Skip to content

Commit

Permalink
Merge pull request #1795 from dagoroz/enlistAuthZ2
Browse files Browse the repository at this point in the history 
Enlist Microsoft.Authorization for autogeneration
  • Loading branch information
@anthony-c-martin
anthony-c-martin committed Jul 13, 2021
2 parents 946f35a + 6518997 commit 21721e6
Show file tree
Hide file tree
Showing 16 changed files with 2,766 additions and 0 deletions.
31 changes: 31 additions & 0 deletions generator/autogenlist.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -496,6 +496,37 @@ const autoGenList: AutoGenConfig[] = [
suffix: 'Resources',
postProcessor: policyProcessor
},
{
basePath: 'authorization/resource-manager',
namespace: 'Microsoft.Authorization',
resourceConfig: [
{
type: 'roleAssignments',
scopes: ScopeType.Extension | ScopeType.ManagementGroup | ScopeType.ResourceGroup | ScopeType.Subcription | ScopeType.Tenant
},
{
type: 'roleDefinitions',
scopes: ScopeType.Extension | ScopeType.ManagementGroup | ScopeType.ResourceGroup | ScopeType.Subcription | ScopeType.Tenant
},
{
type: 'roleAssignmentScheduleRequests',
scopes: ScopeType.Extension | ScopeType.ManagementGroup | ScopeType.ResourceGroup | ScopeType.Subcription | ScopeType.Tenant
},
{
type: 'roleEligibilityScheduleRequests',
scopes: ScopeType.Extension | ScopeType.ManagementGroup | ScopeType.ResourceGroup | ScopeType.Subcription | ScopeType.Tenant
},
{
type: 'roleManagementPolicyAssignments',
scopes: ScopeType.Extension | ScopeType.ManagementGroup | ScopeType.ResourceGroup | ScopeType.Subcription | ScopeType.Tenant
},
{
type: 'roleAssignmentApprovals/stages',
scopes: ScopeType.Tenant
}
],
suffix: 'Authz'
},
{
basePath: 'relay/resource-manager',
namespace: 'Microsoft.Relay',
Expand Down
187 changes: 187 additions & 0 deletions schemas/2015-07-01/Microsoft.Authorization.Authz.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,187 @@
{
"id": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.Authz.json#",
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Microsoft.Authorization",
"description": "Microsoft Authorization Resource Types",
"resourceDefinitions": {},
"unknown_resourceDefinitions": {
"roleAssignments": {
"type": "object",
"properties": {
"apiVersion": {
"type": "string",
"enum": [
"2015-07-01"
]
},
"name": {
"type": "string",
"description": "The name of the role assignment to create. It can be any valid GUID."
},
"properties": {
"oneOf": [
{
"$ref": "#/definitions/RoleAssignmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Role assignment properties."
},
"type": {
"type": "string",
"enum": [
"Microsoft.Authorization/roleAssignments"
]
}
},
"required": [
"apiVersion",
"name",
"properties",
"type"
],
"description": "Microsoft.Authorization/roleAssignments"
},
"roleDefinitions": {
"type": "object",
"properties": {
"apiVersion": {
"type": "string",
"enum": [
"2015-07-01"
]
},
"name": {
"type": "string",
"description": "The ID of the role definition."
},
"properties": {
"oneOf": [
{
"$ref": "#/definitions/RoleDefinitionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Role definition properties."
},
"type": {
"type": "string",
"enum": [
"Microsoft.Authorization/roleDefinitions"
]
}
},
"required": [
"apiVersion",
"name",
"properties",
"type"
],
"description": "Microsoft.Authorization/roleDefinitions"
}
},
"definitions": {
"Permission": {
"type": "object",
"properties": {
"actions": {
"oneOf": [
{
"type": "array",
"items": {
"type": "string"
}
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Allowed actions."
},
"notActions": {
"oneOf": [
{
"type": "array",
"items": {
"type": "string"
}
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Denied actions."
}
},
"description": "Role definition permissions."
},
"RoleAssignmentProperties": {
"type": "object",
"properties": {
"principalId": {
"type": "string",
"description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group."
},
"roleDefinitionId": {
"type": "string",
"description": "The role definition ID used in the role assignment."
}
},
"required": [
"principalId",
"roleDefinitionId"
],
"description": "Role assignment properties."
},
"RoleDefinitionProperties": {
"type": "object",
"properties": {
"assignableScopes": {
"oneOf": [
{
"type": "array",
"items": {
"type": "string"
}
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Role definition assignable scopes."
},
"description": {
"type": "string",
"description": "The role definition description."
},
"permissions": {
"oneOf": [
{
"type": "array",
"items": {
"$ref": "#/definitions/Permission"
}
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Role definition permissions."
},
"roleName": {
"type": "string",
"description": "The role name."
},
"type": {
"type": "string",
"description": "The role type."
}
},
"description": "Role definition properties."
}
}
}
75 changes: 75 additions & 0 deletions schemas/2017-10-01-preview/Microsoft.Authorization.Authz.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
{
"id": "https://schema.management.azure.com/schemas/2017-10-01-preview/Microsoft.Authorization.Authz.json#",
"$schema": "http://json-schema.org/draft-04/schema#",
"title": "Microsoft.Authorization",
"description": "Microsoft Authorization Resource Types",
"resourceDefinitions": {},
"unknown_resourceDefinitions": {
"roleAssignments": {
"type": "object",
"properties": {
"apiVersion": {
"type": "string",
"enum": [
"2017-10-01-preview"
]
},
"name": {
"type": "string",
"description": "The name of the role assignment to create. It can be any valid GUID."
},
"properties": {
"oneOf": [
{
"$ref": "#/definitions/RoleAssignmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "Role assignment properties."
},
"type": {
"type": "string",
"enum": [
"Microsoft.Authorization/roleAssignments"
]
}
},
"required": [
"apiVersion",
"name",
"properties",
"type"
],
"description": "Microsoft.Authorization/roleAssignments"
}
},
"definitions": {
"RoleAssignmentProperties": {
"type": "object",
"properties": {
"canDelegate": {
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
],
"description": "The delegation flag used for creating a role assignment"
},
"principalId": {
"type": "string",
"description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group."
},
"roleDefinitionId": {
"type": "string",
"description": "The role definition ID used in the role assignment."
}
},
"description": "Role assignment properties."
}
}
}
Loading

0 comments on commit 21721e6

Please sign in to comment.