Skip to content

Security Center - Fix JIT documentation #3407

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
annatisch merged 1 commit into from
Jul 13, 2018
Merged

Security Center - Fix JIT documentation #3407

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 24 additions & 14 deletions ...-01-preview/examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,24 +5,34 @@
"ascLocation": "westeurope",
"resourceGroupName": "myRg1",
"jitNetworkAccessPolicyName": "default",
"jitNetworkAccessPolicyActionType": "initiate",
"jitNetworkAccessPolicyInitiateType": "initiate",
"body": {
"virtualMachines": [
{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",
"ports": [
{
"number": 3389,
"duration": "PT1H",
"allowedSourceAddressPrefix": "192.127.0.2"
}
]
}
]
}
"virtualMachines": [{
"id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",
"ports": [{
"number": 3389,
"duration": "PT1H",
"allowedSourceAddressPrefix": "192.127.0.2"
}]
}]
}
},
"responses": {
"202": {
"body": {
"virtualMachines": [{
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourceGroups/myRg1/providers/Microsoft.Compute/virtualMachines/vm1",
"ports": [{
"number": 3389,
"allowedSourceAddressPrefix": "192.127.0.2",
"endTimeUtc": "2018-07-12T09:53:03.3658798Z",
"status": "Initiating",
"statusReason": "UserRequested"
}]
}],
"startTimeUtc": "2018-07-12T08:53:03.3658798Z",
"requestor": "[email protected]"
}
}
}
}
55 changes: 33 additions & 22 deletions ...ion/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/security.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1087,15 +1087,15 @@
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}/{jitNetworkAccessPolicyActionType}": {
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}/{jitNetworkAccessPolicyInitiateType}": {
"post": {
"x-ms-examples": {
"Initiate an action on a JIT network access policy": {
"$ref": "./examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json"
}
},
"tags": ["JitNetworkAccessPolicies"],
"description": "Perform an action on a specific Just-in-Time policy configuration.",
"description": "Initiate a JIT access from a specific Just-in-Time policy configuration.",
"operationId": "JitNetworkAccessPolicies_Initiate",
"parameters": [{
"$ref": "#/parameters/SubscriptionId"
Expand All @@ -1110,18 +1110,21 @@
"$ref": "#/parameters/JitNetworkAccessPolicyName"
},
{
"$ref": "#/parameters/JitNetworkAccessPolicyActionType"
"$ref": "#/parameters/JitNetworkAccessPolicyInitiateType"
},
{
"$ref": "#/parameters/ApiVersion"
},
{
"$ref": "#/parameters/JitNetworkAccessPolicyAction"
"$ref": "#/parameters/JitNetworkAccessPolicyInitiateRequest"
}
],
"responses": {
"202": {
"description": "Accepted"
"description": "Accepted",
"schema": {
"$ref": "#/definitions/JitNetworkAccessRequest"
}
},
"default": {
"description": "Error response describing why the operation failed.",
Expand Down Expand Up @@ -1307,7 +1310,6 @@
"description": "Describes an Azure resource with kind",
"properties": {
"kind": {
"readOnly": true,
"type": "string",
"description": "Kind of the resource"
}
Expand Down Expand Up @@ -1882,15 +1884,23 @@
}
},
"allowedSourceAddressPrefix": {
"type": "string"
"type": "string",
"description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
},
"allowedSourceAddressPrefixes": {
"type": "array",
"description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.",
"items": {
"type": "string",
"description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
}
},
"maxRequestAccessDuration": {
"type": "string",
"description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day"
}
},
"required": [
"allowedSourceAddressPrefix",
"maxRequestAccessDuration",
"number",
"protocol"
Expand Down Expand Up @@ -1949,12 +1959,13 @@
},
"allowedSourceAddressPrefix": {
"type": "string",
"description": "The IP address range that the port was opened for"
"description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
},
"allowedSourceAddressPrefixes": {
"type": "array",
"description": "The IP address ranges that the port was opened for",
"description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.",
"items": {
"description": "IP addess or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\".",
"type": "string"
}
},
Expand Down Expand Up @@ -2013,22 +2024,22 @@
"statusReason"
]
},
"JitNetworkAccessPolicyAction": {
"JitNetworkAccessPolicyInitiateRequest": {
"type": "object",
"properties": {
"virtualMachines": {
"type": "array",
"description": "A list of virtual machines & ports to open access for",
"items": {
"$ref": "#/definitions/JitNetworkAccessPolicyActionVirtualMachine"
"$ref": "#/definitions/JitNetworkAccessPolicyInitiateVirtualMachine"
}
}
},
"required": [
"virtualMachines"
]
},
"JitNetworkAccessPolicyActionVirtualMachine": {
"JitNetworkAccessPolicyInitiateVirtualMachine": {
"type": "object",
"properties": {
"id": {
Expand All @@ -2039,7 +2050,7 @@
"type": "array",
"description": "The ports to open for the resource with the `id`",
"items": {
"$ref": "#/definitions/JitNetworkAccessPolicyActionPort"
"$ref": "#/definitions/JitNetworkAccessPolicyInitiatePort"
}
}
},
Expand All @@ -2048,14 +2059,15 @@
"ports"
]
},
"JitNetworkAccessPolicyActionPort": {
"JitNetworkAccessPolicyInitiatePort": {
"type": "object",
"properties": {
"number": {
"$ref": "#/definitions/PortNumber"
},
"allowedSourceAddressPrefix": {
"type": "string"
"type": "string",
"description": "Source of the allowed traffic. If omitted, the request will be for the source IP address of the initiate request."
},
"endTimeUtc": {
"type": "string",
Expand All @@ -2064,13 +2076,12 @@
}
},
"required": [
"allowedSourceAddressPrefix",
"endTimeUtc",
"number"
]
},
"PortNumber": {
"type": "number",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
Expand Down Expand Up @@ -2397,8 +2408,8 @@
"description": "Name of a Just-in-Time access configuration policy.",
"x-ms-parameter-location": "method"
},
"JitNetworkAccessPolicyActionType": {
"name": "jitNetworkAccessPolicyActionType",
"JitNetworkAccessPolicyInitiateType": {
"name": "jitNetworkAccessPolicyInitiateType",
"type": "string",
"in": "path",
"required": true,
Expand All @@ -2408,12 +2419,12 @@
],
"x-ms-parameter-location": "method"
},
"JitNetworkAccessPolicyAction": {
"JitNetworkAccessPolicyInitiateRequest": {
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/JitNetworkAccessPolicyAction"
"$ref": "#/definitions/JitNetworkAccessPolicyInitiateRequest"
},
"x-ms-parameter-location": "method"
},
Expand Down