diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessmentMetadata.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessmentMetadata.json
new file mode 100644
index 000000000000..bf544d0b5101
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessmentMetadata.json
@@ -0,0 +1,678 @@
+{
+ "swagger": "2.0",
+ "info": {
+ "title": "Security Center",
+ "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+ "version": "2021-06-01"
+ },
+ "host": "management.azure.com",
+ "schemes": [
+ "https"
+ ],
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "security": [
+ {
+ "azure_auth": [
+ "user_impersonation"
+ ]
+ }
+ ],
+ "securityDefinitions": {
+ "azure_auth": {
+ "type": "oauth2",
+ "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+ "flow": "implicit",
+ "description": "Azure Active Directory OAuth2 Flow",
+ "scopes": {
+ "user_impersonation": "impersonate your user account"
+ }
+ }
+ },
+ "paths": {
+ "/providers/Microsoft.Security/assessmentMetadata": {
+ "get": {
+ "x-ms-examples": {
+ "List security assessment metadata": {
+ "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Get metadata information on all assessment types",
+ "operationId": "AssessmentsMetadata_List",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponseList"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ },
+ "x-ms-pageable": {
+ "nextLinkName": "nextLink"
+ }
+ }
+ },
+ "/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+ "get": {
+ "x-ms-examples": {
+ "Get security assessment metadata": {
+ "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Get metadata information on an assessment type",
+ "operationId": "AssessmentsMetadata_Get",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "#/parameters/AssessmentsMetadataName"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ }
+ },
+ "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata": {
+ "get": {
+ "x-ms-examples": {
+ "List security assessment metadata for subscription": {
+ "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Get metadata information on all assessment types in a specific subscription",
+ "operationId": "AssessmentsMetadata_ListBySubscription",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponseList"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ },
+ "x-ms-pageable": {
+ "nextLinkName": "nextLink"
+ }
+ }
+ },
+ "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+ "get": {
+ "x-ms-examples": {
+ "Get security assessment metadata for subscription": {
+ "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Get metadata information on an assessment type in a specific subscription",
+ "operationId": "AssessmentsMetadata_GetInSubscription",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "#/parameters/AssessmentsMetadataName"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ },
+ "put": {
+ "x-ms-examples": {
+ "Create security assessment metadata for subscription": {
+ "$ref": "./examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Create metadata information on an assessment type in a specific subscription",
+ "operationId": "AssessmentsMetadata_CreateInSubscription",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "#/parameters/AssessmentsMetadataName"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ },
+ {
+ "$ref": "#/parameters/SecurityAssessmentMetadata"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ },
+ "delete": {
+ "x-ms-examples": {
+ "Delete a security assessment metadata for subscription": {
+ "$ref": "./examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json"
+ }
+ },
+ "tags": [
+ "Assessments Metadata"
+ ],
+ "description": "Delete metadata information on an assessment type in a specific subscription, will cause the deletion of all the assessments of that type in that subscription",
+ "operationId": "AssessmentsMetadata_DeleteInSubscription",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "#/parameters/AssessmentsMetadataName"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK"
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ }
+ }
+ },
+ "definitions": {
+ "SecurityAssessmentMetadataResponseList": {
+ "type": "object",
+ "description": "List of security assessment metadata",
+ "properties": {
+ "value": {
+ "readOnly": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+ }
+ },
+ "nextLink": {
+ "readOnly": true,
+ "type": "string",
+ "description": "The URI to fetch the next page."
+ }
+ }
+ },
+ "SecurityAssessmentMetadata": {
+ "type": "object",
+ "description": "Security assessment metadata",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "SecurityAssessmentMetadataResponse": {
+ "type": "object",
+ "description": "Security assessment metadata response",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "$ref": "#/definitions/SecurityAssessmentMetadataPropertiesResponse"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "SecurityAssessmentMetadataProperties": {
+ "type": "object",
+ "description": "Describes properties of an assessment metadata.",
+ "properties": {
+ "displayName": {
+ "type": "string",
+ "description": "User friendly display name of the assessment"
+ },
+ "policyDefinitionId": {
+ "readOnly": true,
+ "type": "string",
+ "description": "Azure resource ID of the policy definition that turns this assessment calculation on"
+ },
+ "description": {
+ "type": "string",
+ "description": "Human readable description of the assessment"
+ },
+ "remediationDescription": {
+ "type": "string",
+ "description": "Human readable description of what you should do to mitigate this security issue"
+ },
+ "categories": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "description": "The categories of resource that is at risk when the assessment is unhealthy",
+ "enum": [
+ "Compute",
+ "Networking",
+ "Data",
+ "IdentityAndAccess",
+ "IoT"
+ ],
+ "x-ms-enum": {
+ "name": "categories",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Compute"
+ },
+ {
+ "value": "Networking"
+ },
+ {
+ "value": "Data"
+ },
+ {
+ "value": "IdentityAndAccess"
+ },
+ {
+ "value": "IoT"
+ }
+ ]
+ }
+ }
+ },
+ "severity": {
+ "type": "string",
+ "description": "The severity level of the assessment",
+ "enum": [
+ "Low",
+ "Medium",
+ "High"
+ ],
+ "x-ms-enum": {
+ "name": "severity",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Low"
+ },
+ {
+ "value": "Medium"
+ },
+ {
+ "value": "High"
+ }
+ ]
+ }
+ },
+ "userImpact": {
+ "type": "string",
+ "description": "The user impact of the assessment",
+ "enum": [
+ "Low",
+ "Moderate",
+ "High"
+ ],
+ "x-ms-enum": {
+ "name": "userImpact",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Low"
+ },
+ {
+ "value": "Moderate"
+ },
+ {
+ "value": "High"
+ }
+ ]
+ }
+ },
+ "implementationEffort": {
+ "type": "string",
+ "description": "The implementation effort required to remediate this assessment",
+ "enum": [
+ "Low",
+ "Moderate",
+ "High"
+ ],
+ "x-ms-enum": {
+ "name": "implementationEffort",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Low"
+ },
+ {
+ "value": "Moderate"
+ },
+ {
+ "value": "High"
+ }
+ ]
+ }
+ },
+ "threats": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "description": "Threats impact of the assessment",
+ "enum": [
+ "accountBreach",
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider",
+ "elevationOfPrivilege",
+ "threatResistance",
+ "missingCoverage",
+ "denialOfService"
+ ],
+ "x-ms-enum": {
+ "name": "threats",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "accountBreach"
+ },
+ {
+ "value": "dataExfiltration"
+ },
+ {
+ "value": "dataSpillage"
+ },
+ {
+ "value": "maliciousInsider"
+ },
+ {
+ "value": "elevationOfPrivilege"
+ },
+ {
+ "value": "threatResistance"
+ },
+ {
+ "value": "missingCoverage"
+ },
+ {
+ "value": "denialOfService"
+ }
+ ]
+ }
+ }
+ },
+ "preview": {
+ "type": "boolean",
+ "description": "True if this assessment is in preview release status"
+ },
+ "assessmentType": {
+ "type": "string",
+ "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition",
+ "enum": [
+ "BuiltIn",
+ "CustomPolicy",
+ "CustomerManaged",
+ "VerifiedPartner"
+ ],
+ "x-ms-enum": {
+ "name": "assessmentType",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "BuiltIn",
+ "description": "Azure Security Center managed assessments"
+ },
+ {
+ "value": "CustomPolicy",
+ "description": "User defined policies that are automatically ingested from Azure Policy to Azure Security Center"
+ },
+ {
+ "value": "CustomerManaged",
+ "description": "User assessments pushed directly by the user or other third party to Azure Security Center"
+ },
+ {
+ "value": "VerifiedPartner",
+ "description": "An assessment that was created by a verified 3rd party if the user connected it to ASC"
+ }
+ ]
+ }
+ },
+ "partnerData": {
+ "$ref": "#/definitions/SecurityAssessmentMetadataPartnerData"
+ }
+ },
+ "required": [
+ "displayName",
+ "severity",
+ "assessmentType"
+ ]
+ },
+ "SecurityAssessmentMetadataPartnerData": {
+ "type": "object",
+ "description": "Describes the partner that created the assessment",
+ "properties": {
+ "partnerName": {
+ "type": "string",
+ "description": "Name of the company of the partner"
+ },
+ "productName": {
+ "type": "string",
+ "description": "Name of the product of the partner that created the assessment"
+ },
+ "secret": {
+ "type": "string",
+ "description": "Secret to authenticate the partner and verify it created the assessment - write only",
+ "x-ms-secret": true
+ }
+ },
+ "required": [
+ "partnerName",
+ "secret"
+ ]
+ },
+ "SecurityAssessmentMetadataPropertiesResponse": {
+ "type": "object",
+ "description": "Describes properties of an assessment metadata response.",
+ "properties": {
+ "publishDates": {
+ "type": "object",
+ "properties": {
+ "GA": {
+ "type": "string",
+ "pattern": "^([0-9]{2}/){2}[0-9]{4}$"
+ },
+ "public": {
+ "type": "string",
+ "pattern": "^([0-9]{2}/){2}[0-9]{4}$"
+ }
+ },
+ "required": [
+ "public"
+ ]
+ },
+ "plannedDeprecationDate": {
+ "type": "string",
+ "pattern": "^[0-9]{2}/[0-9]{4}$"
+ },
+ "tactics": {
+ "type": "array",
+ "items": {
+ "type": "string",
+ "description": "Tactic of the assessment",
+ "enum": [
+ "reconnaissance",
+ "resourceDevelopment",
+ "initialAccess",
+ "execution",
+ "persistence",
+ "privilegeEscalation",
+ "defenseEvasion",
+ "credentialAccess",
+ "discovery",
+ "lateralMovement",
+ "collection",
+ "commandAndControl",
+ "exfiltration",
+ "impact"
+ ],
+ "x-ms-enum": {
+ "name": "tactics",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "reconnaissance"
+ },
+ {
+ "value": "resourceDevelopment"
+ },
+ {
+ "value": "initialAccess"
+ },
+ {
+ "value": "execution"
+ },
+ {
+ "value": "persistence"
+ },
+ {
+ "value": "privilegeEscalation"
+ },
+ {
+ "value": "defenseEvasion"
+ },
+ {
+ "value": "credentialAccess"
+ },
+ {
+ "value": "discovery"
+ },
+ {
+ "value": "lateralMovement"
+ },
+ {
+ "value": "collection"
+ },
+ {
+ "value": "commandAndControl"
+ },
+ {
+ "value": "exfiltration"
+ },
+ {
+ "value": "impact"
+ }
+ ]
+ }
+ }
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+ }
+ ]
+ }
+ },
+ "parameters": {
+ "AssessmentsMetadataName": {
+ "name": "assessmentMetadataName",
+ "in": "path",
+ "required": true,
+ "type": "string",
+ "description": "The Assessment Key - Unique key for the assessment type",
+ "x-ms-parameter-location": "method"
+ },
+ "SecurityAssessmentMetadata": {
+ "name": "assessmentMetadata",
+ "in": "body",
+ "required": true,
+ "description": "AssessmentMetadata object",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentMetadata"
+ },
+ "x-ms-parameter-location": "method"
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessments.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessments.json
new file mode 100644
index 000000000000..7fb23dbd17c5
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessments.json
@@ -0,0 +1,467 @@
+{
+ "swagger": "2.0",
+ "info": {
+ "title": "Security Center",
+ "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+ "version": "2021-06-01"
+ },
+ "host": "management.azure.com",
+ "schemes": [
+ "https"
+ ],
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "security": [
+ {
+ "azure_auth": [
+ "user_impersonation"
+ ]
+ }
+ ],
+ "securityDefinitions": {
+ "azure_auth": {
+ "type": "oauth2",
+ "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+ "flow": "implicit",
+ "description": "Azure Active Directory OAuth2 Flow",
+ "scopes": {
+ "user_impersonation": "impersonate your user account"
+ }
+ }
+ },
+ "paths": {
+ "/{scope}/providers/Microsoft.Security/assessments": {
+ "get": {
+ "x-ms-examples": {
+ "List security assessments": {
+ "$ref": "./examples/Assessments/ListAssessments_example.json"
+ }
+ },
+ "tags": [
+ "Assessments"
+ ],
+ "description": "Get security assessments on all your scanned resources inside a scope",
+ "operationId": "Assessments_List",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/Scope"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentList"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ },
+ "x-ms-pageable": {
+ "nextLinkName": "nextLink"
+ }
+ }
+ },
+ "/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}": {
+ "get": {
+ "x-ms-examples": {
+ "Get security recommendation task from security data location": {
+ "$ref": "./examples/Assessments/GetAssessment_example.json"
+ },
+ "Get security recommendation task from security data location with expand parameter": {
+ "$ref": "./examples/Assessments/GetAssessmentWithExpand_example.json"
+ }
+ },
+ "tags": [
+ "Assessments"
+ ],
+ "description": "Get a security assessment on your scanned resource",
+ "operationId": "Assessments_Get",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+ },
+ {
+ "$ref": "#/parameters/AssessmentName"
+ },
+ {
+ "$ref": "#/parameters/ExpandAssessments"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ },
+ "put": {
+ "x-ms-examples": {
+ "Create security recommendation task on a resource": {
+ "$ref": "./examples/Assessments/PutAssessment_example.json"
+ }
+ },
+ "tags": [
+ "Assessments"
+ ],
+ "description": "Create a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+ "operationId": "Assessments_CreateOrUpdate",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+ },
+ {
+ "$ref": "#/parameters/AssessmentName"
+ },
+ {
+ "$ref": "#/parameters/AssessmentBody"
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Created",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentResponse"
+ }
+ },
+ "200": {
+ "description": "OK - Updated",
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessmentResponse"
+ }
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ },
+ "delete": {
+ "x-ms-examples": {
+ "Delete a security recommendation task on a resource": {
+ "$ref": "./examples/Assessments/DeleteAssessment_example.json"
+ }
+ },
+ "tags": [
+ "Assessments"
+ ],
+ "description": "Delete a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+ "operationId": "Assessments_Delete",
+ "parameters": [
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+ },
+ {
+ "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+ },
+ {
+ "$ref": "#/parameters/AssessmentName"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "OK - Assessment was deleted"
+ },
+ "204": {
+ "description": "No Content - Assessment does not exist"
+ },
+ "default": {
+ "description": "Error response describing why the operation failed.",
+ "schema": {
+ "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+ }
+ }
+ }
+ }
+ }
+ },
+ "definitions": {
+ "SecurityAssessmentList": {
+ "type": "object",
+ "description": "Page of a security assessments list",
+ "properties": {
+ "value": {
+ "description": "Collection of security assessments in this page",
+ "readOnly": true,
+ "type": "array",
+ "items": {
+ "$ref": "#/definitions/SecurityAssessmentResponse"
+ }
+ },
+ "nextLink": {
+ "readOnly": true,
+ "type": "string",
+ "description": "The URI to fetch the next page."
+ }
+ }
+ },
+ "SecurityAssessment": {
+ "type": "object",
+ "description": "Security assessment on a resource",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "$ref": "#/definitions/SecurityAssessmentProperties"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "SecurityAssessmentResponse": {
+ "type": "object",
+ "description": "Security assessment on a resource - response format",
+ "properties": {
+ "properties": {
+ "x-ms-client-flatten": true,
+ "$ref": "#/definitions/SecurityAssessmentPropertiesResponse"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "../../../common/v1/types.json#/definitions/Resource"
+ }
+ ]
+ },
+ "SecurityAssessmentProperties": {
+ "type": "object",
+ "description": "Describes properties of an assessment.",
+ "properties": {
+ "status": {
+ "$ref": "#/definitions/AssessmentStatus"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentPropertiesBase"
+ }
+ ],
+ "required": [
+ "status"
+ ]
+ },
+ "SecurityAssessmentPropertiesResponse": {
+ "type": "object",
+ "description": "Describes properties of an assessment.",
+ "properties": {
+ "status": {
+ "$ref": "#/definitions/AssessmentStatusResponse"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/SecurityAssessmentPropertiesBase"
+ }
+ ],
+ "required": [
+ "status"
+ ]
+ },
+ "SecurityAssessmentPropertiesBase": {
+ "type": "object",
+ "description": "Describes properties of an assessment.",
+ "properties": {
+ "resourceDetails": {
+ "$ref": "../../../common/v1/types.json#/definitions/ResourceDetails"
+ },
+ "displayName": {
+ "readOnly": true,
+ "type": "string",
+ "description": "User friendly display name of the assessment"
+ },
+ "additionalData": {
+ "type": "object",
+ "description": "Additional data regarding the assessment",
+ "additionalProperties": {
+ "type": "string"
+ }
+ },
+ "links": {
+ "$ref": "#/definitions/AssessmentLinks"
+ },
+ "metadata": {
+ "$ref": "./assessmentMetadata.json#/definitions/SecurityAssessmentMetadataProperties"
+ },
+ "partnersData": {
+ "$ref": "#/definitions/SecurityAssessmentPartnerData"
+ }
+ },
+ "required": [
+ "resourceDetails"
+ ]
+ },
+ "SecurityAssessmentPartnerData": {
+ "type": "object",
+ "description": "Data regarding 3rd party partner integration",
+ "properties": {
+ "partnerName": {
+ "type": "string",
+ "description": "Name of the company of the partner"
+ },
+ "secret": {
+ "type": "string",
+ "description": "secret to authenticate the partner - write only",
+ "x-ms-secret": true
+ }
+ },
+ "required": [
+ "partnerName",
+ "secret"
+ ]
+ },
+ "AssessmentLinks": {
+ "type": "object",
+ "description": "Links relevant to the assessment",
+ "readOnly": true,
+ "properties": {
+ "azurePortalUri": {
+ "type": "string",
+ "description": "Link to assessment in Azure Portal",
+ "readOnly": true
+ }
+ }
+ },
+ "AssessmentStatusResponse": {
+ "type": "object",
+ "description": "The result of the assessment",
+ "properties": {
+ "firstEvaluationDate": {
+ "readOnly": true,
+ "type": "string",
+ "format": "date-time",
+ "description": "The time that the assessment was created and first evaluated. Returned as UTC time in ISO 8601 format"
+ },
+ "statusChangeDate": {
+ "readOnly": true,
+ "type": "string",
+ "format": "date-time",
+ "description": "The time that the status of the assessment last changed. Returned as UTC time in ISO 8601 format"
+ }
+ },
+ "allOf": [
+ {
+ "$ref": "#/definitions/AssessmentStatus"
+ }
+ ]
+ },
+ "AssessmentStatus": {
+ "type": "object",
+ "description": "The result of the assessment",
+ "properties": {
+ "code": {
+ "type": "string",
+ "description": "Programmatic code for the status of the assessment",
+ "enum": [
+ "Healthy",
+ "Unhealthy",
+ "NotApplicable"
+ ],
+ "x-ms-enum": {
+ "name": "AssessmentStatusCode",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "Healthy",
+ "description": "The resource is healthy"
+ },
+ {
+ "value": "Unhealthy",
+ "description": "The resource has a security issue that needs to be addressed"
+ },
+ {
+ "value": "NotApplicable",
+ "description": "Assessment for this resource did not happen"
+ }
+ ]
+ }
+ },
+ "cause": {
+ "type": "string",
+ "description": "Programmatic code for the cause of the assessment status"
+ },
+ "description": {
+ "type": "string",
+ "description": "Human readable description of the assessment status"
+ }
+ },
+ "required": [
+ "code"
+ ]
+ }
+ },
+ "parameters": {
+ "ExpandAssessments": {
+ "name": "$expand",
+ "in": "query",
+ "required": false,
+ "type": "string",
+ "description": "OData expand. Optional.",
+ "x-ms-parameter-location": "method",
+ "enum": [
+ "links",
+ "metadata"
+ ],
+ "x-ms-enum": {
+ "name": "ExpandEnum",
+ "modelAsString": true,
+ "values": [
+ {
+ "value": "links",
+ "description": "All links associated with an assessment"
+ },
+ {
+ "value": "metadata",
+ "description": "Assessment metadata"
+ }
+ ]
+ }
+ },
+ "AssessmentName": {
+ "name": "assessmentName",
+ "in": "path",
+ "required": true,
+ "type": "string",
+ "description": "The Assessment Key - Unique key for the assessment type",
+ "x-ms-parameter-location": "method"
+ },
+ "AssessmentBody": {
+ "name": "assessment",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/SecurityAssessment"
+ },
+ "description": "Calculated assessment on a pre-defined assessment metadata",
+ "x-ms-parameter-location": "method"
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/DeleteAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/DeleteAssessment_example.json
new file mode 100644
index 000000000000..5a4da6233241
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/DeleteAssessment_example.json
@@ -0,0 +1,11 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
+ "assessmentName": "8bb8be0a-6010-4789-812f-e4d661c4ed0e"
+ },
+ "responses": {
+ "200": {},
+ "204": {}
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessmentWithExpand_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessmentWithExpand_example.json
new file mode 100644
index 000000000000..216a2c29dbc4
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessmentWithExpand_example.json
@@ -0,0 +1,37 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
+ "assessmentName": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "$expand": "links"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
+ },
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "status": {
+ "code": "NotApplicable",
+ "cause": "OffByPolicy",
+ "description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
+ "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
+ "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
+ },
+ "additionalData": {
+ "linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
+ },
+ "links": {
+ "azurePortalUri": "https://www.portal.azure.com/?fea#blade/Microsoft_Azure_Security/RecommendationsBlade/assessmentKey/21300918-b2e3-0346-785f-c77ff57d243b"
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessment_example.json
new file mode 100644
index 000000000000..00cc1cd605ad
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/GetAssessment_example.json
@@ -0,0 +1,33 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
+ "assessmentName": "21300918-b2e3-0346-785f-c77ff57d243b"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
+ },
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "status": {
+ "code": "NotApplicable",
+ "cause": "OffByPolicy",
+ "description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
+ "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
+ "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
+ },
+ "additionalData": {
+ "linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/ListAssessments_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/ListAssessments_example.json
new file mode 100644
index 000000000000..9fcb5d07a2f7
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/ListAssessments_example.json
@@ -0,0 +1,53 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "scope": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "value": [
+ {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1"
+ },
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "status": {
+ "code": "Healthy",
+ "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
+ "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
+ }
+ }
+ },
+ {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2/providers/Microsoft.Security/assessments/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2"
+ },
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "status": {
+ "code": "NotApplicable",
+ "cause": "OffByPolicy",
+ "description": "The effective policy for the assessment was evaluated to off - use Microsoft.Authorization/policyAssignments to turn this assessment on",
+ "statusChangeDate": "2021-04-12T09:07:18.6759138Z",
+ "firstEvaluationDate": "2021-04-12T09:07:18.6759138Z"
+ },
+ "additionalData": {
+ "linkedWorkspaceId": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myLaWorkspace"
+ }
+ }
+ }
+ ]
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/PutAssessment_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/PutAssessment_example.json
new file mode 100644
index 000000000000..36964844cd9c
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/Assessments/PutAssessment_example.json
@@ -0,0 +1,53 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "resourceId": "subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss2",
+ "assessmentName": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "assessment": {
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure"
+ },
+ "status": {
+ "code": "Healthy"
+ }
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e"
+ },
+ "displayName": "Install internal agent on VM",
+ "status": {
+ "code": "Healthy"
+ }
+ }
+ }
+ },
+ "201": {
+ "body": {
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "name": "8bb8be0a-6010-4789-812f-e4d661c4ed0e",
+ "type": "Microsoft.Security/assessments",
+ "properties": {
+ "resourceDetails": {
+ "source": "Azure",
+ "id": "/subscriptions/20ff7fc3-e762-44dd-bd96-b71116dcdc23/resourceGroups/myRg/providers/Microsoft.Compute/virtualMachineScaleSets/vmss1/providers/Microsoft.Security/assessments/8bb8be0a-6010-4789-812f-e4d661c4ed0e"
+ },
+ "displayName": "Install internal agent on VM",
+ "status": {
+ "code": "Healthy"
+ }
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
new file mode 100644
index 000000000000..f2f8d67693b6
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json
@@ -0,0 +1,52 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
+ "assessmentMetadataName": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "assessmentMetadata": {
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "assessmentType": "CustomerManaged"
+ }
+ }
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "name": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "My organization security assessment",
+ "description": "Assessment that my organization created to view our security assessment in Azure Security Center",
+ "remediationDescription": "Fix it with these remediation instructions",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "assessmentType": "CustomerManaged"
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
new file mode 100644
index 000000000000..592c45b8848b
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json
@@ -0,0 +1,10 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
+ "assessmentMetadataName": "ca039e75-a276-4175-aebc-bcd41e4b14b7"
+ },
+ "responses": {
+ "200": {}
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
new file mode 100644
index 000000000000..a990d3c0714a
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json
@@ -0,0 +1,47 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "assessmentMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "plannedDeprecationDate": "03/2022",
+ "tactics": [
+ "credentialAccess",
+ "persistence",
+ "execution",
+ "defenseEvasion",
+ "collection",
+ "discovery",
+ "privilegeEscalation"
+ ],
+ "assessmentType": "BuiltIn"
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
new file mode 100644
index 000000000000..1e38e364a9e3
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json
@@ -0,0 +1,48 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e",
+ "assessmentMetadataName": "21300918-b2e3-0346-785f-c77ff57d243b"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "plannedDeprecationDate": "03/2022",
+ "tactics": [
+ "credentialAccess",
+ "persistence",
+ "execution",
+ "defenseEvasion",
+ "collection",
+ "discovery",
+ "privilegeEscalation"
+ ],
+ "assessmentType": "BuiltIn"
+ }
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
new file mode 100644
index 000000000000..326dd7f59cd2
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json
@@ -0,0 +1,100 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "value": [
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "plannedDeprecationDate": "03/2022",
+ "tactics": [
+ "credentialAccess",
+ "persistence",
+ "execution",
+ "defenseEvasion",
+ "collection",
+ "discovery",
+ "privilegeEscalation"
+ ],
+ "assessmentType": "BuiltIn"
+ }
+ },
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe",
+ "name": "bc303248-3d14-44c2-96a0-55f5c326b5fe",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Close management ports on your virtual machines",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
+ "description": "Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.",
+ "remediationDescription": "We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.
To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'",
+ "categories": [
+ "Networking"
+ ],
+ "severity": "Medium",
+ "userImpact": "High",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "preview": true,
+ "assessmentType": "CustomPolicy"
+ }
+ },
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "name": "ca039e75-a276-4175-aebc-bcd41e4b14b7",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "My organization security assessment",
+ "description": "Assessment that my organization created to view our security assessment in Azure Security Center",
+ "remediationDescription": "Fix it with these remediation instructions",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "assessmentType": "CustomerManaged"
+ }
+ }
+ ]
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
new file mode 100644
index 000000000000..d595d53cd9a1
--- /dev/null
+++ b/specification/security/resource-manager/Microsoft.Security/stable/2021-06-01/examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json
@@ -0,0 +1,79 @@
+{
+ "parameters": {
+ "api-version": "2021-06-01",
+ "subscriptionId": "0980887d-03d6-408c-9566-532f3456804e"
+ },
+ "responses": {
+ "200": {
+ "body": {
+ "value": [
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b",
+ "name": "21300918-b2e3-0346-785f-c77ff57d243b",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Install endpoint protection solution on virtual machine scale sets",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de",
+ "description": "Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.",
+ "remediationDescription": "To install an endpoint protection solution: 1. Follow the instructions in How do I turn on antimalware in my virtual machine scale set",
+ "categories": [
+ "Compute"
+ ],
+ "severity": "Medium",
+ "userImpact": "Low",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "plannedDeprecationDate": "03/2022",
+ "tactics": [
+ "credentialAccess",
+ "persistence",
+ "execution",
+ "defenseEvasion",
+ "collection",
+ "discovery",
+ "privilegeEscalation"
+ ],
+ "assessmentType": "BuiltIn"
+ }
+ },
+ {
+ "id": "/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe",
+ "name": "bc303248-3d14-44c2-96a0-55f5c326b5fe",
+ "type": "Microsoft.Security/assessmentMetadata",
+ "properties": {
+ "displayName": "Close management ports on your virtual machines",
+ "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917",
+ "description": "Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.",
+ "remediationDescription": "We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.
To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'",
+ "categories": [
+ "Networking"
+ ],
+ "severity": "Medium",
+ "userImpact": "High",
+ "implementationEffort": "Low",
+ "threats": [
+ "dataExfiltration",
+ "dataSpillage",
+ "maliciousInsider"
+ ],
+ "publishDates": {
+ "GA": "06/01/2021",
+ "public": "06/01/2021"
+ },
+ "preview": true,
+ "assessmentType": "CustomPolicy"
+ }
+ }
+ ]
+ }
+ }
+ }
+}
diff --git a/specification/security/resource-manager/readme.md b/specification/security/resource-manager/readme.md
index e09afccdb3ca..5697708b4cc8 100644
--- a/specification/security/resource-manager/readme.md
+++ b/specification/security/resource-manager/readme.md
@@ -199,8 +199,8 @@ input-file:
- Microsoft.Security/preview/2019-01-01-preview/automations.json
- Microsoft.Security/preview/2019-01-01-preview/alertsSuppressionRules.json
- Microsoft.Security/stable/2020-01-01/serverVulnerabilityAssessments.json
-- Microsoft.Security/stable/2020-01-01/assessmentMetadata.json
-- Microsoft.Security/stable/2020-01-01/assessments.json
+- Microsoft.Security/stable/2021-06-01/assessmentMetadata.json
+- Microsoft.Security/stable/2021-06-01/assessments.json
- Microsoft.Security/stable/2020-01-01/applicationWhitelistings.json
- Microsoft.Security/stable/2020-01-01/adaptiveNetworkHardenings.json
- Microsoft.Security/stable/2020-01-01/allowedConnections.json
@@ -468,6 +468,19 @@ override-info:
title: SecurityCenter
```
+### Tag: package-2021-06-only
+
+These settings apply only when `--tag=package-2021-06-only` is specified on the command line. This tag is used for Ruby SDK.
+
+``` yaml $(tag) == 'package-2021-06-only'
+input-file:
+- Microsoft.Security/stable/2021-06-01/assessmentMetadata.json
+- Microsoft.Security/stable/2021-06-01/assessments.json
+# Needed when there is more than one input file
+override-info:
+ title: SecurityCenter
+```
+
---
# Code Generation