Introducing new API for Advanced Threat Protection#3306
Conversation
API form -
{resourceUri}/providers/Microsoft.Security/advancedThreatProtectionSettings/{settingName}
Suppporting verbs -
GET, PUT and Delete.
URI example -
/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Storage/storageAccounts/samplestorageaccount/providers/Microsoft.Security/advancedThreatProtectionSettings/current
Design doc for ATP -
https://microsoft.sharepoint.com/teams/Data_Security/Documents/Dev%20Specs/Storage%20Threat%20Detection/Threat%20Detection%20for%20Azure%20Storage%20-%20Design%20Document.docx?d=w996c55b5a160468c9a9bd0434418a4d0
Automation for azure-sdk-for-pythonNothing to generate for azure-sdk-for-python |
Automation for azure-sdk-for-goThe initial PR has been merged into your service PR: |
Automation for azure-sdk-for-nodeNothing to generate for azure-sdk-for-node |
Automation for azure-sdk-for-rubyNothing to generate for azure-sdk-for-ruby |
Automation for azure-sdk-for-javaNothing to generate for azure-sdk-for-java |
| "200": { | ||
| "description": "Successful request to get Advanced Threat Protection settings.", | ||
| "schema": { | ||
| "$ref": "#/definitions/AdvancedThreatProtectionSettings" |
There was a problem hiding this comment.
"AdvancedThreatProtectionSetting" (singular)
There was a problem hiding this comment.
I would also rename this to "AdvancedThreatProtection" so it will make more sense
There was a problem hiding this comment.
resource type is always plural across all azure -
diagnosticSettings, servers, databases, geoBackupPolicies, operationResults, extendedDiagnosticSettings, etc...
There was a problem hiding this comment.
It's plural also in ASC - securityContacts, workspaceSettings, pricings, etc...
There was a problem hiding this comment.
Regarding AdvancedThreatProtection vs AdvancedThreatProtectionSettings -
We reviewed it internally and I changed to AdvancedThreatProtectionSettings following a feedback I got.
The purpose of these type is indeed settings so it make sense to me more than AdvancedThreatProtection which doesn't really imply on the real intent.
Also here, all previous features we released followed this pattern -
VulnerabilityAssessmentSettings, auditingSettings.
and in ASC - workspaceSettings, autoProvisioningSettings, etc...
There was a problem hiding this comment.
I talked about the object name and not the resource type
the object that you return is only one setting and not settings
in workspaceSettings etc. it's the same
| }, | ||
| "tags": [ "AdvancedThreatProtection" ], | ||
| "description": "Creates or updates the Advanced Threat Protection settings on a specified resource.", | ||
| "operationId": "AdvancedThreatProtection_Put", |
There was a problem hiding this comment.
AdvancedThreatProtection_Create
| } | ||
| } | ||
| }, | ||
| "delete": { |
There was a problem hiding this comment.
delete doesn't have a lot of meaning here
what's the difference between this and "isEnabled": false?
please pick one of them (is enabled property or create delete a resource)
I suggest the property since it will allow you to use policies
There was a problem hiding this comment.
make sense, I removed the DELETE operation
| "settingName": "current" | ||
| }, | ||
| "responses": { | ||
| "200": { |
There was a problem hiding this comment.
missing 204 example (copy from the JIT delete)
you also have a test that fails on that
There was a problem hiding this comment.
I'm removing the DELETE operation and stays only with GET and PUT.
When no settings are exists, GET will return "isEnalbed : false" value.
Using PUT, we'll be able to turn the settings ON or OFF.
| }, | ||
| "AdvancedThreatProtectionProperties": { | ||
| "properties": { | ||
| "isEnabled": { |
| "description": "name of the Compliance", | ||
| "x-ms-parameter-location": "method" | ||
| }, | ||
| "ResourceUri": { |
There was a problem hiding this comment.
change to "resourceId" to use the same standard as other RPs
|
please make the "MODE=model PR_ONLY=true" test in Travis pass |
|
To @chlahav's point, there are some missing and inconsistent examples. You can find details caught by our linter here: https://travis-ci.org/Azure/azure-rest-api-specs/jobs/396930169#L748 |
| "200": { | ||
| "description": "Successful request to remove Advanced Threat Protection setting." | ||
| }, | ||
| "204": { |
There was a problem hiding this comment.
Just out of curiosity, is there any scenario where this operation would return a 404?
For example:
200 -> Deleted a resource, it's former contents are returned in this response
204 -> This resource was just deleted by another request.
404 -> There was never a resource by this name.
I'm just not sure what the right REST idiom is here.
There was a problem hiding this comment.
I removed the DELETE operation and stayed only with PUT (following Chen feedback, see above)
marstr
added
the
WaitForARMFeedback
tomerlmsft
changed the title
*Removed DELETE operation, stayed only with GET and PUT. *Changed ResourceUri to ResourceId *Changed isEnabled to enabled
…atProtectionSetting
|
@tomerlmsft, this looks good from my perspective. Given that we've waited for more than a three business days without the ARM team responding, we can go ahead and merge it. However, doing so means you'll potentially have ARM feedback be reported on a production service. This can cause complications. However, it is up to you. Would you like to proceed and have me merge this PR? |
| "description": "The identifier of the resource.", | ||
| "x-ms-parameter-location": "method" | ||
| }, | ||
| "AdvancedThreatProtectionSettingName": { |
There was a problem hiding this comment.
if current is the only value supported for the setting name we should make an enum with one value.
There was a problem hiding this comment.
Also do you support a list API?
There was a problem hiding this comment.
I changed it to enum with one value, thanks for the comment.
There was a problem hiding this comment.
We don't support LIST in our API, the only available type of settings name right now is "current".
ravbhatnagar
added
ARMSignedOff
|
Looks good! |
|
I see you've named this "[Do Not Merge]". When are you expecting this PR to be mergeable, @tomerlmsft? |
|
Hi Mark, |
marstr
added
the
DoNotMerge
|
Added the [DoMergeLabel] to indicate, without opening the PR, that we are waiting for the ARM manifest to be updated. |
|
I'm going to be on vacation for the next two days (until Monday, July 30th). If this PR needs attention in the mean time, please contact my boss, @salameer. |
|
Can one of the admins verify this patch? |
|
Any updates on this, @tomerlmsft? |
|
Closing as stale. |
|
After an offline request by @tomerlmsft, I'm going to reopen this. |
|
Restarted CI because it looks like the failure on the most recent commit was unrelated to your change. |
tomerlmsft
changed the title
|
Just as a heads up, I'm going to be OOF all next week. However, since this PR is just waiting for the service to be available, I don't think there's any need to reassign while I'm gone. If you need a swagger reviewer to take a look at this, try getting a hold of @salameer or the swagger reviewer email alias. |
|
@tomerlmsft, heads up on this conflict that has emerged. |
marstr
changed the title
marstr
removed
the
DoNotMerge
|
I was asked offline to merge this PR by @tomerlmsft. |
6 participants
API form -
{resourceUri}/providers/Microsoft.Security/advancedThreatProtectionSettings/{settingName}
Suppporting verbs -
GET, PUT and Delete.
URI example -
/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/SampleRG/providers/Microsoft.Storage/storageAccounts/samplestorageaccount/providers/Microsoft.Security/advancedThreatProtectionSettings/current
Design doc for ATP -
https://microsoft.sharepoint.com/teams/Data_Security/Documents/Dev%20Specs/Storage%20Threat%20Detection/Threat%20Detection%20for%20Azure%20Storage%20-%20Design%20Document.docx?d=w996c55b5a160468c9a9bd0434418a4d0
VSTS item -
#247253, #257790
This checklist is used to make sure that common issues in a pull request are addressed. This will expedite the process of getting your pull request merged and avoid extra work on your part to fix issues discovered during the review process.
PR information
api-versionin the path should match theapi-versionin the spec).Quality of Swagger