Skip to content

Commit

Permalink
Extract more resources to their own files (#15091)
Browse files Browse the repository at this point in the history 
* extract more resources to their own files

* fix comments

* add aggregations to readme

* fixes

* fixes

* aggregations

* .

* userInfo

* aggregations
  • Loading branch information
@moranraz
moranraz committed Jul 7, 2021
1 parent fa3ba1a commit b471a74
Show file tree
Hide file tree
Showing 10 changed files with 10,457 additions and 10,362 deletions.
97 changes: 97 additions & 0 deletions .../resource-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/Aggregations.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
{
"swagger": "2.0",
"info": {
"title": "Security Insights",
"description": "API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider",
"version": "2019-01-01-preview"
},
"host": "management.azure.com",
"schemes": [
"https"
],
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"security": [
{
"azure_auth": [
"user_impersonation"
]
}
],
"securityDefinitions": {
"azure_auth": {
"type": "oauth2",
"authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
"flow": "implicit",
"description": "Azure Active Directory OAuth2 Flow",
"scopes": {
"user_impersonation": "impersonate your user account"
}
}
},
"paths": {
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/aggregations/{aggregationsName}": {
"get": {
"x-ms-examples": {
"Get aggregative data for all cases under the defined workspace, between the time range if specified.": {
"$ref": "./examples/aggregations/GetCasesAggregations.json"
}
},
"tags": [
"Aggregations"
],
"description": "Get aggregative result for the given resources under the defined workspace",
"operationId": "CasesAggregations_Get",
"parameters": [
{
"$ref": "SecurityInsights.json#/parameters/ApiVersion"
},
{
"$ref": "SecurityInsights.json#/parameters/SubscriptionId"
},
{
"$ref": "SecurityInsights.json#/parameters/ResourceGroupName"
},
{
"$ref": "SecurityInsights.json#/parameters/OperationalInsightsResourceProvider"
},
{
"$ref": "SecurityInsights.json#/parameters/WorkspaceName"
},
{
"$ref": "#/parameters/AggregationsName"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "SecurityInsights.json#/definitions/Aggregations"
}
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"$ref": "SecurityInsights.json#/definitions/CloudError"
}
}
}
}
}
},
"parameters": {
"AggregationsName": {
"description": "The aggregation name. Supports - Cases",
"in": "path",
"name": "aggregationsName",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
}
},
"definitions": {}
}
221 changes: 8 additions & 213 deletions ...source-manager/Microsoft.SecurityInsights/preview/2019-01-01-preview/AutomationRules.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -371,13 +371,13 @@
"type": "string"
},
"createdBy": {
"$ref": "#/definitions/ClientInfo",
"$ref": "SecurityInsights.json#/definitions/ClientInfo",
"description": "Describes the client that created the automation rule",
"readOnly": true,
"type": "object"
},
"lastModifiedBy": {
"$ref": "#/definitions/ClientInfo",
"$ref": "SecurityInsights.json#/definitions/ClientInfo",
"description": "Describes the client that last updated the automation rule",
"readOnly": true,
"type": "object"
Expand Down Expand Up @@ -453,35 +453,35 @@
"description": "The configuration of the modify properties automation rule action",
"properties": {
"classification": {
"$ref": "#/definitions/IncidentClassification",
"$ref": "SecurityInsights.json#/definitions/IncidentClassification",
"description": "The reason the incident was closed"
},
"classificationComment": {
"description": "Describes the reason the incident was closed",
"type": "string"
},
"classificationReason": {
"$ref": "#/definitions/IncidentClassificationReason",
"$ref": "SecurityInsights.json#/definitions/IncidentClassificationReason",
"description": "The classification reason to close the incident with"
},
"labels": {
"description": "List of labels to add to the incident",
"items": {
"$ref": "#/definitions/IncidentLabel"
"$ref": "SecurityInsights.json#/definitions/IncidentLabel"
},
"type": "array"
},
"owner": {
"$ref": "#/definitions/IncidentOwnerInfo",
"$ref": "SecurityInsights.json#/definitions/IncidentOwnerInfo",
"description": "Describes a user that the incident is assigned to",
"type": "object"
},
"severity": {
"$ref": "#/definitions/IncidentSeverity",
"$ref": "SecurityInsights.json#/definitions/IncidentSeverity",
"description": "The severity of the incident"
},
"status": {
"$ref": "#/definitions/IncidentStatus",
"$ref": "SecurityInsights.json#/definitions/IncidentStatus",
"description": "The status of the incident"
}
},
Expand Down Expand Up @@ -913,211 +913,6 @@
"triggersWhen"
],
"type": "object"
},
"ClientInfo": {
"description": "Information on the client (user or application) that made some action",
"properties": {
"email": {
"description": "The email of the client.",
"type": "string"
},
"name": {
"description": "The name of the client.",
"type": "string"
},
"objectId": {
"description": "The object id of the client.",
"format": "uuid",
"type": "string"
},
"userPrincipalName": {
"description": "The user principal name of the client.",
"type": "string"
}
},
"type": "object"
},
"IncidentClassification": {
"description": "The reason the incident was closed",
"enum": [
"Undetermined",
"TruePositive",
"BenignPositive",
"FalsePositive"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentClassification",
"values": [
{
"description": "Incident classification was undetermined",
"value": "Undetermined"
},
{
"description": "Incident was true positive",
"value": "TruePositive"
},
{
"description": "Incident was benign positive",
"value": "BenignPositive"
},
{
"description": "Incident was false positive",
"value": "FalsePositive"
}
]
}
},
"IncidentClassificationReason": {
"description": "The classification reason the incident was closed with",
"enum": [
"SuspiciousActivity",
"SuspiciousButExpected",
"IncorrectAlertLogic",
"InaccurateData"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentClassificationReason",
"values": [
{
"description": "Classification reason was suspicious activity",
"value": "SuspiciousActivity"
},
{
"description": "Classification reason was suspicious but expected",
"value": "SuspiciousButExpected"
},
{
"description": "Classification reason was incorrect alert logic",
"value": "IncorrectAlertLogic"
},
{
"description": "Classification reason was inaccurate data",
"value": "InaccurateData"
}
]
}
},
"IncidentLabel": {
"description": "Represents an incident label",
"properties": {
"labelName": {
"description": "The name of the label",
"type": "string"
},
"labelType": {
"description": "The type of the label",
"enum": [
"User",
"System"
],
"type": "string",
"readOnly": true,
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentLabelType",
"values": [
{
"description": "Label manually created by a user",
"value": "User"
},
{
"description": "Label automatically created by the system",
"value": "System"
}
]
}
}
},
"required": [
"labelName"
],
"type": "object"
},
"IncidentOwnerInfo": {
"description": "Information on the user an incident is assigned to",
"properties": {
"email": {
"description": "The email of the user the incident is assigned to.",
"type": "string"
},
"assignedTo": {
"description": "The name of the user the incident is assigned to.",
"type": "string"
},
"objectId": {
"description": "The object id of the user the incident is assigned to.",
"format": "uuid",
"type": "string"
},
"userPrincipalName": {
"description": "The user principal name of the user the incident is assigned to.",
"type": "string"
}
},
"type": "object"
},
"IncidentSeverity": {
"description": "The severity of the incident",
"enum": [
"High",
"Medium",
"Low",
"Informational"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentSeverity",
"values": [
{
"description": "High severity",
"value": "High"
},
{
"description": "Medium severity",
"value": "Medium"
},
{
"description": "Low severity",
"value": "Low"
},
{
"description": "Informational severity",
"value": "Informational"
}
]
}
},
"IncidentStatus": {
"description": "The status of the incident",
"enum": [
"New",
"Active",
"Closed"
],
"type": "string",
"x-ms-enum": {
"modelAsString": true,
"name": "IncidentStatus",
"values": [
{
"description": "An active incident which isn't being handled currently",
"value": "New"
},
{
"description": "An active incident which is being handled",
"value": "Active"
},
{
"description": "A non-active incident",
"value": "Closed"
}
]
}
}
}
}
Loading

0 comments on commit b471a74

Please sign in to comment.