diff --git a/schemas/2015-06-01-preview/Microsoft.Security.json b/schemas/2015-06-01-preview/Microsoft.Security.json deleted file mode 100644 index adc017f32a..0000000000 --- a/schemas/2015-06-01-preview/Microsoft.Security.json +++ /dev/null @@ -1,706 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2015-06-01-preview/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": { - "locations_jitNetworkAccessPolicies": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2015-06-01-preview" - ] - }, - "kind": { - "type": "string", - "description": "Kind of the resource" - }, - "name": { - "type": "string", - "description": "Name of a Just-in-Time access configuration policy." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/JitNetworkAccessPolicyProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/locations/jitNetworkAccessPolicies" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/locations/jitNetworkAccessPolicies" - } - }, - "subscription_resourceDefinitions": { - "locations_applicationWhitelistings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2015-06-01-preview" - ] - }, - "enforcementMode": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The enforcement mode of the group. Can also be defined per collection type by using ProtectionMode." - }, - "name": { - "type": "string", - "description": "Name of an application control VM/server group" - }, - "pathRecommendations": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/PathRecommendation" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protectionMode": { - "oneOf": [ - { - "$ref": "#/definitions/ProtectionMode" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/locations/applicationWhitelistings" - ] - }, - "vmRecommendations": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/VmRecommendation" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "apiVersion", - "name", - "type" - ], - "description": "Microsoft.Security/locations/applicationWhitelistings" - } - }, - "definitions": { - "JitNetworkAccessPolicyProperties": { - "type": "object", - "properties": { - "requests": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessRequest" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachines": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Configurations for Microsoft.Compute/virtualMachines resource type." - } - }, - "required": [ - "virtualMachines" - ] - }, - "JitNetworkAccessPolicyVirtualMachine": { - "type": "object", - "properties": { - "id": { - "type": "string", - "description": "Resource ID of the virtual machine that is linked to this policy" - }, - "ports": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessPortRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Port configurations for the virtual machine" - }, - "publicIpAddress": { - "type": "string", - "description": "Public IP address of the Azure Firewall that is linked to this policy, if applicable" - } - }, - "required": [ - "id", - "ports" - ] - }, - "JitNetworkAccessPortRule": { - "type": "object", - "properties": { - "allowedSourceAddressPrefix": { - "type": "string", - "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." - }, - "allowedSourceAddressPrefixes": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter." - }, - "maxRequestAccessDuration": { - "type": "string", - "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day" - }, - "number": { - "oneOf": [ - { - "type": "integer", - "minimum": 0, - "maximum": 65535 - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "oneOf": [ - { - "type": "string", - "enum": [ - "TCP", - "UDP", - "*" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "maxRequestAccessDuration", - "number", - "protocol" - ] - }, - "JitNetworkAccessRequest": { - "type": "object", - "properties": { - "justification": { - "type": "string", - "description": "The justification for making the initiate request" - }, - "requestor": { - "type": "string", - "description": "The identity of the person who made the request" - }, - "startTimeUtc": { - "type": "string", - "format": "date-time", - "description": "The start time of the request in UTC" - }, - "virtualMachines": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "requestor", - "startTimeUtc", - "virtualMachines" - ] - }, - "JitNetworkAccessRequestPort": { - "type": "object", - "properties": { - "allowedSourceAddressPrefix": { - "type": "string", - "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." - }, - "allowedSourceAddressPrefixes": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter." - }, - "endTimeUtc": { - "type": "string", - "format": "date-time", - "description": "The date & time at which the request ends in UTC" - }, - "mappedPort": { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The port which is mapped to this port's `number` in the Azure Firewall, if applicable" - }, - "number": { - "oneOf": [ - { - "type": "integer", - "minimum": 0, - "maximum": 65535 - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "status": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Revoked", - "Initiated" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The status of the port." - }, - "statusReason": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Expired", - "UserRequested", - "NewerRequestInitiated" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A description of why the `status` has its value." - } - }, - "required": [ - "endTimeUtc", - "number", - "status", - "statusReason" - ] - }, - "JitNetworkAccessRequestVirtualMachine": { - "type": "object", - "properties": { - "id": { - "type": "string", - "description": "Resource ID of the virtual machine that is linked to this policy" - }, - "ports": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessRequestPort" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The ports that were opened for the virtual machine" - } - }, - "required": [ - "id", - "ports" - ] - }, - "PathRecommendation": { - "type": "object", - "properties": { - "action": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Recommended", - "Add", - "Remove" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "common": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Whether the path is commonly run on the machine" - }, - "configurationStatus": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Configured", - "NotConfigured", - "InProgress", - "Failed", - "NoStatus" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Exe", - "Dll", - "Msi", - "Script", - "Executable", - "Unknown" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "path": { - "type": "string", - "description": "The full path to whitelist" - }, - "publisherInfo": { - "oneOf": [ - { - "$ref": "#/definitions/PublisherInfo" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Represents the publisher information of a process/rule" - }, - "type": { - "oneOf": [ - { - "type": "string", - "enum": [ - "File", - "FileHash", - "PublisherSignature", - "ProductSignature", - "BinarySignature", - "VersionAndAboveSignature" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "usernames": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/UserRecommendation" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userSids": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "description": "Represents a path that is recommended to be allowed and its properties" - }, - "ProtectionMode": { - "type": "object", - "properties": { - "exe": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "executable": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "msi": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "script": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux." - }, - "PublisherInfo": { - "type": "object", - "properties": { - "binaryName": { - "type": "string", - "description": "The \"OriginalName\" field taken from the file's version resource" - }, - "productName": { - "type": "string", - "description": "The product name taken from the file's version resource" - }, - "publisherName": { - "type": "string", - "description": "The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country" - }, - "version": { - "type": "string", - "description": "The binary file version taken from the file's version resource" - } - }, - "description": "Represents the publisher information of a process/rule" - }, - "UserRecommendation": { - "type": "object", - "properties": { - "recommendationAction": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Recommended", - "Add", - "Remove" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "username": { - "type": "string", - "description": "Represents a user that is recommended to be allowed for a certain rule" - } - }, - "description": "Represents a user that is recommended to be allowed for a certain rule" - }, - "VmRecommendation": { - "type": "object", - "properties": { - "configurationStatus": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Configured", - "NotConfigured", - "InProgress", - "Failed", - "NoStatus" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enforcementSupport": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Supported", - "NotSupported", - "Unknown" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "recommendationAction": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Recommended", - "Add", - "Remove" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resourceId": { - "type": "string", - "description": "The full azure resource id of the machine" - } - }, - "description": "Represents a machine that is part of a VM/server group" - } - } -} \ No newline at end of file diff --git a/schemas/2017-08-01-preview/Microsoft.Security.json b/schemas/2017-08-01-preview/Microsoft.Security.json deleted file mode 100644 index 365e17bd67..0000000000 --- a/schemas/2017-08-01-preview/Microsoft.Security.json +++ /dev/null @@ -1,1560 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": { - "iotSecuritySolutions": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "location": { - "type": "string", - "description": "The resource location." - }, - "name": { - "type": "string", - "description": "The solution manager name" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/IoTSecuritySolutionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Security Solution setting data" - }, - "tags": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "type": "string" - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Resource tags" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/iotSecuritySolutions" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/iotSecuritySolutions" - }, - "pricings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "name": { - "type": "string", - "description": "name of the pricing configuration" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/PricingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Pricing data" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/pricings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/pricings" - } - }, - "subscription_resourceDefinitions": { - "autoProvisioningSettings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "name": { - "type": "string", - "description": "Auto provisioning setting key" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/AutoProvisioningSettingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "describes properties of an auto provisioning setting" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/autoProvisioningSettings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/autoProvisioningSettings" - }, - "pricings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "name": { - "type": "string", - "description": "name of the pricing configuration" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/PricingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Pricing data" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/pricings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/pricings" - }, - "securityContacts": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "name": { - "type": "string", - "description": "Name of the security contact object" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityContactProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "describes security contact properties" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/securityContacts" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/securityContacts" - }, - "settings": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/DataExportSetting" - } - ], - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "name": { - "oneOf": [ - { - "type": "string", - "enum": [ - "MCAS", - "WDATP" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Name of setting: (MCAS/WDATP)." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/settings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "type" - ], - "description": "Microsoft.Security/settings" - }, - "workspaceSettings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "name": { - "type": "string", - "description": "Name of the security setting" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/WorkspaceSettingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Workspace setting data" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/workspaceSettings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/workspaceSettings" - } - }, - "unknown_resourceDefinitions": { - "advancedThreatProtectionSettings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "name": { - "type": "string", - "description": "Advanced Threat Protection setting name." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/AdvancedThreatProtectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The Advanced Threat Protection settings." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/advancedThreatProtectionSettings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/advancedThreatProtectionSettings" - }, - "deviceSecurityGroups": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the device security group. Note that the name of the device security group is case insensitive." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/DeviceSecurityGroupProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "describes properties of a security group." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/deviceSecurityGroups" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/deviceSecurityGroups" - }, - "informationProtectionPolicies": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-08-01-preview" - ] - }, - "name": { - "oneOf": [ - { - "type": "string", - "enum": [ - "effective", - "custom" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Name of the information protection policy." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/InformationProtectionPolicyProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "describes properties of an information protection policy." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/informationProtectionPolicies" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/informationProtectionPolicies" - } - }, - "definitions": { - "ActiveConnectionsNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "ActiveConnectionsNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of active connections is not in allowed range." - }, - "AdvancedThreatProtectionProperties": { - "type": "object", - "properties": { - "isEnabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Indicates whether Advanced Threat Protection is enabled." - } - }, - "description": "The Advanced Threat Protection settings." - }, - "AllowlistCustomAlertRule": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/ConnectionToIpNotAllowed" - }, - { - "$ref": "#/definitions/LocalUserNotAllowed" - }, - { - "$ref": "#/definitions/ProcessNotAllowed" - } - ], - "properties": { - "allowlistValues": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The values to allow. The format of the values depends on the rule type." - }, - "isEnabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Status of the custom alert." - } - }, - "required": [ - "allowlistValues", - "isEnabled" - ], - "description": "A custom alert rule that checks if a value (depends on the custom alert type) is allowed." - }, - "AmqpC2DMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "AmqpC2DMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of cloud to device messages (AMQP protocol) is not in allowed range." - }, - "AmqpC2DRejectedMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "AmqpC2DRejectedMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range." - }, - "AmqpD2CMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "AmqpD2CMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of device to cloud messages (AMQP protocol) is not in allowed range." - }, - "AutoProvisioningSettingProperties": { - "type": "object", - "properties": { - "autoProvision": { - "oneOf": [ - { - "type": "string", - "enum": [ - "On", - "Off" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes what kind of security agent provisioning action to take." - } - }, - "required": [ - "autoProvision" - ], - "description": "describes properties of an auto provisioning setting" - }, - "ConnectionToIpNotAllowed": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "ConnectionToIpNotAllowed" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation." - }, - "DataExportSetting": { - "type": "object", - "properties": { - "kind": { - "type": "string", - "enum": [ - "DataExportSetting" - ] - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/DataExportSettingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The data export setting properties" - } - }, - "required": [ - "kind" - ], - "description": "Represents a data export setting" - }, - "DataExportSettingProperties": { - "type": "object", - "properties": { - "enabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Is the data export setting is enabled" - } - }, - "required": [ - "enabled" - ], - "description": "The data export setting properties" - }, - "DenylistCustomAlertRule": { - "type": "object", - "properties": { - "denylistValues": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The values to deny. The format of the values depends on the rule type." - }, - "isEnabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Status of the custom alert." - } - }, - "required": [ - "denylistValues", - "isEnabled" - ], - "description": "A custom alert rule that checks if a value (depends on the custom alert type) is denied." - }, - "DeviceSecurityGroupProperties": { - "type": "object", - "properties": { - "allowlistRules": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/AllowlistCustomAlertRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The allow-list custom alert rules." - }, - "denylistRules": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/DenylistCustomAlertRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The deny-list custom alert rules." - }, - "thresholdRules": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/ThresholdCustomAlertRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The list of custom alert threshold rules." - }, - "timeWindowRules": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/TimeWindowCustomAlertRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The list of custom alert time-window rules." - } - }, - "description": "describes properties of a security group." - }, - "DirectMethodInvokesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "DirectMethodInvokesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of direct method invokes is not in allowed range." - }, - "FailedLocalLoginsNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "FailedLocalLoginsNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of failed local logins is not in allowed range." - }, - "FileUploadsNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "FileUploadsNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of file uploads is not in allowed range." - }, - "HttpC2DMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "HttpC2DMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of cloud to device messages (HTTP protocol) is not in allowed range." - }, - "HttpC2DRejectedMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "HttpC2DRejectedMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range." - }, - "HttpD2CMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "HttpD2CMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of device to cloud messages (HTTP protocol) is not in allowed range." - }, - "InformationProtectionKeyword": { - "type": "object", - "properties": { - "canBeNumeric": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Indicates whether the keyword can be applied on numeric types or not." - }, - "custom": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Indicates whether the keyword is custom or not." - }, - "excluded": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Indicates whether the keyword is excluded or not." - }, - "pattern": { - "type": "string", - "description": "The keyword pattern." - } - }, - "description": "The information type keyword." - }, - "InformationProtectionPolicyProperties": { - "type": "object", - "properties": { - "informationTypes": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/InformationType" - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The sensitivity information types." - }, - "labels": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "$ref": "#/definitions/SensitivityLabel" - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Dictionary of sensitivity labels." - } - }, - "description": "describes properties of an information protection policy." - }, - "InformationType": { - "type": "object", - "properties": { - "custom": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Indicates whether the information type is custom or not." - }, - "description": { - "type": "string", - "description": "The description of the information type." - }, - "displayName": { - "type": "string", - "description": "The name of the information type." - }, - "enabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Indicates whether the information type is enabled or not." - }, - "keywords": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/InformationProtectionKeyword" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The information type keywords." - }, - "order": { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The order of the information type." - }, - "recommendedLabelId": { - "oneOf": [ - { - "type": "string", - "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The recommended label id to be associated with this information type." - } - }, - "description": "The information type." - }, - "IoTSecuritySolutionProperties": { - "type": "object", - "properties": { - "disabledDataSources": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "TwinData" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Disabled data sources. Disabling these data sources compromises the system." - }, - "displayName": { - "type": "string", - "description": "Resource display name." - }, - "export": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "RawEvents" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "List of additional export to workspace data options" - }, - "iotHubs": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "IoT Hub resource IDs" - }, - "recommendationsConfiguration": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/RecommendationConfigurationProperties" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "List of recommendation configuration" - }, - "status": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Enabled", - "Disabled" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Security solution status." - }, - "userDefinedResources": { - "oneOf": [ - { - "$ref": "#/definitions/UserDefinedResourcesProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Properties of the solution's user defined resources." - }, - "workspace": { - "type": "string", - "description": "Workspace resource ID" - } - }, - "required": [ - "displayName", - "iotHubs", - "workspace" - ], - "description": "Security Solution setting data" - }, - "LocalUserNotAllowed": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "LocalUserNotAllowed" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Login by a local user that isn't allowed. Allow list consists of login names to allow." - }, - "MqttC2DMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "MqttC2DMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of cloud to device messages (MQTT protocol) is not in allowed range." - }, - "MqttC2DRejectedMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "MqttC2DRejectedMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range." - }, - "MqttD2CMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "MqttD2CMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of device to cloud messages (MQTT protocol) is not in allowed range." - }, - "PricingProperties": { - "type": "object", - "properties": { - "pricingTier": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Free", - "Standard" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Pricing tier type." - } - }, - "required": [ - "pricingTier" - ], - "description": "Pricing data" - }, - "ProcessNotAllowed": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "ProcessNotAllowed" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Execution of a process that isn't allowed. Allow list consists of process names to allow." - }, - "QueuePurgesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "QueuePurgesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of device queue purges is not in allowed range." - }, - "RecommendationConfigurationProperties": { - "type": "object", - "properties": { - "recommendationType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "IoT_ACRAuthentication", - "IoT_AgentSendsUnutilizedMessages", - "IoT_Baseline", - "IoT_EdgeHubMemOptimize", - "IoT_EdgeLoggingOptions", - "IoT_InconsistentModuleSettings", - "IoT_InstallAgent", - "IoT_IPFilter_DenyAll", - "IoT_IPFilter_PermissiveRule", - "IoT_OpenPorts", - "IoT_PermissiveFirewallPolicy", - "IoT_PermissiveInputFirewallRules", - "IoT_PermissiveOutputFirewallRules", - "IoT_PrivilegedDockerOptions", - "IoT_SharedCredentials", - "IoT_VulnerableTLSCipherSuite" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The recommendation type." - }, - "status": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Disabled", - "Enabled" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Recommendation status. The recommendation is not generated when the status is disabled." - } - }, - "required": [ - "recommendationType", - "status" - ], - "description": "Recommendation configuration" - }, - "SecurityContactProperties": { - "type": "object", - "properties": { - "alertNotifications": { - "oneOf": [ - { - "type": "string", - "enum": [ - "On", - "Off" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Whether to send security alerts notifications to the security contact." - }, - "alertsToAdmins": { - "oneOf": [ - { - "type": "string", - "enum": [ - "On", - "Off" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Whether to send security alerts notifications to subscription admins." - }, - "email": { - "type": "string", - "format": "email", - "description": "The email of this security contact" - }, - "phone": { - "type": "string", - "description": "The phone number of this security contact" - } - }, - "required": [ - "alertNotifications", - "alertsToAdmins", - "email" - ], - "description": "describes security contact properties" - }, - "SensitivityLabel": { - "type": "object", - "properties": { - "description": { - "type": "string", - "description": "The description of the sensitivity label." - }, - "displayName": { - "type": "string", - "description": "The name of the sensitivity label." - }, - "enabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Indicates whether the label is enabled or not." - }, - "order": { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The order of the sensitivity label." - }, - "rank": { - "oneOf": [ - { - "type": "string", - "enum": [ - "None", - "Low", - "Medium", - "High", - "Critical" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The rank of the sensitivity label." - } - }, - "description": "The sensitivity label." - }, - "ThresholdCustomAlertRule": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/TimeWindowCustomAlertRule" - } - ], - "properties": { - "isEnabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Status of the custom alert." - }, - "maxThreshold": { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The maximum threshold." - }, - "minThreshold": { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The minimum threshold." - } - }, - "required": [ - "isEnabled", - "maxThreshold", - "minThreshold" - ], - "description": "A custom alert rule that checks if a value (depends on the custom alert type) is within the given range." - }, - "TimeWindowCustomAlertRule": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/ActiveConnectionsNotInAllowedRange" - }, - { - "$ref": "#/definitions/AmqpC2DMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/MqttC2DMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/HttpC2DMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/AmqpC2DRejectedMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/MqttC2DRejectedMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/HttpC2DRejectedMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/AmqpD2CMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/MqttD2CMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/HttpD2CMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/DirectMethodInvokesNotInAllowedRange" - }, - { - "$ref": "#/definitions/FailedLocalLoginsNotInAllowedRange" - }, - { - "$ref": "#/definitions/FileUploadsNotInAllowedRange" - }, - { - "$ref": "#/definitions/QueuePurgesNotInAllowedRange" - }, - { - "$ref": "#/definitions/TwinUpdatesNotInAllowedRange" - }, - { - "$ref": "#/definitions/UnauthorizedOperationsNotInAllowedRange" - } - ], - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "TimeWindowCustomAlertRule" - ] - }, - "timeWindowSize": { - "type": "string", - "format": "duration", - "description": "The time window size in iso8601 format." - } - }, - "required": [ - "ruleType", - "timeWindowSize" - ], - "description": "A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range." - }, - "TwinUpdatesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "TwinUpdatesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of twin updates is not in allowed range." - }, - "UnauthorizedOperationsNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "UnauthorizedOperationsNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of unauthorized operations is not in allowed range." - }, - "UserDefinedResourcesProperties": { - "type": "object", - "properties": { - "query": { - "type": "string", - "description": "Azure Resource Graph query which represents the security solution's user defined resources. Required to start with \"where type != \"Microsoft.Devices/IotHubs\"\"" - }, - "querySubscriptions": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "List of Azure subscription ids on which the user defined resources query should be executed." - } - }, - "required": [ - "query", - "querySubscriptions" - ], - "description": "Properties of the solution's user defined resources." - }, - "WorkspaceSettingProperties": { - "type": "object", - "properties": { - "scope": { - "type": "string", - "description": "All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope" - }, - "workspaceId": { - "type": "string", - "description": "The full Azure ID of the workspace to save the data in" - } - }, - "required": [ - "scope", - "workspaceId" - ], - "description": "Workspace setting data" - } - } -} \ No newline at end of file diff --git a/schemas/2018-05-01/subscriptionDeploymentTemplate.json b/schemas/2018-05-01/subscriptionDeploymentTemplate.json index a2ea7ad574..29ba473e9d 100644 --- a/schemas/2018-05-01/subscriptionDeploymentTemplate.json +++ b/schemas/2018-05-01/subscriptionDeploymentTemplate.json @@ -968,87 +968,6 @@ { "$ref": "https://schema.management.azure.com/schemas/2021-05-01/Microsoft.Resources.json#/subscription_resourceDefinitions/resourceGroups" }, - { - "$ref": "https://schema.management.azure.com/schemas/2015-06-01-preview/Microsoft.Security.json#/subscription_resourceDefinitions/locations_applicationWhitelistings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#/subscription_resourceDefinitions/autoProvisioningSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#/subscription_resourceDefinitions/pricings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#/subscription_resourceDefinitions/securityContacts" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#/subscription_resourceDefinitions/settings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#/subscription_resourceDefinitions/workspaceSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#/unknown_resourceDefinitions/advancedThreatProtectionSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#/unknown_resourceDefinitions/deviceSecurityGroups" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2018-06-01/Microsoft.Security.json#/subscription_resourceDefinitions/pricings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-01-01/Microsoft.Security.json#/subscription_resourceDefinitions/settings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-01-01/Microsoft.Security.json#/unknown_resourceDefinitions/advancedThreatProtectionSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-01-01-preview/Microsoft.Security.json#/subscription_resourceDefinitions/alertsSuppressionRules" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-01-01-preview/Microsoft.Security.json#/subscription_resourceDefinitions/assessmentMetadata" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-01-01-preview/Microsoft.Security.json#/unknown_resourceDefinitions/assessments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Security.json#/unknown_resourceDefinitions/deviceSecurityGroups" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-01-01/Microsoft.Security.json#/subscription_resourceDefinitions/assessmentMetadata" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-01-01/Microsoft.Security.json#/subscription_resourceDefinitions/locations_applicationWhitelistings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-01-01/Microsoft.Security.json#/unknown_resourceDefinitions/assessments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-01-01-preview/Microsoft.Security.json#/subscription_resourceDefinitions/connectors" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-08-06-preview/Microsoft.Security.json#/subscription_resourceDefinitions/iotDefenderSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-08-06-preview/Microsoft.Security.json#/subscription_resourceDefinitions/onPremiseIotSensors" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-08-06-preview/Microsoft.Security.json#/unknown_resourceDefinitions/iotSensors" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-08-06-preview/Microsoft.Security.json#/unknown_resourceDefinitions/iotSites" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-01-15-preview/Microsoft.Security.json#/subscription_resourceDefinitions/ingestionSettings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-06-01/Microsoft.Security.json#/subscription_resourceDefinitions/assessmentMetadata" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-06-01/Microsoft.Security.json#/subscription_resourceDefinitions/settings" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-06-01/Microsoft.Security.json#/unknown_resourceDefinitions/assessments" - }, { "$ref": "https://schema.management.azure.com/schemas/2019-05-01-preview/Microsoft.Support.json#/subscription_resourceDefinitions/supportTickets" }, diff --git a/schemas/2018-06-01/Microsoft.Security.json b/schemas/2018-06-01/Microsoft.Security.json deleted file mode 100644 index 614eded030..0000000000 --- a/schemas/2018-06-01/Microsoft.Security.json +++ /dev/null @@ -1,74 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2018-06-01/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": {}, - "subscription_resourceDefinitions": { - "pricings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2018-06-01" - ] - }, - "name": { - "type": "string", - "description": "name of the pricing configuration" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/PricingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Pricing properties for the relevant scope" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/pricings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/pricings" - } - }, - "definitions": { - "PricingProperties": { - "type": "object", - "properties": { - "pricingTier": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Free", - "Standard" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The pricing tier value. Azure Security Center is provided in two pricing tiers: free and standard, with the standard tier available with a trial period. The standard tier offers advanced security capabilities, while the free tier offers basic security features." - } - }, - "required": [ - "pricingTier" - ], - "description": "Pricing properties for the relevant scope" - } - } -} \ No newline at end of file diff --git a/schemas/2019-01-01-preview/Microsoft.Security.json b/schemas/2019-01-01-preview/Microsoft.Security.json deleted file mode 100644 index 852b485023..0000000000 --- a/schemas/2019-01-01-preview/Microsoft.Security.json +++ /dev/null @@ -1,902 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-01-01-preview/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": { - "automations": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2019-01-01-preview" - ] - }, - "etag": { - "type": "string", - "description": "Entity tag is used for comparing two or more entities from the same requested resource." - }, - "kind": { - "type": "string", - "description": "Kind of the resource" - }, - "location": { - "type": "string", - "description": "Location where the resource is stored" - }, - "name": { - "type": "string", - "description": "The security automation name." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/AutomationProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A set of properties that defines the behavior of the automation configuration. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas." - }, - "tags": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "type": "string" - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A list of key value pairs that describe the resource." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/automations" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/automations" - } - }, - "subscription_resourceDefinitions": { - "alertsSuppressionRules": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2019-01-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The unique name of the suppression alert rule" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/AlertsSuppressionRuleProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "describes AlertsSuppressionRule properties" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/alertsSuppressionRules" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/alertsSuppressionRules" - }, - "assessmentMetadata": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2019-01-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The Assessment Key - Unique key for the assessment type" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentMetadataProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes properties of an assessment metadata." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/assessmentMetadata" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/assessmentMetadata" - } - }, - "unknown_resourceDefinitions": { - "assessments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2019-01-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The Assessment Key - Unique key for the assessment type" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes properties of an assessment." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/assessments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/assessments" - } - }, - "definitions": { - "AlertsSuppressionRuleProperties": { - "type": "object", - "properties": { - "alertType": { - "type": "string", - "description": "Type of the alert to automatically suppress. For all alert types, use '*'" - }, - "comment": { - "type": "string", - "description": "Any comment regarding the rule" - }, - "expirationDateUtc": { - "type": "string", - "format": "date-time", - "description": "Expiration date of the rule, if value is not provided or provided as null this field will default to the maximum allowed expiration date." - }, - "reason": { - "type": "string", - "description": "The reason for dismissing the alert" - }, - "state": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Enabled", - "Disabled", - "Expired" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Possible states of the rule." - }, - "suppressionAlertsScope": { - "oneOf": [ - { - "$ref": "#/definitions/SuppressionAlertsScope" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "alertType", - "reason", - "state" - ], - "description": "describes AlertsSuppressionRule properties" - }, - "AssessmentLinks": { - "type": "object", - "properties": {}, - "description": "Links relevant to the assessment" - }, - "AssessmentStatus": { - "type": "object", - "properties": { - "cause": { - "type": "string", - "description": "Programmatic code for the cause of the assessment status" - }, - "code": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Healthy", - "Unhealthy", - "NotApplicable" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Programmatic code for the status of the assessment." - }, - "description": { - "type": "string", - "description": "Human readable description of the assessment status" - } - }, - "required": [ - "code" - ], - "description": "The result of the assessment" - }, - "AutomationAction": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/AutomationActionLogicApp" - }, - { - "$ref": "#/definitions/AutomationActionEventHub" - }, - { - "$ref": "#/definitions/AutomationActionWorkspace" - } - ], - "properties": {}, - "description": "The action that should be triggered." - }, - "AutomationActionEventHub": { - "type": "object", - "properties": { - "actionType": { - "type": "string", - "enum": [ - "EventHub" - ] - }, - "connectionString": { - "type": "string", - "description": "The target Event Hub connection string (it will not be included in any response)." - }, - "eventHubResourceId": { - "type": "string", - "description": "The target Event Hub Azure Resource ID." - } - }, - "required": [ - "actionType" - ], - "description": "The target Event Hub to which event data will be exported. To learn more about Security Center continuous export capabilities, visit https://aka.ms/ASCExportLearnMore" - }, - "AutomationActionLogicApp": { - "type": "object", - "properties": { - "actionType": { - "type": "string", - "enum": [ - "LogicApp" - ] - }, - "logicAppResourceId": { - "type": "string", - "description": "The triggered Logic App Azure Resource ID. This can also reside on other subscriptions, given that you have permissions to trigger the Logic App" - }, - "uri": { - "type": "string", - "format": "uri", - "description": "The Logic App trigger URI endpoint (it will not be included in any response)." - } - }, - "required": [ - "actionType" - ], - "description": "The logic app action that should be triggered. To learn more about Security Center's Workflow Automation capabilities, visit https://aka.ms/ASCWorkflowAutomationLearnMore" - }, - "AutomationActionWorkspace": { - "type": "object", - "properties": { - "actionType": { - "type": "string", - "enum": [ - "Workspace" - ] - }, - "workspaceResourceId": { - "type": "string", - "description": "The fully qualified Log Analytics Workspace Azure Resource ID." - } - }, - "required": [ - "actionType" - ], - "description": "The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments data will reside in the 'SecurityRecommendation' table (under the 'Security'/'SecurityCenterFree' solutions). Note that in order to view the data in the workspace, the Security Center Log Analytics free/standard solution needs to be enabled on that workspace. To learn more about Security Center continuous export capabilities, visit https://aka.ms/ASCExportLearnMore" - }, - "AutomationProperties": { - "type": "object", - "properties": { - "actions": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/AutomationAction" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A collection of the actions which are triggered if all the configured rules evaluations, within at least one rule set, are true." - }, - "description": { - "type": "string", - "description": "The security automation description." - }, - "isEnabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Indicates whether the security automation is enabled." - }, - "scopes": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/AutomationScope" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes." - }, - "sources": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/AutomationSource" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A collection of the source event types which evaluate the security automation set of rules." - } - }, - "description": "A set of properties that defines the behavior of the automation configuration. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas." - }, - "AutomationRuleSet": { - "type": "object", - "properties": { - "rules": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/AutomationTriggeringRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "description": "A rule set which evaluates all its rules upon an event interception. Only when all the included rules in the rule set will be evaluated as 'true', will the event trigger the defined actions." - }, - "AutomationScope": { - "type": "object", - "properties": { - "description": { - "type": "string", - "description": "The resources scope description." - }, - "scopePath": { - "type": "string", - "description": "The resources scope path. Can be the subscription on which the automation is defined on or a resource group under that subscription (fully qualified Azure resource IDs)." - } - }, - "description": "A single automation scope." - }, - "AutomationSource": { - "type": "object", - "properties": { - "eventSource": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Assessments", - "SubAssessments", - "Alerts", - "SecureScores", - "SecureScoresSnapshot", - "SecureScoreControls", - "SecureScoreControlsSnapshot", - "RegulatoryComplianceAssessment", - "RegulatoryComplianceAssessmentSnapshot" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A valid event source type." - }, - "ruleSets": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/AutomationRuleSet" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A set of rules which evaluate upon event interception. A logical disjunction is applied between defined rule sets (logical 'or')." - } - }, - "description": "The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas." - }, - "AutomationTriggeringRule": { - "type": "object", - "properties": { - "expectedValue": { - "type": "string", - "description": "The expected value." - }, - "operator": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Equals", - "GreaterThan", - "GreaterThanOrEqualTo", - "LesserThan", - "LesserThanOrEqualTo", - "NotEquals", - "Contains", - "StartsWith", - "EndsWith" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A valid comparer operator to use. A case-insensitive comparison will be applied for String PropertyType." - }, - "propertyJPath": { - "type": "string", - "description": "The JPath of the entity model property that should be checked." - }, - "propertyType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "String", - "Integer", - "Number", - "Boolean" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The data type of the compared operands (string, integer, floating point number or a boolean [true/false]]." - } - }, - "description": "A rule which is evaluated upon event interception. The rule is configured by comparing a specific value from the event model to an expected value. This comparison is done by using one of the supported operators set." - }, - "AzureResourceDetails": { - "type": "object", - "properties": { - "source": { - "type": "string", - "enum": [ - "Azure" - ] - } - }, - "required": [ - "source" - ], - "description": "Details of the Azure resource that was assessed" - }, - "OnPremiseResourceDetails": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/OnPremiseSqlResourceDetails" - } - ], - "properties": { - "machineName": { - "type": "string", - "description": "The name of the machine" - }, - "source": { - "type": "string", - "enum": [ - "OnPremise" - ] - }, - "sourceComputerId": { - "type": "string", - "description": "The oms agent Id installed on the machine" - }, - "vmuuid": { - "type": "string", - "description": "The unique Id of the machine" - }, - "workspaceId": { - "type": "string", - "description": "Azure resource Id of the workspace the machine is attached to" - } - }, - "required": [ - "machineName", - "source", - "sourceComputerId", - "vmuuid", - "workspaceId" - ], - "description": "Details of the On Premise resource that was assessed" - }, - "OnPremiseSqlResourceDetails": { - "type": "object", - "properties": { - "databaseName": { - "type": "string", - "description": "The Sql database name installed on the machine" - }, - "serverName": { - "type": "string", - "description": "The Sql server name installed on the machine" - }, - "source": { - "type": "string", - "enum": [ - "OnPremiseSql" - ] - } - }, - "required": [ - "databaseName", - "serverName", - "source" - ], - "description": "Details of the On Premise Sql resource that was assessed" - }, - "ResourceDetails": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/AzureResourceDetails" - }, - { - "$ref": "#/definitions/OnPremiseResourceDetails" - } - ], - "properties": {}, - "description": "Details of the resource that was assessed" - }, - "ScopeElement": { - "type": "object", - "properties": { - "additionalProperties": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "type": "object", - "properties": {} - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Unmatched properties from the message are deserialized this collection" - }, - "field": { - "type": "string", - "description": "The alert entity type to suppress by." - } - }, - "description": "A more specific scope used to identify the alerts to suppress." - }, - "SecurityAssessmentMetadataProperties": { - "type": "object", - "properties": { - "assessmentType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "BuiltIn", - "CustomPolicy", - "CustomerManaged" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition." - }, - "categories": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "Compute", - "Networking", - "Data", - "IdentityAndAccess", - "IoT" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "description": { - "type": "string", - "description": "Human readable description of the assessment" - }, - "displayName": { - "type": "string", - "description": "User friendly display name of the assessment" - }, - "implementationEffort": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Low", - "Moderate", - "High" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The implementation effort required to remediate this assessment." - }, - "preview": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "True if this assessment is in preview release status" - }, - "remediationDescription": { - "type": "string", - "description": "Human readable description of what you should do to mitigate this security issue" - }, - "severity": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Low", - "Medium", - "High" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The severity level of the assessment." - }, - "threats": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "accountBreach", - "dataExfiltration", - "dataSpillage", - "maliciousInsider", - "elevationOfPrivilege", - "threatResistance", - "missingCoverage", - "denialOfService" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userImpact": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Low", - "Moderate", - "High" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The user impact of the assessment." - } - }, - "required": [ - "assessmentType", - "displayName", - "severity" - ], - "description": "Describes properties of an assessment metadata." - }, - "SecurityAssessmentProperties": { - "type": "object", - "properties": { - "additionalData": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "type": "string" - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Additional data regarding the assessment" - }, - "links": { - "oneOf": [ - { - "$ref": "#/definitions/AssessmentLinks" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Links relevant to the assessment" - }, - "resourceDetails": { - "oneOf": [ - { - "$ref": "#/definitions/ResourceDetails" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Details of the resource that was assessed" - }, - "status": { - "oneOf": [ - { - "$ref": "#/definitions/AssessmentStatus" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The result of the assessment" - } - }, - "required": [ - "resourceDetails", - "status" - ], - "description": "Describes properties of an assessment." - }, - "SuppressionAlertsScope": { - "type": "object", - "properties": { - "allOf": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/ScopeElement" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "All the conditions inside need to be true in order to suppress the alert" - } - }, - "required": [ - "allOf" - ] - } - } -} \ No newline at end of file diff --git a/schemas/2019-01-01/Microsoft.Security.json b/schemas/2019-01-01/Microsoft.Security.json deleted file mode 100644 index e31960c3c3..0000000000 --- a/schemas/2019-01-01/Microsoft.Security.json +++ /dev/null @@ -1,161 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-01-01/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": {}, - "subscription_resourceDefinitions": { - "settings": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/DataExportSettings" - } - ], - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2019-01-01" - ] - }, - "name": { - "oneOf": [ - { - "type": "string", - "enum": [ - "MCAS", - "WDATP" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Name of setting: (MCAS/WDATP)." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/settings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "type" - ], - "description": "Microsoft.Security/settings" - } - }, - "unknown_resourceDefinitions": { - "advancedThreatProtectionSettings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2019-01-01" - ] - }, - "name": { - "type": "string", - "enum": [ - "current" - ], - "description": "Advanced Threat Protection setting name." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/AdvancedThreatProtectionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The Advanced Threat Protection settings." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/advancedThreatProtectionSettings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/advancedThreatProtectionSettings" - } - }, - "definitions": { - "AdvancedThreatProtectionProperties": { - "type": "object", - "properties": { - "isEnabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Indicates whether Advanced Threat Protection is enabled." - } - }, - "description": "The Advanced Threat Protection settings." - }, - "DataExportSettingProperties": { - "type": "object", - "properties": { - "enabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Is the data export setting is enabled" - } - }, - "required": [ - "enabled" - ], - "description": "The data export setting properties" - }, - "DataExportSettings": { - "type": "object", - "properties": { - "kind": { - "type": "string", - "enum": [ - "DataExportSettings" - ] - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/DataExportSettingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The data export setting properties" - } - }, - "required": [ - "kind" - ], - "description": "Represents a data export setting" - } - } -} \ No newline at end of file diff --git a/schemas/2019-08-01/Microsoft.Security.json b/schemas/2019-08-01/Microsoft.Security.json deleted file mode 100644 index 43f54f4196..0000000000 --- a/schemas/2019-08-01/Microsoft.Security.json +++ /dev/null @@ -1,934 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2019-08-01/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": { - "iotSecuritySolutions": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2019-08-01" - ] - }, - "location": { - "type": "string", - "description": "The resource location." - }, - "name": { - "type": "string", - "description": "The name of the IoT Security solution." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/IoTSecuritySolutionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Security Solution setting data" - }, - "tags": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "type": "string" - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Resource tags" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/iotSecuritySolutions" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/iotSecuritySolutions" - } - }, - "unknown_resourceDefinitions": { - "deviceSecurityGroups": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2019-08-01" - ] - }, - "name": { - "type": "string", - "description": "The name of the device security group. Note that the name of the device security group is case insensitive." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/DeviceSecurityGroupProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "describes properties of a security group." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/deviceSecurityGroups" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/deviceSecurityGroups" - } - }, - "definitions": { - "ActiveConnectionsNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "ActiveConnectionsNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of active connections is not in allowed range." - }, - "AdditionalWorkspacesProperties": { - "type": "object", - "properties": { - "dataTypes": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "Alerts", - "RawEvents" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "List of data types sent to workspace" - }, - "type": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Sentinel" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Workspace type." - }, - "workspace": { - "type": "string", - "description": "Workspace resource id" - } - }, - "description": "Properties of the additional workspaces." - }, - "AllowlistCustomAlertRule": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/ConnectionToIpNotAllowed" - }, - { - "$ref": "#/definitions/ConnectionFromIpNotAllowed" - }, - { - "$ref": "#/definitions/LocalUserNotAllowed" - }, - { - "$ref": "#/definitions/ProcessNotAllowed" - } - ], - "properties": { - "allowlistValues": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The values to allow. The format of the values depends on the rule type." - }, - "isEnabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Status of the custom alert." - } - }, - "required": [ - "allowlistValues", - "isEnabled" - ], - "description": "A custom alert rule that checks if a value (depends on the custom alert type) is allowed." - }, - "AmqpC2DMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "AmqpC2DMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of cloud to device messages (AMQP protocol) is not in allowed range." - }, - "AmqpC2DRejectedMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "AmqpC2DRejectedMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range." - }, - "AmqpD2CMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "AmqpD2CMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of device to cloud messages (AMQP protocol) is not in allowed range." - }, - "ConnectionFromIpNotAllowed": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "ConnectionFromIpNotAllowed" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Inbound connection from an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation." - }, - "ConnectionToIpNotAllowed": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "ConnectionToIpNotAllowed" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation." - }, - "DenylistCustomAlertRule": { - "type": "object", - "properties": { - "denylistValues": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The values to deny. The format of the values depends on the rule type." - }, - "isEnabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Status of the custom alert." - } - }, - "required": [ - "denylistValues", - "isEnabled" - ], - "description": "A custom alert rule that checks if a value (depends on the custom alert type) is denied." - }, - "DeviceSecurityGroupProperties": { - "type": "object", - "properties": { - "allowlistRules": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/AllowlistCustomAlertRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The allow-list custom alert rules." - }, - "denylistRules": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/DenylistCustomAlertRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The deny-list custom alert rules." - }, - "thresholdRules": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/ThresholdCustomAlertRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The list of custom alert threshold rules." - }, - "timeWindowRules": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/TimeWindowCustomAlertRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The list of custom alert time-window rules." - } - }, - "description": "describes properties of a security group." - }, - "DirectMethodInvokesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "DirectMethodInvokesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of direct method invokes is not in allowed range." - }, - "FailedLocalLoginsNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "FailedLocalLoginsNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of failed local logins is not in allowed range." - }, - "FileUploadsNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "FileUploadsNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of file uploads is not in allowed range." - }, - "HttpC2DMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "HttpC2DMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of cloud to device messages (HTTP protocol) is not in allowed range." - }, - "HttpC2DRejectedMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "HttpC2DRejectedMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range." - }, - "HttpD2CMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "HttpD2CMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of device to cloud messages (HTTP protocol) is not in allowed range." - }, - "IoTSecuritySolutionProperties": { - "type": "object", - "properties": { - "additionalWorkspaces": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/AdditionalWorkspacesProperties" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "List of additional workspaces" - }, - "disabledDataSources": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "TwinData" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Disabled data sources. Disabling these data sources compromises the system." - }, - "displayName": { - "type": "string", - "description": "Resource display name." - }, - "export": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "RawEvents" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "List of additional options for exporting to workspace data." - }, - "iotHubs": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "IoT Hub resource IDs" - }, - "recommendationsConfiguration": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/RecommendationConfigurationProperties" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "List of the configuration status for each recommendation type." - }, - "status": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Enabled", - "Disabled" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Status of the IoT Security solution." - }, - "unmaskedIpLoggingStatus": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Disabled", - "Enabled" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Unmasked IP address logging status." - }, - "userDefinedResources": { - "oneOf": [ - { - "$ref": "#/definitions/UserDefinedResourcesProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Properties of the IoT Security solution's user defined resources." - }, - "workspace": { - "type": "string", - "description": "Workspace resource ID" - } - }, - "required": [ - "displayName", - "iotHubs" - ], - "description": "Security Solution setting data" - }, - "LocalUserNotAllowed": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "LocalUserNotAllowed" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Login by a local user that isn't allowed. Allow list consists of login names to allow." - }, - "MqttC2DMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "MqttC2DMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of cloud to device messages (MQTT protocol) is not in allowed range." - }, - "MqttC2DRejectedMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "MqttC2DRejectedMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range." - }, - "MqttD2CMessagesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "MqttD2CMessagesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of device to cloud messages (MQTT protocol) is not in allowed range." - }, - "ProcessNotAllowed": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "ProcessNotAllowed" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Execution of a process that isn't allowed. Allow list consists of process names to allow." - }, - "QueuePurgesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "QueuePurgesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of device queue purges is not in allowed range." - }, - "RecommendationConfigurationProperties": { - "type": "object", - "properties": { - "recommendationType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "IoT_ACRAuthentication", - "IoT_AgentSendsUnutilizedMessages", - "IoT_Baseline", - "IoT_EdgeHubMemOptimize", - "IoT_EdgeLoggingOptions", - "IoT_InconsistentModuleSettings", - "IoT_InstallAgent", - "IoT_IPFilter_DenyAll", - "IoT_IPFilter_PermissiveRule", - "IoT_OpenPorts", - "IoT_PermissiveFirewallPolicy", - "IoT_PermissiveInputFirewallRules", - "IoT_PermissiveOutputFirewallRules", - "IoT_PrivilegedDockerOptions", - "IoT_SharedCredentials", - "IoT_VulnerableTLSCipherSuite" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The type of IoT Security recommendation." - }, - "status": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Disabled", - "Enabled" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Recommendation status. When the recommendation status is disabled recommendations are not generated." - } - }, - "required": [ - "recommendationType", - "status" - ], - "description": "The type of IoT Security recommendation." - }, - "ThresholdCustomAlertRule": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/TimeWindowCustomAlertRule" - } - ], - "properties": { - "isEnabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Status of the custom alert." - }, - "maxThreshold": { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The maximum threshold." - }, - "minThreshold": { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The minimum threshold." - } - }, - "required": [ - "isEnabled", - "maxThreshold", - "minThreshold" - ], - "description": "A custom alert rule that checks if a value (depends on the custom alert type) is within the given range." - }, - "TimeWindowCustomAlertRule": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/ActiveConnectionsNotInAllowedRange" - }, - { - "$ref": "#/definitions/AmqpC2DMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/MqttC2DMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/HttpC2DMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/AmqpC2DRejectedMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/MqttC2DRejectedMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/HttpC2DRejectedMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/AmqpD2CMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/MqttD2CMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/HttpD2CMessagesNotInAllowedRange" - }, - { - "$ref": "#/definitions/DirectMethodInvokesNotInAllowedRange" - }, - { - "$ref": "#/definitions/FailedLocalLoginsNotInAllowedRange" - }, - { - "$ref": "#/definitions/FileUploadsNotInAllowedRange" - }, - { - "$ref": "#/definitions/QueuePurgesNotInAllowedRange" - }, - { - "$ref": "#/definitions/TwinUpdatesNotInAllowedRange" - }, - { - "$ref": "#/definitions/UnauthorizedOperationsNotInAllowedRange" - } - ], - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "TimeWindowCustomAlertRule" - ] - }, - "timeWindowSize": { - "type": "string", - "format": "duration", - "description": "The time window size in iso8601 format." - } - }, - "required": [ - "ruleType", - "timeWindowSize" - ], - "description": "A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range." - }, - "TwinUpdatesNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "TwinUpdatesNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of twin updates is not in allowed range." - }, - "UnauthorizedOperationsNotInAllowedRange": { - "type": "object", - "properties": { - "ruleType": { - "type": "string", - "enum": [ - "UnauthorizedOperationsNotInAllowedRange" - ] - } - }, - "required": [ - "ruleType" - ], - "description": "Number of unauthorized operations is not in allowed range." - }, - "UserDefinedResourcesProperties": { - "type": "object", - "properties": { - "query": { - "type": "string", - "description": "Azure Resource Graph query which represents the security solution's user defined resources. Required to start with \"where type != \"Microsoft.Devices/IotHubs\"\"" - }, - "querySubscriptions": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "List of Azure subscription ids on which the user defined resources query should be executed." - } - }, - "required": [ - "query", - "querySubscriptions" - ], - "description": "Properties of the IoT Security solution's user defined resources." - } - } -} \ No newline at end of file diff --git a/schemas/2019-08-01/managementGroupDeploymentTemplate.json b/schemas/2019-08-01/managementGroupDeploymentTemplate.json index 861f7ab4a8..b7536dc8c9 100644 --- a/schemas/2019-08-01/managementGroupDeploymentTemplate.json +++ b/schemas/2019-08-01/managementGroupDeploymentTemplate.json @@ -712,9 +712,6 @@ }, { "$ref": "https://schema.management.azure.com/schemas/2021-04-01/Microsoft.Resources.json#/unknown_resourceDefinitions/tags" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-08-01-preview/Microsoft.Security.json#/unknown_resourceDefinitions/informationProtectionPolicies" } ] } diff --git a/schemas/2020-01-01-preview/Microsoft.Security.json b/schemas/2020-01-01-preview/Microsoft.Security.json deleted file mode 100644 index 5319229d9c..0000000000 --- a/schemas/2020-01-01-preview/Microsoft.Security.json +++ /dev/null @@ -1,296 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-01-01-preview/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": {}, - "subscription_resourceDefinitions": { - "connectors": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-01-01-preview" - ] - }, - "name": { - "type": "string", - "description": "Name of the cloud account connector" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/ConnectorSettingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes properties of a connector setting" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/connectors" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/connectors" - } - }, - "definitions": { - "AuthenticationDetailsProperties": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/AwsCredsAuthenticationDetailsProperties" - }, - { - "$ref": "#/definitions/AwAssumeRoleAuthenticationDetailsProperties" - }, - { - "$ref": "#/definitions/GcpCredentialsDetailsProperties" - } - ], - "properties": {}, - "description": "Settings for cloud authentication management" - }, - "AwAssumeRoleAuthenticationDetailsProperties": { - "type": "object", - "properties": { - "authenticationType": { - "type": "string", - "enum": [ - "awsAssumeRole" - ] - }, - "awsAssumeRoleArn": { - "type": "string", - "description": "Assumed role ID is an identifier that you can use to create temporary security credentials." - }, - "awsExternalId": { - "type": "string", - "description": "A unique identifier that is required when you assume a role in another account." - } - }, - "required": [ - "authenticationType", - "awsAssumeRoleArn", - "awsExternalId" - ], - "description": "AWS cloud account connector based assume role, the role enables delegating access to your AWS resources. The role is composed of role Amazon Resource Name (ARN) and external ID. For more details, refer to Creating a Role to Delegate Permissions to an IAM User (write only)" - }, - "AwsCredsAuthenticationDetailsProperties": { - "type": "object", - "properties": { - "authenticationType": { - "type": "string", - "enum": [ - "awsCreds" - ] - }, - "awsAccessKeyId": { - "type": "string", - "description": "Public key element of the AWS credential object (write only)" - }, - "awsSecretAccessKey": { - "type": "string", - "description": "Secret key element of the AWS credential object (write only)" - } - }, - "required": [ - "authenticationType", - "awsAccessKeyId", - "awsSecretAccessKey" - ], - "description": "AWS cloud account connector based credentials, the credentials is composed of access key ID and secret key, for more details, refer to Creating an IAM User in Your AWS Account (write only)" - }, - "ConnectorSettingProperties": { - "type": "object", - "properties": { - "authenticationDetails": { - "oneOf": [ - { - "$ref": "#/definitions/AuthenticationDetailsProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Settings for cloud authentication management" - }, - "hybridComputeSettings": { - "oneOf": [ - { - "$ref": "#/definitions/HybridComputeSettingsProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Settings for hybrid compute management" - } - }, - "description": "Describes properties of a connector setting" - }, - "GcpCredentialsDetailsProperties": { - "type": "object", - "properties": { - "authenticationType": { - "type": "string", - "enum": [ - "gcpCredentials" - ] - }, - "authProviderX509CertUrl": { - "type": "string", - "description": "Auth provider x509 certificate URL field of the API key (write only)" - }, - "authUri": { - "type": "string", - "description": "Auth URI field of the API key (write only)" - }, - "clientEmail": { - "type": "string", - "description": "Client email field of the API key (write only)" - }, - "clientId": { - "type": "string", - "description": "Client ID field of the API key (write only)" - }, - "clientX509CertUrl": { - "type": "string", - "description": "Client x509 certificate URL field of the API key (write only)" - }, - "organizationId": { - "type": "string", - "description": "The organization ID of the GCP cloud account" - }, - "privateKey": { - "type": "string", - "description": "Private key field of the API key (write only)" - }, - "privateKeyId": { - "type": "string", - "description": "Private key ID field of the API key (write only)" - }, - "projectId": { - "type": "string", - "description": "Project ID field of the API key (write only)" - }, - "tokenUri": { - "type": "string", - "description": "Token URI field of the API key (write only)" - }, - "type": { - "type": "string", - "description": "Type field of the API key (write only)" - } - }, - "required": [ - "authenticationType", - "authProviderX509CertUrl", - "authUri", - "clientEmail", - "clientId", - "clientX509CertUrl", - "organizationId", - "privateKey", - "privateKeyId", - "projectId", - "tokenUri", - "type" - ], - "description": "GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only)" - }, - "HybridComputeSettingsProperties": { - "type": "object", - "properties": { - "autoProvision": { - "oneOf": [ - { - "type": "string", - "enum": [ - "On", - "Off" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Whether or not to automatically install Azure Arc (hybrid compute) agents on machines." - }, - "proxyServer": { - "oneOf": [ - { - "$ref": "#/definitions/ProxyServerProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use." - }, - "region": { - "type": "string", - "description": "The location where the metadata of machines will be stored" - }, - "resourceGroupName": { - "type": "string", - "description": "The name of the resource group where Arc (Hybrid Compute) connectors are connected." - }, - "servicePrincipal": { - "oneOf": [ - { - "$ref": "#/definitions/ServicePrincipalProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Details of the service principal." - } - }, - "required": [ - "autoProvision" - ], - "description": "Settings for hybrid compute management" - }, - "ProxyServerProperties": { - "type": "object", - "properties": { - "ip": { - "type": "string", - "description": "Proxy server IP" - }, - "port": { - "type": "string", - "description": "Proxy server port" - } - }, - "description": "For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use." - }, - "ServicePrincipalProperties": { - "type": "object", - "properties": { - "applicationId": { - "type": "string", - "description": "Application ID of service principal." - }, - "secret": { - "type": "string", - "description": "A secret string that the application uses to prove its identity, also can be referred to as application password (write only)." - } - }, - "description": "Details of the service principal." - } - } -} \ No newline at end of file diff --git a/schemas/2020-01-01/Microsoft.Security.json b/schemas/2020-01-01/Microsoft.Security.json deleted file mode 100644 index 5b6e64aab0..0000000000 --- a/schemas/2020-01-01/Microsoft.Security.json +++ /dev/null @@ -1,1239 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-01-01/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": { - "locations_jitNetworkAccessPolicies": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-01-01" - ] - }, - "kind": { - "type": "string", - "description": "Kind of the resource" - }, - "name": { - "type": "string", - "description": "Name of a Just-in-Time access configuration policy." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/JitNetworkAccessPolicyProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/locations/jitNetworkAccessPolicies" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/locations/jitNetworkAccessPolicies" - } - }, - "subscription_resourceDefinitions": { - "assessmentMetadata": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-01-01" - ] - }, - "name": { - "type": "string", - "description": "The Assessment Key - Unique key for the assessment type" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentMetadataProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes properties of an assessment metadata." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/assessmentMetadata" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/assessmentMetadata" - }, - "locations_applicationWhitelistings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-01-01" - ] - }, - "name": { - "type": "string", - "description": "Name of an application control machine group" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/AdaptiveApplicationControlGroupData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Represents a machines group and set of rules to be allowed running on a machine" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/locations/applicationWhitelistings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/locations/applicationWhitelistings" - } - }, - "extension_resourceDefinitions": { - "serverVulnerabilityAssessments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-01-01" - ] - }, - "name": { - "type": "string", - "enum": [ - "default" - ], - "description": "ServerVulnerabilityAssessment status. only a 'default' value is supported." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/serverVulnerabilityAssessments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "type" - ], - "description": "Microsoft.Security/serverVulnerabilityAssessments" - } - }, - "unknown_resourceDefinitions": { - "assessments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-01-01" - ] - }, - "name": { - "type": "string", - "description": "The Assessment Key - Unique key for the assessment type" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes properties of an assessment." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/assessments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/assessments" - } - }, - "definitions": { - "AdaptiveApplicationControlGroupData": { - "type": "object", - "properties": { - "enforcementMode": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "pathRecommendations": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/PathRecommendation" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protectionMode": { - "oneOf": [ - { - "$ref": "#/definitions/ProtectionMode" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux." - }, - "vmRecommendations": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/VmRecommendation" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "description": "Represents a machines group and set of rules to be allowed running on a machine" - }, - "AssessmentLinks": { - "type": "object", - "properties": {}, - "description": "Links relevant to the assessment" - }, - "AssessmentStatus": { - "type": "object", - "properties": { - "cause": { - "type": "string", - "description": "Programmatic code for the cause of the assessment status" - }, - "code": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Healthy", - "Unhealthy", - "NotApplicable" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Programmatic code for the status of the assessment." - }, - "description": { - "type": "string", - "description": "Human readable description of the assessment status" - } - }, - "required": [ - "code" - ], - "description": "The result of the assessment" - }, - "AzureResourceDetails": { - "type": "object", - "properties": { - "source": { - "type": "string", - "enum": [ - "Azure" - ] - } - }, - "required": [ - "source" - ], - "description": "Details of the Azure resource that was assessed" - }, - "JitNetworkAccessPolicyProperties": { - "type": "object", - "properties": { - "requests": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessRequest" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "virtualMachines": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Configurations for Microsoft.Compute/virtualMachines resource type." - } - }, - "required": [ - "virtualMachines" - ] - }, - "JitNetworkAccessPolicyVirtualMachine": { - "type": "object", - "properties": { - "id": { - "type": "string", - "description": "Resource ID of the virtual machine that is linked to this policy" - }, - "ports": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessPortRule" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Port configurations for the virtual machine" - }, - "publicIpAddress": { - "type": "string", - "description": "Public IP address of the Azure Firewall that is linked to this policy, if applicable" - } - }, - "required": [ - "id", - "ports" - ] - }, - "JitNetworkAccessPortRule": { - "type": "object", - "properties": { - "allowedSourceAddressPrefix": { - "type": "string", - "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." - }, - "allowedSourceAddressPrefixes": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter." - }, - "maxRequestAccessDuration": { - "type": "string", - "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day" - }, - "number": { - "oneOf": [ - { - "type": "integer", - "minimum": 0, - "maximum": 65535 - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "protocol": { - "oneOf": [ - { - "type": "string", - "enum": [ - "TCP", - "UDP", - "*" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "maxRequestAccessDuration", - "number", - "protocol" - ] - }, - "JitNetworkAccessRequest": { - "type": "object", - "properties": { - "justification": { - "type": "string", - "description": "The justification for making the initiate request" - }, - "requestor": { - "type": "string", - "description": "The identity of the person who made the request" - }, - "startTimeUtc": { - "type": "string", - "format": "date-time", - "description": "The start time of the request in UTC" - }, - "virtualMachines": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "required": [ - "requestor", - "startTimeUtc", - "virtualMachines" - ] - }, - "JitNetworkAccessRequestPort": { - "type": "object", - "properties": { - "allowedSourceAddressPrefix": { - "type": "string", - "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"." - }, - "allowedSourceAddressPrefixes": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter." - }, - "endTimeUtc": { - "type": "string", - "format": "date-time", - "description": "The date & time at which the request ends in UTC" - }, - "mappedPort": { - "oneOf": [ - { - "type": "integer" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The port which is mapped to this port's `number` in the Azure Firewall, if applicable" - }, - "number": { - "oneOf": [ - { - "type": "integer", - "minimum": 0, - "maximum": 65535 - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "status": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Revoked", - "Initiated" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The status of the port." - }, - "statusReason": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Expired", - "UserRequested", - "NewerRequestInitiated" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "A description of why the `status` has its value." - } - }, - "required": [ - "endTimeUtc", - "number", - "status", - "statusReason" - ] - }, - "JitNetworkAccessRequestVirtualMachine": { - "type": "object", - "properties": { - "id": { - "type": "string", - "description": "Resource ID of the virtual machine that is linked to this policy" - }, - "ports": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/JitNetworkAccessRequestPort" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The ports that were opened for the virtual machine" - } - }, - "required": [ - "id", - "ports" - ] - }, - "OnPremiseResourceDetails": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/OnPremiseSqlResourceDetails" - } - ], - "properties": { - "machineName": { - "type": "string", - "description": "The name of the machine" - }, - "source": { - "type": "string", - "enum": [ - "OnPremise" - ] - }, - "sourceComputerId": { - "type": "string", - "description": "The oms agent Id installed on the machine" - }, - "vmuuid": { - "type": "string", - "description": "The unique Id of the machine" - }, - "workspaceId": { - "type": "string", - "description": "Azure resource Id of the workspace the machine is attached to" - } - }, - "required": [ - "machineName", - "source", - "sourceComputerId", - "vmuuid", - "workspaceId" - ], - "description": "Details of the On Premise resource that was assessed" - }, - "OnPremiseSqlResourceDetails": { - "type": "object", - "properties": { - "databaseName": { - "type": "string", - "description": "The Sql database name installed on the machine" - }, - "serverName": { - "type": "string", - "description": "The Sql server name installed on the machine" - }, - "source": { - "type": "string", - "enum": [ - "OnPremiseSql" - ] - } - }, - "required": [ - "databaseName", - "serverName", - "source" - ], - "description": "Details of the On Premise Sql resource that was assessed" - }, - "PathRecommendation": { - "type": "object", - "properties": { - "action": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Recommended", - "Add", - "Remove" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "common": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Whether the application is commonly run on the machine" - }, - "configurationStatus": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Configured", - "NotConfigured", - "InProgress", - "Failed", - "NoStatus" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "fileType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Exe", - "Dll", - "Msi", - "Script", - "Executable", - "Unknown" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "path": { - "type": "string", - "description": "The full path of the file, or an identifier of the application" - }, - "publisherInfo": { - "oneOf": [ - { - "$ref": "#/definitions/PublisherInfo" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Represents the publisher information of a process/rule" - }, - "type": { - "oneOf": [ - { - "type": "string", - "enum": [ - "File", - "FileHash", - "PublisherSignature", - "ProductSignature", - "BinarySignature", - "VersionAndAboveSignature" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "usernames": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/UserRecommendation" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userSids": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "description": "Represents a path that is recommended to be allowed and its properties" - }, - "ProtectionMode": { - "type": "object", - "properties": { - "exe": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "executable": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "msi": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "script": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Audit", - "Enforce", - "None" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - } - }, - "description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux." - }, - "PublisherInfo": { - "type": "object", - "properties": { - "binaryName": { - "type": "string", - "description": "The \"OriginalName\" field taken from the file's version resource" - }, - "productName": { - "type": "string", - "description": "The product name taken from the file's version resource" - }, - "publisherName": { - "type": "string", - "description": "The Subject field of the x.509 certificate used to sign the code, using the following fields - O = Organization, L = Locality, S = State or Province, and C = Country" - }, - "version": { - "type": "string", - "description": "The binary file version taken from the file's version resource" - } - }, - "description": "Represents the publisher information of a process/rule" - }, - "ResourceDetails": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/AzureResourceDetails" - }, - { - "$ref": "#/definitions/OnPremiseResourceDetails" - } - ], - "properties": {}, - "description": "Details of the resource that was assessed" - }, - "SecurityAssessmentMetadataPartnerData": { - "type": "object", - "properties": { - "partnerName": { - "type": "string", - "description": "Name of the company of the partner" - }, - "productName": { - "type": "string", - "description": "Name of the product of the partner that created the assessment" - }, - "secret": { - "type": "string", - "description": "Secret to authenticate the partner and verify it created the assessment - write only" - } - }, - "required": [ - "partnerName", - "secret" - ], - "description": "Describes the partner that created the assessment" - }, - "SecurityAssessmentMetadataProperties": { - "type": "object", - "properties": { - "assessmentType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "BuiltIn", - "CustomPolicy", - "CustomerManaged", - "VerifiedPartner" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition." - }, - "categories": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "Compute", - "Networking", - "Data", - "IdentityAndAccess", - "IoT" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "description": { - "type": "string", - "description": "Human readable description of the assessment" - }, - "displayName": { - "type": "string", - "description": "User friendly display name of the assessment" - }, - "implementationEffort": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Low", - "Moderate", - "High" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The implementation effort required to remediate this assessment." - }, - "partnerData": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentMetadataPartnerData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes the partner that created the assessment" - }, - "preview": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "True if this assessment is in preview release status" - }, - "remediationDescription": { - "type": "string", - "description": "Human readable description of what you should do to mitigate this security issue" - }, - "severity": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Low", - "Medium", - "High" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The severity level of the assessment." - }, - "threats": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "accountBreach", - "dataExfiltration", - "dataSpillage", - "maliciousInsider", - "elevationOfPrivilege", - "threatResistance", - "missingCoverage", - "denialOfService" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userImpact": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Low", - "Moderate", - "High" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The user impact of the assessment." - } - }, - "required": [ - "assessmentType", - "displayName", - "severity" - ], - "description": "Describes properties of an assessment metadata." - }, - "SecurityAssessmentPartnerData": { - "type": "object", - "properties": { - "partnerName": { - "type": "string", - "description": "Name of the company of the partner" - }, - "secret": { - "type": "string", - "description": "secret to authenticate the partner - write only" - } - }, - "required": [ - "partnerName", - "secret" - ], - "description": "Data regarding 3rd party partner integration" - }, - "SecurityAssessmentProperties": { - "type": "object", - "properties": { - "additionalData": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "type": "string" - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Additional data regarding the assessment" - }, - "links": { - "oneOf": [ - { - "$ref": "#/definitions/AssessmentLinks" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Links relevant to the assessment" - }, - "metadata": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentMetadataProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes properties of an assessment metadata." - }, - "partnersData": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentPartnerData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Data regarding 3rd party partner integration" - }, - "resourceDetails": { - "oneOf": [ - { - "$ref": "#/definitions/ResourceDetails" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Details of the resource that was assessed" - }, - "status": { - "oneOf": [ - { - "$ref": "#/definitions/AssessmentStatus" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The result of the assessment" - } - }, - "required": [ - "resourceDetails", - "status" - ], - "description": "Describes properties of an assessment." - }, - "UserRecommendation": { - "type": "object", - "properties": { - "recommendationAction": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Recommended", - "Add", - "Remove" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "username": { - "type": "string", - "description": "Represents a user that is recommended to be allowed for a certain rule" - } - }, - "description": "Represents a user that is recommended to be allowed for a certain rule" - }, - "VmRecommendation": { - "type": "object", - "properties": { - "configurationStatus": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Configured", - "NotConfigured", - "InProgress", - "Failed", - "NoStatus" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "enforcementSupport": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Supported", - "NotSupported", - "Unknown" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "recommendationAction": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Recommended", - "Add", - "Remove" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "resourceId": { - "type": "string", - "description": "The full resource id of the machine" - } - }, - "description": "Represents a machine that is part of a machine group" - } - } -} \ No newline at end of file diff --git a/schemas/2020-08-06-preview/Microsoft.Security.json b/schemas/2020-08-06-preview/Microsoft.Security.json deleted file mode 100644 index 4d9806f8c5..0000000000 --- a/schemas/2020-08-06-preview/Microsoft.Security.json +++ /dev/null @@ -1,279 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-08-06-preview/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": {}, - "subscription_resourceDefinitions": { - "iotDefenderSettings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-08-06-preview" - ] - }, - "name": { - "type": "string", - "enum": [ - "default" - ] - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/IotDefenderSettingsProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "IoT Defender settings properties" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/iotDefenderSettings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/iotDefenderSettings" - }, - "onPremiseIotSensors": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-08-06-preview" - ] - }, - "name": { - "type": "string", - "description": "Name of the on-premise IoT sensor" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/onPremiseIotSensors" - ] - } - }, - "required": [ - "apiVersion", - "name", - "type" - ], - "description": "Microsoft.Security/onPremiseIotSensors" - } - }, - "unknown_resourceDefinitions": { - "iotSensors": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-08-06-preview" - ] - }, - "name": { - "type": "string", - "description": "Name of the IoT sensor" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/IotSensorProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "IoT sensor properties" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/iotSensors" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/iotSensors" - }, - "iotSites": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-08-06-preview" - ] - }, - "name": { - "type": "string", - "enum": [ - "default" - ] - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/IotSiteProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "IoT site properties" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/iotSites" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/iotSites" - } - }, - "definitions": { - "IotDefenderSettingsProperties": { - "type": "object", - "properties": { - "deviceQuota": { - "oneOf": [ - { - "type": "integer", - "minimum": 1000 - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Size of the device quota (as a opposed to a Pay as You Go billing model). Value is required to be in multiples of 1000." - }, - "onboardingKind": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Default", - "MigratedToAzure", - "Evaluation", - "Purchased" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The kind of onboarding for the subscription." - }, - "sentinelWorkspaceResourceIds": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Sentinel Workspace Resource Ids" - } - }, - "required": [ - "deviceQuota", - "onboardingKind", - "sentinelWorkspaceResourceIds" - ], - "description": "IoT Defender settings properties" - }, - "IotSensorProperties": { - "type": "object", - "properties": { - "sensorType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Ot", - "Enterprise" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Type of sensor." - }, - "tiAutomaticUpdates": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "TI Automatic mode status of the IoT sensor" - }, - "zone": { - "type": "string", - "description": "Zone of the IoT sensor" - } - }, - "description": "IoT sensor properties" - }, - "IotSiteProperties": { - "type": "object", - "properties": { - "displayName": { - "type": "string", - "description": "Display name of the IoT site" - }, - "tags": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "type": "string" - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Tags of the IoT site" - } - }, - "required": [ - "displayName" - ], - "description": "IoT site properties" - } - } -} \ No newline at end of file diff --git a/schemas/2021-01-15-preview/Microsoft.Security.json b/schemas/2021-01-15-preview/Microsoft.Security.json deleted file mode 100644 index f0dbcf159a..0000000000 --- a/schemas/2021-01-15-preview/Microsoft.Security.json +++ /dev/null @@ -1,43 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-01-15-preview/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": {}, - "subscription_resourceDefinitions": { - "ingestionSettings": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2021-01-15-preview" - ] - }, - "name": { - "type": "string", - "description": "Name of the ingestion setting" - }, - "properties": { - "type": "object", - "properties": {}, - "description": "Ingestion setting data" - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/ingestionSettings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/ingestionSettings" - } - }, - "definitions": {} -} \ No newline at end of file diff --git a/schemas/2021-06-01/Microsoft.Security.json b/schemas/2021-06-01/Microsoft.Security.json deleted file mode 100644 index 3ddcef0580..0000000000 --- a/schemas/2021-06-01/Microsoft.Security.json +++ /dev/null @@ -1,634 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-06-01/Microsoft.Security.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Security", - "description": "Microsoft Security Resource Types", - "resourceDefinitions": {}, - "subscription_resourceDefinitions": { - "assessmentMetadata": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2021-06-01" - ] - }, - "name": { - "type": "string", - "description": "The Assessment Key - Unique key for the assessment type" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentMetadataProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes properties of an assessment metadata." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/assessmentMetadata" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/assessmentMetadata" - }, - "settings": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/DataExportSettings" - }, - { - "$ref": "#/definitions/AlertSyncSettings" - } - ], - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2021-06-01" - ] - }, - "name": { - "oneOf": [ - { - "type": "string", - "enum": [ - "MCAS", - "WDATP", - "Sentinel" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The name of the setting." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/settings" - ] - } - }, - "required": [ - "apiVersion", - "name", - "type" - ], - "description": "Microsoft.Security/settings" - } - }, - "unknown_resourceDefinitions": { - "assessments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2021-06-01" - ] - }, - "name": { - "type": "string", - "description": "The Assessment Key - Unique key for the assessment type" - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes properties of an assessment." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Security/assessments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Security/assessments" - } - }, - "definitions": { - "AlertSyncSettingProperties": { - "type": "object", - "properties": { - "enabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Is the alert sync setting enabled" - } - }, - "required": [ - "enabled" - ], - "description": "The alert sync setting properties" - }, - "AlertSyncSettings": { - "type": "object", - "properties": { - "kind": { - "type": "string", - "enum": [ - "AlertSyncSettings" - ] - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/AlertSyncSettingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The alert sync setting properties" - } - }, - "required": [ - "kind" - ], - "description": "Represents an alert sync setting" - }, - "AssessmentLinks": { - "type": "object", - "properties": {}, - "description": "Links relevant to the assessment" - }, - "AssessmentStatus": { - "type": "object", - "properties": { - "cause": { - "type": "string", - "description": "Programmatic code for the cause of the assessment status" - }, - "code": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Healthy", - "Unhealthy", - "NotApplicable" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Programmatic code for the status of the assessment." - }, - "description": { - "type": "string", - "description": "Human readable description of the assessment status" - } - }, - "required": [ - "code" - ], - "description": "The result of the assessment" - }, - "AzureResourceDetails": { - "type": "object", - "properties": { - "source": { - "type": "string", - "enum": [ - "Azure" - ] - } - }, - "required": [ - "source" - ], - "description": "Details of the Azure resource that was assessed" - }, - "DataExportSettingProperties": { - "type": "object", - "properties": { - "enabled": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Is the data export setting enabled" - } - }, - "required": [ - "enabled" - ], - "description": "The data export setting properties" - }, - "DataExportSettings": { - "type": "object", - "properties": { - "kind": { - "type": "string", - "enum": [ - "DataExportSettings" - ] - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/DataExportSettingProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The data export setting properties" - } - }, - "required": [ - "kind" - ], - "description": "Represents a data export setting" - }, - "OnPremiseResourceDetails": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/OnPremiseSqlResourceDetails" - } - ], - "properties": { - "machineName": { - "type": "string", - "description": "The name of the machine" - }, - "source": { - "type": "string", - "enum": [ - "OnPremise" - ] - }, - "sourceComputerId": { - "type": "string", - "description": "The oms agent Id installed on the machine" - }, - "vmuuid": { - "type": "string", - "description": "The unique Id of the machine" - }, - "workspaceId": { - "type": "string", - "description": "Azure resource Id of the workspace the machine is attached to" - } - }, - "required": [ - "machineName", - "source", - "sourceComputerId", - "vmuuid", - "workspaceId" - ], - "description": "Details of the On Premise resource that was assessed" - }, - "OnPremiseSqlResourceDetails": { - "type": "object", - "properties": { - "databaseName": { - "type": "string", - "description": "The Sql database name installed on the machine" - }, - "serverName": { - "type": "string", - "description": "The Sql server name installed on the machine" - }, - "source": { - "type": "string", - "enum": [ - "OnPremiseSql" - ] - } - }, - "required": [ - "databaseName", - "serverName", - "source" - ], - "description": "Details of the On Premise Sql resource that was assessed" - }, - "ResourceDetails": { - "type": "object", - "oneOf": [ - { - "$ref": "#/definitions/AzureResourceDetails" - }, - { - "$ref": "#/definitions/OnPremiseResourceDetails" - } - ], - "properties": {}, - "description": "Details of the resource that was assessed" - }, - "SecurityAssessmentMetadataPartnerData": { - "type": "object", - "properties": { - "partnerName": { - "type": "string", - "description": "Name of the company of the partner" - }, - "productName": { - "type": "string", - "description": "Name of the product of the partner that created the assessment" - }, - "secret": { - "type": "string", - "description": "Secret to authenticate the partner and verify it created the assessment - write only" - } - }, - "required": [ - "partnerName", - "secret" - ], - "description": "Describes the partner that created the assessment" - }, - "SecurityAssessmentMetadataProperties": { - "type": "object", - "properties": { - "assessmentType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "BuiltIn", - "CustomPolicy", - "CustomerManaged", - "VerifiedPartner" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition." - }, - "categories": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "Compute", - "Networking", - "Data", - "IdentityAndAccess", - "IoT" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "description": { - "type": "string", - "description": "Human readable description of the assessment" - }, - "displayName": { - "type": "string", - "description": "User friendly display name of the assessment" - }, - "implementationEffort": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Low", - "Moderate", - "High" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The implementation effort required to remediate this assessment." - }, - "partnerData": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentMetadataPartnerData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes the partner that created the assessment" - }, - "preview": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "True if this assessment is in preview release status" - }, - "remediationDescription": { - "type": "string", - "description": "Human readable description of what you should do to mitigate this security issue" - }, - "severity": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Low", - "Medium", - "High" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The severity level of the assessment." - }, - "threats": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string", - "enum": [ - "accountBreach", - "dataExfiltration", - "dataSpillage", - "maliciousInsider", - "elevationOfPrivilege", - "threatResistance", - "missingCoverage", - "denialOfService" - ] - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ] - }, - "userImpact": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Low", - "Moderate", - "High" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The user impact of the assessment." - } - }, - "required": [ - "assessmentType", - "displayName", - "severity" - ], - "description": "Describes properties of an assessment metadata." - }, - "SecurityAssessmentPartnerData": { - "type": "object", - "properties": { - "partnerName": { - "type": "string", - "description": "Name of the company of the partner" - }, - "secret": { - "type": "string", - "description": "secret to authenticate the partner - write only" - } - }, - "required": [ - "partnerName", - "secret" - ], - "description": "Data regarding 3rd party partner integration" - }, - "SecurityAssessmentProperties": { - "type": "object", - "properties": { - "additionalData": { - "oneOf": [ - { - "type": "object", - "additionalProperties": { - "type": "string" - }, - "properties": {} - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Additional data regarding the assessment" - }, - "links": { - "oneOf": [ - { - "$ref": "#/definitions/AssessmentLinks" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Links relevant to the assessment" - }, - "metadata": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentMetadataProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Describes properties of an assessment metadata." - }, - "partnersData": { - "oneOf": [ - { - "$ref": "#/definitions/SecurityAssessmentPartnerData" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Data regarding 3rd party partner integration" - }, - "resourceDetails": { - "oneOf": [ - { - "$ref": "#/definitions/ResourceDetails" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Details of the resource that was assessed" - }, - "status": { - "oneOf": [ - { - "$ref": "#/definitions/AssessmentStatus" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The result of the assessment" - } - }, - "required": [ - "resourceDetails", - "status" - ], - "description": "Describes properties of an assessment." - } - } -} \ No newline at end of file