Skip to content

Dev sentinel securityinsights microsoft.security insights 2025 04 01 preview#33317

Merged
xuhumsft merged 11 commits intomainfrom
dev-Sentinel-securityinsights-Microsoft.SecurityInsights-2025-04-01-preview
May 1, 2025
Merged

Dev sentinel securityinsights microsoft.security insights 2025 04 01 preview#33317
xuhumsft merged 11 commits intomainfrom
dev-Sentinel-securityinsights-Microsoft.SecurityInsights-2025-04-01-preview

Conversation

@xuhumsft
Copy link
Copy Markdown
Member

@xuhumsft xuhumsft commented Mar 19, 2025
edited
Loading

ARM (Control Plane) API Specification Update Pull Request

Tip

Overwhelmed by all this guidance? See the Getting help section at the bottom of this PR description.

PR review workflow diagram

Please understand this diagram before proceeding. It explains how to get your PR approved & merged.

spec_pr_review_workflow_diagram

Purpose of this PR

What's the purpose of this PR? Check the specific option that applies. This is mandatory!

  • New resource provider.
  • New API version for an existing resource provider. (If API spec is not defined in TypeSpec, the PR should have been created in adherence to OpenAPI specs PR creation guidance).
  • Update existing version for a new feature. (This is applicable only when you are revising a private preview API version.)
  • Update existing version to fix OpenAPI spec quality issues in S360.
  • Convert existing OpenAPI spec to TypeSpec spec (do not combine this with implementing changes for a new API version).
  • Other, please clarify:
    • edit this with your clarification

Due diligence checklist

To merge this PR, you must go through the following checklist and confirm you understood
and followed the instructions by checking all the boxes:

  • I confirm this PR is modifying Azure Resource Manager (ARM) related specifications, and not data plane related specifications.
  • I have reviewed following Resource Provider guidelines, including
    ARM resource provider contract and
    REST guidelines (estimated time: 4 hours).
    I understand this is required before I can proceed to the diagram Step 2, "ARM API changes review", for this PR.

Additional information

Viewing API changes

For convenient view of the API changes made by this PR, refer to the URLs provided in the table
in the Generated ApiView comment added to this PR. You can use ApiView to show API versions diff.

Suppressing failures

If one or multiple validation error/warning suppression(s) is detected in your PR, please follow the
suppressions guide to get approval.

Getting help

  • First, please carefully read through this PR description, from top to bottom. Please fill out the Purpose of this PR and Due diligence checklist.
  • If you don't have permissions to remove or add labels to the PR, request write access per aka.ms/azsdk/access#request-access-to-rest-api-or-sdk-repositories
  • To understand what you must do next to merge this PR, see the Next Steps to Merge comment. It will appear within few minutes of submitting this PR and will continue to be up-to-date with current PR state.
  • For guidance on fixing this PR CI check failures, see the hyperlinks provided in given failure
    and https://aka.ms/ci-fix.
  • For help with ARM review (PR workflow diagram Step 2), see https://aka.ms/azsdk/pr-arm-review.
  • If the PR CI checks appear to be stuck in queued state, please add a comment with contents /azp run.
    This should result in a new comment denoting a PR validation pipeline has started and the checks should be updated after few minutes.
  • If the help provided by the previous points is not enough, post to https://aka.ms/azsdk/support/specreview-channel and link to this PR.

xuhumsft and others added 6 commits March 11, 2025 11:24
@xuhumsft
Copy files from preview/2025-01-01-preview
cdb1478 
Copied the files in a separate commit.
This allows reviewers to easily diff subsequent changes against the previous spec.
@xuhumsft
Update version to preview/2025-04-01-preview
99a5a21 
Updated the API version from preview/2025-01-01-preview to preview/2025-04-01-preview.
@xuhumsft
Added tag for 2025-04-01-preview in readme file
6b62a21
@xuhumsft
fix the tag error generated by the script
8f4c187
@xuhumsft
fix the prettier issue generated by the script
a1b100a
@coled-ms @TIPSentinelEcoDevs
add CustomData metadataKind (#33292)
c2eeee0 
Co-authored-by: SentinelEcoDevs <sentinelecodevs@microsoft.com>
@openapi-pipeline-app
Copy link
Copy Markdown

openapi-pipeline-app bot commented Mar 19, 2025
edited
Loading

Next Steps to Merge

✅ All automated merging requirements have been met! To get your PR merged, see aka.ms/azsdk/specreview/merge.

@openapi-pipeline-app
Copy link
Copy Markdown

openapi-pipeline-app bot commented Mar 19, 2025
edited
Loading

PR validation pipeline restarted successfully. If there is ApiView generated, it will be updated in this comment.

@github-actions github-actions bot added the brownfield Brownfield services will soon be required to convert to TypeSpec. See https://aka.ms/azsdk/typespec. label Mar 19, 2025
@azure-sdk
Copy link
Copy Markdown
Collaborator

azure-sdk commented Mar 19, 2025
edited by github-actions bot
Loading

API Change Check

APIView identified API level changes in this PR and created the following API reviews

Language API Review for Package
Swagger common

This was referenced Mar 19, 2025
Closed
Closed
@AzureRestAPISpecReview AzureRestAPISpecReview added ARMReview new-api-version resource-manager WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required labels Mar 19, 2025
@azure-sdk azure-sdk mentioned this pull request Apr 3, 2025
Closed
@TimLovellSmith
Copy link
Copy Markdown
Member

TimLovellSmith commented Apr 4, 2025

Please can you fix all 'MISSING_APIS_IN_DEFAULT_TAG' errors in Avocado?

TimLovellSmith
TimLovellSmith reviewed Apr 4, 2025
View reviewed changes
specification/securityinsights/resource-manager/readme.md
reason: This API is published to customers and we have not changed it in the past year, nor will we be able to change it without breaking changes to customers.
- code: DeleteResponseCodes
from: FileImports.json
reason: This API is published to customers and we have not changed it in the past year, nor will we be able to change it without breaking changes to customers.
Copy link
Copy Markdown
Member

@TimLovellSmith TimLovellSmith Apr 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have a doubt, all these justifications about breaking changes not allowed - are they comparing to a previously released GA version, or only to a preview version?

Copy link
Copy Markdown
Member Author

@xuhumsft xuhumsft Apr 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @TimLovellSmith ,

We have alternative release between the GA release and the preview release. And some decide their preview release would not be merged to GA. So, when it is compared to previous GA release, we got those warnings. However, they are not related to the new changes in the current version. The same thing applied to the GA release as well.

Copy link
Copy Markdown
Member

@razvanbadea-msft razvanbadea-msft Apr 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I approved the suppressions as it was already reviewed in the previous version

TimLovellSmith
TimLovellSmith approved these changes Apr 4, 2025
View reviewed changes
Copy link
Copy Markdown
Member

@TimLovellSmith TimLovellSmith left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Recording my general approval here. In general the change looks okay to me so far. Just have some 'wait and see feelings' around suppressions and keeping linter tools happy.

@razvanbadea-msft
Copy link
Copy Markdown
Member

razvanbadea-msft commented Apr 8, 2025

Please can you fix all 'MISSING_APIS_IN_DEFAULT_TAG' errors in Avocado?

this was not yet fixed

@xuhumsft
Copy link
Copy Markdown
Member Author

xuhumsft commented Apr 25, 2025

For 'MISSING_APIS_IN_DEFAULT_TAG', The error was caused by the switching parameter operationalInsightsResourceProvider to a fixed value Microsoft.OperationalInsights. Also some of the APIs are deprecated.

For the operationalInsightsResourceProvider. Here is an example
Bookmark. 2019-01-01-preview and 2021-03-01-preview
/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks
The version after those version
/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/bookmarks

Definition of operationalInsightsResourceProvider
2019-01-01-preview
https://github.com/Azure/azure-rest-api-specs/blob/91c6b2357c03f2d2f86b278ae459b3c3361d0915/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/SecurityInsights.json#L8310C1-L8317C7
2021-03-01-preview

azure-rest-api-specs/specification/securityinsights/resource-manager/common/1.0/types.json

Lines 161 to 168 in 91c6b23

"OperationalInsightsResourceProvider": {
"description": "The namespace of workspaces resource provider- Microsoft.OperationalInsights.",
"in": "path",
"name": "operationalInsightsResourceProvider",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
},

Details of the error are in the following table.

file in new version file in old version Difference Notes
None Microsoft.SecurityInsights/preview/2019-01-01-preview/Aggregations.json Removed in 2021-03-01-preview  
Microsoft.SecurityInsights/preview/2025-04-01-preview/AutomationRules.json Microsoft.SecurityInsights/preview/2019-01-01-preview/AutomationRules.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  
Microsoft.SecurityInsights/preview/2025-04-01-preview/Bookmarks.json Microsoft.SecurityInsights/preview/2019-01-01-preview/Bookmarks.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  
None Microsoft.SecurityInsights/preview/2019-01-01-preview/Cases.json Removed in 2021-03-01-preview  
None Microsoft.SecurityInsights/preview/2019-01-01-preview/DataConnectorsCheckRequirements.json Removed in 2021-03-01-preview  
None Microsoft.SecurityInsights/preview/2024-01-01-preview/Enrichment.json Removed in 2024-04-01-preview #28437
Microsoft.SecurityInsights/preview/2025-04-01-preview/Entities.json Microsoft.SecurityInsights/preview/2019-01-01-preview/Entities.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  
Microsoft.SecurityInsights/preview/2025-04-01-preview/OfficeConsents.json Microsoft.SecurityInsights/preview/2019-01-01-preview/OfficeConsents.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  
Microsoft.SecurityInsights/preview/2025-04-01-preview/AlertRules.json Microsoft.SecurityInsights/preview/2021-03-01-preview/AlertRules.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  
Microsoft.SecurityInsights/preview/2025-04-01-preview/dataConnectors.json Microsoft.SecurityInsights/preview/2021-03-01-preview/dataConnectors.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  
Microsoft.SecurityInsights/preview/2025-04-01-preview/Settings.json Microsoft.SecurityInsights/preview/2021-03-01-preview/Settings.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  
Microsoft.SecurityInsights/preview/2025-04-01-preview/EntityQueries.json Microsoft.SecurityInsights/preview/2021-03-01-preview/EntityQueries.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  
Microsoft.SecurityInsights/preview/2025-04-01-preview/Incidents.json Microsoft.SecurityInsights/preview/2021-03-01-preview/Incidents.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  
Microsoft.SecurityInsights/preview/2021-03-01-preview/Watchlists.json Microsoft.SecurityInsights/preview/2021-03-01-preview/Watchlists.json OperationProvider was a parameter but a fixed value in the version after 2021-03-01-preview  

@xuhumsft
Copy link
Copy Markdown
Member Author

xuhumsft commented Apr 28, 2025

/azp run

@azure-pipelines
Copy link
Copy Markdown

azure-pipelines bot commented Apr 28, 2025

You have several pipelines (over 10) configured to build pull requests in this repository. Specify which pipelines you would like to run by using /azp run [pipelines] command. You can specify multiple pipelines using a comma separated list.

@xuhumsft xuhumsft mentioned this pull request May 28, 2025
Merged
9 tasks
@xuhumsft xuhumsft mentioned this pull request Jul 9, 2025
Merged
9 tasks
@guywilfshukrun guywilfshukrun mentioned this pull request Aug 25, 2025
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@razvanbadea-msft razvanbadea-msft razvanbadea-msft left review comments

@TimLovellSmith TimLovellSmith TimLovellSmith approved these changes

Assignees

No one assigned

Labels

Approved-Avocado Approved-Suppression ARMReview ARMSignedOff <valid label in PR review process>add this label when ARM approve updates after review brownfield Brownfield services will soon be required to convert to TypeSpec. See https://aka.ms/azsdk/typespec. new-api-version PipelineBotTrigger PublishToCustomers Acknowledgement the changes will be published to Azure customers. resource-manager SuppressionReviewRequired

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

9 participants

@xuhumsft @azure-sdk @rkmanda @ramoka178 @TimLovellSmith @razvanbadea-msft @gary-x-li @AzureRestAPISpecReview @coled-ms