diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json new file mode 100644 index 000000000000..1aa6eba61b6a --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json @@ -0,0 +1,249 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2018-01-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These calls handle provider operations." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/providers/Microsoft.Authorization/providerOperations/{resourceProviderNamespace}": { + "get": { + "tags": [ + "ProviderOperationsMetadata" + ], + "operationId": "ProviderOperationsMetadata_Get", + "description": "Gets provider operations metadata for the specified resource provider.", + "parameters": [ + { + "$ref": "#/parameters/ResourceProviderNamespaceParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "$expand", + "in": "query", + "required": false, + "type": "string", + "default": "resourceTypes", + "description": "Specifies whether to expand the values." + } + ], + "responses": { + "200": { + "description": "OK - Returns the operations metadata.", + "schema": { + "$ref": "#/definitions/ProviderOperationsMetadata" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetProviderOperationsRP.json" + } + } + } + }, + "/providers/Microsoft.Authorization/providerOperations": { + "get": { + "tags": [ + "ProviderOperationsMetadata" + ], + "operationId": "ProviderOperationsMetadata_List", + "description": "Gets provider operations metadata for all resource providers.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "$expand", + "in": "query", + "required": false, + "type": "string", + "default": "resourceTypes", + "description": "Specifies whether to expand the values." + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of the operations metadata.", + "schema": { + "$ref": "#/definitions/ProviderOperationsMetadataListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetAllProviderOperations.json" + } + } + } + } + }, + "definitions": { + "ResourceType": { + "properties": { + "name": { + "type": "string", + "description": "The resource type name." + }, + "displayName": { + "type": "string", + "description": "The resource type display name." + }, + "operations": { + "type": "array", + "items": { + "$ref": "#/definitions/ProviderOperation" + }, + "description": "The resource type operations." + } + }, + "description": "Resource Type" + }, + "ProviderOperation": { + "properties": { + "name": { + "type": "string", + "description": "The operation name." + }, + "displayName": { + "type": "string", + "description": "The operation display name." + }, + "description": { + "type": "string", + "description": "The operation description." + }, + "origin": { + "type": "string", + "description": "The operation origin." + }, + "properties": { + "type": "object", + "x-ms-client-flatten": true, + "description": "The operation properties." + }, + "isDataAction": { + "type": "boolean", + "description": "The dataAction flag to specify the operation type." + } + }, + "description": "Operation" + }, + "ProviderOperationsMetadata": { + "properties": { + "id": { + "type": "string", + "description": "The provider id." + }, + "name": { + "type": "string", + "description": "The provider name." + }, + "type": { + "type": "string", + "description": "The provider type." + }, + "displayName": { + "type": "string", + "description": "The provider display name." + }, + "resourceTypes": { + "type": "array", + "items": { + "$ref": "#/definitions/ResourceType" + }, + "description": "The provider resource types" + }, + "operations": { + "type": "array", + "items": { + "$ref": "#/definitions/ProviderOperation" + }, + "description": "The provider operations." + } + }, + "description": "Provider Operations metadata" + }, + "ProviderOperationsMetadataListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/ProviderOperationsMetadata" + }, + "description": "The list of providers." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Provider operations metadata list" + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + }, + "ResourceGroupNameParameter": { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group.", + "x-ms-parameter-location": "method" + }, + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleAssignmentsCalls.json new file mode 100644 index 000000000000..e3c98cc22448 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleAssignmentsCalls.json @@ -0,0 +1,623 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2018-01-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForResource", + "description": "Gets role assignments for a resource.", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceProviderNamespaceParameter" + }, + { + "name": "parentResourcePath", + "in": "path", + "required": true, + "type": "string", + "description": "The parent resource identity.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type of the resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource to get role assignments for." + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentsForResource.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForResourceGroup", + "description": "Gets role assignments for a resource group.", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentsForResourceGroup.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}": { + "delete": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Delete", + "description": "Deletes a role assignment.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment to delete.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/DeleteRoleAssignmentByName.json" + } + } + }, + "put": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Create", + "description": "Creates a role assignment.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment to create. It can be any valid GUID." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentCreateParameters" + }, + "description": "Parameters for the role assignment." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/PutRoleAssignment.json" + } + } + }, + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Get", + "description": "Get the specified role assignment.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentByName.json" + } + } + } + }, + "/{roleId}": { + "delete": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_DeleteById", + "description": "Deletes a role assignment.", + "parameters": [ + { + "name": "roleId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role assignment to delete.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/DeleteRoleAssignmentById.json" + } + } + }, + "put": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_CreateById", + "description": "Creates a role assignment by ID.", + "parameters": [ + { + "name": "roleId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role assignment to create.", + "x-ms-skip-url-encoding": true + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentCreateParameters" + }, + "description": "Parameters for the role assignment." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/PutRoleAssignmentById.json" + } + } + }, + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_GetById", + "description": "Gets a role assignment by ID.", + "parameters": [ + { + "name": "roleId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role assignment to get.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentById.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_List", + "description": "Gets all role assignments for the subscription.", + "parameters": [ + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetAllRoleAssignments.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForScope", + "description": "Gets role assignments for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentByScope.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment of the specific principal." + }, + "canDelegate": { + "type": "boolean", + "description": "The Delegation flag for the roleassignment" + } + }, + "description": "Role Assignments filter" + }, + "RoleAssignmentPropertiesWithScope": { + "properties": { + "scope": { + "type": "string", + "description": "The role assignment scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "canDelegate": { + "type": "boolean", + "description": "The Delegation flag for the roleassignment" + } + }, + "description": "Role assignment properties with scope." + }, + "RoleAssignment": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentPropertiesWithScope", + "description": "Role assignment properties." + } + }, + "description": "Role Assignments" + }, + "RoleAssignmentListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignment" + }, + "description": "Role assignment list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role assignment list operation result." + }, + "RoleAssignmentProperties": { + "properties": { + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID used in the role assignment." + }, + "principalId": { + "type": "string", + "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." + }, + "canDelegate": { + "type": "boolean", + "description": "The delgation flag used for creating a role assignment" + } + }, + "required": [ + "roleDefinitionId", + "principalId" + ], + "description": "Role assignment properties." + }, + "RoleAssignmentCreateParameters": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentProperties", + "description": "Role assignment properties." + } + }, + "required": [ + "properties" + ], + "description": "Role assignment create parameters." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + }, + "ResourceGroupNameParameter": { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group.", + "x-ms-parameter-location": "method" + }, + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleBasedCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleBasedCalls.json deleted file mode 100644 index 378c5e0d69e0..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleBasedCalls.json +++ /dev/null @@ -1,1230 +0,0 @@ -{ - "swagger": "2.0", - "info": { - "title": "AuthorizationManagementClient", - "version": "2018-01-01-preview", - "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role definitions and role assignments. A role definition describes the set of actions that can be performed on resources. A role assignment grants access to Azure Active Directory users." - }, - "host": "management.azure.com", - "schemes": [ - "https" - ], - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "security": [{ - "azure_auth": [ - "user_impersonation" - ] - }], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" - } - } - }, - "paths": { - "/providers/Microsoft.Authorization/providerOperations/{resourceProviderNamespace}": { - "get": { - "tags": [ - "ProviderOperationsMetadata" - ], - "operationId": "ProviderOperationsMetadata_Get", - "description": "Gets provider operations metadata for the specified resource provider.", - "parameters": [ - { - "$ref": "#/parameters/ResourceProviderNamespaceParameter" - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "name": "$expand", - "in": "query", - "required": false, - "type": "string", - "default": "resourceTypes", - "description": "Specifies whether to expand the values." - } - ], - "responses": { - "200": { - "description": "OK - Returns the operations metadata.", - "schema": { - "$ref": "#/definitions/ProviderOperationsMetadata" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetProviderOperationsRP.json" - } - } - } - }, - "/providers/Microsoft.Authorization/providerOperations": { - "get": { - "tags": [ - "ProviderOperationsMetadata" - ], - "operationId": "ProviderOperationsMetadata_List", - "description": "Gets provider operations metadata for all resource providers.", - "parameters": [ - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "name": "$expand", - "in": "query", - "required": false, - "type": "string", - "default": "resourceTypes", - "description": "Specifies whether to expand the values." - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of the operations metadata.", - "schema": { - "$ref": "#/definitions/ProviderOperationsMetadataListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetAllProviderOperations.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Authorization/permissions": { - "get": { - "tags": [ - "Permissions" - ], - "operationId": "Permissions_ListForResourceGroup", - "description": "Gets all permissions the caller has for a resource group.", - "parameters": [ - { - "$ref": "#/parameters/ResourceGroupNameParameter" - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of permissions.", - "schema": { - "$ref": "#/definitions/PermissionGetResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetPermissions.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/permissions": { - "get": { - "tags": [ - "Permissions" - ], - "operationId": "Permissions_ListForResource", - "description": "Gets all permissions the caller has for a resource.", - "parameters": [ - { - "$ref": "#/parameters/ResourceGroupNameParameter" - }, - { - "$ref": "#/parameters/ResourceProviderNamespaceParameter" - }, - { - "name": "parentResourcePath", - "in": "path", - "required": true, - "type": "string", - "description": "The parent resource identity.", - "x-ms-skip-url-encoding": true - }, - { - "name": "resourceType", - "in": "path", - "required": true, - "type": "string", - "description": "The resource type of the resource.", - "x-ms-skip-url-encoding": true - }, - { - "name": "resourceName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the resource to get the permissions for." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of permissions.", - "schema": { - "$ref": "#/definitions/PermissionGetResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetResourcePermissions.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/roleAssignments": { - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_ListForResource", - "description": "Gets role assignments for a resource.", - "parameters": [{ - "$ref": "#/parameters/ResourceGroupNameParameter" - }, - { - "$ref": "#/parameters/ResourceProviderNamespaceParameter" - }, - { - "name": "parentResourcePath", - "in": "path", - "required": true, - "type": "string", - "description": "The parent resource identity.", - "x-ms-skip-url-encoding": true - }, - { - "name": "resourceType", - "in": "path", - "required": true, - "type": "string", - "description": "The resource type of the resource.", - "x-ms-skip-url-encoding": true - }, - { - "name": "resourceName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the resource to get role assignments for." - }, - { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role assignments.", - "schema": { - "$ref": "#/definitions/RoleAssignmentListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleAssignmentFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentsForResource.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments": { - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_ListForResourceGroup", - "description": "Gets role assignments for a resource group.", - "parameters": [{ - "$ref": "#/parameters/ResourceGroupNameParameter" - }, - { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role assignments.", - "schema": { - "$ref": "#/definitions/RoleAssignmentListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleAssignmentFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentsForResourceGroup.json" - } - } - } - }, - "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}": { - "delete": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_Delete", - "description": "Deletes a role assignment.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role assignment to delete.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleAssignmentName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the role assignment to delete." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/DeleteRoleAssignmentByName.json" - } - } - }, - "put": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_Create", - "description": "Creates a role assignment.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role assignment to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleAssignmentName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the role assignment to create. It can be any valid GUID." - }, - { - "name": "parameters", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/RoleAssignmentCreateParameters" - }, - "description": "Parameters for the role assignment." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "201": { - "description": "Created - Returns information about the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/PutRoleAssignment.json" - } - } - }, - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_Get", - "description": "Get the specified role assignment.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role assignment.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleAssignmentName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the role assignment to get." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentByName.json" - } - } - } - }, - "/{roleId}": { - "delete": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_DeleteById", - "description": "Deletes a role assignment.", - "parameters": [{ - "name": "roleId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role assignment to delete.", - "x-ms-skip-url-encoding": true - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/DeleteRoleAssignmentById.json" - } - } - }, - "put": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_CreateById", - "description": "Creates a role assignment by ID.", - "parameters": [{ - "name": "roleId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role assignment to create.", - "x-ms-skip-url-encoding": true - }, - { - "name": "parameters", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/RoleAssignmentCreateParameters" - }, - "description": "Parameters for the role assignment." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "201": { - "description": "Created - Returns the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/PutRoleAssignmentById.json" - } - } - }, - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_GetById", - "description": "Gets a role assignment by ID.", - "parameters": [{ - "name": "roleId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role assignment to get.", - "x-ms-skip-url-encoding": true - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentById.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleAssignments": { - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_List", - "description": "Gets all role assignments for the subscription.", - "parameters": [{ - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role assignments.", - "schema": { - "$ref": "#/definitions/RoleAssignmentListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleAssignmentFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetAllRoleAssignments.json" - } - } - } - }, - "/{scope}/providers/Microsoft.Authorization/roleAssignments": { - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_ListForScope", - "description": "Gets role assignments for a scope.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role assignments.", - "x-ms-skip-url-encoding": true - }, - { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role assignments.", - "schema": { - "$ref": "#/definitions/RoleAssignmentListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleAssignmentFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentByScope.json" - } - } - } - }, - "/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}": { - "delete": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_Delete", - "description": "Deletes a role definition.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role definition.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleDefinitionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role definition to delete." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role definition.", - "schema": { - "$ref": "#/definitions/RoleDefinition" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/DeleteRoleDefinition.json" - } - } - }, - "get": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_Get", - "description": "Get role definition by name (GUID).", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role definition.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleDefinitionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role definition." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role definition.", - "schema": { - "$ref": "#/definitions/RoleDefinition" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleDefinitionByName.json" - } - } - }, - "put": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_CreateOrUpdate", - "description": "Creates or updates a role definition.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role definition.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleDefinitionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role definition." - }, - { - "name": "roleDefinition", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/RoleDefinition" - }, - "description": "The values for the role definition." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "201": { - "description": "OK - Returns information about the role definition.", - "schema": { - "$ref": "#/definitions/RoleDefinition" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/PutRoleDefinition.json" - } - } - } - }, - "/{scope}/providers/Microsoft.Authorization/roleDefinitions": { - "get": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_List", - "description": "Get all role definitions that are applicable at scope and above.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role definition.", - "x-ms-skip-url-encoding": true - }, - { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role definitions.", - "schema": { - "$ref": "#/definitions/RoleDefinitionListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleDefinitionFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleDefinitionAtScope.json" - } - } - } - } - }, - "x-ms-paths":{ - "/{roleId}?disambiguation_dummy": { - "get": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_GetById", - "description": "Gets a role definition by ID.", - "parameters": [{ - "name": "roleId", - "in": "path", - "required": true, - "type": "string", - "description": "The fully qualified role definition ID. Use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for subscription level role definitions, or /providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for tenant level role definitions.", - "x-ms-skip-url-encoding": true - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role definition.", - "schema": { - "$ref": "#/definitions/RoleDefinition" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleDefinitionById.json" - } - } - } - } - }, - "definitions": { - "ProviderOperation": { - "properties": { - "name": { - "type": "string", - "description": "The operation name." - }, - "displayName": { - "type": "string", - "description": "The operation display name." - }, - "description": { - "type": "string", - "description": "The operation description." - }, - "origin": { - "type": "string", - "description": "The operation origin." - }, - "properties": { - "type": "object", - "x-ms-client-flatten": true, - "description": "The operation properties." - }, - "isDataAction": { - "type": "boolean", - "description": "The dataAction flag to specify the operation type." - } - }, - "description": "Operation" - }, - "ResourceType": { - "properties": { - "name": { - "type": "string", - "description": "The resource type name." - }, - "displayName": { - "type": "string", - "description": "The resource type display name." - }, - "operations": { - "type": "array", - "items": { - "$ref": "#/definitions/ProviderOperation" - }, - "description": "The resource type operations." - } - }, - "description": "Resource Type" - }, - "ProviderOperationsMetadata": { - "properties": { - "id": { - "type": "string", - "description": "The provider id." - }, - "name": { - "type": "string", - "description": "The provider name." - }, - "type": { - "type": "string", - "description": "The provider type." - }, - "displayName": { - "type": "string", - "description": "The provider display name." - }, - "resourceTypes": { - "type": "array", - "items": { - "$ref": "#/definitions/ResourceType" - }, - "description": "The provider resource types" - }, - "operations": { - "type": "array", - "items": { - "$ref": "#/definitions/ProviderOperation" - }, - "description": "The provider operations." - } - }, - "description": "Provider Operations metadata" - }, - "ProviderOperationsMetadataListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/ProviderOperationsMetadata" - }, - "description": "The list of providers." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "Provider operations metadata list" - }, - "PermissionGetResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/Permission" - }, - "description": "An array of permissions." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "Permissions information." - }, - "RoleDefinitionFilter": { - "properties": { - "roleName": { - "type": "string", - "description": "Returns role definition with the specific name." - }, - "type": { - "type": "string", - "description": "Returns role definition with the specific type." - } - }, - "description": "Role Definitions filter" - }, - "RoleDefinitionProperties": { - "properties": { - "roleName": { - "type": "string", - "description": "The role name." - }, - "description": { - "type": "string", - "description": "The role definition description." - }, - "type": { - "type": "string", - "description": "The role type.", - "x-ms-client-name": "roleType" - }, - "permissions": { - "type": "array", - "items": { - "$ref": "#/definitions/Permission" - }, - "description": "Role definition permissions." - }, - "assignableScopes": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Role definition assignable scopes." - } - }, - "description": "Role definition properties." - }, - "RoleDefinition": { - "properties": { - "id": { - "type": "string", - "readOnly": true, - "description": "The role definition ID." - }, - "name": { - "type": "string", - "readOnly": true, - "description": "The role definition name." - }, - "type": { - "type": "string", - "readOnly": true, - "description": "The role definition type." - }, - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/RoleDefinitionProperties", - "description": "Role definition properties." - } - }, - "description": "Role definition." - }, - "RoleDefinitionListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/RoleDefinition" - }, - "description": "Role definition list." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "Role definition list operation result." - }, - "RoleAssignmentFilter": { - "properties": { - "principalId": { - "type": "string", - "description": "Returns role assignment of the specific principal." - }, - "canDelegate": { - "type": "boolean", - "description": "The Delegation flag for the roleassignment" - } - }, - "description": "Role Assignments filter" - }, - "RoleAssignmentPropertiesWithScope": { - "properties": { - "scope": { - "type": "string", - "description": "The role assignment scope." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID." - }, - "principalId": { - "type": "string", - "description": "The principal ID." - }, - "canDelegate": { - "type": "boolean", - "description": "The Delegation flag for the roleassignment" - } - }, - "description": "Role assignment properties with scope." - }, - "RoleAssignment": { - "properties": { - "id": { - "type": "string", - "readOnly": true, - "description": "The role assignment ID." - }, - "name": { - "type": "string", - "readOnly": true, - "description": "The role assignment name." - }, - "type": { - "type": "string", - "readOnly": true, - "description": "The role assignment type." - }, - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/RoleAssignmentPropertiesWithScope", - "description": "Role assignment properties." - } - }, - "description": "Role Assignments" - }, - "RoleAssignmentListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/RoleAssignment" - }, - "description": "Role assignment list." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "Role assignment list operation result." - }, - "RoleAssignmentProperties": { - "properties": { - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID used in the role assignment." - }, - "principalId": { - "type": "string", - "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." - }, - "canDelegate": { - "type": "boolean", - "description": "The delgation flag used for creating a role assignment" - } - }, - "required": [ - "roleDefinitionId", - "principalId" - ], - "description": "Role assignment properties." - }, - "RoleAssignmentCreateParameters": { - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/RoleAssignmentProperties", - "description": "Role assignment properties." - } - }, - "required": [ - "properties" - ], - "description": "Role assignment create parameters." - }, - "Permission": { - "properties": { - "actions": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Allowed actions." - }, - "notActions": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Denied actions." - }, - "dataActions": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Allowed Data actions." - }, - "notDataActions": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Denied Data actions." - } - }, - "description": "Role definition permissions." - } - }, - "parameters": { - "SubscriptionIdParameter": { - "name": "subscriptionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the target subscription." - }, - "ApiVersionParameter": { - "name": "api-version", - "in": "query", - "required": true, - "type": "string", - "description": "The API version to use for this operation." - }, - "ResourceGroupNameParameter": { - "name": "resourceGroupName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the resource group.", - "x-ms-parameter-location": "method" - }, - "ResourceProviderNamespaceParameter": { - "name": "resourceProviderNamespace", - "in": "path", - "required": true, - "type": "string", - "description": "The namespace of the resource provider.", - "x-ms-parameter-location": "method" - } - } -} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json new file mode 100644 index 000000000000..809db9dfe1ed --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json @@ -0,0 +1,527 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2018-01-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations allow you to manage role definitions. A role definition describes the set of actions that can be performed on resources." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Authorization/permissions": { + "get": { + "tags": [ + "Permissions" + ], + "operationId": "Permissions_ListForResourceGroup", + "description": "Gets all permissions the caller has for a resource group.", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of permissions.", + "schema": { + "$ref": "#/definitions/PermissionGetResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetPermissions.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/permissions": { + "get": { + "tags": [ + "Permissions" + ], + "operationId": "Permissions_ListForResource", + "description": "Gets all permissions the caller has for a resource.", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceProviderNamespaceParameter" + }, + { + "name": "parentResourcePath", + "in": "path", + "required": true, + "type": "string", + "description": "The parent resource identity.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type of the resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource to get the permissions for." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of permissions.", + "schema": { + "$ref": "#/definitions/PermissionGetResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetResourcePermissions.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}": { + "delete": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_Delete", + "description": "Deletes a role definition.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role definition to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/DeleteRoleDefinition.json" + } + } + }, + "get": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_Get", + "description": "Get role definition by name (GUID).", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role definition." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleDefinitionByName.json" + } + } + }, + "put": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_CreateOrUpdate", + "description": "Creates or updates a role definition.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleDefinitionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role definition." + }, + { + "name": "roleDefinition", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleDefinition" + }, + "description": "The values for the role definition." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/PutRoleDefinition.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleDefinitions": { + "get": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_List", + "description": "Get all role definitions that are applicable at scope and above.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role definition.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role definitions.", + "schema": { + "$ref": "#/definitions/RoleDefinitionListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleDefinitionFilter", + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleDefinitionAtScope.json" + } + } + } + } + }, + "x-ms-paths": { + "/{roleId}?disambiguation_dummy": { + "get": { + "tags": [ + "RoleDefinitions" + ], + "operationId": "RoleDefinitions_GetById", + "description": "Gets a role definition by ID.", + "parameters": [ + { + "name": "roleId", + "in": "path", + "required": true, + "type": "string", + "description": "The fully qualified role definition ID. Use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for subscription level role definitions, or /providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for tenant level role definitions.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role definition.", + "schema": { + "$ref": "#/definitions/RoleDefinition" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleDefinitionById.json" + } + } + } + } + }, + "definitions": { + "RoleDefinitionFilter": { + "properties": { + "roleName": { + "type": "string", + "description": "Returns role definition with the specific name." + }, + "type": { + "type": "string", + "description": "Returns role definition with the specific type." + } + }, + "description": "Role Definitions filter" + }, + "RoleDefinitionProperties": { + "properties": { + "roleName": { + "type": "string", + "description": "The role name." + }, + "description": { + "type": "string", + "description": "The role definition description." + }, + "type": { + "type": "string", + "description": "The role type.", + "x-ms-client-name": "roleType" + }, + "permissions": { + "type": "array", + "items": { + "$ref": "#/definitions/Permission" + }, + "description": "Role definition permissions." + }, + "assignableScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Role definition assignable scopes." + } + }, + "description": "Role definition properties." + }, + "RoleDefinition": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role definition ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role definition name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role definition type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleDefinitionProperties", + "description": "Role definition properties." + } + }, + "description": "Role definition." + }, + "RoleDefinitionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleDefinition" + }, + "description": "Role definition list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role definition list operation result." + }, + "PermissionGetResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Permission" + }, + "description": "An array of permissions." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Permissions information." + }, + "Permission": { + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed actions." + }, + "notActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied actions." + }, + "dataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed Data actions." + }, + "notDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied Data actions." + } + }, + "description": "Role definition permissions." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + }, + "ResourceGroupNameParameter": { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group.", + "x-ms-parameter-location": "method" + }, + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-parameter-location": "method" + }, + "FilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all deny assignments at or above the scope. Use $filter=denyAssignmentName eq '{name}' to search deny assignments by name at specified scope. Use $filter=principalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. Use $filter=gdprExportPrincipalId eq '{id}' to return all deny assignments at, above and below the scope for the specified principal. This filter is different from the principalId filter as it returns not only those deny assignments that contain the specified principal is the Principals list but also those deny assignments that contain the specified principal is the ExcludePrincipals list. Additionally, when gdprExportPrincipalId filter is used, only the deny assignment name and description properties are returned.", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleAssignmentsCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleAssignmentsCalls.json new file mode 100644 index 000000000000..99a48ce7ba40 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleAssignmentsCalls.json @@ -0,0 +1,643 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2018-09-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForResource", + "description": "Gets role assignments for a resource.", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceProviderNamespaceParameter" + }, + { + "name": "parentResourcePath", + "in": "path", + "required": true, + "type": "string", + "description": "The parent resource identity.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type of the resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource to get role assignments for." + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentsForResource.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForResourceGroup", + "description": "Gets role assignments for a resource group.", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentsForResourceGroup.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}": { + "delete": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Delete", + "description": "Deletes a role assignment.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment to delete.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/DeleteRoleAssignmentByName.json" + } + } + }, + "put": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Create", + "description": "Creates a role assignment.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment to create. It can be any valid GUID." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentCreateParameters" + }, + "description": "Parameters for the role assignment." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/PutRoleAssignment.json" + } + } + }, + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_Get", + "description": "Get the specified role assignment.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentByName.json" + } + } + } + }, + "/{roleId}": { + "delete": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_DeleteById", + "description": "Deletes a role assignment.", + "parameters": [ + { + "name": "roleId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role assignment to delete.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/DeleteRoleAssignmentById.json" + } + } + }, + "put": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_CreateById", + "description": "Creates a role assignment by ID.", + "parameters": [ + { + "name": "roleId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role assignment to create.", + "x-ms-skip-url-encoding": true + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentCreateParameters" + }, + "description": "Parameters for the role assignment." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/PutRoleAssignmentById.json" + } + } + }, + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_GetById", + "description": "Gets a role assignment by ID.", + "parameters": [ + { + "name": "roleId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the role assignment to get.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignment" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentById.json" + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_List", + "description": "Gets all role assignments for the subscription.", + "parameters": [ + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetAllRoleAssignments.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignments": { + "get": { + "tags": [ + "RoleAssignments" + ], + "operationId": "RoleAssignments_ListForScope", + "description": "Gets role assignments for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments.", + "schema": { + "$ref": "#/definitions/RoleAssignmentListResult" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentFilter", + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleAssignmentByScope.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment of the specific principal." + }, + "canDelegate": { + "type": "boolean", + "description": "The Delegation flag for the roleassignment" + } + }, + "description": "Role Assignments filter" + }, + "RoleAssignmentPropertiesWithScope": { + "properties": { + "scope": { + "type": "string", + "description": "The role assignment scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "canDelegate": { + "type": "boolean", + "description": "The Delegation flag for the roleassignment" + } + }, + "description": "Role assignment properties with scope." + }, + "RoleAssignment": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentPropertiesWithScope", + "description": "Role assignment properties." + } + }, + "description": "Role Assignments" + }, + "RoleAssignmentListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignment" + }, + "description": "Role assignment list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "Role assignment list operation result." + }, + "RoleAssignmentProperties": { + "properties": { + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID used in the role assignment." + }, + "principalId": { + "type": "string", + "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "Unknown", + "DirectoryRoleTemplate", + "ForeignGroup", + "Application", + "MSI", + "DirectoryObjectOrGroup", + "Everyone" + ], + "x-ms-enum": { + "name": "PrincipalType", + "modelAsString": true + } + }, + "canDelegate": { + "type": "boolean", + "description": "The delgation flag used for creating a role assignment" + } + }, + "required": [ + "roleDefinitionId", + "principalId" + ], + "description": "Role assignment properties." + }, + "RoleAssignmentCreateParameters": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentProperties", + "description": "Role assignment properties." + } + }, + "required": [ + "properties" + ], + "description": "Role assignment create parameters." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for this operation." + }, + "ResourceGroupNameParameter": { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group.", + "x-ms-parameter-location": "method" + }, + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-parameter-location": "method" + } + } +} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleBasedCalls.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleBasedCalls.json deleted file mode 100644 index 056a1bcfea61..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleBasedCalls.json +++ /dev/null @@ -1,1250 +0,0 @@ -{ - "swagger": "2.0", - "info": { - "title": "AuthorizationManagementClient", - "version": "2018-09-01-preview", - "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role definitions and role assignments. A role definition describes the set of actions that can be performed on resources. A role assignment grants access to Azure Active Directory users." - }, - "host": "management.azure.com", - "schemes": [ - "https" - ], - "consumes": [ - "application/json" - ], - "produces": [ - "application/json" - ], - "security": [{ - "azure_auth": [ - "user_impersonation" - ] - }], - "securityDefinitions": { - "azure_auth": { - "type": "oauth2", - "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", - "flow": "implicit", - "description": "Azure Active Directory OAuth2 Flow", - "scopes": { - "user_impersonation": "impersonate your user account" - } - } - }, - "paths": { - "/providers/Microsoft.Authorization/providerOperations/{resourceProviderNamespace}": { - "get": { - "tags": [ - "ProviderOperationsMetadata" - ], - "operationId": "ProviderOperationsMetadata_Get", - "description": "Gets provider operations metadata for the specified resource provider.", - "parameters": [ - { - "$ref": "#/parameters/ResourceProviderNamespaceParameter" - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "name": "$expand", - "in": "query", - "required": false, - "type": "string", - "default": "resourceTypes", - "description": "Specifies whether to expand the values." - } - ], - "responses": { - "200": { - "description": "OK - Returns the operations metadata.", - "schema": { - "$ref": "#/definitions/ProviderOperationsMetadata" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetProviderOperationsRP.json" - } - } - } - }, - "/providers/Microsoft.Authorization/providerOperations": { - "get": { - "tags": [ - "ProviderOperationsMetadata" - ], - "operationId": "ProviderOperationsMetadata_List", - "description": "Gets provider operations metadata for all resource providers.", - "parameters": [ - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "name": "$expand", - "in": "query", - "required": false, - "type": "string", - "default": "resourceTypes", - "description": "Specifies whether to expand the values." - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of the operations metadata.", - "schema": { - "$ref": "#/definitions/ProviderOperationsMetadataListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetAllProviderOperations.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Authorization/permissions": { - "get": { - "tags": [ - "Permissions" - ], - "operationId": "Permissions_ListForResourceGroup", - "description": "Gets all permissions the caller has for a resource group.", - "parameters": [ - { - "$ref": "#/parameters/ResourceGroupNameParameter" - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of permissions.", - "schema": { - "$ref": "#/definitions/PermissionGetResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetPermissions.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/permissions": { - "get": { - "tags": [ - "Permissions" - ], - "operationId": "Permissions_ListForResource", - "description": "Gets all permissions the caller has for a resource.", - "parameters": [ - { - "$ref": "#/parameters/ResourceGroupNameParameter" - }, - { - "$ref": "#/parameters/ResourceProviderNamespaceParameter" - }, - { - "name": "parentResourcePath", - "in": "path", - "required": true, - "type": "string", - "description": "The parent resource identity.", - "x-ms-skip-url-encoding": true - }, - { - "name": "resourceType", - "in": "path", - "required": true, - "type": "string", - "description": "The resource type of the resource.", - "x-ms-skip-url-encoding": true - }, - { - "name": "resourceName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the resource to get the permissions for." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of permissions.", - "schema": { - "$ref": "#/definitions/PermissionGetResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetResourcePermissions.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/roleAssignments": { - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_ListForResource", - "description": "Gets role assignments for a resource.", - "parameters": [{ - "$ref": "#/parameters/ResourceGroupNameParameter" - }, - { - "$ref": "#/parameters/ResourceProviderNamespaceParameter" - }, - { - "name": "parentResourcePath", - "in": "path", - "required": true, - "type": "string", - "description": "The parent resource identity.", - "x-ms-skip-url-encoding": true - }, - { - "name": "resourceType", - "in": "path", - "required": true, - "type": "string", - "description": "The resource type of the resource.", - "x-ms-skip-url-encoding": true - }, - { - "name": "resourceName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the resource to get role assignments for." - }, - { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role assignments.", - "schema": { - "$ref": "#/definitions/RoleAssignmentListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleAssignmentFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentsForResource.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/roleAssignments": { - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_ListForResourceGroup", - "description": "Gets role assignments for a resource group.", - "parameters": [{ - "$ref": "#/parameters/ResourceGroupNameParameter" - }, - { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role assignments.", - "schema": { - "$ref": "#/definitions/RoleAssignmentListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleAssignmentFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentsForResourceGroup.json" - } - } - } - }, - "/{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}": { - "delete": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_Delete", - "description": "Deletes a role assignment.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role assignment to delete.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleAssignmentName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the role assignment to delete." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/DeleteRoleAssignmentByName.json" - } - } - }, - "put": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_Create", - "description": "Creates a role assignment.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role assignment to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleAssignmentName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the role assignment to create. It can be any valid GUID." - }, - { - "name": "parameters", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/RoleAssignmentCreateParameters" - }, - "description": "Parameters for the role assignment." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "201": { - "description": "Created - Returns information about the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/PutRoleAssignment.json" - } - } - }, - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_Get", - "description": "Get the specified role assignment.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role assignment.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleAssignmentName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the role assignment to get." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentByName.json" - } - } - } - }, - "/{roleId}": { - "delete": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_DeleteById", - "description": "Deletes a role assignment.", - "parameters": [{ - "name": "roleId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role assignment to delete.", - "x-ms-skip-url-encoding": true - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/DeleteRoleAssignmentById.json" - } - } - }, - "put": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_CreateById", - "description": "Creates a role assignment by ID.", - "parameters": [{ - "name": "roleId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role assignment to create.", - "x-ms-skip-url-encoding": true - }, - { - "name": "parameters", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/RoleAssignmentCreateParameters" - }, - "description": "Parameters for the role assignment." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "201": { - "description": "Created - Returns the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/PutRoleAssignmentById.json" - } - } - }, - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_GetById", - "description": "Gets a role assignment by ID.", - "parameters": [{ - "name": "roleId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role assignment to get.", - "x-ms-skip-url-encoding": true - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns the role assignment.", - "schema": { - "$ref": "#/definitions/RoleAssignment" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentById.json" - } - } - } - }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/roleAssignments": { - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_List", - "description": "Gets all role assignments for the subscription.", - "parameters": [{ - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role assignments.", - "schema": { - "$ref": "#/definitions/RoleAssignmentListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleAssignmentFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetAllRoleAssignments.json" - } - } - } - }, - "/{scope}/providers/Microsoft.Authorization/roleAssignments": { - "get": { - "tags": [ - "RoleAssignments" - ], - "operationId": "RoleAssignments_ListForScope", - "description": "Gets role assignments for a scope.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role assignments.", - "x-ms-skip-url-encoding": true - }, - { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignments at or above the scope. Use $filter=principalId eq {id} to return all role assignments at, above or below the scope for the specified principal." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role assignments.", - "schema": { - "$ref": "#/definitions/RoleAssignmentListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleAssignmentFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleAssignmentByScope.json" - } - } - } - }, - "/{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}": { - "delete": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_Delete", - "description": "Deletes a role definition.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role definition.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleDefinitionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role definition to delete." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role definition.", - "schema": { - "$ref": "#/definitions/RoleDefinition" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/DeleteRoleDefinition.json" - } - } - }, - "get": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_Get", - "description": "Get role definition by name (GUID).", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role definition.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleDefinitionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role definition." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role definition.", - "schema": { - "$ref": "#/definitions/RoleDefinition" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleDefinitionByName.json" - } - } - }, - "put": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_CreateOrUpdate", - "description": "Creates or updates a role definition.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role definition.", - "x-ms-skip-url-encoding": true - }, - { - "name": "roleDefinitionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the role definition." - }, - { - "name": "roleDefinition", - "in": "body", - "required": true, - "schema": { - "$ref": "#/definitions/RoleDefinition" - }, - "description": "The values for the role definition." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "201": { - "description": "OK - Returns information about the role definition.", - "schema": { - "$ref": "#/definitions/RoleDefinition" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/PutRoleDefinition.json" - } - } - } - }, - "/{scope}/providers/Microsoft.Authorization/roleDefinitions": { - "get": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_List", - "description": "Get all role definitions that are applicable at scope and above.", - "parameters": [{ - "name": "scope", - "in": "path", - "required": true, - "type": "string", - "description": "The scope of the role definition.", - "x-ms-skip-url-encoding": true - }, - { - "name": "$filter", - "in": "query", - "required": false, - "type": "string", - "description": "The filter to apply on the operation. Use atScopeAndBelow filter to search below the given scope as well." - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns an array of role definitions.", - "schema": { - "$ref": "#/definitions/RoleDefinitionListResult" - } - } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" - }, - "x-ms-odata": "#/definitions/RoleDefinitionFilter", - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleDefinitionAtScope.json" - } - } - } - } - }, - "x-ms-paths":{ - "/{roleId}?disambiguation_dummy": { - "get": { - "tags": [ - "RoleDefinitions" - ], - "operationId": "RoleDefinitions_GetById", - "description": "Gets a role definition by ID.", - "parameters": [{ - "name": "roleId", - "in": "path", - "required": true, - "type": "string", - "description": "The fully qualified role definition ID. Use the format, /subscriptions/{guid}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for subscription level role definitions, or /providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId} for tenant level role definitions.", - "x-ms-skip-url-encoding": true - }, - { - "$ref": "#/parameters/ApiVersionParameter" - } - ], - "responses": { - "200": { - "description": "OK - Returns information about the role definition.", - "schema": { - "$ref": "#/definitions/RoleDefinition" - } - } - }, - "x-ms-examples": { - "GetConfigurations": { - "$ref": "./examples/GetRoleDefinitionById.json" - } - } - } - } - }, - "definitions": { - "ProviderOperation": { - "properties": { - "name": { - "type": "string", - "description": "The operation name." - }, - "displayName": { - "type": "string", - "description": "The operation display name." - }, - "description": { - "type": "string", - "description": "The operation description." - }, - "origin": { - "type": "string", - "description": "The operation origin." - }, - "properties": { - "type": "object", - "x-ms-client-flatten": true, - "description": "The operation properties." - }, - "isDataAction": { - "type": "boolean", - "description": "The dataAction flag to specify the operation type." - } - }, - "description": "Operation" - }, - "ResourceType": { - "properties": { - "name": { - "type": "string", - "description": "The resource type name." - }, - "displayName": { - "type": "string", - "description": "The resource type display name." - }, - "operations": { - "type": "array", - "items": { - "$ref": "#/definitions/ProviderOperation" - }, - "description": "The resource type operations." - } - }, - "description": "Resource Type" - }, - "ProviderOperationsMetadata": { - "properties": { - "id": { - "type": "string", - "description": "The provider id." - }, - "name": { - "type": "string", - "description": "The provider name." - }, - "type": { - "type": "string", - "description": "The provider type." - }, - "displayName": { - "type": "string", - "description": "The provider display name." - }, - "resourceTypes": { - "type": "array", - "items": { - "$ref": "#/definitions/ResourceType" - }, - "description": "The provider resource types" - }, - "operations": { - "type": "array", - "items": { - "$ref": "#/definitions/ProviderOperation" - }, - "description": "The provider operations." - } - }, - "description": "Provider Operations metadata" - }, - "ProviderOperationsMetadataListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/ProviderOperationsMetadata" - }, - "description": "The list of providers." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "Provider operations metadata list" - }, - "PermissionGetResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/Permission" - }, - "description": "An array of permissions." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "Permissions information." - }, - "RoleDefinitionFilter": { - "properties": { - "roleName": { - "type": "string", - "description": "Returns role definition with the specific name." - }, - "type": { - "type": "string", - "description": "Returns role definition with the specific type." - } - }, - "description": "Role Definitions filter" - }, - "RoleDefinitionProperties": { - "properties": { - "roleName": { - "type": "string", - "description": "The role name." - }, - "description": { - "type": "string", - "description": "The role definition description." - }, - "type": { - "type": "string", - "description": "The role type.", - "x-ms-client-name": "roleType" - }, - "permissions": { - "type": "array", - "items": { - "$ref": "#/definitions/Permission" - }, - "description": "Role definition permissions." - }, - "assignableScopes": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Role definition assignable scopes." - } - }, - "description": "Role definition properties." - }, - "RoleDefinition": { - "properties": { - "id": { - "type": "string", - "readOnly": true, - "description": "The role definition ID." - }, - "name": { - "type": "string", - "readOnly": true, - "description": "The role definition name." - }, - "type": { - "type": "string", - "readOnly": true, - "description": "The role definition type." - }, - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/RoleDefinitionProperties", - "description": "Role definition properties." - } - }, - "description": "Role definition." - }, - "RoleDefinitionListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/RoleDefinition" - }, - "description": "Role definition list." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "Role definition list operation result." - }, - "RoleAssignmentFilter": { - "properties": { - "principalId": { - "type": "string", - "description": "Returns role assignment of the specific principal." - }, - "canDelegate": { - "type": "boolean", - "description": "The Delegation flag for the roleassignment" - } - }, - "description": "Role Assignments filter" - }, - "RoleAssignmentPropertiesWithScope": { - "properties": { - "scope": { - "type": "string", - "description": "The role assignment scope." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID." - }, - "principalId": { - "type": "string", - "description": "The principal ID." - }, - "canDelegate": { - "type": "boolean", - "description": "The Delegation flag for the roleassignment" - } - }, - "description": "Role assignment properties with scope." - }, - "RoleAssignment": { - "properties": { - "id": { - "type": "string", - "readOnly": true, - "description": "The role assignment ID." - }, - "name": { - "type": "string", - "readOnly": true, - "description": "The role assignment name." - }, - "type": { - "type": "string", - "readOnly": true, - "description": "The role assignment type." - }, - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/RoleAssignmentPropertiesWithScope", - "description": "Role assignment properties." - } - }, - "description": "Role Assignments" - }, - "RoleAssignmentListResult": { - "properties": { - "value": { - "type": "array", - "items": { - "$ref": "#/definitions/RoleAssignment" - }, - "description": "Role assignment list." - }, - "nextLink": { - "type": "string", - "description": "The URL to use for getting the next set of results." - } - }, - "description": "Role assignment list operation result." - }, - "RoleAssignmentProperties": { - "properties": { - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID used in the role assignment." - }, - "principalId": { - "type": "string", - "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." - }, - "principalType": { - "type": "string", - "description": "The principal type of the assigned principal ID.", - "enum": [ - "User", - "Group", - "ServicePrincipal", - "Unknown", - "DirectoryRoleTemplate", - "ForeignGroup", - "Application", - "MSI", - "DirectoryObjectOrGroup", - "Everyone" - ], - "x-ms-enum": { - "name": "PrincipalType", - "modelAsString": true - } - }, - "canDelegate": { - "type": "boolean", - "description": "The delgation flag used for creating a role assignment" - } - }, - "required": [ - "roleDefinitionId", - "principalId" - ], - "description": "Role assignment properties." - }, - "RoleAssignmentCreateParameters": { - "properties": { - "properties": { - "x-ms-client-flatten": true, - "$ref": "#/definitions/RoleAssignmentProperties", - "description": "Role assignment properties." - } - }, - "required": [ - "properties" - ], - "description": "Role assignment create parameters." - }, - "Permission": { - "properties": { - "actions": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Allowed actions." - }, - "notActions": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Denied actions." - }, - "dataActions": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Allowed Data actions." - }, - "notDataActions": { - "type": "array", - "items": { - "type": "string" - }, - "description": "Denied Data actions." - } - }, - "description": "Role definition permissions." - } - }, - "parameters": { - "SubscriptionIdParameter": { - "name": "subscriptionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the target subscription." - }, - "ApiVersionParameter": { - "name": "api-version", - "in": "query", - "required": true, - "type": "string", - "description": "The API version to use for this operation." - }, - "ResourceGroupNameParameter": { - "name": "resourceGroupName", - "in": "path", - "required": true, - "type": "string", - "description": "The name of the resource group.", - "x-ms-parameter-location": "method" - }, - "ResourceProviderNamespaceParameter": { - "name": "resourceProviderNamespace", - "in": "path", - "required": true, - "type": "string", - "description": "The namespace of the resource provider.", - "x-ms-parameter-location": "method" - } - } -} \ No newline at end of file diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/examples/PutRoleAssignmentById.json b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/examples/PutRoleAssignmentById.json index 8659ad8e2bef..ddbaaea7afdb 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/examples/PutRoleAssignmentById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/preview/2018-09-01-preview/examples/PutRoleAssignmentById.json @@ -6,7 +6,7 @@ "properties": { "roleDefinitionId": "/subscriptions/4004a9fd-d58e-48dc-aeb2-4a4aec58606f/providers/Microsoft.Authorization/roleDefinitions/de139f84-1756-47ae-9be6-808fbbe84772", "principalId": "d93a38bc-d029-4160-bfb0-fbda779ac214", - "principalType": "User", + "principalType": "User", "canDelegate":false } }, diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 3c5f59689b9f..4e9fe2de1813 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -26,7 +26,7 @@ These are the global settings for the Authorization API. ``` yaml openapi-type: arm -tag: package-2018-07-01-preview +tag: package-2018-09-01-preview ``` ## Suppression @@ -91,7 +91,9 @@ These settings apply only when `--tag=package-2018-01-01-preview-only` is specif ``` yaml $(tag) == 'package-2018-01-01-preview-only' input-file: -- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleBasedCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json ``` ### Tag: package-2018-07-01-preview-only @@ -109,7 +111,7 @@ These settings apply only when `--tag=package-2018-09-01-preview-only` is specif ``` yaml $(tag) == 'package-2018-09-01-preview-only' input-file: -- Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleBasedCalls.json +- Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleAssignmentsCalls.json ``` ### Tag: package-2017-10-01-preview @@ -130,7 +132,9 @@ These settings apply only when `--tag=package-2018-01-01-preview` is specified o ``` yaml $(tag) == 'package-2018-01-01-preview' input-file: - Microsoft.Authorization/preview/2015-06-01/authorization-ClassicAdminCalls.json -- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleBasedCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json ``` ### Tag: package-2018-07-01-preview @@ -140,7 +144,9 @@ These settings apply only when `--tag=package-2018-07-01-preview` is specified o ``` yaml $(tag) == 'package-2018-07-01-preview' input-file: - Microsoft.Authorization/preview/2015-06-01/authorization-ClassicAdminCalls.json -- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleBasedCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json - Microsoft.Authorization/preview/2018-07-01-preview/authorization-DenyAssignmentGetCalls.json ``` @@ -151,7 +157,9 @@ These settings apply only when `--tag=package-2018-09-01-preview` is specified o ``` yaml $(tag) == 'package-2018-09-01-preview' input-file: - Microsoft.Authorization/preview/2015-06-01/authorization-ClassicAdminCalls.json -- Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleBasedCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/preview/2018-09-01-preview/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/preview/2018-01-01-preview/authorization-RoleDefinitionsCalls.json - Microsoft.Authorization/preview/2018-07-01-preview/authorization-DenyAssignmentGetCalls.json ``` @@ -182,6 +190,15 @@ swagger-to-sdk: See configuration in [readme.go.md](./readme.go.md) +### Tag: package-2018-09-01-preview and go + +These settings apply only when `--tag=package-2018-09-01-preview --go` is specified on the command line. +Please also specify `--go-sdk-folder=`. + +``` yaml $(tag) == 'package-2018-09-01-preview' && $(go) +output-folder: $(go-sdk-folder)/services/preview/authorization/mgmt/2018-09-01-preview/authorization +``` + ## Java These settings apply only when `--java` is specified on the command line.