diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/applicationWhitelistings.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/applicationWhitelistings.json index 199df611c216..aff771ab41ff 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/applicationWhitelistings.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/applicationWhitelistings.json @@ -211,6 +211,9 @@ "enforcementMode": { "$ref": "#/definitions/EnforcementMode" }, + "protectionMode": { + "$ref": "#/definitions/ProtectionMode" + }, "configurationStatus": { "$ref": "#/definitions/ConfigurationStatus" }, @@ -236,8 +239,13 @@ "description": "The altered data of the recommended VM/server group policy", "properties": { "enforcementMode": { + "description": "The enforcement mode of the group. Can also be defined per collection type by using ProtectionMode", "$ref": "#/definitions/EnforcementMode" }, + "protectionMode": { + "description": "The protection mode of the group per collection type. Can also be defined for all collection types by using EnforcementMode", + "$ref": "#/definitions/ProtectionMode" + }, "vmRecommendations": { "$ref": "#/definitions/VmRecommendations" }, @@ -259,12 +267,31 @@ }, "EnforcementMode": { "type": "string", - "description": "The application control policy enforcement mode of the VM/server group", + "description": "The application control policy enforcement/protection mode of the VM/server group", "enum": [ "Audit", - "Enforce" + "Enforce", + "None" ] }, + "ProtectionMode": { + "type": "object", + "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.", + "properties": { + "exe": { + "$ref": "#/definitions/EnforcementMode" + }, + "msi": { + "$ref": "#/definitions/EnforcementMode" + }, + "script": { + "$ref": "#/definitions/EnforcementMode" + }, + "executable": { + "$ref": "#/definitions/EnforcementMode" + } + } + }, "RecommendationStatus": { "type": "string", "description": "The recommendation status of the VM/server group or VM/server", diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsGroup_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsGroup_example.json index 39af7849aa4e..2139161dea73 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsGroup_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsGroup_example.json @@ -15,6 +15,11 @@ "properties": { "recommendationStatus": "Recommended", "enforcementMode": "Audit", + "protectionMode": { + "exe": "Audit", + "msi": "Audit", + "script": "None" + }, "vmRecommendations": [ { "configurationStatus": "Configured", diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsSubscription_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsSubscription_example.json index aafa6fbedeb7..2434125dbc69 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsSubscription_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsSubscription_example.json @@ -17,6 +17,11 @@ "properties": { "recommendationStatus": "Recommended", "enforcementMode": "Audit", + "protectionMode": { + "exe": "Audit", + "msi": "Audit", + "script": "None" + }, "vmRecommendations": [ { "configurationStatus": "Configured", @@ -124,6 +129,11 @@ "properties": { "recommendationStatus": "Recommended", "enforcementMode": "Audit", + "protectionMode": { + "exe": "Audit", + "msi": "None", + "script": "None" + }, "vmRecommendations": [ { "configurationStatus": "Configured", @@ -169,6 +179,11 @@ "properties": { "recommendationStatus": "Recommended", "enforcementMode": "Audit", + "protectionMode": { + "exe": "Audit", + "msi": "None", + "script": "None" + }, "vmRecommendations": [ { "configurationStatus": "Configured", @@ -313,123 +328,6 @@ "sourceSystem": "Azure_AppLocker" } }, - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/centralus/applicationWhitelistings/GROUP2-RE", - "name": "GROUP2-RE", - "type": "Microsoft.Security/applicationWhitelistings", - "location": "centralus", - "properties": { - "recommendationStatus": "Recommended", - "enforcementMode": "Audit", - "vmRecommendations": [ - { - "configurationStatus": "Configured", - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/matanjittest/providers/microsoft.compute/virtualmachines/matansourcejit", - "recommendationAction": "Recommended" - }, - { - "configurationStatus": "Configured", - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/erelh-dsc/providers/microsoft.compute/virtualmachines/erelh-14010", - "recommendationAction": "Recommended" - }, - { - "configurationStatus": "Configured", - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16091", - "recommendationAction": "Recommended" - } - ], - "pathRecommendations": [ - { - "path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0", - "type": "PublisherSignature", - "publisherInfo": { - "publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US", - "productName": "*", - "binaryName": "*", - "version": "0.0.0.0" - }, - "common": true, - "action": "Recommended", - "usernames": [ - { - "username": "Everyone", - "recommendationAction": "Recommended" - } - ], - "userSids": [ - "S-1-1-0" - ], - "fileType": "Exe", - "configurationStatus": "Configured" - }, - { - "path": "C:\\bla.exe", - "type": "File", - "common": true, - "action": "Add", - "usernames": [ - { - "username": "Everyone", - "recommendationAction": "Recommended" - } - ], - "userSids": [ - "S-1-1-0" - ], - "fileType": "Exe", - "configurationStatus": "Configured" - } - ], - "configurationStatus": "Configured", - "issues": [], - "sourceSystem": "Azure_AppLocker" - } - }, - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/BENJITGROUP13", - "name": "BENJITGROUP13", - "type": "Microsoft.Security/applicationWhitelistings", - "location": "westeurope", - "properties": { - "recommendationStatus": "Recommended", - "enforcementMode": "Audit", - "vmRecommendations": [ - { - "configurationStatus": "Configured", - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/bengr-jit-test/providers/microsoft.compute/virtualmachines/bengr-jit-test3", - "recommendationAction": "Recommended" - } - ], - "pathRecommendations": [ - { - "path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0", - "type": "PublisherSignature", - "publisherInfo": { - "publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US", - "productName": "*", - "binaryName": "*", - "version": "0.0.0.0" - }, - "common": true, - "action": "Recommended", - "usernames": [ - { - "username": "Everyone", - "recommendationAction": "Recommended" - } - ], - "userSids": [ - "S-1-1-0" - ], - "fileType": "Exe", - "configurationStatus": "Configured" - } - ], - "configurationStatus": "Configured", - "issues": [], - "sourceSystem": "Azure_AppLocker" - } - }, { "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/GROUP1", "name": "GROUP1", @@ -438,6 +336,9 @@ "properties": { "recommendationStatus": "Recommended", "enforcementMode": "Audit", + "protectionMode": { + "executable": "Audit" + }, "vmRecommendations": [ { "configurationStatus": "Configured", @@ -1110,51 +1011,6 @@ ], "sourceSystem": "Azure_AuditD" } - }, - { - "id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/GROUP2", - "name": "GROUP2", - "type": "Microsoft.Security/applicationWhitelistings", - "location": "westeurope", - "properties": { - "recommendationStatus": "Recommended", - "enforcementMode": "Audit", - "vmRecommendations": [ - { - "configurationStatus": "Configured", - "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/bengr-jit-test/providers/microsoft.compute/virtualmachines/bengr-jit-test1", - "recommendationAction": "Recommended" - } - ], - "pathRecommendations": [ - { - "path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0", - "type": "PublisherSignature", - "publisherInfo": { - "publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US", - "productName": "*", - "binaryName": "*", - "version": "0.0.0.0" - }, - "common": true, - "action": "Recommended", - "usernames": [ - { - "username": "Everyone", - "recommendationAction": "Recommended" - } - ], - "userSids": [ - "S-1-1-0" - ], - "fileType": "Exe", - "configurationStatus": "Configured" - } - ], - "configurationStatus": "Configured", - "issues": [], - "sourceSystem": "Azure_AppLocker" - } } ] } diff --git a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/PutApplicationWhitelistings_example.json b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/PutApplicationWhitelistings_example.json index cc31d592b394..e9673ad953e8 100644 --- a/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/PutApplicationWhitelistings_example.json +++ b/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/examples/ApplicationWhitelistings/PutApplicationWhitelistings_example.json @@ -10,6 +10,11 @@ "name": "ERELGROUP1", "properties": { "enforcementMode": "Audit", + "protectionMode": { + "exe": "Audit", + "msi": "None", + "script": "None" + }, "vmRecommendations": [ { "configurationStatus": "Configured", @@ -112,6 +117,11 @@ "properties": { "recommendationStatus": "Recommended", "enforcementMode": "Audit", + "protectionMode": { + "exe": "Audit", + "msi": "None", + "script": "None" + }, "vmRecommendations": [ { "resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",