diff --git a/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMax.json b/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMax.json new file mode 100644 index 000000000000..8c1673b8af09 --- /dev/null +++ b/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMax.json @@ -0,0 +1,39 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-4799", + "serverName": "securityalert-6440", + "securityAlertPolicyName": "Default", + "api-version": "2017-12-01", + "parameters": { + "properties": { + "state": "Enabled", + "emailAccountAdmins": true, + "emailAddresses": ["testSecurityAlert@microsoft.com"], + "disabledAlerts": ["Access_Anomaly", "Usage_Anomaly"], + "retentionDays": 5, + "storageAccountAccessKey": "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==", + "storageEndpoint": "https://mystorage.blob.core.windows.net" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.DBforPostgreSQL/servers/securityalert-6440/securityAlertPolicies/default", + "name": "Default", + "type": "Microsoft.DBforPostgreSQL/servers/securityAlertPolicies", + "properties": { + "state": "Enabled", + "emailAccountAdmins": true, + "emailAddresses": ["testSecurityAlert@microsoft.com"], + "disabledAlerts": ["Access_Anomaly","Usage_Anomaly"], + "retentionDays": 5, + "storageEndpoint": "https://mystorage.blob.core.windows.net" + } + } + }, + "202": { + } + } +} \ No newline at end of file diff --git a/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMin.json b/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMin.json new file mode 100644 index 000000000000..16b2ed2a2e6b --- /dev/null +++ b/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMin.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-4799", + "serverName": "securityalert-6440", + "securityAlertPolicyName": "Default", + "api-version": "2017-12-01", + "parameters": { + "properties": { + "state": "Disabled", + "emailAccountAdmins": true + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.DBforPostgreSQL/servers/securityalert-6440/securityAlertPolicies/default", + "name": "Default", + "type": "Microsoft.DBforPostgreSQL/servers/securityAlertPolicies", + "properties": { + "state": "Enabled", + "emailAccountAdmins": true, + "emailAddresses": [""], + "disabledAlerts": [""], + "retentionDays": 0, + "storageEndpoint": "" + } + } + }, + "202": { + } + } +} \ No newline at end of file diff --git a/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/examples/ServerSecurityAlertsGet.json b/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/examples/ServerSecurityAlertsGet.json new file mode 100644 index 000000000000..6a7000e0ae50 --- /dev/null +++ b/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/examples/ServerSecurityAlertsGet.json @@ -0,0 +1,26 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-4799", + "serverName": "securityalert-6440", + "securityAlertPolicyName": "Default", + "api-version": "2017-03-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.DBforPostgreSQL/servers/securityalert-6440/securityAlertPolicies/default", + "name": "Default", + "type": "Microsoft.DBforPostgreSQL/servers/securityAlertPolicies", + "properties": { + "state": "Disabled", + "emailAccountAdmins": true, + "emailAddresses": [ "test@microsoft.com;user@microsoft.com" ], + "disabledAlerts": ["Access_Anomaly"], + "retentionDays": 0, + "storageEndpoint": "https://mystorage.blob.core.windows.net" + } + } + } + } +} \ No newline at end of file diff --git a/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/postgresql.json b/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/postgresql.json index d067b8b13e84..6d8b9975f8b5 100644 --- a/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/postgresql.json +++ b/specification/postgresql/resource-manager/Microsoft.DBforPostgreSQL/stable/2017-12-01/postgresql.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "PostgreSQLManagementClient", - "description": "The Microsoft Azure management API provides create, read, update, and delete functionality for Azure PostgreSQL resources including servers, databases, firewall rules, log files and configurations with new business model.", + "description": "The Microsoft Azure management API provides create, read, update, and delete functionality for Azure PostgreSQL resources including servers, databases, firewall rules, security alert policies, log files and configurations with new business model.", "version": "2017-12-01" }, "host": "management.azure.com", @@ -875,6 +875,126 @@ } } }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforPostgreSQL/servers/{serverName}/securityAlertPolicies/{securityAlertPolicyName}": { + "get": { + "tags": [ + "ServerSecurityAlertPolicies" + ], + "description": "Get a server's security alert policy.", + "operationId": "ServerSecurityAlertPolicies_Get", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "$ref": "#/parameters/ServerNameParameter" + }, + { + "name": "securityAlertPolicyName", + "in": "path", + "description": "The name of the security alert policy.", + "required": true, + "type": "string", + "enum": [ + "Default" + ], + "x-ms-enum": { + "name": "SecurityAlertPolicyName", + "modelAsString": true + } + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the server threat detection policy.", + "schema": { + "$ref": "#/definitions/ServerSecurityAlertPolicy" + } + }, + "default": { + "description": "Error response describing why the operation of getting security alert policies failed." + } + }, + "x-ms-examples": { + "Get a server's threat detection policy": { + "$ref": "./examples/ServerSecurityAlertsGet.json" + } + } + }, + "put": { + "tags": [ + "ServerSecurityAlertPolicies" + ], + "description": "Creates or updates a threat detection policy.", + "operationId": "ServerSecurityAlertPolicies_CreateOrUpdate", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "$ref": "#/parameters/ServerNameParameter" + }, + { + "name": "securityAlertPolicyName", + "in": "path", + "description": "The name of the threat detection policy.", + "required": true, + "type": "string", + "enum": [ + "Default" + ], + "x-ms-enum": { + "name": "SecurityAlertPolicyName", + "modelAsString": true + } + }, + { + "name": "parameters", + "in": "body", + "description": "The server security alert policy.", + "required": true, + "schema": { + "$ref": "#/definitions/ServerSecurityAlertPolicy" + } + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully updated the threat detection policy.", + "schema": { + "$ref": "#/definitions/ServerSecurityAlertPolicy" + } + }, + "default": { + "description": "Error response describing why the operation of setting security alert policies failed." + }, + "202": { + "description": "Created request to set the server threat detection policy." + } + }, + "x-ms-long-running-operation": true, + "x-ms-examples": { + "Update a server's threat detection policy with all parameters": { + "$ref": "./examples/ServerSecurityAlertsCreateMax.json" + }, + "Update a server's threat detection policy with minimal parameters": { + "$ref": "./examples/ServerSecurityAlertsCreateMin.json" + } + } + } + }, "/providers/Microsoft.DBforPostgreSQL/operations": { "get": { "tags": [ @@ -1661,6 +1781,74 @@ } }, "description": "Represents a resource name availability." + }, + "SecurityAlertPolicyProperties": { + "description": "Properties of a security alert policy.", + "required": [ + "state" + ], + "type": "object", + "properties": { + "state": { + "description": "Specifies the state of the policy, whether it is enabled or disabled.", + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "ServerSecurityAlertPolicyState", + "modelAsString": false + } + }, + "disabledAlerts": { + "description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly", + "type": "array", + "items": { + "type": "string" + } + }, + "emailAddresses": { + "description": "Specifies an array of e-mail addresses to which the alert is sent.", + "type": "array", + "items": { + "type": "string" + } + }, + "emailAccountAdmins": { + "description": "Specifies that the alert is sent to the account administrators.", + "type": "boolean" + }, + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.", + "type": "string" + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the Threat Detection audit storage account.", + "type": "string" + }, + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the Threat Detection audit logs.", + "type": "integer" + } + } + }, + "ServerSecurityAlertPolicy": { + "description": "A server security alert policy.", + "type": "object", + "allOf": [ + { + "$ref": "#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/SecurityAlertPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } } }, "parameters": { @@ -1725,6 +1913,17 @@ "type": "string", "description": "The name of the location.", "x-ms-parameter-location": "method" + }, + "SecurityAlertPolicyNameParameter": { + "name": "securityAlertPolicyName", + "in": "path", + "description": "The name of the security alert policy.", + "required": true, + "type": "string", + "enum": [ + "default" + ], + "x-ms-parameter-location": "method" } } } \ No newline at end of file diff --git a/specification/postgresql/resource-manager/readme.md b/specification/postgresql/resource-manager/readme.md index 0d27a1a27f33..2322e041a432 100644 --- a/specification/postgresql/resource-manager/readme.md +++ b/specification/postgresql/resource-manager/readme.md @@ -57,7 +57,7 @@ These settings apply only when `--tag=package-2017-12-01` is specified on the co ``` yaml $(tag) == 'package-2017-12-01' input-file: -- Microsoft.DBforPostgreSQL/stable/2017-12-01/postgresql.json +- Microsoft.DBforPostgreSQL/stable/2017-12-01/postgresql.json ```