Skip to content

Commit

Permalink
Microsoft.SecurityInsights 2021-09-01-preview (Azure#16933)
Browse files Browse the repository at this point in the history 
* Adds base for updating Microsoft.SecurityInsights from version preview/2021-03-01-preview to version 2021-09-01-preview

* Updates readme

* Updates API version in new specs and examples

* Microsoft.security insights 2021 09 01 preview add missing resources (Azure#15531)

* Copy missing resources specs and examples from 2019-01-01-preview

* Update added resources specs and examples and extract common types

* Update readme

* Extract ClientInfo, UserInfo and Lable to common types

* Fix SpellCheck and Avocado

* Return ThreatIntelligence to readme

* Fix broken refs in Watchlists

* Resolve duplicate schema errors

* Run prettier

* Make common types prettier

* Add required property to operations according to ARM requirments

* Fix readme

* Add file separators to readme

* Rename example file

* Supress OBJECT_ADDITIONAL_PROPERTIES

* Add 'where' to OBJECT_ADDITIONAL_PROPERTIES supression

* Move OBJECT_ADDITIONAL_PROPERTIES supression under general Supression section.

* Copy dataConnectors from 2021-03-01-preview

* Update version of dataConnectors (this was done as there were errors when trying to generate C# client. Copying and changing version again fixed the problem).

* Add dataConnectorsCheckRequirments path, parameters and definitions from 2019-01-01-preveiw

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Use newest common types in new 2021-09-01-preview API version (Azure#15778)

* Use newest common types in AlertRules

* Use newest common types in AutomationRules

* Use newest common types in Bookmarks

* Use newest common types in dataConnectors

* Use newest common types in Enrichment

* Use newest common types in Entities

* Use newest common types in EntityQueries

* Use newest common types in Incidents

* Use newest common types in Metadata

* Use newest common types in OfficeConsents

* Use newest common types in OnboardingStates

* Use newest common types in operations

* Use newest common types in Settings

* Use newest common types in SourceControls

* Use newest common types in ThreatIntelligence

* Use newest common types in Watchlist

* Use newest common types in EntityTypes

* Use newest common types in RelationTypes

* Fix ThreatIntelligence

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Add template version to the scheduled alert rule + scheduled template (Azure#15919)

* Add template version to the scheduled alert rule

* Update AlertRules.json

* Update AlertRules.json

* Update AlertRules.json

* Update AlertRules.json

* Update GetAlertRuleTemplates.json

* Update GetAlertRuleTemplateById.json

* add aws s3 connector (Azure#15844)

* Add a new kind of alert rules - NRT (Azure#15980)

* add NRT rule

* add NRT rule

* add NRT rule

* add NRT rule

* fix typo

* fix typo

* fix

* Align new Metadata feature with 2021-03-01-preview (Azure#16304)

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Add fixes from 2021-03-01-preview (Azure#16238)

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Add entity query templates (Azure#16269)

* Add entity query templates from 2021-03-01-preview

* Update version

* Use newest common types and update readme

* Fix conflicting common types

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Fix bookmark relations operatinIds to be consistent with other operationIds. (Azure#16519)

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Add corrections from 2021-03-01-preview (Azure#16490)

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Remove unused parameters (Azure#16619)

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Update readme default readme tag for client generation (Azure#16620)

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Use CloudError instead of ErrorResponse to avoid breaking change (Azure#16691)

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Add data connectors polling ccp api support (Azure#16293)

* adding dataConnectors polling CCP api Support. (witout tests validations)

* azure sentinel dataconnectors update examples

* azure sentinel dataConnectors examples update and fix

* azure sentinel dataConnectors prettier

* azure sentinel dataConnectors add connect disconnect examples update path

* azure sentinel dataConnectors add connect disconnect examples fix

* azure sentinel dataConnectors add connect disconnect examples fix 2

* azure sentinel dataConnectors rebase dataConnectors dev

* azure sentinel dataconnectors - fix put to post on connect and disconnect endpoints

* azure sentinel dataconnectors - adding x-ms-secret to password on connect

* azure sentinel dataconnectors - connect/disconnect endpoint remove unnedded 201 return

* azure sentinel dataConnectors - remove empty body DataConnectorDisconnectBody

Co-authored-by: Alon Danoch <adanoch@microsoft.com>

* Add office IRM Connector (Azure#16764)

* Add office IRM

* fix

* fix

* fix

* fix

Co-authored-by: omerhaimov <omer.haimovich@gmail.com>

* Add teamInformation to IncidentProperties 2021-09-01-preview (Azure#16787)

* Fix Swagger for SecurityInsights - Add teamInformation to IncidentProperties

* Try change description as advised by Swagger reviewer Yuchao Yan to fix the validation error.

* Revert change in ntDomain description as it has nothing to do with validations

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Make CloudError and CloudErrorBody external resources (already exist under Microsoft.Rest.Azure namespace) (Azure#16872)

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Remove operational insights parameter 2021 09 01 preview (Azure#16891)

* Remove operationalInsightsResourceProvider parameter from specs

* Remove parameter from examples

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>

* Update EntityTypes.json (Azure#16972)

Co-authored-by: Anat Gilenson <anatgilenson@microsoft.com>
Co-authored-by: Amit Bergman <38046493+Amitbergman@users.noreply.github.com>
Co-authored-by: sagamzu <52034287+sagamzu@users.noreply.github.com>
Co-authored-by: necoh <53861229+necoh@users.noreply.github.com>
Co-authored-by: alondanoch <alondanoch@hotmail.com>
Co-authored-by: Alon Danoch <adanoch@microsoft.com>
Co-authored-by: omerhaimov <55688621+omerhaimov@users.noreply.github.com>
Co-authored-by: omerhaimov <omer.haimovich@gmail.com>
Co-authored-by: Yuchao Yan <yuchaoyan@microsoft.com>
  • Loading branch information
@anat-gilenson @Amitbergman
@sagamzu @necoh @alondanoch @omerhaimov @omerhaimovich @msyyc
10 people authored Dec 9, 2021
1 parent fe0ddc1 commit 85d1147
Show file tree
Hide file tree
Showing 189 changed files with 26,467 additions and 89 deletions.
1,934 changes: 1,934 additions & 0 deletions ...ts/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/AlertRules.json
View file

Large diffs are not rendered by default.

911 changes: 911 additions & 0 deletions ...source-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/AutomationRules.json
View file

Large diffs are not rendered by default.

688 changes: 688 additions & 0 deletions ...hts/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/Bookmarks.json
View file

Large diffs are not rendered by default.

381 changes: 381 additions & 0 deletions ...ts/resource-manager/Microsoft.SecurityInsights/preview/2021-09-01-preview/Enrichment.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,381 @@
{
"swagger": "2.0",
"info": {
"title": "Security Insights",
"description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider",
"version": "2021-09-01-preview"
},
"host": "management.azure.com",
"schemes": [
"https"
],
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"security": [
{
"azure_auth": [
"user_impersonation"
]
}
],
"securityDefinitions": {
"azure_auth": {
"type": "oauth2",
"authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
"flow": "implicit",
"description": "Azure Active Directory OAuth2 Flow",
"scopes": {
"user_impersonation": "impersonate your user account"
}
}
},
"paths": {
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/ip/geodata/": {
"get": {
"x-ms-examples": {
"Get geodata for a single IP address": {
"$ref": "./examples/enrichment/GetGeodataByIp.json"
}
},
"tags": [
"Enrichment"
],
"description": "Get geodata for a single IP address",
"operationId": "IPGeodata_Get",
"parameters": [
{
"$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter"
},
{
"$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
},
{
"$ref": "#/parameters/EnrichmentIpAddress"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/EnrichmentIpGeodata"
}
},
"default": {
"description": "Error response describing why the operation failed to enrich this ip.",
"schema": {
"$ref": "../../../common/2.0/types.json#/definitions/CloudError"
}
}
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/domain/whois/": {
"get": {
"x-ms-examples": {
"Get whois information for a single domain name": {
"$ref": "./examples/enrichment/GetWhoisByDomainName.json"
}
},
"tags": [
"Enrichment"
],
"description": "Get whois information for a single domain name",
"operationId": "DomainWhois_Get",
"parameters": [
{
"$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ApiVersionParameter"
},
{
"$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../../../common-types/resource-management/v3/types.json#/parameters/ResourceGroupNameParameter"
},
{
"$ref": "#/parameters/EnrichmentDomain"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/EnrichmentDomainWhois"
}
},
"default": {
"description": "Error response describing why the operation failed to enrich this domain.",
"schema": {
"$ref": "../../../common/2.0/types.json#/definitions/CloudError"
}
}
}
}
}
},
"parameters": {
"EnrichmentIpAddress": {
"description": "IP address (v4 or v6) to be enriched",
"in": "query",
"name": "ipAddress",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
},
"EnrichmentDomain": {
"description": "Domain name to be enriched",
"in": "query",
"name": "domain",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
}
},
"definitions": {
"EnrichmentDomainWhois": {
"description": "Whois information for a given domain and associated metadata",
"properties": {
"domain": {
"description": "The domain for this whois record",
"type": "string"
},
"server": {
"description": "The hostname of this registrar's whois server",
"type": "string"
},
"created": {
"description": "The timestamp at which this record was created",
"format": "date-time",
"type": "string"
},
"updated": {
"description": "The timestamp at which this record was last updated",
"format": "date-time",
"type": "string"
},
"expires": {
"description": "The timestamp at which this record will expire",
"format": "date-time",
"type": "string"
},
"parsedWhois": {
"description": "The whois record for a given domain",
"$ref": "#/definitions/EnrichmentDomainWhoisDetails"
}
},
"type": "object"
},
"EnrichmentDomainWhoisDetails": {
"description": "The whois record for a given domain",
"properties": {
"registrar": {
"description": "The registrar associated with this domain",
"$ref": "#/definitions/EnrichmentDomainWhoisRegistrarDetails"
},
"contacts": {
"description": "The set of contacts associated with this domain",
"$ref": "#/definitions/EnrichmentDomainWhoisContacts"
},
"nameServers": {
"description": "A list of name servers associated with this domain",
"type": "array",
"items": {
"type": "string"
}
},
"statuses": {
"description": "The set of status flags for this whois record",
"type": "array",
"items": {
"type": "string"
}
}
},
"type": "object"
},
"EnrichmentDomainWhoisRegistrarDetails": {
"description": "The registrar associated with this domain",
"properties": {
"name": {
"description": "The name of this registrar",
"type": "string"
},
"abuseContactEmail": {
"description": "This registrar's abuse contact email",
"type": "string"
},
"abuseContactPhone": {
"description": "This registrar's abuse contact phone number",
"type": "string"
},
"ianaId": {
"description": "This registrar's Internet Assigned Numbers Authority id",
"type": "string"
},
"url": {
"description": "This registrar's URL",
"type": "string"
},
"whoisServer": {
"description": "The hostname of this registrar's whois server",
"type": "string"
}
},
"type": "object"
},
"EnrichmentDomainWhoisContacts": {
"description": "The set of contacts associated with this domain",
"properties": {
"admin": {
"description": "The admin contact for this whois record",
"$ref": "#/definitions/EnrichmentDomainWhoisContact"
},
"billing": {
"description": "The billing contact for this whois record",
"$ref": "#/definitions/EnrichmentDomainWhoisContact"
},
"registrant": {
"description": "The registrant contact for this whois record",
"$ref": "#/definitions/EnrichmentDomainWhoisContact"
},
"tech": {
"description": "The technical contact for this whois record",
"$ref": "#/definitions/EnrichmentDomainWhoisContact"
}
},
"type": "object"
},
"EnrichmentDomainWhoisContact": {
"description": "An individual contact associated with this domain",
"properties": {
"name": {
"description": "The name of this contact",
"type": "string"
},
"org": {
"description": "The organization for this contact",
"type": "string"
},
"street": {
"description": "A list describing the street address for this contact",
"type": "array",
"items": {
"type": "string"
}
},
"city": {
"description": "The city for this contact",
"type": "string"
},
"state": {
"description": "The state for this contact",
"type": "string"
},
"postal": {
"description": "The postal code for this contact",
"type": "string"
},
"country": {
"description": "The country for this contact",
"type": "string"
},
"phone": {
"description": "The phone number for this contact",
"type": "string"
},
"fax": {
"description": "The fax number for this contact",
"type": "string"
},
"email": {
"description": "The email address for this contact",
"type": "string"
}
},
"type": "object"
},
"EnrichmentIpGeodata": {
"description": "Geodata information for a given IP address",
"properties": {
"asn": {
"description": "The autonomous system number associated with this IP address",
"type": "string"
},
"carrier": {
"description": "The name of the carrier for this IP address",
"type": "string"
},
"city": {
"description": "The city this IP address is located in",
"type": "string"
},
"cityCf": {
"description": "A numeric rating of confidence that the value in the 'city' field is correct, on a scale of 0-100",
"type": "integer",
"format": "int32"
},
"continent": {
"description": "The continent this IP address is located on",
"type": "string"
},
"country": {
"description": "The county this IP address is located in",
"type": "string"
},
"countryCf": {
"description": "A numeric rating of confidence that the value in the 'country' field is correct on a scale of 0-100",
"type": "integer",
"format": "int32"
},
"ipAddr": {
"description": "The dotted-decimal or colon-separated string representation of the IP address",
"type": "string"
},
"ipRoutingType": {
"description": "A description of the connection type of this IP address",
"type": "string"
},
"latitude": {
"description": "The latitude of this IP address",
"type": "string"
},
"longitude": {
"description": "The longitude of this IP address",
"type": "string"
},
"organization": {
"description": "The name of the organization for this IP address",
"type": "string"
},
"organizationType": {
"description": "The type of the organization for this IP address",
"type": "string"
},
"region": {
"description": "The geographic region this IP address is located in",
"type": "string"
},
"state": {
"description": "The state this IP address is located in",
"type": "string"
},
"stateCf": {
"description": "A numeric rating of confidence that the value in the 'state' field is correct on a scale of 0-100",
"type": "integer",
"format": "int32"
},
"stateCode": {
"description": "The abbreviated name for the state this IP address is located in",
"type": "string"
}
},
"type": "object"
}
}
}
Loading

0 comments on commit 85d1147

Please sign in to comment.