Skip to content

Extract more resources to their own files #15091

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 9 commits into from
Jul 7, 2021
Merged

Extract more resources to their own files #15091

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
e042cb4
extract more resources to their own files
moranraz Jul 6, 2021
6072424
fix comments
moranraz Jul 6, 2021
daba5af
add aggregations to readme
moranraz Jul 6, 2021
17fba48
fixes
moranraz Jul 6, 2021
c327260
fixes
moranraz Jul 6, 2021
5a42cbe
aggregations
moranraz Jul 6, 2021
a99591a
.
moranraz Jul 6, 2021
23fac19
userInfo
moranraz Jul 6, 2021
998e4d9
aggregations
moranraz Jul 6, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
97 changes: 97 additions & 0 deletions .../resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/Aggregations.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
{
"swagger": "2.0",
"info": {
"title": "Security Insights",
"description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider",
"version": "2019-01-01-preview"
},
"host": "management.azure.com",
"schemes": [
"https"
],
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"security": [
{
"azure_auth": [
"user_impersonation"
]
}
],
"securityDefinitions": {
"azure_auth": {
"type": "oauth2",
"authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
"flow": "implicit",
"description": "Azure Active Directory OAuth2 Flow",
"scopes": {
"user_impersonation": "impersonate your user account"
}
}
},
"paths": {
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/aggregations/{aggregationsName}": {
"get": {
"x-ms-examples": {
"Get aggregative data for all cases under the defined workspace, between the time range if specified.": {
"$ref": "./examples/aggregations/GetCasesAggregations.json"
}
},
"tags": [
"Aggregations"
],
"description": "Get aggregative result for the given resources under the defined workspace",
"operationId": "CasesAggregations_Get",
"parameters": [
{
"$ref": "SecurityInsights.json#/parameters/ApiVersion"
},
{
"$ref": "SecurityInsights.json#/parameters/SubscriptionId"
},
{
"$ref": "SecurityInsights.json#/parameters/ResourceGroupName"
},
{
"$ref": "SecurityInsights.json#/parameters/OperationalInsightsResourceProvider"
},
{
"$ref": "SecurityInsights.json#/parameters/WorkspaceName"
},
{
"$ref": "#/parameters/AggregationsName"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "SecurityInsights.json#/definitions/Aggregations"
}
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"$ref": "SecurityInsights.json#/definitions/CloudError"
}
}
}
}
}
},
"parameters": {
"AggregationsName": {
"description": "The aggregation name. Supports - Cases",
"in": "path",
"name": "aggregationsName",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
}
},
"definitions": {}
}
221 changes: 8 additions & 213 deletions ...source-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/AutomationRules.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -371,13 +371,13 @@
"type": "string"
},
"createdBy": {
"$ref": "#/definitions/ClientInfo",
"$ref": "SecurityInsights.json#/definitions/ClientInfo",
"description": "Describes the client that created the automation rule",
"readOnly": true,
"type": "object"
},
"lastModifiedBy": {
"$ref": "#/definitions/ClientInfo",
"$ref": "SecurityInsights.json#/definitions/ClientInfo",
"description": "Describes the client that last updated the automation rule",
"readOnly": true,
"type": "object"
Expand Down Expand Up @@ -453,35 +453,35 @@
"description": "The configuration of the modify properties automation rule action",
"properties": {
"classification": {
"$ref": "#/definitions/IncidentClassification",
"$ref": "SecurityInsights.json#/definitions/IncidentClassification",
"description": "The reason the incident was closed"
},
"classificationComment": {
"description": "Describes the reason the incident was closed",
"type": "string"
},
"classificationReason": {
"$ref": "#/definitions/IncidentClassificationReason",
"$ref": "SecurityInsights.json#/definitions/IncidentClassificationReason",
"description": "The classification reason to close the incident with"
},
"labels": {
"description": "List of labels to add to the incident",
"items": {
"$ref": "#/definitions/IncidentLabel"
"$ref": "SecurityInsights.json#/definitions/IncidentLabel"
},
"type": "array"
},
"owner": {
"$ref": "#/definitions/IncidentOwnerInfo",
"$ref": "SecurityInsights.json#/definitions/IncidentOwnerInfo",
"description": "Describes a user that the incident is assigned to",
"type": "object"
},
"severity": {
"$ref": "#/definitions/IncidentSeverity",
"$ref": "SecurityInsights.json#/definitions/IncidentSeverity",
"description": "The severity of the incident"
},
"status": {
"$ref": "#/definitions/IncidentStatus",
"$ref": "SecurityInsights.json#/definitions/IncidentStatus",
"description": "The status of the incident"
}
},
Expand Down Expand Up @@ -913,211 +913,6 @@
"triggersWhen"
],
"type": "object"
},
"ClientInfo": {
"description": "Information on the client (user or application) that made some action",
"properties": {
"email": {
"description": "The email of the client.",
"type": "string"
},
"name": {
"description": "The name of the client.",
"type": "string"
},
"objectId": {
"description": "The object id of the client.",
"format": "uuid",
"type": "string"
},
"userPrincipalName": {
"description": "The user principal name of the client.",
"type": "string"
}
},
"type": "object"
},
"IncidentClassification": {
"description": "The reason the incident was closed",
"enum": [
"Undetermined",
"TruePositive",
"BenignPositive",
"FalsePositive"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentClassification",
"values": [
{
"description": "Incident classification was undetermined",
"value": "Undetermined"
},
{
"description": "Incident was true positive",
"value": "TruePositive"
},
{
"description": "Incident was benign positive",
"value": "BenignPositive"
},
{
"description": "Incident was false positive",
"value": "FalsePositive"
}
]
}
},
"IncidentClassificationReason": {
"description": "The classification reason the incident was closed with",
"enum": [
"SuspiciousActivity",
"SuspiciousButExpected",
"IncorrectAlertLogic",
"InaccurateData"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentClassificationReason",
"values": [
{
"description": "Classification reason was suspicious activity",
"value": "SuspiciousActivity"
},
{
"description": "Classification reason was suspicious but expected",
"value": "SuspiciousButExpected"
},
{
"description": "Classification reason was incorrect alert logic",
"value": "IncorrectAlertLogic"
},
{
"description": "Classification reason was inaccurate data",
"value": "InaccurateData"
}
]
}
},
"IncidentLabel": {
"description": "Represents an incident label",
"properties": {
"labelName": {
"description": "The name of the label",
"type": "string"
},
"labelType": {
"description": "The type of the label",
"enum": [
"User",
"System"
],
"type": "string",
"readOnly": true,
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentLabelType",
"values": [
{
"description": "Label manually created by a user",
"value": "User"
},
{
"description": "Label automatically created by the system",
"value": "System"
}
]
}
}
},
"required": [
"labelName"
],
"type": "object"
},
"IncidentOwnerInfo": {
"description": "Information on the user an incident is assigned to",
"properties": {
"email": {
"description": "The email of the user the incident is assigned to.",
"type": "string"
},
"assignedTo": {
"description": "The name of the user the incident is assigned to.",
"type": "string"
},
"objectId": {
"description": "The object id of the user the incident is assigned to.",
"format": "uuid",
"type": "string"
},
"userPrincipalName": {
"description": "The user principal name of the user the incident is assigned to.",
"type": "string"
}
},
"type": "object"
},
"IncidentSeverity": {
"description": "The severity of the incident",
"enum": [
"High",
"Medium",
"Low",
"Informational"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentSeverity",
"values": [
{
"description": "High severity",
"value": "High"
},
{
"description": "Medium severity",
"value": "Medium"
},
{
"description": "Low severity",
"value": "Low"
},
{
"description": "Informational severity",
"value": "Informational"
}
]
}
},
"IncidentStatus": {
"description": "The status of the incident",
"enum": [
"New",
"Active",
"Closed"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentStatus",
"values": [
{
"description": "An active incident which isn't being handled currently",
"value": "New"
},
{
"description": "An active incident which is being handled",
"value": "Active"
},
{
"description": "A non-active incident",
"value": "Closed"
}
]
}
}
}
}
Loading