Azure DevOps for this source-control.", + "$ref": "#/definitions/AzureDevOpsResourceInfo" + } + } + }, + "Webhook": { + "description": "Detail about the webhook object.", + "type": "object", + "properties": { + "webhookId": { + "description": "Unique identifier for the webhook.", + "type": "string", + "readOnly": true + }, + "webhookUrl": { + "description": "URL that gets invoked by the webhook.", + "type": "string", + "readOnly": true + }, + "webhookSecretUpdateTime": { + "format": "date-time", + "description": "Time when the webhook secret was updated.", + "type": "string", + "readOnly": true + }, + "rotateWebhookSecret": { + "description": "A flag to instruct the backend service to rotate webhook secret.", + "type": "boolean" + } + } + }, + "GitHubResourceInfo": { + "readOnly": true, + "description": "Resources created in GitHub repository.", + "type": "object", + "properties": { + "appInstallationId": { + "description": "GitHub application installation id.", + "type": "string" + } + } + }, + "AzureDevOpsResourceInfo": { + "readOnly": true, + "description": "Resources created in Azure DevOps repository.", + "type": "object", + "properties": { + "pipelineId": { + "description": "Id of the pipeline created for the source-control.", + "type": "string" + }, + "serviceConnectionId": { + "description": "Id of the service-connection created for the source-control.", + "type": "string" + } + } + }, + "DeploymentInfo": { + "readOnly": true, + "description": "Information regarding a deployment.", + "type": "object", + "properties": { + "deploymentFetchStatus": { + "$ref": "#/definitions/DeploymentFetchStatus", + "description": "Status while fetching the last deployment.", + "type": "string" + }, + "deployment": { + "$ref": "#/definitions/Deployment", + "description": "Deployment information.", + "type": "object" + }, + "message": { + "description": "Additional details about the deployment that can be shown to the user.", + "type": "string" + } + } + }, + "Deployment": { + "description": "Description about a deployment.", + "type": "object", + "properties": { + "deploymentId": { + "description": "Deployment identifier.", + "type": "string" + }, + "deploymentState": { + "$ref": "#/definitions/DeploymentState", + "description": "Current status of the deployment.", + "type": "string" + }, + "deploymentResult": { + "$ref": "#/definitions/DeploymentResult", + "description": "The outcome of the deployment.", + "type": "string" + }, + "deploymentTime": { + "format": "date-time", + "description": "The time when the deployment finished.", + "type": "string" + }, + "deploymentLogsUrl": { + "description": "Url to access repository action logs.", + "type": "string" + } + } + }, + "ContentType": { + "description": "The content type of a source control path.", + "enum": [ + "AnalyticRule", + "AutomationRule", + "HuntingQuery", + "Parser", + "Playbook", + "Workbook" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "ContentType", + "values": [ + { + "value": "AnalyticRule" + }, + { + "value": "AutomationRule" + }, + { + "value": "HuntingQuery" + }, + { + "value": "Parser" + }, + { + "value": "Playbook" + }, + { + "value": "Workbook" + } + ] + } + }, + "RepoType": { + "description": "The type of repository.", + "enum": [ + "Github", + "AzureDevOps" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "RepoType", + "values": [ + { + "value": "Github" + }, + { + "value": "AzureDevOps" + } + ] + } + }, + "RepositoryAccessKind": { + "description": "The kind of repository access credentials", + "enum": [ + "OAuth", + "PAT", + "App" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "RepositoryAccessKind", + "values": [ + { + "value": "OAuth" + }, + { + "value": "PAT" + }, + { + "value": "App" + } + ] + } + }, + "Version": { + "readOnly": true, + "description": "The version of the source control.", + "enum": [ + "V1", + "V2" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "Version", + "values": [ + { + "value": "V1" + }, + { + "value": "V2" + } + ] + } + }, + "DeploymentFetchStatus": { + "description": "Status while trying to fetch the deployment information.", + "enum": [ + "Success", + "Unauthorized", + "NotFound" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "DeploymentFetchStatus", + "values": [ + { + "value": "Success" + }, + { + "value": "Unauthorized" + }, + { + "value": "NotFound" + } + ] + } + }, + "DeploymentState": { + "description": "The current state of the deployment.", + "enum": [ + "In_Progress", + "Completed", + "Queued", + "Canceling" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "DeploymentState", + "values": [ + { + "value": "In_Progress" + }, + { + "value": "Completed" + }, + { + "value": "Queued" + }, + { + "value": "Canceling" + } + ] + } + }, + "DeploymentResult": { + "description": "Status while trying to fetch the deployment information.", + "enum": [ + "Success", + "Canceled", + "Failed" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "DeploymentResult", + "values": [ + { + "value": "Success" + }, + { + "value": "Canceled" + }, + { + "value": "Failed" + } + ] + } + }, + "PullRequest": { + "readOnly": true, + "description": "Information regarding pull request for protected branches.", + "type": "object", + "properties": { + "url": { + "description": "URL of pull request", + "type": "string", + "readOnly": true + }, + "state": { + "$ref": "#/definitions/PullRequestState", + "description": "State of the pull request", + "type": "object", + "readOnly": true + } + } + }, + "PullRequestState": { + "description": "Status of the pull request.", + "enum": [ + "Open", + "Closed" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "state", + "values": [ + { + "value": "Open" + }, + { + "value": "Closed" + } + ] + } + }, + "Warning": { + "description": "Warning response structure.", + "properties": { + "warning": { + "$ref": "#/definitions/WarningBody", + "description": "Warning data." + } + }, + "type": "object" + }, + "WarningBody": { + "readOnly": true, + "description": "Warning details.", + "properties": { + "code": { + "description": "An identifier for the warning. Codes are invariant and are intended to be consumed programmatically.", + "readOnly": true, + "type": "object", + "$ref": "#/definitions/WarningCode" + }, + "message": { + "description": "A message describing the warning, intended to be suitable for display in a user interface.", + "readOnly": true, + "type": "string" + }, + "details": { + "readOnly": true, + "type": "array", + "items": { + "$ref": "#/definitions/WarningBody" + }, + "x-ms-identifiers": [] + } + }, + "type": "object" + }, + "WarningCode": { + "readOnly": true, + "description": "The type of repository.", + "enum": [ + "SourceControlWarning_DeleteServicePrincipal", + "SourceControlWarning_DeletePipelineFromAzureDevOps", + "SourceControlWarning_DeleteWorkflowAndSecretFromGitHub", + "SourceControlWarning_DeleteRoleAssignment", + "SourceControl_DeletedWithWarnings" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "WarningCode", + "values": [ + { + "value": "SourceControlWarning_DeleteServicePrincipal" + }, + { + "value": "SourceControlWarning_DeletePipelineFromAzureDevOps" + }, + { + "value": "SourceControlWarning_DeleteWorkflowAndSecretFromGitHub" + }, + { + "value": "SourceControlWarning_DeleteRoleAssignment" + }, + { + "value": "SourceControl_DeletedWithWarnings" + } + ] + } + } + }, + "parameters": { + "RepoTypeParameter": { + "description": "The repo type.", + "in": "body", + "name": "repoType", + "required": true, + "schema": { + "$ref": "#/definitions/RepoType" + }, + "x-ms-parameter-location": "method" + }, + "SourceControlIdParameter": { + "description": "Source control Id", + "in": "path", + "name": "sourceControlId", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "SourceControl": { + "description": "The SourceControl", + "in": "body", + "name": "sourceControl", + "required": true, + "schema": { + "$ref": "#/definitions/SourceControl" + }, + "x-ms-parameter-location": "method" + }, + "RepositoryAccess": { + "description": "The repository access credentials.", + "in": "body", + "name": "repositoryAccess", + "required": true, + "schema": { + "required": [ + "repositoryAccess" + ], + "$ref": "#/definitions/RepositoryAccessProperties" + }, + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/Watchlists.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/Watchlists.json index 64e8254c7823..7fa2f1d95d4c 100644 --- a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/Watchlists.json +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/Watchlists.json @@ -480,16 +480,8 @@ "type": "string" }, "source": { - "description": "The source of the watchlist", - "enum": [ - "Local file", - "Remote storage" - ], - "type": "string", - "x-ms-enum": { - "modelAsString": true, - "name": "source" - } + "description": "The source of the watchlist. Only accepts \"Local file\" and \"Remote storage\". And it must included in the request.", + "type": "string" }, "created": { "description": "The time the watchlist was created", @@ -567,7 +559,6 @@ }, "required": [ "displayName", - "source", "provider", "itemsSearchKey" ], diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/common/ContentCommonTypes.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/common/ContentCommonTypes.json new file mode 100644 index 000000000000..b94fc3640bed --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/common/ContentCommonTypes.json @@ -0,0 +1,646 @@ +{ + "swagger": "2.0", + "info": { + "version": "2023-11-01", + "title": "Common content metadata types" + }, + "paths": {}, + "definitions": { + "metadataContentId": { + "description": "Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for out of the box content and solutions. Can be optionally set for user created content to define dependencies. If an active content item is made from a metadata, both will have the same contentId.", + "type": "string" + }, + "metadataParentId": { + "description": "Full parent resource ID of the content item the metadata is for. This is the full resource ID including the scope (subscription and resource group)", + "type": "string" + }, + "metadataDisplayName": { + "description": "DisplayName of the content.", + "type": "string" + }, + "metadataVersion": { + "description": "Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks", + "type": "string" + }, + "metadataPackageKind": { + "description": "The package kind", + "enum": [ + "Solution", + "Standalone" + ], + "type": "string", + "x-ms-enum": { + "modelAsString": true, + "name": "packageKind", + "values": [ + { + "value": "Solution" + }, + { + "value": "Standalone" + } + ] + } + }, + "metadataKind": { + "type": "string", + "description": "The kind of content the metadata is for.", + "enum": [ + "DataConnector", + "DataType", + "Workbook", + "WorkbookTemplate", + "Playbook", + "PlaybookTemplate", + "AnalyticsRuleTemplate", + "AnalyticsRule", + "HuntingQuery", + "InvestigationQuery", + "Parser", + "Watchlist", + "WatchlistTemplate", + "Solution", + "AzureFunction", + "LogicAppsCustomConnector", + "AutomationRule" + ], + "x-ms-enum": { + "modelAsString": true, + "name": "kind", + "values": [ + { + "value": "DataConnector" + }, + { + "value": "DataType" + }, + { + "value": "Workbook" + }, + { + "value": "WorkbookTemplate" + }, + { + "value": "Playbook" + }, + { + "value": "PlaybookTemplate" + }, + { + "value": "AnalyticsRuleTemplate" + }, + { + "value": "AnalyticsRule" + }, + { + "value": "HuntingQuery" + }, + { + "value": "InvestigationQuery" + }, + { + "value": "Parser" + }, + { + "value": "Watchlist" + }, + { + "value": "WatchlistTemplate" + }, + { + "value": "Solution" + }, + { + "value": "AzureFunction" + }, + { + "value": "LogicAppsCustomConnector" + }, + { + "value": "AutomationRule" + } + ] + } + }, + "metadataTrueFalseFlag": { + "type": "string", + "description": "The boolean value the metadata is for.", + "enum": [ + "true", + "false" + ], + "x-ms-enum": { + "modelAsString": true, + "name": "flag", + "values": [ + { + "value": "true" + }, + { + "value": "false" + } + ] + } + }, + "metadataSource": { + "description": "The original source of the content item, where it comes from.", + "type": "object", + "required": [ + "kind" + ], + "properties": { + "kind": { + "description": "Source type of the content", + "type": "string", + "enum": [ + "LocalWorkspace", + "Community", + "Solution", + "SourceRepository" + ], + "x-ms-enum": { + "modelAsString": true, + "name": "sourceKind", + "values": [ + { + "value": "LocalWorkspace" + }, + { + "value": "Community" + }, + { + "value": "Solution" + }, + { + "value": "SourceRepository" + } + ] + } + }, + "name": { + "description": "Name of the content source. The repo name, solution name, LA workspace name etc.", + "type": "string" + }, + "sourceId": { + "description": "ID of the content source. The solution ID, workspace ID, etc", + "type": "string" + } + } + }, + "metadataAuthor": { + "type": "object", + "description": "Publisher or creator of the content item.", + "properties": { + "name": { + "description": "Name of the author. Company or person.", + "type": "string" + }, + "email": { + "description": "Email of author contact", + "type": "string" + }, + "link": { + "description": "Link for author/vendor page", + "type": "string" + } + } + }, + "metadataSupport": { + "type": "object", + "description": "Support information for the content item.", + "required": [ + "tier" + ], + "properties": { + "tier": { + "description": "Type of support for content item", + "type": "string", + "enum": [ + "Microsoft", + "Partner", + "Community" + ], + "x-ms-enum": { + "modelAsString": true, + "name": "supportTier", + "values": [ + { + "value": "Microsoft" + }, + { + "value": "Partner" + }, + { + "value": "Community" + } + ] + } + }, + "name": { + "description": "Name of the support contact. Company or person.", + "type": "string" + }, + "email": { + "description": "Email of support contact", + "type": "string" + }, + "link": { + "description": "Link for support help, like to support page to open a ticket etc.", + "type": "string" + } + } + }, + "metadataDependencies": { + "description": "Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex dependencies.", + "type": "object", + "properties": { + "contentId": { + "description": "Id of the content item we depend on", + "$ref": "#/definitions/metadataContentId" + }, + "kind": { + "description": "Type of the content item we depend on", + "$ref": "#/definitions/metadataKind" + }, + "version": { + "description": "Version of the the content item we depend on. Can be blank, * or missing to indicate any version fulfills the dependency. If version does not match our defined numeric format then an exact match is required.", + "$ref": "#/definitions/metadataVersion" + }, + "name": { + "description": "Name of the content item", + "type": "string" + }, + "operator": { + "description": "Operator used for list of dependencies in criteria array.", + "type": "string", + "enum": [ + "AND", + "OR" + ], + "x-ms-enum": { + "modelAsString": true, + "name": "operator", + "values": [ + { + "value": "AND" + }, + { + "value": "OR" + } + ] + } + }, + "criteria": { + "description": "This is the list of dependencies we must fulfill, according to the AND/OR operator", + "type": "array", + "items": { + "$ref": "#/definitions/metadataDependencies", + "description": "Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats." + }, + "x-ms-identifiers": [ + "contentId" + ], + "example": [ + { + "kind": "DataConnector", + "contentId": "68b1de8a-b635-430d-b208-01ba3dda5877", + "version": "1.0.0" + }, + { + "kind": "Workbook", + "contentId": "ad903b46-9905-4504-9825-3bcce796da8e", + "version": "1.0.0" + } + ] + } + } + }, + "metadataCategories": { + "type": "object", + "description": "ies for the solution content item", + "properties": { + "domains": { + "description": "domain for the solution content item", + "type": "array", + "example": [ + "str1", + "str2", + "str3" + ], + "items": { + "type": "string" + } + }, + "verticals": { + "description": "Industry verticals for the solution content item", + "type": "array", + "items": { + "type": "string" + }, + "example": [ + "str1", + "str2", + "str3" + ] + } + } + }, + "metadataProviders": { + "description": "Providers for the solution content item", + "type": "array", + "example": [ + "str1", + "str2", + "str3" + ], + "items": { + "type": "string" + } + }, + "metadataFirstPublishDate": { + "description": "first publish date of solution content item", + "type": "string", + "format": "date" + }, + "metadataLastPublishDate": { + "description": "last publish date of solution content item", + "type": "string", + "format": "date" + }, + "metadataCustomVersion": { + "description": "The custom version of the content. A optional free text", + "type": "string" + }, + "metadataContentSchemaVersion": { + "description": "Schema version of the content. Can be used to distinguish between different flow based on the schema version", + "type": "string" + }, + "metadataIcon": { + "description": "the icon identifier. this id can later be fetched from the metadata", + "type": "string" + }, + "metadataThreatAnalysisTactics": { + "description": "the tactics the resource covers", + "type": "array", + "example": [ + "reconnaissance", + "exfiltration" + ], + "items": { + "type": "string" + } + }, + "metadataThreatAnalysisTechniques": { + "description": "the techniques the resource covers, these have to be aligned with the tactics being used", + "type": "array", + "example": [ + "T1548", + "T1548.001", + "T1134.003" + ], + "items": { + "type": "string" + } + }, + "metadataPreviewImages": { + "description": "preview image file names. These will be taken from the solution artifacts", + "type": "array", + "example": [ + "example.png", + "example2.jpeg" + ], + "items": { + "type": "string" + } + }, + "metadataPreviewImagesDark": { + "description": "preview image file names. These will be taken from the solution artifacts. used for dark theme support", + "type": "array", + "example": [ + "example.png", + "example2.jpeg" + ], + "items": { + "type": "string" + } + }, + "metadataTags": { + "description": "the tags assigned to the resource", + "type": "array", + "example": [ + "str1", + "str2", + "str3" + ], + "items": { + "type": "string" + } + }, + "templateBaseProperties": { + "description": "Template property bag.", + "type": "object", + "properties": { + "contentId": { + "$ref": "#/definitions/metadataContentId", + "description": "Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic for user-created. This is the resource name" + }, + "contentProductId": { + "type": "string", + "description": "Unique ID for the content. It should be generated based on the contentId of the package, contentId of the template, contentKind of the template and the contentVersion of the template" + }, + "packageVersion": { + "$ref": "#/definitions/metadataVersion", + "description": "Version of the package. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata best practices. Can also be any string, but then we cannot guarantee any version checks" + }, + "version": { + "$ref": "#/definitions/metadataVersion", + "description": "Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM metadata best practices. Can also be any string, but then we cannot guarantee any version checks" + }, + "displayName": { + "$ref": "#/definitions/metadataDisplayName", + "description": "The display name of the template" + }, + "contentKind": { + "$ref": "#/definitions/metadataKind", + "description": "The kind of content the template is for." + }, + "source": { + "$ref": "#/definitions/metadataSource", + "description": "Source of the content. This is where/how it was created." + }, + "author": { + "$ref": "#/definitions/metadataAuthor", + "description": "The creator of the content item." + }, + "support": { + "$ref": "#/definitions/metadataSupport", + "description": "Support information for the template - type, name, contact information" + }, + "dependencies": { + "$ref": "#/definitions/metadataDependencies", + "description": "Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats." + }, + "categories": { + "$ref": "#/definitions/metadataCategories", + "description": "Categories for the item" + }, + "providers": { + "$ref": "#/definitions/metadataProviders", + "description": "Providers for the content item" + }, + "firstPublishDate": { + "$ref": "#/definitions/metadataFirstPublishDate", + "description": "first publish date content item" + }, + "lastPublishDate": { + "$ref": "#/definitions/metadataLastPublishDate", + "description": "last publish date for the content item" + }, + "customVersion": { + "$ref": "#/definitions/metadataCustomVersion", + "description": "The custom version of the content. A optional free text" + }, + "contentSchemaVersion": { + "$ref": "#/definitions/metadataContentSchemaVersion", + "description": "Schema version of the content. Can be used to distinguish between different flow based on the schema version" + }, + "icon": { + "$ref": "#/definitions/metadataIcon", + "description": "the icon identifier. this id can later be fetched from the content metadata" + }, + "threatAnalysisTactics": { + "$ref": "#/definitions/metadataThreatAnalysisTactics", + "description": "the tactics the resource covers" + }, + "threatAnalysisTechniques": { + "$ref": "#/definitions/metadataThreatAnalysisTechniques", + "description": "the techniques the resource covers, these have to be aligned with the tactics being used" + }, + "previewImages": { + "$ref": "#/definitions/metadataPreviewImages", + "description": "preview image file names. These will be taken from the solution artifacts" + }, + "previewImagesDark": { + "$ref": "#/definitions/metadataPreviewImagesDark", + "description": "preview image file names. These will be taken from the solution artifacts. used for dark theme support" + }, + "packageId": { + "$ref": "#/definitions/metadataContentId", + "description": "the package Id contains this template" + }, + "packageKind": { + "$ref": "#/definitions/metadataPackageKind", + "description": "the packageKind of the package contains this template" + }, + "packageName": { + "$ref": "#/definitions/metadataDisplayName", + "description": "the name of the package contains this template" + }, + "isDeprecated": { + "$ref": "#/definitions/metadataTrueFalseFlag", + "description": "Flag indicates if this template is deprecated", + "readOnly": true + } + } + }, + "packageBaseProperties": { + "description": "Describes package properties", + "properties": { + "contentId": { + "$ref": "#/definitions/metadataContentId", + "description": "The content id of the package" + }, + "contentProductId": { + "type": "string", + "description": "Unique ID for the content. It should be generated based on the contentId, contentKind and the contentVersion of the package" + }, + "contentKind": { + "$ref": "#/definitions/metadataPackageKind", + "description": "The package kind" + }, + "contentSchemaVersion": { + "$ref": "#/definitions/metadataVersion", + "description": "The version of the content schema." + }, + "isNew": { + "$ref": "#/definitions/metadataTrueFalseFlag", + "description": "Flag indicates if this is a newly published package." + }, + "isPreview": { + "$ref": "#/definitions/metadataTrueFalseFlag", + "description": "Flag indicates if this package is in preview." + }, + "isFeatured": { + "$ref": "#/definitions/metadataTrueFalseFlag", + "description": "Flag indicates if this package is among the featured list." + }, + "isDeprecated": { + "$ref": "#/definitions/metadataTrueFalseFlag", + "description": "Flag indicates if this template is deprecated" + }, + "version": { + "$ref": "#/definitions/metadataVersion", + "description": "the latest version number of the package" + }, + "displayName": { + "$ref": "#/definitions/metadataDisplayName", + "description": "The display name of the package" + }, + "description": { + "description": "The description of the package", + "type": "string" + }, + "publisherDisplayName": { + "$ref": "#/definitions/metadataDisplayName", + "description": "The publisher display name of the package" + }, + "source": { + "$ref": "#/definitions/metadataSource", + "description": "The source of the package" + }, + "author": { + "$ref": "#/definitions/metadataAuthor", + "description": "The author of the package" + }, + "support": { + "$ref": "#/definitions/metadataSupport", + "description": "The support tier of the package" + }, + "dependencies": { + "$ref": "#/definitions/metadataDependencies", + "description": "The support tier of the package" + }, + "providers": { + "$ref": "#/definitions/metadataProviders", + "description": "Providers for the package item" + }, + "firstPublishDate": { + "$ref": "#/definitions/metadataFirstPublishDate", + "description": "first publish date package item" + }, + "lastPublishDate": { + "$ref": "#/definitions/metadataLastPublishDate", + "description": "last publish date for the package item" + }, + "categories": { + "$ref": "#/definitions/metadataCategories", + "description": "The categories of the package" + }, + "threatAnalysisTactics": { + "$ref": "#/definitions/metadataThreatAnalysisTactics", + "description": "the tactics the resource covers" + }, + "threatAnalysisTechniques": { + "$ref": "#/definitions/metadataThreatAnalysisTechniques", + "description": "the techniques the resource covers, these have to be aligned with the tactics being used" + }, + "icon": { + "$ref": "#/definitions/metadataIcon", + "description": "the icon identifier. this id can later be fetched from the content metadata" + } + }, + "type": "object" + } + }, + "parameters": {} +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetPackageById.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetPackageById.json new file mode 100644 index 000000000000..947851702dee --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetPackageById.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "packageId": "str.azure-sentinel-solution-str" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentPackages/str.azure-sentinel-solution-str", + "name": "str.azure-sentinel-solution-str", + "type": "Microsoft.SecurityInsights/contentpackages", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "str.azure-sentinel-solution-str", + "contentProductId": "str.azure-sentinel-solution-str-sl-igl6jawr4gwmu", + "contentKind": "Solution", + "version": "2.0.0", + "displayName": "str" + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetPackages.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetPackages.json new file mode 100644 index 000000000000..a4c636cf9512 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetPackages.json @@ -0,0 +1,39 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "packageId": "str.azure-sentinel-solution-str" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentPackages", + "name": "str.azure-sentinel-solution-str", + "type": "Microsoft.SecurityInsights/contentpackages", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "str.azure-sentinel-solution-str", + "contentProductId": "str.azure-sentinel-solution-str-sl-igl6jawr4gwmu", + "contentKind": "Solution", + "contentSchemaVersion": "3.0.0", + "version": "2.0.0", + "displayName": "str" + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + ] + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetProductPackageById.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetProductPackageById.json new file mode 100644 index 000000000000..fedd93d08498 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetProductPackageById.json @@ -0,0 +1,76 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "packageId": "str.azure-sentinel-solution-str" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentPackages/str.azure-sentinel-solution-str", + "name": "str.azure-sentinel-solution-str", + "type": "Microsoft.SecurityInsights/contentpackages", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "str.azure-sentinel-solution-str", + "contentProductId": "str.azure-sentinel-solution-str-sl-igl6jawr4gwmu", + "contentKind": "Solution", + "installedVersion": "2.0.0", + "version": "2.0.0", + "displayName": "str", + "source": { + "kind": "Solution", + "name": "str", + "sourceId": "str.azure-sentinel-solution-str" + }, + "author": { + "name": "Microsoft", + "email": "support@microsoft.com" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + }, + "dependencies": { + "criteria": [ + { + "contentId": "strDataConnector", + "kind": "DataConnector", + "version": "2.0.0" + }, + { + "contentId": "str-Parser", + "kind": "Parser", + "version": "2.0.0" + } + ], + "operator": "AND" + }, + "providers": [ + "Microsoft" + ], + "categories": { + "domains": [ + "Security - Cloud Security" + ], + "verticals": null + }, + "firstPublishDate": "2022-04-01", + "packageContent": "JSON string of the package" + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetProductPackages.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetProductPackages.json new file mode 100644 index 000000000000..75e37d4e4ebd --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/GetProductPackages.json @@ -0,0 +1,78 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentPackages", + "name": "str.azure-sentinel-solution-str", + "type": "Microsoft.SecurityInsights/contentpackages", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "str.azure-sentinel-solution-str", + "contentProductId": "str.azure-sentinel-solution-str-sl-igl6jawr4gwmu", + "contentKind": "Solution", + "installedVersion": "2.0.0", + "version": "2.0.0", + "displayName": "str", + "source": { + "kind": "Solution", + "name": "str", + "sourceId": "str.azure-sentinel-solution-str" + }, + "author": { + "name": "Microsoft", + "email": "support@microsoft.com" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + }, + "dependencies": { + "criteria": [ + { + "contentId": "strDataConnector", + "kind": "DataConnector", + "version": "2.0.0" + }, + { + "contentId": "str-Parser", + "kind": "Parser", + "version": "2.0.0" + } + ], + "operator": "AND" + }, + "providers": [ + "Microsoft" + ], + "categories": { + "domains": [ + "Security - Cloud Security" + ], + "verticals": null + }, + "firstPublishDate": "2022-04-01" + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + ] + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/InstallPackage.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/InstallPackage.json new file mode 100644 index 000000000000..12e2a17ef71a --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/InstallPackage.json @@ -0,0 +1,151 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "packageId": "str.azure-sentinel-solution-str", + "packageInstallationProperties": { + "properties": { + "contentId": "str.azure-sentinel-solution-str", + "contentProductId": "str.azure-sentinel-solution-str-sl-igl6jawr4gwmu", + "contentKind": "Solution", + "version": "2.0.0", + "displayName": "str" + }, + "tags": { + "tag1": "str" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentPackages/str.azure-sentinel-solution-str", + "name": "str.azure-sentinel-solution-str", + "type": "Microsoft.SecurityInsights/contentpackages", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "str.azure-sentinel-solution-str", + "contentKind": "Solution", + "contentProductId": "str.azure-sentinel-solution-str-sl-igl6jawr4gwmu", + "installedVersion": "2.0.0", + "version": "2.0.0", + "displayName": "str", + "source": { + "kind": "Solution", + "name": "str", + "sourceId": "str.azure-sentinel-solution-str" + }, + "author": { + "name": "Microsoft", + "email": "support@microsoft.com" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + }, + "dependencies": { + "criteria": [ + { + "contentId": "strDataConnector", + "kind": "DataConnector", + "version": "2.0.0" + }, + { + "contentId": "str-Parser", + "kind": "Parser", + "version": "2.0.0" + } + ], + "operator": "AND" + }, + "providers": [ + "Microsoft" + ], + "categories": { + "domains": [ + "Security - Cloud Security" + ], + "verticals": null + }, + "firstPublishDate": "2022-04-01" + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + }, + "201": { + "body": { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentPackages/str.azure-sentinel-solution-str", + "name": "str.azure-sentinel-solution-str", + "type": "Microsoft.SecurityInsights/contentpackages", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "str.azure-sentinel-solution-str", + "contentProductId": "str.azure-sentinel-solution-str-sl-igl6jawr4gwmu", + "contentKind": "Solution", + "installedVersion": "2.0.0", + "version": "2.0.0", + "displayName": "str", + "source": { + "kind": "Solution", + "name": "str", + "sourceId": "str.azure-sentinel-solution-str" + }, + "author": { + "name": "Microsoft", + "email": "support@microsoft.com" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + }, + "dependencies": { + "criteria": [ + { + "contentId": "strDataConnector", + "kind": "DataConnector", + "version": "2.0.0" + }, + { + "contentId": "str-Parser", + "kind": "Parser", + "version": "2.0.0" + } + ], + "operator": "AND" + }, + "providers": [ + "Microsoft" + ], + "categories": { + "domains": [ + "Security - Cloud Security" + ], + "verticals": null + }, + "firstPublishDate": "2022-04-01" + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/UninstallPackage.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/UninstallPackage.json new file mode 100644 index 000000000000..1eb22e576f8e --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentPackages/UninstallPackage.json @@ -0,0 +1,13 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "packageId": "str.azure-sentinel-solution-str" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/DeleteTemplate.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/DeleteTemplate.json new file mode 100644 index 000000000000..71e7cc8d4388 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/DeleteTemplate.json @@ -0,0 +1,13 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "templateId": "8365ebfe-a381-45b7-ad08-7d818070e11f" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetProductTemplateById.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetProductTemplateById.json new file mode 100644 index 000000000000..a3a439c6cf6f --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetProductTemplateById.json @@ -0,0 +1,43 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "templateId": "8365ebfe-a381-45b7-ad08-7d818070e11f" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentTemplates/8365ebfe-a381-45b7-ad08-7d818070e11f", + "name": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "type": "Microsoft.SecurityInsights/contenttemplates", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "contentId", + "version": "1.0.0", + "packageVersion": "1.0.0", + "displayName": "My installed template", + "contentKind": "Workbooks", + "contentProductId": "packageId-wb-rimnsoeh4nt32", + "packageId": "packageId", + "packageKind": "Standalone", + "packageName": "package name", + "source": { + "kind": "Standalone", + "name": "Source name" + }, + "mainTemplate": {} + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetProductTemplates.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetProductTemplates.json new file mode 100644 index 000000000000..b7992edbfde3 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetProductTemplates.json @@ -0,0 +1,45 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentTemplates", + "name": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "type": "Microsoft.SecurityInsights/contenttemplates", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "contentId", + "contentProductId": "packageId-wb-rimnsoeh4nt32", + "version": "1.0.0", + "packageVersion": "1.0.0", + "displayName": "My installed template", + "contentKind": "Workbooks", + "packageId": "packageId", + "packageKind": "Standalone", + "packageName": "package name", + "source": { + "kind": "Standalone", + "name": "Source name" + } + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + ] + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetTemplateById.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetTemplateById.json new file mode 100644 index 000000000000..d0f99270a79f --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetTemplateById.json @@ -0,0 +1,41 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "templateId": "8365ebfe-a381-45b7-ad08-7d818070e11f" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentTemplates/8365ebfe-a381-45b7-ad08-7d818070e11f", + "name": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "type": "Microsoft.SecurityInsights/contenttemplates", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "contentId", + "contentProductId": "packageId-wb-rimnsoeh4nt32", + "version": "1.0.0", + "packageVersion": "1.0.0", + "displayName": "My installed template", + "contentKind": "Workbooks", + "packageId": "packageId", + "source": { + "kind": "Standalone", + "name": "Source name" + }, + "mainTemplate": {} + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetTemplates.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetTemplates.json new file mode 100644 index 000000000000..c5871815ca2a --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/GetTemplates.json @@ -0,0 +1,43 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentTemplates", + "name": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "type": "Microsoft.SecurityInsights/contenttemplates", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "contentId", + "contentProductId": "packageId-wb-rimnsoeh4nt32", + "packageVersion": "1.0.0", + "version": "1.0.0", + "displayName": "My installed template", + "contentKind": "Workbooks", + "packageId": "packageId", + "source": { + "kind": "Standalone", + "name": "Source name" + } + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + ] + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/InstallTemplate.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/InstallTemplate.json new file mode 100644 index 000000000000..d38c3319bc92 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/contentTemplates/InstallTemplate.json @@ -0,0 +1,228 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "templateId": "str.azure-sentinel-solution-str", + "templateInstallationProperties": { + "properties": { + "contentId": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "contentProductId": "str.azure-sentinel-solution-str-ar-cbfe4fndz66bi", + "displayName": "API Protection workbook template", + "contentKind": "AnalyticsRule", + "version": "1.0.1", + "packageVersion": "1.0.0", + "packageId": "str.azure-sentinel-solution-str", + "packageName": "str", + "packageKind": "Solution", + "source": { + "kind": "Solution", + "name": "str", + "sourceId": "str.azure-sentinel-solution-str" + }, + "author": { + "name": "Microsoft", + "email": "support@microsoft.com" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + }, + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.1", + "resources": [ + { + "type": "Microsoft.SecurityInsights/AlertRuleTemplates", + "name": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "apiVersion": "2022-04-01-preview", + "kind": "Scheduled", + "location": "[parameters('workspace-location')]", + "properties": { + "description": "Creates an incident when a large number of Critical/High severity CrowdStrike Falcon sensor detections is triggered by a single user", + "displayName": "Critical or High Severity Detections by User", + "enabled": false, + "query": "...", + "queryFrequency": "PT1H", + "queryPeriod": "PT1H", + "severity": "High", + "suppressionDuration": "PT1H", + "suppressionEnabled": false, + "triggerOperator": "GreaterThan", + "triggerThreshold": 0, + "status": "Available" + } + }, + { + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split([resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 8365ebfe-a381-45b7-ad08-7d818070e11f)],'/'))))]", + "properties": { + "description": "CrowdStrike Falcon Endpoint Protection Analytics Rule 1", + "parentId": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 8365ebfe-a381-45b7-ad08-7d818070e11f)]", + "contentId": "4465ebde-b381-45f7-ad08-7d818070a11c", + "kind": "AnalyticsRule", + "version": "1.0.0", + "source": { + "kind": "Solution", + "name": "str", + "sourceId": "str.azure-sentinel-solution-str" + }, + "author": { + "name": "Microsoft", + "email": "support@microsoft.com" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + } + } + } + ] + } + }, + "tags": { + "tag1": "str" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentPackages/azuresentinel.azure-sentinel-solution-ciscoumbrella", + "name": "azuresentinel.azure-sentinel-solution-ciscoumbrella", + "type": "Microsoft.SecurityInsights/contenttemplates", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "contentProductId": "str.azure-sentinel-solution-str-ar-cbfe4fndz66bi", + "packageKind": "Solution", + "packageId": "str.azure-sentinel-solution-str", + "packageVersion": "1.0.0", + "contentKind": "AnalyticsRule", + "version": "1.0.1", + "displayName": "API Protection workbook template", + "source": { + "kind": "Solution", + "name": "CiscoUmbrella", + "sourceId": "azuresentinel.azure-sentinel-solution-ciscoumbrella" + }, + "author": { + "name": "Microsoft", + "email": "support@microsoft.com" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + }, + "dependencies": { + "criteria": [ + { + "contentId": "strDataConnector", + "kind": "DataConnector", + "version": "2.0.0" + }, + { + "contentId": "str-Parser", + "kind": "Parser", + "version": "2.0.0" + } + ], + "operator": "AND" + }, + "providers": [ + "Microsoft" + ], + "categories": { + "domains": [ + "Security - Cloud Security" + ], + "verticals": null + }, + "firstPublishDate": "2022-04-01" + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + }, + "201": { + "body": { + "id": "/subscriptions/d0cfeab2-9ae0-4464-9919-dccaee2e48f0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/contentPackages/azuresentinel.azure-sentinel-solution-ciscoumbrella", + "name": "azuresentinel.azure-sentinel-solution-ciscoumbrella", + "type": "Microsoft.SecurityInsights/contenttemplates", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "contentId": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "contentProductId": "str.azure-sentinel-solution-str-ar-cbfe4fndz66bi", + "packageKind": "Solution", + "packageId": "str.azure-sentinel-solution-str", + "packageVersion": "1.0.0", + "contentKind": "AnalyticsRule", + "version": "1.0.1", + "displayName": "API Protection workbook template", + "source": { + "kind": "Solution", + "name": "CiscoUmbrella", + "sourceId": "azuresentinel.azure-sentinel-solution-ciscoumbrella" + }, + "author": { + "name": "Microsoft", + "email": "support@microsoft.com" + }, + "support": { + "tier": "Microsoft", + "name": "Microsoft Corporation", + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/" + }, + "dependencies": { + "criteria": [ + { + "contentId": "strDataConnector", + "kind": "DataConnector", + "version": "2.0.0" + }, + { + "contentId": "str-Parser", + "kind": "Parser", + "version": "2.0.0" + } + ], + "operator": "AND" + }, + "providers": [ + "Microsoft" + ], + "categories": { + "domains": [ + "Security - Cloud Security" + ], + "verticals": null + }, + "firstPublishDate": "2022-04-01" + }, + "systemData": { + "createdBy": "string", + "createdByType": "User", + "createdAt": "2020-04-27T21:53:29.0928001Z", + "lastModifiedBy": "string", + "lastModifiedByType": "User", + "lastModifiedAt": "2020-04-27T21:53:29.0928001Z" + } + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/repositories/GetRepositories.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/repositories/GetRepositories.json new file mode 100644 index 000000000000..76ef5c7b3965 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/repositories/GetRepositories.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "repoType": "Github", + "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "repositoryAccess": { + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "repositoryAccess": { + "kind": "OAuth", + "code": "939fd7c6caf754f4f41f", + "state": "state", + "clientId": "54b3c2c0-1f48-4a1c-af9f-6399c3240b73" + } + } + } + }, + "responses": { + "200": { + "body": { + "value": [ + { + "url": "https://api.github.com/repos/user/reponame", + "fullName": "reponame", + "installationId": 42424242, + "branches": [ + "master", + "develop" + ] + } + ] + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/CreateSourceControl.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/CreateSourceControl.json new file mode 100644 index 000000000000..02efcf76c79c --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/CreateSourceControl.json @@ -0,0 +1,162 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "sourceControlId": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "sourceControl": { + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "displayName": "My Source Control", + "description": "This is a source control", + "repoType": "Github", + "contentTypes": [ + "AnalyticRules", + "Workbook" + ], + "repository": { + "url": "https://github.com/user/repo", + "branch": "master", + "displayUrl": "https://github.com/user/repo" + }, + "repositoryAccess": { + "kind": "OAuth", + "code": "939fd7c6caf754f4f41f", + "state": "state", + "clientId": "54b3c2c0-1f48-4a1c-af9f-6399c3240b73" + } + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a", + "version": "V2", + "name": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "type": "Microsoft.SecurityInsights/SourceControls", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "id": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "displayName": "My Source Control", + "description": "this is a source control", + "repoType": "Github", + "contentTypes": [ + "AnalyticRules", + "Workbook" + ], + "repository": { + "url": "https://github.com/user/repo", + "branch": "master", + "displayUrl": "https://github.com/user/repo", + "deploymentLogsUrl": "https://github.com/user/repo/actions" + }, + "servicePrincipal": { + "id": "2d297bee-cb45-444a-a9ce-904484f0bcd6", + "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "appId": "42a43de2-b712-4408-9680-2514fed984e6" + }, + "repositoryResourceInfo": { + "webhook": { + "webhookId": "342768323", + "webhookUrl": "https://cac.sentinel.azure.com/workspaces/b7c525e9-1bfa-4435-88c0-817e13abb088/webhooks/ado/sourceControl/789e0c1f-4a3d-43ad-809c-e713b677b04a", + "webhookSecretUpdateTime": "2021-01-01T17:18:19.1234567Z" + }, + "gitHubResourceInfo": { + "appInstallationId": "123" + }, + "azureDevOpsResourceInfo": null + }, + "lastDeploymentInfo": { + "deploymentFetchStatus": "Success", + "deployment": { + "deploymentId": "4985046420", + "deploymentState": "Completed", + "deploymentResult": "Success", + "deploymentTime": "2021-01-01T17:18:19.1234567Z", + "deploymentLogsUrl": "https://github.com/user/repo/actions" + }, + "message": "Successful deployment" + }, + "pullRequest": { + "url": "https://github.com/user/repo/pull/123", + "state": "Open" + } + }, + "systemData": { + "createdBy": "user1", + "createdByType": "User", + "createdAt": "2021-01-01T17:18:19.1234567Z", + "lastModifiedBy": "user2", + "lastModifiedByType": "User", + "lastModifiedAt": "2021-01-02T17:18:19.1234567Z" + } + } + }, + "201": { + "body": { + "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a", + "version": "V2", + "name": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "type": "Microsoft.SecurityInsights/SourceControls", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "id": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "displayName": "My Source Control", + "description": "this is a source control", + "repoType": "Github", + "contentTypes": [ + "AnalyticRules", + "Workbook" + ], + "repository": { + "url": "https://github.com/user/repo", + "branch": "master", + "displayUrl": "https://github.com/user/repo", + "deploymentLogsUrl": "https://github.com/user/repo/actions" + }, + "servicePrincipal": { + "id": "2d297bee-cb45-444a-a9ce-904484f0bcd6", + "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "appId": "42a43de2-b712-4408-9680-2514fed984e6" + }, + "repositoryResourceInfo": { + "webhook": { + "webhookId": "342768323", + "webhookUrl": "https://cac.sentinel.azure.com/workspaces/b7c525e9-1bfa-4435-88c0-817e13abb088/webhooks/ado/sourceControl/789e0c1f-4a3d-43ad-809c-e713b677b04a", + "webhookSecretUpdateTime": "2021-01-01T17:18:19.1234567Z" + }, + "gitHubResourceInfo": { + "appInstallationId": "123" + }, + "azureDevOpsResourceInfo": null + }, + "lastDeploymentInfo": { + "deploymentFetchStatus": "Success", + "deployment": { + "deploymentId": "4985046420", + "deploymentState": "Completed", + "deploymentResult": "Success", + "deploymentTime": "2021-01-01T17:18:19.1234567Z", + "deploymentLogsUrl": "https://github.com/user/repo/actions" + }, + "message": "Successful deployment" + }, + "pullRequest": { + "url": "https://github.com/user/repo/pull/123", + "state": "Open" + } + }, + "systemData": { + "createdBy": "user1", + "createdByType": "User", + "createdAt": "2021-01-01T17:18:19.1234567Z", + "lastModifiedBy": "user2", + "lastModifiedByType": "User", + "lastModifiedAt": "2021-01-02T17:18:19.1234567Z" + } + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/DeleteSourceControl.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/DeleteSourceControl.json new file mode 100644 index 000000000000..1933505756d3 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/DeleteSourceControl.json @@ -0,0 +1,29 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "sourceControlId": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "repositoryAccess": { + "properties": { + "repositoryAccess": { + "kind": "OAuth", + "code": "939fd7c6caf754f4f41f", + "state": "state", + "clientId": "54b3c2c0-1f48-4a1c-af9f-6399c3240b73" + } + } + } + }, + "responses": { + "200": { + "body": { + "warning": { + "code": "SourceControlWarning_DeleteServicePrincipal", + "message": "ServicePrincipal has not been removed due to insufficient permissions." + } + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/GetSourceControlById.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/GetSourceControlById.json new file mode 100644 index 000000000000..6f716f662de0 --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/GetSourceControlById.json @@ -0,0 +1,75 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace", + "sourceControlId": "789e0c1f-4a3d-43ad-809c-e713b677b04a" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a", + "version": "V2", + "name": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "type": "Microsoft.SecurityInsights/SourceControls", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "id": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "displayName": "My Source Control", + "description": "this is a source control", + "repoType": "Github", + "contentTypes": [ + "AnalyticRules", + "Workbook" + ], + "repository": { + "url": "https://github.com/user/repo", + "branch": "master", + "displayUrl": "https://github.com/user/repo", + "deploymentLogsUrl": "https://github.com/user/repo/actions" + }, + "servicePrincipal": { + "id": "2d297bee-cb45-444a-a9ce-904484f0bcd6", + "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "appId": "42a43de2-b712-4408-9680-2514fed984e6" + }, + "repositoryResourceInfo": { + "webhook": { + "webhookId": "342768323", + "webhookUrl": "https://cac.sentinel.azure.com/workspaces/b7c525e9-1bfa-4435-88c0-817e13abb088/webhooks/ado/sourceControl/789e0c1f-4a3d-43ad-809c-e713b677b04a", + "webhookSecretUpdateTime": "2021-01-01T17:18:19.1234567Z" + }, + "gitHubResourceInfo": { + "appInstallationId": "123" + }, + "azureDevOpsResourceInfo": null + }, + "lastDeploymentInfo": { + "deploymentFetchStatus": "Success", + "deployment": { + "deploymentId": "4985046420", + "deploymentState": "Completed", + "deploymentResult": "Success", + "deploymentTime": "2021-01-01T17:18:19.1234567Z", + "deploymentLogsUrl": "https://github.com/user/repo/actions" + }, + "message": "Successful deployment" + }, + "pullRequest": { + "url": "https://github.com/user/repo/pull/123", + "state": "Open" + } + }, + "systemData": { + "createdBy": "user1", + "createdByType": "User", + "createdAt": "2021-01-01T17:18:19.1234567Z", + "lastModifiedBy": "user2", + "lastModifiedByType": "User", + "lastModifiedAt": "2021-01-02T17:18:19.1234567Z" + } + } + } + } +} diff --git a/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/GetSourceControls.json b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/GetSourceControls.json new file mode 100644 index 000000000000..cfcb3a1326df --- /dev/null +++ b/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/stable/2023-11-01/examples/sourcecontrols/GetSourceControls.json @@ -0,0 +1,78 @@ +{ + "parameters": { + "api-version": "2023-11-01", + "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + "resourceGroupName": "myRg", + "workspaceName": "myWorkspace" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalIinsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/sourcecontrols/789e0c1f-4a3d-43ad-809c-e713b677b04a", + "version": "V2", + "name": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "type": "Microsoft.SecurityInsights/SourceControls", + "etag": "\"0300bf09-0000-0000-0000-5c37296e0000\"", + "properties": { + "id": "789e0c1f-4a3d-43ad-809c-e713b677b04a", + "displayName": "My Source Control", + "description": "this is a source control", + "repoType": "Github", + "contentTypes": [ + "AnalyticRules", + "Workbook" + ], + "repository": { + "url": "https://github.com/user/repo", + "branch": "master", + "displayUrl": "https://github.com/user/repo", + "deploymentLogsUrl": "https://github.com/user/repo/actions" + }, + "servicePrincipal": { + "id": "2d297bee-cb45-444a-a9ce-904484f0bcd6", + "tenantId": "72f988bf-86f1-41af-91ab-2d7cd011db47", + "appId": "42a43de2-b712-4408-9680-2514fed984e6" + }, + "repositoryResourceInfo": { + "webhook": { + "webhookId": "342768323", + "webhookUrl": "https://cac.sentinel.azure.com/workspaces/b7c525e9-1bfa-4435-88c0-817e13abb088/webhooks/ado/sourceControl/789e0c1f-4a3d-43ad-809c-e713b677b04a", + "webhookSecretUpdateTime": "2021-01-01T17:18:19.1234567Z" + }, + "gitHubResourceInfo": { + "appInstallationId": "123" + }, + "azureDevOpsResourceInfo": null + }, + "lastDeploymentInfo": { + "deploymentFetchStatus": "Success", + "deployment": { + "deploymentId": "4985046420", + "deploymentState": "Completed", + "deploymentResult": "Success", + "deploymentTime": "2021-01-01T17:18:19.1234567Z", + "deploymentLogsUrl": "https://github.com/user/repo/actions" + }, + "message": "Successful deployment" + }, + "pullRequest": { + "url": "https://github.com/user/repo/pull/123", + "state": "Open" + } + }, + "systemData": { + "createdBy": "user1", + "createdByType": "User", + "createdAt": "2021-01-01T17:18:19.1234567Z", + "lastModifiedBy": "user2", + "lastModifiedByType": "User", + "lastModifiedAt": "2021-01-02T17:18:19.1234567Z" + } + } + ] + } + } + } +} diff --git a/specification/securityinsights/resource-manager/common/2.0/types.json b/specification/securityinsights/resource-manager/common/2.0/types.json index 95e2052235e5..36760abb92df 100644 --- a/specification/securityinsights/resource-manager/common/2.0/types.json +++ b/specification/securityinsights/resource-manager/common/2.0/types.json @@ -160,6 +160,30 @@ "type": "integer", "format": "int32", "x-ms-parameter-location": "method" + }, + "ODataExpand": { + "description": "Expands the object with optional fiends that are not included by default. Optional.", + "in": "query", + "name": "$expand", + "required": false, + "type": "string", + "x-ms-parameter-location": "method" + }, + "ODataSearch": { + "description": "Searches for a substring in the response. Optional.", + "in": "query", + "name": "$search", + "required": false, + "type": "string", + "x-ms-parameter-location": "method" + }, + "ODataCount": { + "description": "Instructs the server to return only object count without actual body. Optional.", + "in": "query", + "name": "$count", + "required": false, + "type": "boolean", + "x-ms-parameter-location": "method" } } } diff --git a/specification/securityinsights/resource-manager/readme.md b/specification/securityinsights/resource-manager/readme.md index 7ba900d5bc97..4884a86669fe 100644 --- a/specification/securityinsights/resource-manager/readme.md +++ b/specification/securityinsights/resource-manager/readme.md @@ -41,11 +41,16 @@ input-file: - Microsoft.SecurityInsights/stable/2023-11-01/AlertRules.json - Microsoft.SecurityInsights/stable/2023-11-01/AutomationRules.json - Microsoft.SecurityInsights/stable/2023-11-01/Bookmarks.json + - Microsoft.SecurityInsights/stable/2023-11-01/ContentPackages.json + - Microsoft.SecurityInsights/stable/2023-11-01/ContentProductPackages.json + - Microsoft.SecurityInsights/stable/2023-11-01/ContentProductTemplates.json + - Microsoft.SecurityInsights/stable/2023-11-01/ContentTemplates.json - Microsoft.SecurityInsights/stable/2023-11-01/DataConnectors.json - Microsoft.SecurityInsights/stable/2023-11-01/Incidents.json - Microsoft.SecurityInsights/stable/2023-11-01/Metadata.json - Microsoft.SecurityInsights/stable/2023-11-01/OnboardingStates.json - Microsoft.SecurityInsights/stable/2023-11-01/SecurityMLAnalyticsSettings.json + - Microsoft.SecurityInsights/stable/2023-11-01/SourceControls.json - Microsoft.SecurityInsights/stable/2023-11-01/ThreatIntelligence.json - Microsoft.SecurityInsights/stable/2023-11-01/Watchlists.json - Microsoft.SecurityInsights/stable/2023-11-01/operations.json