From 9158a6972b314b96dd97ceb9c9dd51a09808db36 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 15 Mar 2023 14:27:03 -0700 Subject: [PATCH 01/24] Baseline current api version --- .../createOrUpdatePolicyDefinition.json | 90 ++ ...rUpdatePolicyDefinitionAdvancedParams.json | 117 ++ ...datePolicyDefinitionAtManagementGroup.json | 90 ++ .../createOrUpdatePolicySetDefinition.json | 153 +++ ...ePolicySetDefinitionAtManagementGroup.json | 126 ++ ...OrUpdatePolicySetDefinitionWithGroups.json | 180 +++ ...DefinitionWithGroupsAtManagementGroup.json | 180 +++ .../examples/createPolicyAssignment.json | 64 + .../examples/createPolicyAssignmentById.json | 53 + ...PolicyAssignmentNonComplianceMessages.json | 59 + .../createPolicyAssignmentWithIdentity.json | 65 + ...reatePolicyAssignmentWithIdentityById.json | 63 + .../createPolicyAssignmentWithOverrides.json | 68 ++ ...PolicyAssignmentWithResourceSelectors.json | 66 ++ ...icyAssignmentWithUserAssignedIdentity.json | 72 ++ ...atePolicyAssignmentWithoutEnforcement.json | 55 + .../examples/deletePolicyAssignment.json | 38 + .../examples/deletePolicyAssignmentById.json | 36 + .../examples/deletePolicyDefinition.json | 15 + ...letePolicyDefinitionAtManagementGroup.json | 15 + .../examples/deletePolicySetDefinition.json | 15 + ...ePolicySetDefinitionAtManagementGroup.json | 15 + .../getBuiltInPolicySetDefinition.json | 67 ++ .../examples/getBuiltinPolicyDefinition.json | 52 + .../examples/getPolicyAssignment.json | 36 + .../examples/getPolicyAssignmentById.json | 34 + .../getPolicyAssignmentWithIdentity.json | 42 + .../getPolicyAssignmentWithIdentityById.json | 40 + .../getPolicyAssignmentWithOverrides.json | 43 + ...PolicyAssignmentWithResourceSelectors.json | 42 + ...icyAssignmentWithUserAssignedIdentity.json | 46 + .../examples/getPolicyDefinition.json | 53 + .../getPolicyDefinitionAtManagementGroup.json | 53 + .../examples/getPolicySetDefinition.json | 68 ++ ...tPolicySetDefinitionAtManagementGroup.json | 50 + .../listBuiltInPolicyDefinitions.json | 130 ++ .../listBuiltInPolicySetDefinitions.json | 70 ++ .../examples/listPolicyAssignments.json | 54 + ...stPolicyAssignmentsForManagementGroup.json | 54 + .../listPolicyAssignmentsForResource.json | 58 + ...listPolicyAssignmentsForResourceGroup.json | 55 + .../examples/listPolicyDefinitions.json | 128 ++ ...istPolicyDefinitionsByManagementGroup.json | 96 ++ .../examples/listPolicySetDefinitions.json | 109 ++ ...PolicySetDefinitionsByManagementGroup.json | 109 ++ .../updatePolicyAssignmentWithIdentity.json | 48 + ...pdatePolicyAssignmentWithIdentityById.json | 46 + .../updatePolicyAssignmentWithOverrides.json | 62 + ...PolicyAssignmentWithResourceSelectors.json | 60 + ...icyAssignmentWithUserAssignedIdentity.json | 55 + .../stable/2023-04-01/policyAssignments.json | 1054 +++++++++++++++++ .../stable/2023-04-01/policyDefinitions.json | 703 +++++++++++ .../2023-04-01/policySetDefinitions.json | 721 +++++++++++ 53 files changed, 5873 insertions(+) create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinition.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAdvancedParams.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinition.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroups.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignment.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentById.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentNonComplianceMessages.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentity.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentityById.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithOverrides.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithResourceSelectors.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithUserAssignedIdentity.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithoutEnforcement.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignment.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignmentById.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinition.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinition.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinition.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinition.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignment.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentById.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentity.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentityById.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithOverrides.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithResourceSelectors.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithUserAssignedIdentity.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinition.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinition.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignments.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResource.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResourceGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionsByManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionsByManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentity.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentityById.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithOverrides.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithResourceSelectors.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithUserAssignedIdentity.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinition.json new file mode 100644 index 000000000000..6e75d0f0abd1 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinition.json @@ -0,0 +1,90 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "ResourceNaming", + "api-version": "2021-06-01", + "parameters": { + "properties": { + "mode": "All", + "displayName": "Enforce resource naming convention", + "description": "Force resource names to begin with given 'prefix' and/or end with given 'suffix'", + "metadata": { + "category": "Naming" + }, + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + } + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "ResourceNaming", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAdvancedParams.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAdvancedParams.json new file mode 100644 index 000000000000..53b198029a94 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAdvancedParams.json @@ -0,0 +1,117 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "EventHubDiagnosticLogs", + "api-version": "2021-06-01", + "parameters": { + "properties": { + "mode": "Indexed", + "displayName": "Event Hubs should have diagnostic logging enabled", + "description": "Audit enabling of logs and retain them up to a year. This enables recreation of activity trails for investigation purposes when a security incident occurs or your network is compromised", + "metadata": { + "category": "Event Hub" + }, + "policyRule": { + "if": { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + "then": { + "effect": "AuditIfNotExists", + "details": { + "type": "Microsoft.Insights/diagnosticSettings", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.enabled", + "equals": "true" + }, + { + "field": "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.days", + "equals": "[parameters('requiredRetentionDays')]" + } + ] + } + } + } + }, + "parameters": { + "requiredRetentionDays": { + "type": "Integer", + "defaultValue": 365, + "allowedValues": [ + 0, + 30, + 90, + 180, + 365 + ], + "metadata": { + "displayName": "Required retention (days)", + "description": "The required diagnostic logs retention in days" + } + } + } + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "ResourceNaming", + "properties": { + "mode": "Indexed", + "displayName": "Event Hubs should have diagnostic logging enabled", + "description": "Audit enabling of logs and retain them up to a year. This enables recreation of activity trails for investigation purposes when a security incident occurs or your network is compromised", + "metadata": { + "category": "Event Hub" + }, + "policyRule": { + "if": { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + "then": { + "effect": "AuditIfNotExists", + "details": { + "type": "Microsoft.Insights/diagnosticSettings", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.enabled", + "equals": "true" + }, + { + "field": "Microsoft.Insights/diagnosticSettings/logs[*].retentionPolicy.days", + "equals": "[parameters('requiredRetentionDays')]" + } + ] + } + } + } + }, + "parameters": { + "requiredRetentionDays": { + "type": "Integer", + "defaultValue": 365, + "allowedValues": [ + 0, + 30, + 90, + 180, + 365 + ], + "metadata": { + "displayName": "Required retention (days)", + "description": "The required diagnostic logs retention in days" + } + } + } + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAtManagementGroup.json new file mode 100644 index 000000000000..e3f2052dea6d --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAtManagementGroup.json @@ -0,0 +1,90 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policyDefinitionName": "ResourceNaming", + "api-version": "2021-06-01", + "parameters": { + "properties": { + "mode": "All", + "displayName": "Enforce resource naming convention", + "description": "Force resource names to begin with given 'prefix' and/or end with given 'suffix'", + "metadata": { + "category": "Naming" + }, + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + } + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "ResourceNaming", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinition.json new file mode 100644 index 000000000000..90333afdb78e --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinition.json @@ -0,0 +1,153 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policySetDefinitionName": "CostManagement", + "api-version": "2021-06-01", + "parameters": { + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "parameters": { + "namePrefix": { + "type": "String", + "defaultValue": "myPrefix", + "metadata": { + "displayName": "Prefix to enforce on resource names" + } + } + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "[parameters('namePrefix')]" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "parameters": { + "namePrefix": { + "type": "String", + "defaultValue": "myPrefix", + "metadata": { + "displayName": "Prefix to enforce on resource names" + } + } + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "[parameters('namePrefix')]" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "parameters": { + "namePrefix": { + "type": "String", + "defaultValue": "myPrefix", + "metadata": { + "displayName": "Prefix to enforce on resource names" + } + } + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "[parameters('namePrefix')]" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionAtManagementGroup.json new file mode 100644 index 000000000000..c23d54035486 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionAtManagementGroup.json @@ -0,0 +1,126 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policySetDefinitionName": "CostManagement", + "api-version": "2021-06-01", + "parameters": { + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "200": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroups.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroups.json new file mode 100644 index 000000000000..855291621345 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroups.json @@ -0,0 +1,180 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policySetDefinitionName": "CostManagement", + "api-version": "2021-06-01", + "parameters": { + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionGroups": [ + { + "name": "CostSaving", + "displayName": "Cost Management Policies", + "description": "Policies designed to control spend within a subscription." + }, + { + "name": "Organizational", + "displayName": "Organizational Policies", + "description": "Policies that help enforce resource organization standards within a subscription." + } + ], + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "groupNames": [ + "CostSaving" + ], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "groupNames": [ + "Organizational" + ], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionGroups": [ + { + "name": "CostSaving", + "displayName": "Cost Management Policies", + "description": "Policies designed to control spend within a subscription." + }, + { + "name": "Organizational", + "displayName": "Organizational Policies", + "description": "Policies that help enforce resource organization standards within a subscription." + } + ], + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "groupNames": [ + "CostSaving" + ], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "groupNames": [ + "Organizational" + ], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionGroups": [ + { + "name": "CostSaving", + "displayName": "Cost Management Policies", + "description": "Policies designed to control spend within a subscription." + }, + { + "name": "Organizational", + "displayName": "Organizational Policies", + "description": "Policies that help enforce resource organization standards within a subscription." + } + ], + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "groupNames": [ + "CostSaving" + ], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "groupNames": [ + "Organizational" + ], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json new file mode 100644 index 000000000000..9234e862b197 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json @@ -0,0 +1,180 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policySetDefinitionName": "CostManagement", + "api-version": "2021-06-01", + "parameters": { + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionGroups": [ + { + "name": "CostSaving", + "displayName": "Cost Management Policies", + "description": "Policies designed to control spend within a subscription." + }, + { + "name": "Organizational", + "displayName": "Organizational Policies", + "description": "Policies that help enforce resource organization standards within a subscription." + } + ], + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "groupNames": [ + "CostSaving" + ], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "groupNames": [ + "Organizational" + ], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionGroups": [ + { + "name": "CostSaving", + "displayName": "Cost Management Policies", + "description": "Policies designed to control spend within a subscription." + }, + { + "name": "Organizational", + "displayName": "Organizational Policies", + "description": "Policies that help enforce resource organization standards within a subscription." + } + ], + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "groupNames": [ + "CostSaving" + ], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "groupNames": [ + "Organizational" + ], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "200": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionGroups": [ + { + "name": "CostSaving", + "displayName": "Cost Management Policies", + "description": "Policies designed to control spend within a subscription." + }, + { + "name": "Organizational", + "displayName": "Organizational Policies", + "description": "Policies that help enforce resource organization standards within a subscription." + } + ], + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "groupNames": [ + "CostSaving" + ], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "groupNames": [ + "Organizational" + ], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignment.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignment.json new file mode 100644 index 000000000000..8edf0ee2c07f --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignment.json @@ -0,0 +1,64 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01", + "parameters": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "nonComplianceMessages": [ + { + "message": "Resource names must start with 'DeptA' and end with '-LC'." + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "nonComplianceMessages": [ + { + "message": "Resource names must start with 'DeptA' and end with '-LC'." + } + ] + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentById.json new file mode 100644 index 000000000000..8653517ef0e4 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentById.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "api-version": "2022-06-01", + "parameters": { + "properties": { + "displayName": "Enforce storage account SKU", + "description": "Allow only storage accounts of SKU Standard_GRS or Standard_LRS to be created", + "metadata": { + "assignedBy": "Cheapskate Boss" + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + }, + "enforcementMode": "Default" + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce storage account SKU", + "description": "Allow only storage accounts of SKU Standard_GRS or Standard_LRS to be created", + "metadata": { + "assignedBy": "Cheapskate Boss" + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "notScopes": [], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + }, + "enforcementMode": "Default" + }, + "id": "/providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "type": "Microsoft.Authorization/policyAssignments", + "name": "LowCostStorage" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentNonComplianceMessages.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentNonComplianceMessages.json new file mode 100644 index 000000000000..57dda2b866e5 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentNonComplianceMessages.json @@ -0,0 +1,59 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "securityInitAssignment", + "api-version": "2022-06-01", + "parameters": { + "properties": { + "displayName": "Enforce security policies", + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/securityInitiative", + "nonComplianceMessages": [ + { + "message": "Resources must comply with all internal security policies. See for more info." + }, + { + "message": "Resource names must start with 'DeptA' and end with '-LC'.", + "policyDefinitionReferenceId": "10420126870854049575" + }, + { + "message": "Storage accounts must have firewall rules configured.", + "policyDefinitionReferenceId": "8572513655450389710" + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce security policies", + "metadata": { + "assignedBy": "User 1" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/securityInitiative", + "notScopes": [], + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "nonComplianceMessages": [ + { + "message": "Resources must comply with all internal security policies. See for more info." + }, + { + "message": "Resource names must start with 'DeptA' and end with '-LC'.", + "policyDefinitionReferenceId": "10420126870854049575" + }, + { + "message": "Storage accounts must have firewall rules configured.", + "policyDefinitionReferenceId": "8572513655450389710" + } + ] + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/securityInitAssignment", + "type": "Microsoft.Authorization/policyAssignments", + "name": "securityInitAssignment" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentity.json new file mode 100644 index 000000000000..a022f4feb490 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentity.json @@ -0,0 +1,65 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01", + "parameters": { + "location": "eastus", + "identity": { + "type": "SystemAssigned" + }, + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Foo Bar" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default" + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2" + }, + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "location": "eastus", + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentityById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentityById.json new file mode 100644 index 000000000000..aa5d90075cad --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentityById.json @@ -0,0 +1,63 @@ +{ + "parameters": { + "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "api-version": "2022-06-01", + "parameters": { + "identity": { + "type": "SystemAssigned" + }, + "location": "eastus", + "properties": { + "displayName": "Enforce storage account SKU", + "description": "Allow only storage accounts of SKU Standard_GRS or Standard_LRS to be created", + "metadata": { + "assignedBy": "Cheapskate Boss" + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + }, + "enforcementMode": "Default" + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce storage account SKU", + "description": "Allow only storage accounts of SKU Standard_GRS or Standard_LRS to be created", + "metadata": { + "assignedBy": "Cheapskate Boss" + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "notScopes": [], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + }, + "enforcementMode": "Default" + }, + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "location": "eastus", + "id": "/providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "type": "Microsoft.Authorization/policyAssignments", + "name": "LowCostStorage" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithOverrides.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithOverrides.json new file mode 100644 index 000000000000..19f81f962c9a --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithOverrides.json @@ -0,0 +1,68 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "CostManagement", + "api-version": "2022-06-01", + "parameters": { + "properties": { + "displayName": "Limit the resource location and resource SKU", + "description": "Limit the resource location and resource SKU", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "overrides": [ + { + "kind": "policyEffect", + "value": "Audit", + "selectors": [ + { + "kind": "policyDefinitionReferenceId", + "in": [ + "Limit_Skus", + "Limit_Locations" + ] + } + ] + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "properties": { + "displayName": "Limit the resource location and resource SKU", + "description": "Limit the resource location and resource SKU", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "notScopes": [], + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "overrides": [ + { + "kind": "policyEffect", + "value": "Audit", + "selectors": [ + { + "kind": "policyDefinitionReferenceId", + "in": [ + "Limit_Skus", + "Limit_Locations" + ] + } + ] + } + ] + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "CostManagement" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithResourceSelectors.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithResourceSelectors.json new file mode 100644 index 000000000000..53a005b8e3a1 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithResourceSelectors.json @@ -0,0 +1,66 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "CostManagement", + "api-version": "2022-06-01", + "parameters": { + "properties": { + "displayName": "Limit the resource location and resource SKU", + "description": "Limit the resource location and resource SKU", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "resourceSelectors": [ + { + "name": "SDPRegions", + "selectors": [ + { + "kind": "resourceLocation", + "in": [ + "eastus2euap", + "centraluseuap" + ] + } + ] + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "properties": { + "displayName": "Limit the resource location and resource SKU", + "description": "Limit the resource location and resource SKU", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "notScopes": [], + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "resourceSelectors": [ + { + "name": "SDPRegions", + "selectors": [ + { + "kind": "resourceLocation", + "in": [ + "eastus2euap", + "centraluseuap" + ] + } + ] + } + ] + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "CostManagement" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithUserAssignedIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithUserAssignedIdentity.json new file mode 100644 index 000000000000..10ade6481035 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithUserAssignedIdentity.json @@ -0,0 +1,72 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01", + "parameters": { + "location": "eastus", + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/testResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity": {} + } + }, + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Foo Bar" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default" + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2" + }, + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/testResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity": { + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "clientId": "4bee2b8a-1bee-47c2-90e9-404241551135" + } + } + }, + "location": "eastus", + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithoutEnforcement.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithoutEnforcement.json new file mode 100644 index 000000000000..542152051aec --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithoutEnforcement.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01", + "parameters": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "DoNotEnforce" + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "DoNotEnforce", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignment.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignment.json new file mode 100644 index 000000000000..29c3bcdc5d6f --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignment.json @@ -0,0 +1,38 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignmentById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignmentById.json new file mode 100644 index 000000000000..2bc4448bc371 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignmentById.json @@ -0,0 +1,36 @@ +{ + "parameters": { + "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce storage account SKU", + "description": "Allow only storage accounts of SKU Standard_GRS or Standard_LRS to be created", + "metadata": { + "assignedBy": "Cheapskate Boss" + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "notScopes": [], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + "id": "/providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "type": "Microsoft.Authorization/policyAssignments", + "name": "LowCostStorage" + } + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinition.json new file mode 100644 index 000000000000..7afd61dab4f4 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinition.json @@ -0,0 +1,15 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "ResourceNaming", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {} + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionAtManagementGroup.json new file mode 100644 index 000000000000..b90b79faf86e --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionAtManagementGroup.json @@ -0,0 +1,15 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policyDefinitionName": "ResourceNaming", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {} + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinition.json new file mode 100644 index 000000000000..4ff657f231ab --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinition.json @@ -0,0 +1,15 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policySetDefinitionName": "CostManagement", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {} + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionAtManagementGroup.json new file mode 100644 index 000000000000..d8d901bc03d5 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionAtManagementGroup.json @@ -0,0 +1,15 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policySetDefinitionName": "CostManagement", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {} + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinition.json new file mode 100644 index 000000000000..bec7bb8ff839 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinition.json @@ -0,0 +1,67 @@ +{ + "parameters": { + "policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "[Preview]: Enable Monitoring in Azure Security Center", + "policyType": "BuiltIn", + "description": "Monitor all the available security recommendations in Azure Security Center. This is the default policy for Azure Security Center.", + "metadata": { + "category": "Security Center" + }, + "parameters": {}, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a8bef009-a5c9-4d0f-90d7-6018734e8a16", + "policyDefinitionReferenceId": "RefId1" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af8051bf-258b-44e2-a2bf-165330459f9d", + "policyDefinitionReferenceId": "RefId2" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86b3d65f-7626-441e-b690-81a8b71cff60", + "policyDefinitionReferenceId": "RefId3" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759", + "policyDefinitionReferenceId": "RefId4" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c", + "policyDefinitionReferenceId": "RefId5" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a6b606-51aa-4496-8bb7-64b11cf66adc", + "policyDefinitionReferenceId": "RefId6" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed", + "policyDefinitionReferenceId": "RefId7" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15", + "policyDefinitionReferenceId": "RefId8" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9", + "policyDefinitionReferenceId": "RefId9" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0961003e-5a0a-4549-abde-af6a37f2724d", + "policyDefinitionReferenceId": "RefId10" + } + ] + }, + "id": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinition.json new file mode 100644 index 000000000000..95d4a4009ec6 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinition.json @@ -0,0 +1,52 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "7433c107-6db4-4ad1-b57a-a76dce0154a1", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "mode": "All", + "displayName": "Allowed storage account SKUs", + "policyType": "BuiltIn", + "description": "This policy enables you to specify a set of storage account SKUs that your organization can deploy.", + "parameters": { + "listOfAllowedSKUs": { + "type": "Array", + "metadata": { + "description": "The list of SKUs that can be specified for storage accounts.", + "displayName": "Allowed SKUs", + "strongType": "StorageSKUs" + } + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "not": { + "field": "Microsoft.Storage/storageAccounts/sku.name", + "in": "[parameters('listOfAllowedSKUs')]" + } + } + ] + }, + "then": { + "effect": "Deny" + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "7433c107-6db4-4ad1-b57a-a76dce0154a1" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignment.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignment.json new file mode 100644 index 000000000000..b4c3a1ae3a45 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignment.json @@ -0,0 +1,36 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentById.json new file mode 100644 index 000000000000..20cbfea5380c --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentById.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce storage account SKU", + "description": "Allow only storage accounts of SKU Standard_GRS or Standard_LRS to be created", + "metadata": { + "assignedBy": "Cheapskate Boss" + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "notScopes": [], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + }, + "enforcementMode": "Default" + }, + "id": "/providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "type": "Microsoft.Authorization/policyAssignments", + "name": "LowCostStorage" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentity.json new file mode 100644 index 000000000000..77c75fbd38b5 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentity.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2" + }, + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "location": "westus", + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentityById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentityById.json new file mode 100644 index 000000000000..b4274a042678 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentityById.json @@ -0,0 +1,40 @@ +{ + "parameters": { + "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce storage account SKU", + "description": "Allow only storage accounts of SKU Standard_GRS or Standard_LRS to be created", + "metadata": { + "assignedBy": "Cheapskate Boss" + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "notScopes": [], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + }, + "enforcementMode": "Default" + }, + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "location": "westus", + "id": "/providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "type": "Microsoft.Authorization/policyAssignments", + "name": "LowCostStorage" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithOverrides.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithOverrides.json new file mode 100644 index 000000000000..e4c8def35beb --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithOverrides.json @@ -0,0 +1,43 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "CostManagement", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Limit the resource location and resource SKU", + "description": "Limit the resource location and resource SKU", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "notScopes": [], + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "overrides": [ + { + "kind": "policyEffect", + "value": "Audit", + "selectors": [ + { + "kind": "policyDefinitionReferenceId", + "in": [ + "Limit_Skus", + "Limit_Locations" + ] + } + ] + } + ] + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "CostManagement" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithResourceSelectors.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithResourceSelectors.json new file mode 100644 index 000000000000..66470cfd9538 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithResourceSelectors.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "CostManagement", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Limit the resource location and resource SKU", + "description": "Limit the resource location and resource SKU", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "notScopes": [], + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "resourceSelectors": [ + { + "name": "SDPRegions", + "selectors": [ + { + "kind": "resourceLocation", + "in": [ + "eastus2euap", + "centraluseuap" + ] + } + ] + } + ] + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "CostManagement" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithUserAssignedIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithUserAssignedIdentity.json new file mode 100644 index 000000000000..bd3509c8579e --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithUserAssignedIdentity.json @@ -0,0 +1,46 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2" + }, + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/testResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity": { + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "clientId": "4bee2b8a-1bee-47c2-90e9-404241551135" + } + } + }, + "location": "westus", + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinition.json new file mode 100644 index 000000000000..f3bc054a6eeb --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinition.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "ResourceNaming", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "ResourceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionAtManagementGroup.json new file mode 100644 index 000000000000..4cb073faece5 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionAtManagementGroup.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policyDefinitionName": "ResourceNaming", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "ResourceNaming", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinition.json new file mode 100644 index 000000000000..44b4c4f4005d --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinition.json @@ -0,0 +1,68 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policySetDefinitionName": "CostManagement", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionGroups": [ + { + "name": "CostSaving", + "displayName": "Cost Management Policies", + "description": "Policies designed to control spend within a subscription." + }, + { + "name": "Organizational", + "displayName": "Organizational Policies", + "description": "Policies that help enforce resource organization standards within a subscription." + } + ], + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "groupNames": [ + "CostSaving" + ], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "groupNames": [ + "Organizational" + ], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionAtManagementGroup.json new file mode 100644 index 000000000000..506b99046b1e --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionAtManagementGroup.json @@ -0,0 +1,50 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policySetDefinitionName": "CostManagement", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitions.json new file mode 100644 index 000000000000..a02d0d9b5cc6 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitions.json @@ -0,0 +1,130 @@ +{ + "parameters": { + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "mode": "All", + "displayName": "Audit SQL DB Level Audit Setting", + "policyType": "BuiltIn", + "description": "Audit DB level audit setting for SQL databases", + "parameters": { + "setting": { + "type": "String", + "metadata": { + "displayName": "Audit Setting" + }, + "allowedValues": [ + "enabled", + "disabled" + ] + } + }, + "policyRule": { + "if": { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + "then": { + "effect": "AuditIfNotExists", + "details": { + "type": "Microsoft.Sql/servers/databases/auditingSettings", + "name": "default", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Sql/auditingSettings.state", + "equals": "[parameters('setting')]" + } + ] + } + } + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a12", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "06a78e20-9358-41c9-923c-fb736d382a12" + }, + { + "properties": { + "mode": "All", + "displayName": "Allowed storage account SKUs", + "policyType": "Static", + "description": "This policy enables you to specify a set of storage account SKUs that your organization can deploy.", + "parameters": { + "listOfAllowedSKUs": { + "type": "Array", + "metadata": { + "description": "The list of SKUs that can be specified for storage accounts.", + "displayName": "Allowed SKUs", + "strongType": "StorageSKUs" + } + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "not": { + "field": "Microsoft.Storage/storageAccounts/sku.name", + "in": "[parameters('listOfAllowedSKUs')]" + } + } + ] + }, + "then": { + "effect": "Deny" + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "7433c107-6db4-4ad1-b57a-a76dce0154a1" + }, + { + "properties": { + "mode": "Microsoft.KeyVault.Data", + "displayName": "Audit KeyVault certificates that expire within specified number of days", + "policyType": "BuiltIn", + "description": "Audit certificates that are stored in Azure Key Vault, that expire within 'X' number of days.", + "metadata": { + "category": "KeyVault DataPlane" + }, + "parameters": { + "daysToExpire": { + "type": "Integer", + "metadata": { + "displayName": "Days to expire", + "description": "The number of days for a certificate to expire." + } + } + }, + "policyRule": { + "if": { + "field": "Microsoft.KeyVault.Data/vaults/certificates/attributes/expiresOn", + "lessOrEquals": "[addDays(utcNow(), parameters('daysToExpire'))]" + }, + "then": { + "effect": "audit" + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/abeed54a-73c5-441d-8a8c-6b5e7a0c299e", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "abeed54a-73c5-441d-8a8c-6b5e7a0c299e" + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitions.json new file mode 100644 index 000000000000..98486d14574b --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitions.json @@ -0,0 +1,70 @@ +{ + "parameters": { + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "displayName": "[Preview]: Enable Monitoring in Azure Security Center", + "policyType": "BuiltIn", + "description": "Monitor all the available security recommendations in Azure Security Center. This is the default policy for Azure Security Center.", + "metadata": { + "category": "Security Center" + }, + "parameters": {}, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a8bef009-a5c9-4d0f-90d7-6018734e8a16", + "policyDefinitionReferenceId": "RefId1" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af8051bf-258b-44e2-a2bf-165330459f9d", + "policyDefinitionReferenceId": "RefId2" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86b3d65f-7626-441e-b690-81a8b71cff60", + "policyDefinitionReferenceId": "RefId3" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759", + "policyDefinitionReferenceId": "RefId4" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c", + "policyDefinitionReferenceId": "RefId5" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a6b606-51aa-4496-8bb7-64b11cf66adc", + "policyDefinitionReferenceId": "RefId6" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed", + "policyDefinitionReferenceId": "RefId7" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15", + "policyDefinitionReferenceId": "RefId8" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9", + "policyDefinitionReferenceId": "RefId9" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0961003e-5a0a-4549-abde-af6a37f2724d", + "policyDefinitionReferenceId": "RefId10" + } + ] + }, + "id": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8" + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignments.json new file mode 100644 index 000000000000..4b4f0a62f28d --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignments.json @@ -0,0 +1,54 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "api-version": "2022-06-01", + "$filter": "atScope()" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "CostManagement", + "location": "eastus", + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "properties": { + "displayName": "Storage Cost Management", + "description": "Minimize the risk of accidental cost overruns", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/storageSkus", + "parameters": { + "allowedSkus": { + "value": "Standard_A1" + } + }, + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "notScopes": [] + } + }, + { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/TagEnforcement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "TagEnforcement", + "properties": { + "displayName": "Enforces a tag key and value", + "description": "Ensure a given tag key and value are present on all resources", + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/TagKeyValue", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "notScopes": [] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForManagementGroup.json new file mode 100644 index 000000000000..493f2efcd90a --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForManagementGroup.json @@ -0,0 +1,54 @@ +{ + "parameters": { + "managementGroupId": "TestManagementGroup", + "api-version": "2022-06-01", + "$filter": "atScope()" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/providers/Microsoft.Management/managementGroups/TestManagementGroup/providers/Microsoft.Authorization/policyAssignments/TestCostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "TestCostManagement", + "location": "eastus", + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "properties": { + "displayName": "Storage Cost Management", + "description": "Minimize the risk of accidental cost overruns", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionId": "/providers/Microsoft.Management/managementGroups/TestManagementGroup/providers/Microsoft.Authorization/policyDefinitions/storageSkus", + "parameters": { + "allowedSkus": { + "value": "Standard_A1" + } + }, + "scope": "/providers/Microsoft.Management/managementGroups/TestManagementGroup", + "notScopes": [] + } + }, + { + "id": "/providers/Microsoft.Management/managementGroups/TestManagementGroup/providers/Microsoft.Authorization/policyAssignments/TestTagEnforcement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "TestTagEnforcement", + "properties": { + "displayName": "Enforces a tag key and value", + "description": "Ensure a given tag key and value are present on all resources", + "policyDefinitionId": "/providers/Microsoft.Management/managementGroups/TestManagementGroup/providers/Microsoft.Authorization/policyDefinitions/TagKeyValue", + "scope": "/providers/Microsoft.Management/managementGroups/TestManagementGroup", + "notScopes": [] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResource.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResource.json new file mode 100644 index 000000000000..00a16b983b44 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResource.json @@ -0,0 +1,58 @@ +{ + "parameters": { + "resourceGroupName": "TestResourceGroup", + "resourceProviderNamespace": "Microsoft.Compute", + "parentResourcePath": "virtualMachines/MyTestVm", + "resourceType": "domainNames", + "resourceName": "MyTestComputer.cloudapp.net", + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "api-version": "2022-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/TestResourceGroup/providers/Microsoft.Authorization/policyAssignments/TestCostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "TestCostManagement", + "location": "eastus", + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "properties": { + "displayName": "VM Cost Management", + "description": "Minimize the risk of accidental cost overruns", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/vmSkus", + "parameters": { + "allowedSkus": { + "value": "Standard_A1" + } + }, + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/TestResourceGroup", + "notScopes": [] + } + }, + { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/TestResourceGroup/providers/Microsoft.Authorization/policyAssignments/TestTagEnforcement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "TestTagEnforcement", + "properties": { + "displayName": "Enforces a tag key and value", + "description": "Ensure a given tag key and value are present on all resources", + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/TagKeyValue", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/TestResourceGroup", + "notScopes": [] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResourceGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResourceGroup.json new file mode 100644 index 000000000000..96fbc1c54328 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResourceGroup.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "resourceGroupName": "TestResourceGroup", + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "api-version": "2022-06-01", + "$filter": "atScope()" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/TestResourceGroup/providers/Microsoft.Authorization/policyAssignments/TestCostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "TestCostManagement", + "location": "eastus", + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "properties": { + "displayName": "Storage Cost Management", + "description": "Minimize the risk of accidental cost overruns", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/storageSkus", + "parameters": { + "allowedSkus": { + "value": "Standard_A1" + } + }, + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/TestResourceGroup", + "notScopes": [] + } + }, + { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/TestResourceGroup/providers/Microsoft.Authorization/policyAssignments/TestTagEnforcement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "TestTagEnforcement", + "properties": { + "displayName": "Enforces a tag key and value", + "description": "Ensure a given tag key and value are present on all resources", + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/TagKeyValue", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/TestResourceGroup", + "notScopes": [] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitions.json new file mode 100644 index 000000000000..7d47a847c6d2 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitions.json @@ -0,0 +1,128 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "mode": "All", + "displayName": "Allowed storage account SKUs", + "policyType": "BuiltIn", + "description": "This policy enables you to specify a set of storage account SKUs that your organization can deploy.", + "parameters": { + "listOfAllowedSKUs": { + "type": "Array", + "metadata": { + "description": "The list of SKUs that can be specified for storage accounts.", + "displayName": "Allowed SKUs", + "strongType": "StorageSKUs" + } + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "not": { + "field": "Microsoft.Storage/storageAccounts/sku.name", + "in": "[parameters('listOfAllowedSKUs')]" + } + } + ] + }, + "then": { + "effect": "Deny" + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "7433c107-6db4-4ad1-b57a-a76dce0154a1" + }, + { + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "policyType": "Custom" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "ResourceNaming" + }, + { + "properties": { + "mode": "Microsoft.KeyVault.Data", + "displayName": "Audit KeyVault certificates that expire within specified number of days", + "description": "Audit certificates that are stored in Azure Key Vault, that expire within 'X' number of days.", + "metadata": { + "category": "KeyVault DataPlane" + }, + "parameters": { + "daysToExpire": { + "type": "Integer", + "metadata": { + "displayName": "Days to expire", + "description": "The number of days for a certificate to expire." + } + } + }, + "policyRule": { + "if": { + "field": "Microsoft.KeyVault.Data/vaults/certificates/attributes/expiresOn", + "lessOrEquals": "[addDays(utcNow(), parameters('daysToExpire'))]" + }, + "then": { + "effect": "audit" + } + }, + "policyType": "Custom" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/AuditSoonToExpireCerts", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "AuditSoonToExpireCerts" + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionsByManagementGroup.json new file mode 100644 index 000000000000..2563c7b2a2ea --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionsByManagementGroup.json @@ -0,0 +1,96 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "mode": "All", + "displayName": "Allowed storage account SKUs", + "policyType": "BuiltIn", + "description": "This policy enables you to specify a set of storage account SKUs that your organization can deploy.", + "parameters": { + "listOfAllowedSKUs": { + "type": "Array", + "metadata": { + "description": "The list of SKUs that can be specified for storage accounts.", + "displayName": "Allowed SKUs", + "strongType": "StorageSKUs" + } + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "not": { + "field": "Microsoft.Storage/storageAccounts/sku.name", + "in": "[parameters('listOfAllowedSKUs')]" + } + } + ] + }, + "then": { + "effect": "Deny" + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "7433c107-6db4-4ad1-b57a-a76dce0154a1" + }, + { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "ResourceNaming", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitions.json new file mode 100644 index 000000000000..0760092d2814 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitions.json @@ -0,0 +1,109 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "displayName": "[Preview]: Enable Monitoring in Azure Security Center", + "policyType": "BuiltIn", + "description": "Monitor all the available security recommendations in Azure Security Center. This is the default policy for Azure Security Center.", + "metadata": { + "category": "Security Center" + }, + "parameters": {}, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a8bef009-a5c9-4d0f-90d7-6018734e8a16", + "policyDefinitionReferenceId": "RefId1" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af8051bf-258b-44e2-a2bf-165330459f9d", + "policyDefinitionReferenceId": "RefId2" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86b3d65f-7626-441e-b690-81a8b71cff60", + "policyDefinitionReferenceId": "RefId3" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759", + "policyDefinitionReferenceId": "RefId4" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c", + "policyDefinitionReferenceId": "RefId5" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a6b606-51aa-4496-8bb7-64b11cf66adc", + "policyDefinitionReferenceId": "RefId6" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed", + "policyDefinitionReferenceId": "RefId7" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15", + "policyDefinitionReferenceId": "RefId8" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9", + "policyDefinitionReferenceId": "RefId9" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0961003e-5a0a-4549-abde-af6a37f2724d", + "policyDefinitionReferenceId": "RefId10" + } + ] + }, + "id": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8" + }, + { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionsByManagementGroup.json new file mode 100644 index 000000000000..b9151af9b555 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionsByManagementGroup.json @@ -0,0 +1,109 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "api-version": "2021-06-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "displayName": "[Preview]: Enable Monitoring in Azure Security Center", + "policyType": "BuiltIn", + "description": "Monitor all the available security recommendations in Azure Security Center. This is the default policy for Azure Security Center.", + "metadata": { + "category": "Security Center" + }, + "parameters": {}, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a8bef009-a5c9-4d0f-90d7-6018734e8a16", + "policyDefinitionReferenceId": "RefId1" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af8051bf-258b-44e2-a2bf-165330459f9d", + "policyDefinitionReferenceId": "RefId2" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86b3d65f-7626-441e-b690-81a8b71cff60", + "policyDefinitionReferenceId": "RefId3" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759", + "policyDefinitionReferenceId": "RefId4" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c", + "policyDefinitionReferenceId": "RefId5" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a6b606-51aa-4496-8bb7-64b11cf66adc", + "policyDefinitionReferenceId": "RefId6" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed", + "policyDefinitionReferenceId": "RefId7" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15", + "policyDefinitionReferenceId": "RefId8" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9", + "policyDefinitionReferenceId": "RefId9" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0961003e-5a0a-4549-abde-af6a37f2724d", + "policyDefinitionReferenceId": "RefId10" + } + ] + }, + "id": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8" + }, + { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentity.json new file mode 100644 index 000000000000..167eca2644e9 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentity.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01", + "parameters": { + "location": "eastus", + "identity": { + "type": "SystemAssigned" + } + } + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2" + }, + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "location": "eastus", + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentityById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentityById.json new file mode 100644 index 000000000000..00b43c23f99d --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentityById.json @@ -0,0 +1,46 @@ +{ + "parameters": { + "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "api-version": "2022-06-01", + "parameters": { + "identity": { + "type": "SystemAssigned" + }, + "location": "eastus" + } + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce storage account SKU", + "description": "Allow only storage accounts of SKU Standard_GRS or Standard_LRS to be created", + "metadata": { + "assignedBy": "Cheapskate Boss" + }, + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "notScopes": [], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + }, + "enforcementMode": "Default" + }, + "identity": { + "type": "SystemAssigned", + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "tenantId": "4bee2b8a-1bee-47c2-90e9-404241551135" + }, + "location": "eastus", + "id": "/providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", + "type": "Microsoft.Authorization/policyAssignments", + "name": "LowCostStorage" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithOverrides.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithOverrides.json new file mode 100644 index 000000000000..ccefd8cef60d --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithOverrides.json @@ -0,0 +1,62 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "CostManagement", + "api-version": "2022-06-01", + "parameters": { + "properties": { + "overrides": [ + { + "kind": "policyEffect", + "value": "Audit", + "selectors": [ + { + "kind": "policyDefinitionReferenceId", + "in": [ + "Limit_Skus", + "Limit_Locations" + ] + } + ] + } + ] + } + } + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Limit the resource location and resource SKU", + "description": "Limit the resource location and resource SKU", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "notScopes": [], + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "overrides": [ + { + "kind": "policyEffect", + "value": "Audit", + "selectors": [ + { + "kind": "policyDefinitionReferenceId", + "in": [ + "Limit_Skus", + "Limit_Locations" + ] + } + ] + } + ] + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "CostManagement" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithResourceSelectors.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithResourceSelectors.json new file mode 100644 index 000000000000..94e5a5f91a24 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithResourceSelectors.json @@ -0,0 +1,60 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "CostManagement", + "api-version": "2022-06-01", + "parameters": { + "properties": { + "resourceSelectors": [ + { + "name": "SDPRegions", + "selectors": [ + { + "kind": "resourceLocation", + "in": [ + "eastus2euap", + "centraluseuap" + ] + } + ] + } + ] + } + } + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Limit the resource location and resource SKU", + "description": "Limit the resource location and resource SKU", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "notScopes": [], + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "resourceSelectors": [ + { + "name": "SDPRegions", + "selectors": [ + { + "kind": "resourceLocation", + "in": [ + "eastus2euap", + "centraluseuap" + ] + } + ] + } + ] + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/CostManagement", + "type": "Microsoft.Authorization/policyAssignments", + "name": "CostManagement" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithUserAssignedIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithUserAssignedIdentity.json new file mode 100644 index 000000000000..e2ce22b3bbe5 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithUserAssignedIdentity.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyAssignmentName": "EnforceNaming", + "api-version": "2022-06-01", + "parameters": { + "location": "eastus", + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/testResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity": {} + } + } + } + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "Enforce resource naming rules", + "description": "Force resource names to begin with given DeptA and end with -LC", + "metadata": { + "assignedBy": "Special Someone" + }, + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "notScopes": [], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + }, + "enforcementMode": "Default", + "scope": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2" + }, + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/resourceGroups/testResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-identity": { + "principalId": "e6d23f8d-af97-4fbc-bda6-00604e4e3d0a", + "clientId": "4bee2b8a-1bee-47c2-90e9-404241551135" + } + } + }, + "location": "eastus", + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyAssignments/EnforceNaming", + "type": "Microsoft.Authorization/policyAssignments", + "name": "EnforceNaming" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json new file mode 100644 index 000000000000..097a64136112 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json @@ -0,0 +1,1054 @@ +{ + "swagger": "2.0", + "info": { + "title": "PolicyClient", + "version": "2022-06-01", + "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow.", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}": { + "delete": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_Delete", + "summary": "Deletes a policy assignment.", + "description": "This operation deletes a policy assignment, given its name and the scope it was created in. The scope of a policy assignment is the part of its ID preceding '/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'.", + "x-ms-examples": { + "Delete a policy assignment": { + "$ref": "./examples/deletePolicyAssignment.json" + } + }, + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'", + "x-ms-skip-url-encoding": true + }, + { + "name": "policyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy assignment to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the deleted assignment.", + "schema": { + "$ref": "#/definitions/PolicyAssignment" + } + }, + "204": { + "description": "No Content - the policy assignment doesn't exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "put": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_Create", + "summary": "Creates or updates a policy assignment.", + "description": " This operation creates or updates a policy assignment with the given scope and name. Policy assignments apply to all resources contained within their scope. For example, when you assign a policy at resource group scope, that policy applies to all resources in the group.", + "x-ms-examples": { + "Create or update a policy assignment": { + "$ref": "./examples/createPolicyAssignment.json" + }, + "Create or update a policy assignment with multiple non-compliance messages": { + "$ref": "./examples/createPolicyAssignmentNonComplianceMessages.json" + }, + "Create or update a policy assignment with a system assigned identity": { + "$ref": "./examples/createPolicyAssignmentWithIdentity.json" + }, + "Create or update a policy assignment with a user assigned identity": { + "$ref": "./examples/createPolicyAssignmentWithUserAssignedIdentity.json" + }, + "Create or update a policy assignment without enforcing policy effect during resource creation or update.": { + "$ref": "./examples/createPolicyAssignmentWithoutEnforcement.json" + }, + "Create or update a policy assignment with resource selectors": { + "$ref": "./examples/createPolicyAssignmentWithResourceSelectors.json" + }, + "Create or update a policy assignment with overrides": { + "$ref": "./examples/createPolicyAssignmentWithOverrides.json" + } + }, + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'", + "x-ms-skip-url-encoding": true + }, + { + "name": "policyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy assignment." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicyAssignment" + }, + "description": "Parameters for the policy assignment." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the new policy assignment.", + "schema": { + "$ref": "#/definitions/PolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_Get", + "summary": "Retrieves a policy assignment.", + "description": "This operation retrieves a single policy assignment, given its name and the scope it was created at.", + "x-ms-examples": { + "Retrieve a policy assignment": { + "$ref": "./examples/getPolicyAssignment.json" + }, + "Retrieve a policy assignment with a system assigned identity": { + "$ref": "./examples/getPolicyAssignmentWithIdentity.json" + }, + "Retrieve a policy assignment with a user assigned identity": { + "$ref": "./examples/getPolicyAssignmentWithUserAssignedIdentity.json" + }, + "Retrieve a policy assignment with resource selectors": { + "$ref": "./examples/getPolicyAssignmentWithResourceSelectors.json" + }, + "Retrieve a policy assignment with overrides": { + "$ref": "./examples/getPolicyAssignmentWithOverrides.json" + } + }, + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'", + "x-ms-skip-url-encoding": true + }, + { + "name": "policyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy assignment to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy assignment.", + "schema": { + "$ref": "#/definitions/PolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "patch": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_Update", + "summary": "Updates a policy assignment.", + "description": " This operation updates a policy assignment with the given scope and name. Policy assignments apply to all resources contained within their scope. For example, when you assign a policy at resource group scope, that policy applies to all resources in the group.", + "x-ms-examples": { + "Update a policy assignment with a system assigned identity": { + "$ref": "./examples/updatePolicyAssignmentWithIdentity.json" + }, + "Update a policy assignment with a user assigned identity": { + "$ref": "./examples/updatePolicyAssignmentWithUserAssignedIdentity.json" + }, + "Update a policy assignment with resource selectors": { + "$ref": "./examples/updatePolicyAssignmentWithResourceSelectors.json" + }, + "Update a policy assignment with overrides": { + "$ref": "./examples/updatePolicyAssignmentWithOverrides.json" + } + }, + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the policy assignment. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'", + "x-ms-skip-url-encoding": true + }, + { + "name": "policyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy assignment." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicyAssignmentUpdate" + }, + "description": "Parameters for policy assignment patch request." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy assignment.", + "schema": { + "$ref": "#/definitions/PolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Authorization/policyAssignments": { + "get": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_ListForResourceGroup", + "summary": "Retrieves all policy assignments that apply to a resource group.", + "description": "This operation retrieves the list of all policy assignments associated with the given resource group in the given subscription that match the optional given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()' or 'policyDefinitionId eq '{value}''. If $filter is not provided, the unfiltered list includes all policy assignments associated with the resource group, including those that apply directly or apply from containing scopes, as well as any applied to resources contained within the resource group. If $filter=atScope() is provided, the returned list includes all policy assignments that apply to the resource group, which is everything in the unfiltered list except those applied to resources contained within the resource group. If $filter=atExactScope() is provided, the returned list only includes all policy assignments that at the resource group. If $filter=policyDefinitionId eq '{value}' is provided, the returned list includes all policy assignments of the policy definition whose id is {value} that apply to the resource group.", + "x-ms-examples": { + "List policy assignments that apply to a resource group": { + "$ref": "./examples/listPolicyAssignmentsForResourceGroup.json" + } + }, + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group that contains policy assignments.", + "pattern": "^[-\\w\\._\\(\\)]+$", + "minLength": 1, + "maxLength": 90 + }, + { + "$ref": "#/parameters/PolicyAssignmentsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy assignments.", + "schema": { + "$ref": "#/definitions/PolicyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePath}/{resourceType}/{resourceName}/providers/Microsoft.Authorization/policyAssignments": { + "get": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_ListForResource", + "summary": "Retrieves all policy assignments that apply to a resource.", + "description": "This operation retrieves the list of all policy assignments associated with the specified resource in the given resource group and subscription that match the optional given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()' or 'policyDefinitionId eq '{value}''. If $filter is not provided, the unfiltered list includes all policy assignments associated with the resource, including those that apply directly or from all containing scopes, as well as any applied to resources contained within the resource. If $filter=atScope() is provided, the returned list includes all policy assignments that apply to the resource, which is everything in the unfiltered list except those applied to resources contained within the resource. If $filter=atExactScope() is provided, the returned list only includes all policy assignments that at the resource level. If $filter=policyDefinitionId eq '{value}' is provided, the returned list includes all policy assignments of the policy definition whose id is {value} that apply to the resource. Three parameters plus the resource name are used to identify a specific resource. If the resource is not part of a parent resource (the more common case), the parent resource path should not be provided (or provided as ''). For example a web app could be specified as ({resourceProviderNamespace} == 'Microsoft.Web', {parentResourcePath} == '', {resourceType} == 'sites', {resourceName} == 'MyWebApp'). If the resource is part of a parent resource, then all parameters should be provided. For example a virtual machine DNS name could be specified as ({resourceProviderNamespace} == 'Microsoft.Compute', {parentResourcePath} == 'virtualMachines/MyVirtualMachine', {resourceType} == 'domainNames', {resourceName} == 'MyComputerName'). A convenient alternative to providing the namespace and type name separately is to provide both in the {resourceType} parameter, format: ({resourceProviderNamespace} == '', {parentResourcePath} == '', {resourceType} == 'Microsoft.Web/sites', {resourceName} == 'MyWebApp').", + "deprecated": false, + "x-ms-examples": { + "List all policy assignments that apply to a resource": { + "$ref": "./examples/listPolicyAssignmentsForResource.json" + } + }, + "parameters": [ + { + "name": "resourceGroupName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource group containing the resource.", + "pattern": "^[-\\w\\._\\(\\)]+$", + "minLength": 1, + "maxLength": 90 + }, + { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider. For example, the namespace of a virtual machine is Microsoft.Compute (from Microsoft.Compute/virtualMachines)" + }, + { + "name": "parentResourcePath", + "in": "path", + "required": true, + "type": "string", + "description": "The parent resource path. Use empty string if there is none.", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites).", + "x-ms-skip-url-encoding": true + }, + { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the resource." + }, + { + "$ref": "#/parameters/PolicyAssignmentsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy assignments.", + "schema": { + "$ref": "#/definitions/PolicyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/PolicyAssignment" + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policyAssignments": { + "get": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_ListForManagementGroup", + "summary": "Retrieves all policy assignments that apply to a management group.", + "description": "This operation retrieves the list of all policy assignments applicable to the management group that match the given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()' or 'policyDefinitionId eq '{value}''. If $filter=atScope() is provided, the returned list includes all policy assignments that are assigned to the management group or the management group's ancestors. If $filter=atExactScope() is provided, the returned list only includes all policy assignments that at the management group. If $filter=policyDefinitionId eq '{value}' is provided, the returned list includes all policy assignments of the policy definition whose id is {value} that apply to the management group.", + "x-ms-examples": { + "List policy assignments that apply to a management group": { + "$ref": "./examples/listPolicyAssignmentsForManagementGroup.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, + { + "$ref": "#/parameters/PolicyAssignmentsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy assignments.", + "schema": { + "$ref": "#/definitions/PolicyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyAssignments": { + "get": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_List", + "summary": "Retrieves all policy assignments that apply to a subscription.", + "description": "This operation retrieves the list of all policy assignments associated with the given subscription that match the optional given $filter. Valid values for $filter are: 'atScope()', 'atExactScope()' or 'policyDefinitionId eq '{value}''. If $filter is not provided, the unfiltered list includes all policy assignments associated with the subscription, including those that apply directly or from management groups that contain the given subscription, as well as any applied to objects contained within the subscription. If $filter=atScope() is provided, the returned list includes all policy assignments that apply to the subscription, which is everything in the unfiltered list except those applied to objects contained within the subscription. If $filter=atExactScope() is provided, the returned list only includes all policy assignments that at the subscription. If $filter=policyDefinitionId eq '{value}' is provided, the returned list includes all policy assignments of the policy definition whose id is {value}.", + "x-ms-examples": { + "List policy assignments that apply to a subscription": { + "$ref": "./examples/listPolicyAssignments.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/PolicyAssignmentsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy assignments.", + "schema": { + "$ref": "#/definitions/PolicyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/PolicyAssignment" + } + }, + "/{policyAssignmentId}": { + "delete": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_DeleteById", + "summary": "Deletes a policy assignment.", + "description": "This operation deletes the policy with the given ID. Policy assignment IDs have this format: '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. Valid formats for {scope} are: '/providers/Microsoft.Management/managementGroups/{managementGroup}' (management group), '/subscriptions/{subscriptionId}' (subscription), '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}' (resource group), or '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}' (resource).", + "x-ms-examples": { + "Delete a policy assignment by ID": { + "$ref": "./examples/deletePolicyAssignmentById.json" + } + }, + "parameters": [ + { + "name": "policyAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the policy assignment to delete. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy assignment.", + "schema": { + "$ref": "#/definitions/PolicyAssignment" + } + }, + "204": { + "description": "No Content - the policy assignment doesn't exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "put": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_CreateById", + "summary": "Creates or updates a policy assignment.", + "description": "This operation creates or updates the policy assignment with the given ID. Policy assignments made on a scope apply to all resources contained in that scope. For example, when you assign a policy to a resource group that policy applies to all resources in the group. Policy assignment IDs have this format: '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'.", + "x-ms-examples": { + "Create or update policy assignment by ID": { + "$ref": "./examples/createPolicyAssignmentById.json" + }, + "Create or update policy assignment with a managed identity by ID": { + "$ref": "./examples/createPolicyAssignmentWithIdentityById.json" + } + }, + "parameters": [ + { + "name": "policyAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the policy assignment to create. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'.", + "x-ms-skip-url-encoding": true + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicyAssignment" + }, + "description": "Parameters for policy assignment." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy assignment.", + "schema": { + "$ref": "#/definitions/PolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_GetById", + "summary": "Retrieves the policy assignment with the given ID.", + "description": "The operation retrieves the policy assignment with the given ID. Policy assignment IDs have this format: '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'.", + "x-ms-examples": { + "Retrieve a policy assignment by ID": { + "$ref": "./examples/getPolicyAssignmentById.json" + }, + "Retrieve a policy assignment with a managed identity by ID": { + "$ref": "./examples/getPolicyAssignmentWithIdentityById.json" + } + }, + "parameters": [ + { + "name": "policyAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the policy assignment to get. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy assignment.", + "schema": { + "$ref": "#/definitions/PolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "patch": { + "tags": [ + "PolicyAssignments" + ], + "operationId": "PolicyAssignments_UpdateById", + "summary": "Updates a policy assignment.", + "description": "This operation updates the policy assignment with the given ID. Policy assignments made on a scope apply to all resources contained in that scope. For example, when you assign a policy to a resource group that policy applies to all resources in the group. Policy assignment IDs have this format: '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'. Valid scopes are: management group (format: '/providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'.", + "x-ms-examples": { + "Update policy assignment with a managed identity by ID": { + "$ref": "./examples/updatePolicyAssignmentWithIdentityById.json" + } + }, + "parameters": [ + { + "name": "policyAssignmentId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the policy assignment to update. Use the format '{scope}/providers/Microsoft.Authorization/policyAssignments/{policyAssignmentName}'.", + "x-ms-skip-url-encoding": true + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicyAssignmentUpdate" + }, + "description": "Parameters for policy assignment patch request." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy assignment.", + "schema": { + "$ref": "#/definitions/PolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "CloudError": { + "type": "object", + "x-ms-external": true, + "properties": { + "error": { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + } + }, + "description": "An error response from a policy operation." + }, + "PolicyAssignmentProperties": { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "description": "The display name of the policy assignment." + }, + "policyDefinitionId": { + "type": "string", + "description": "The ID of the policy definition or policy set definition being assigned." + }, + "scope": { + "type": "string", + "description": "The scope for the policy assignment.", + "readOnly": true + }, + "notScopes": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The policy's excluded scopes." + }, + "parameters": { + "description": "The parameter values for the assigned policy rule. The keys are the parameter names.", + "$ref": "#/definitions/ParameterValues" + }, + "description": { + "type": "string", + "description": "This message will be part of response in case of policy violation." + }, + "metadata": { + "type": "object", + "description": "The policy assignment metadata. Metadata is an open ended object and is typically a collection of key value pairs." + }, + "enforcementMode": { + "type": "string", + "description": "The policy assignment enforcement mode. Possible values are Default and DoNotEnforce.", + "enum": [ + "Default", + "DoNotEnforce" + ], + "x-ms-enum": { + "name": "enforcementMode", + "modelAsString": true, + "values": [ + { + "value": "Default", + "description": "The policy effect is enforced during resource creation or update." + }, + { + "value": "DoNotEnforce", + "description": "The policy effect is not enforced during resource creation or update." + } + ] + }, + "default": "Default" + }, + "nonComplianceMessages": { + "type": "array", + "items": { + "$ref": "#/definitions/NonComplianceMessage" + }, + "x-ms-identifiers": [ + "message", + "policyDefinitionReferenceId" + ], + "description": "The messages that describe why a resource is non-compliant with the policy." + }, + "resourceSelectors": { + "type": "array", + "items": { + "$ref": "../../common/v1/types.json#/definitions/ResourceSelector" + }, + "x-ms-identifiers": [], + "description": "The resource selector list to filter policies by resource properties." + }, + "overrides": { + "type": "array", + "items": { + "$ref": "../../common/v1/types.json#/definitions/Override" + }, + "x-ms-identifiers": [], + "description": "The policy property value override." + } + }, + "description": "The policy assignment properties." + }, + "NonComplianceMessage": { + "type": "object", + "properties": { + "message": { + "type": "string", + "description": "A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results." + }, + "policyDefinitionReferenceId": { + "type": "string", + "description": "The policy definition reference ID within a policy set definition the message is intended for. This is only applicable if the policy assignment assigns a policy set definition. If this is not provided the message applies to all policies assigned by this policy assignment." + } + }, + "required": [ + "message" + ], + "description": "A message that describes why a resource is non-compliant with the policy. This is shown in 'deny' error messages and on resource's non-compliant compliance results." + }, + "ParameterValues": { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/ParameterValuesValue" + }, + "description": "The parameter values for the policy rule. The keys are the parameter names." + }, + "ParameterValuesValue": { + "type": "object", + "properties": { + "value": { + "description": "The value of the parameter.", + "type": "object" + } + }, + "description": "The value of a parameter." + }, + "PolicyAssignment": { + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PolicyAssignmentProperties", + "description": "Properties for the policy assignment." + }, + "id": { + "type": "string", + "description": "The ID of the policy assignment.", + "readOnly": true + }, + "type": { + "type": "string", + "description": "The type of the policy assignment.", + "readOnly": true + }, + "name": { + "type": "string", + "description": "The name of the policy assignment.", + "readOnly": true + }, + "location": { + "type": "string", + "description": "The location of the policy assignment. Only required when utilizing managed identity." + }, + "identity": { + "$ref": "#/definitions/Identity", + "description": "The managed identity associated with the policy assignment." + }, + "systemData": { + "$ref": "../../../../../common-types/resource-management/v3/types.json#/definitions/systemData", + "readOnly": true, + "description": "The system metadata relating to this resource." + } + }, + "description": "The policy assignment.", + "x-ms-azure-resource": true + }, + "PolicyAssignmentListResult": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicyAssignment" + }, + "x-ms-identifiers": [], + "description": "An array of policy assignments." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "List of policy assignments." + }, + "Identity": { + "type": "object", + "properties": { + "principalId": { + "readOnly": true, + "type": "string", + "description": "The principal ID of the resource identity. This property will only be provided for a system assigned identity" + }, + "tenantId": { + "readOnly": true, + "type": "string", + "description": "The tenant ID of the resource identity. This property will only be provided for a system assigned identity" + }, + "type": { + "type": "string", + "description": "The identity type. This is the only required field when adding a system or user assigned identity to a resource.", + "enum": [ + "SystemAssigned", + "UserAssigned", + "None" + ], + "x-ms-enum": { + "name": "ResourceIdentityType", + "modelAsString": false, + "values": [ + { + "value": "SystemAssigned", + "description": "Indicates that a system assigned identity is associated with the resource." + }, + { + "value": "UserAssigned", + "description": "Indicates that a system assigned identity is associated with the resource." + }, + { + "value": "None", + "description": "Indicates that no identity is associated with the resource or that the existing identity should be removed." + } + ] + } + }, + "userAssignedIdentities": { + "type": "object", + "additionalProperties": { + "type": "object", + "x-ms-client-name": "userAssignedIdentitiesValue", + "properties": { + "principalId": { + "readOnly": true, + "type": "string", + "description": "The principal id of user assigned identity." + }, + "clientId": { + "readOnly": true, + "type": "string", + "description": "The client id of user assigned identity." + } + } + }, + "description": "The user identity associated with the policy. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'." + } + }, + "description": "Identity for the resource. Policy assignments support a maximum of one identity. That is either a system assigned identity or a single user assigned identity." + }, + "PolicyAssignmentUpdateProperties": { + "type": "object", + "properties": { + "resourceSelectors": { + "type": "array", + "items": { + "$ref": "../../common/v1/types.json#/definitions/ResourceSelector" + }, + "x-ms-identifiers": [], + "description": "The resource selector list to filter policies by resource properties." + }, + "overrides": { + "type": "array", + "items": { + "$ref": "../../common/v1/types.json#/definitions/Override" + }, + "x-ms-identifiers": [], + "description": "The policy property value override." + } + }, + "description": "The policy assignment properties for Patch request." + }, + "PolicyAssignmentUpdate": { + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PolicyAssignmentUpdateProperties", + "description": "The policy assignment properties for Patch request." + }, + "location": { + "type": "string", + "description": "The location of the policy assignment. Only required when utilizing managed identity." + }, + "identity": { + "$ref": "#/definitions/Identity", + "description": "The managed identity associated with the policy assignment." + } + }, + "description": "The policy assignment for Patch request." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for the operation." + }, + "ManagementGroupIdParameter": { + "name": "managementGroupId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the management group.", + "x-ms-parameter-location": "method" + }, + "PolicyAssignmentsFilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Valid values for $filter are: 'atScope()', 'atExactScope()' or 'policyDefinitionId eq '{value}''. If $filter is not provided, no filtering is performed. If $filter=atScope() is provided, the returned list only includes all policy assignments that apply to the scope, which is everything in the unfiltered list except those applied to sub scopes contained within the given scope. If $filter=atExactScope() is provided, the returned list only includes all policy assignments that at the given scope. If $filter=policyDefinitionId eq '{value}' is provided, the returned list includes all policy assignments of the policy definition whose id is {value}.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "TopParameter": { + "name": "$top", + "in": "query", + "required": false, + "type": "integer", + "format": "int32", + "minimum": 1, + "maximum": 1000, + "description": "Maximum number of records to return. When the $top filter is not provided, it will return 500 records.", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json new file mode 100644 index 000000000000..a417b2c2b85f --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json @@ -0,0 +1,703 @@ +{ + "swagger": "2.0", + "info": { + "title": "PolicyClient", + "version": "2021-06-01", + "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow.", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}": { + "put": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_CreateOrUpdate", + "summary": "Creates or updates a policy definition in a subscription.", + "description": "This operation creates or updates a policy definition in the given subscription with the given name.", + "x-ms-examples": { + "Create or update a policy definition": { + "$ref": "./examples/createOrUpdatePolicyDefinition.json" + }, + "Create or update a policy definition with advanced parameters": { + "$ref": "./examples/createOrUpdatePolicyDefinitionAdvancedParams.json" + } + }, + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicyDefinition" + }, + "description": "The policy definition properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_Delete", + "summary": "Deletes a policy definition in a subscription.", + "description": "This operation deletes the policy definition in the given subscription with the given name.", + "x-ms-examples": { + "Delete a policy definition": { + "$ref": "./examples/deletePolicyDefinition.json" + } + }, + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_Get", + "summary": "Retrieves a policy definition in a subscription.", + "description": "This operation retrieves the policy definition in the given subscription with the given name.", + "x-ms-examples": { + "Retrieve a policy definition": { + "$ref": "./examples/getPolicyDefinition.json" + } + }, + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}": { + "get": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_GetBuiltIn", + "summary": "Retrieves a built-in policy definition.", + "description": "This operation retrieves the built-in policy definition with the given name.", + "x-ms-examples": { + "Retrieve a built-in policy definition": { + "$ref": "./examples/getBuiltinPolicyDefinition.json" + } + }, + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the built-in policy definition to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the built-in policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}": { + "put": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_CreateOrUpdateAtManagementGroup", + "summary": "Creates or updates a policy definition in a management group.", + "description": "This operation creates or updates a policy definition in the given management group with the given name.", + "x-ms-examples": { + "Create or update a policy definition at management group level": { + "$ref": "./examples/createOrUpdatePolicyDefinitionAtManagementGroup.json" + } + }, + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicyDefinition" + }, + "description": "The policy definition properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_DeleteAtManagementGroup", + "summary": "Deletes a policy definition in a management group.", + "description": "This operation deletes the policy definition in the given management group with the given name.", + "x-ms-examples": { + "Delete a policy definition at management group level": { + "$ref": "./examples/deletePolicyDefinitionAtManagementGroup.json" + } + }, + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_GetAtManagementGroup", + "summary": "Retrieve a policy definition in a management group.", + "description": "This operation retrieves the policy definition in the given management group with the given name.", + "x-ms-examples": { + "Retrieve a policy definition at management group level": { + "$ref": "./examples/getPolicyDefinitionAtManagementGroup.json" + } + }, + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions": { + "get": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_List", + "summary": "Retrieves policy definitions in a subscription", + "description": "This operation retrieves a list of all the policy definitions in a given subscription that match the optional given $filter. Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. If $filter is not provided, the unfiltered list includes all policy definitions associated with the subscription, including those that apply directly or from management groups that contain the given subscription. If $filter=atExactScope() is provided, the returned list only includes all policy definitions that at the given subscription. If $filter='policyType -eq {value}' is provided, the returned list only includes all policy definitions whose type match the {value}. Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. If $filter='category -eq {value}' is provided, the returned list only includes all policy definitions whose category match the {value}.", + "x-ms-examples": { + "List policy definitions by subscription": { + "$ref": "./examples/listPolicyDefinitions.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/PolicyDefinitionsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy definitions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Authorization/policyDefinitions": { + "get": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_ListBuiltIn", + "summary": "Retrieve built-in policy definitions", + "description": "This operation retrieves a list of all the built-in policy definitions that match the optional given $filter. If $filter='policyType -eq {value}' is provided, the returned list only includes all built-in policy definitions whose type match the {value}. Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. If $filter='category -eq {value}' is provided, the returned list only includes all built-in policy definitions whose category match the {value}.", + "x-ms-examples": { + "List built-in policy definitions": { + "$ref": "./examples/listBuiltInPolicyDefinitions.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/PolicyDefinitionsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of built-in policy definitions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions": { + "get": { + "tags": [ + "PolicyDefinitions" + ], + "operationId": "PolicyDefinitions_ListByManagementGroup", + "summary": "Retrieve policy definitions in a management group", + "description": "This operation retrieves a list of all the policy definitions in a given management group that match the optional given $filter. Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. If $filter is not provided, the unfiltered list includes all policy definitions associated with the management group, including those that apply directly or from management groups that contain the given management group. If $filter=atExactScope() is provided, the returned list only includes all policy definitions that at the given management group. If $filter='policyType -eq {value}' is provided, the returned list only includes all policy definitions whose type match the {value}. Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. If $filter='category -eq {value}' is provided, the returned list only includes all policy definitions whose category match the {value}.", + "x-ms-examples": { + "List policy definitions by management group": { + "$ref": "./examples/listPolicyDefinitionsByManagementGroup.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, + { + "$ref": "#/parameters/PolicyDefinitionsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy definitions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + } + }, + "definitions": { + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + } + }, + "description": "An error response from a policy operation." + }, + "PolicyDefinitionProperties": { + "properties": { + "policyType": { + "type": "string", + "description": "The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.", + "enum": [ + "NotSpecified", + "BuiltIn", + "Custom", + "Static" + ], + "x-ms-enum": { + "name": "policyType", + "modelAsString": true + } + }, + "mode": { + "type": "string", + "description": "The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.", + "default": "Indexed" + }, + "displayName": { + "type": "string", + "description": "The display name of the policy definition." + }, + "description": { + "type": "string", + "description": "The policy definition description." + }, + "policyRule": { + "type": "object", + "description": "The policy rule." + }, + "metadata": { + "type": "object", + "description": "The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs." + }, + "parameters": { + "description": "The parameter definitions for parameters used in the policy rule. The keys are the parameter names.", + "$ref": "#/definitions/ParameterDefinitions" + } + }, + "description": "The policy definition properties." + }, + "ParameterDefinitionsValue": { + "properties": { + "type": { + "description": "The data type of the parameter.", + "type": "string", + "enum": [ + "String", + "Array", + "Object", + "Boolean", + "Integer", + "Float", + "DateTime" + ], + "x-ms-enum": { + "name": "parameterType", + "modelAsString": true + } + }, + "allowedValues": { + "type": "array", + "items": { + "type": "object" + }, + "x-ms-identifiers": [], + "description": "The allowed values for the parameter." + }, + "defaultValue": { + "type": "object", + "description": "The default value for the parameter if no value is provided." + }, + "metadata": { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "description": "The display name for the parameter." + }, + "description": { + "type": "string", + "description": "The description of the parameter." + }, + "strongType": { + "type": "string", + "description": "Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from." + }, + "assignPermissions": { + "type": "boolean", + "description": "Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope." + } + }, + "additionalProperties": { + "type": "object" + }, + "description": "General metadata for the parameter." + } + }, + "description": "The definition of a parameter that can be provided to the policy." + }, + "ParameterDefinitions": { + "description": "The parameter definitions for parameters used in the policy. The keys are the parameter names.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/ParameterDefinitionsValue" + } + }, + "PolicyDefinition": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PolicyDefinitionProperties", + "description": "The policy definition properties." + }, + "id": { + "readOnly": true, + "type": "string", + "description": "The ID of the policy definition." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the policy definition." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The type of the resource (Microsoft.Authorization/policyDefinitions)." + }, + "systemData": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData", + "readOnly": true, + "description": "The system metadata relating to this resource." + } + }, + "description": "The policy definition.", + "x-ms-azure-resource": true + }, + "PolicyDefinitionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicyDefinition" + }, + "description": "An array of policy definitions." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "List of policy definitions." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ManagementGroupIdParameter": { + "name": "managementGroupId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the management group.", + "x-ms-parameter-location": "method" + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for the operation." + }, + "PolicyDefinitionsFilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. If $filter is not provided, no filtering is performed. If $filter=atExactScope() is provided, the returned list only includes all policy definitions that at the given scope. If $filter='policyType -eq {value}' is provided, the returned list only includes all policy definitions whose type match the {value}. Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. If $filter='category -eq {value}' is provided, the returned list only includes all policy definitions whose category match the {value}.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "TopParameter": { + "name": "$top", + "in": "query", + "required": false, + "type": "integer", + "format": "int32", + "minimum": 1, + "maximum": 1000, + "description": "Maximum number of records to return. When the $top filter is not provided, it will return 500 records.", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json new file mode 100644 index 000000000000..b7d2325138c2 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json @@ -0,0 +1,721 @@ +{ + "swagger": "2.0", + "info": { + "title": "PolicyClient", + "version": "2021-06-01", + "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow.", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}": { + "put": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_CreateOrUpdate", + "summary": "Creates or updates a policy set definition.", + "description": "This operation creates or updates a policy set definition in the given subscription with the given name.", + "x-ms-examples": { + "Create or update a policy set definition": { + "$ref": "./examples/createOrUpdatePolicySetDefinition.json" + }, + "Create or update a policy set definition with groups": { + "$ref": "./examples/createOrUpdatePolicySetDefinitionWithGroups.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + }, + "description": "The policy set definition properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "200": { + "description": "OK - Returns information about the policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_Delete", + "summary": "Deletes a policy set definition.", + "description": "This operation deletes the policy set definition in the given subscription with the given name.", + "x-ms-examples": { + "Delete a policy set definition": { + "$ref": "./examples/deletePolicySetDefinition.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content - the policy set definition doesn't exist in the subscription." + }, + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_Get", + "summary": "Retrieves a policy set definition.", + "description": "This operation retrieves the policy set definition in the given subscription with the given name.", + "x-ms-examples": { + "Retrieve a policy set definition": { + "$ref": "./examples/getPolicySetDefinition.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}": { + "get": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_GetBuiltIn", + "summary": "Retrieves a built in policy set definition.", + "description": "This operation retrieves the built-in policy set definition with the given name.", + "x-ms-examples": { + "Retrieve a built-in policy set definition": { + "$ref": "./examples/getBuiltInPolicySetDefinition.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the built in policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policySetDefinitions": { + "get": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_List", + "summary": "Retrieves the policy set definitions for a subscription.", + "description": "This operation retrieves a list of all the policy set definitions in a given subscription that match the optional given $filter. Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. If $filter is not provided, the unfiltered list includes all policy set definitions associated with the subscription, including those that apply directly or from management groups that contain the given subscription. If $filter=atExactScope() is provided, the returned list only includes all policy set definitions that at the given subscription. If $filter='policyType -eq {value}' is provided, the returned list only includes all policy set definitions whose type match the {value}. Possible policyType values are NotSpecified, BuiltIn and Custom. If $filter='category -eq {value}' is provided, the returned list only includes all policy set definitions whose category match the {value}.", + "x-ms-examples": { + "List policy set definitions": { + "$ref": "./examples/listPolicySetDefinitions.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/PolicySetDefinitionsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy set definitions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Authorization/policySetDefinitions": { + "get": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_ListBuiltIn", + "summary": "Retrieves built-in policy set definitions.", + "description": "This operation retrieves a list of all the built-in policy set definitions that match the optional given $filter. If $filter='category -eq {value}' is provided, the returned list only includes all built-in policy set definitions whose category match the {value}.", + "x-ms-examples": { + "List built-in policy set definitions": { + "$ref": "./examples/listBuiltInPolicySetDefinitions.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/PolicySetDefinitionsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of built in policy set definitions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}": { + "put": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_CreateOrUpdateAtManagementGroup", + "summary": "Creates or updates a policy set definition.", + "description": "This operation creates or updates a policy set definition in the given management group with the given name.", + "x-ms-examples": { + "Create or update a policy set definition at management group level": { + "$ref": "./examples/createOrUpdatePolicySetDefinitionAtManagementGroup.json" + }, + "Create or update a policy set definition with groups at management group level": { + "$ref": "./examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + }, + "description": "The policy set definition properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "200": { + "description": "OK - Returns information about the policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_DeleteAtManagementGroup", + "summary": "Deletes a policy set definition.", + "description": "This operation deletes the policy set definition in the given management group with the given name.", + "x-ms-examples": { + "Delete a policy set definition at management group level": { + "$ref": "./examples/deletePolicySetDefinitionAtManagementGroup.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content - the policy set definition doesn't exist in the subscription." + }, + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_GetAtManagementGroup", + "summary": "Retrieves a policy set definition.", + "description": "This operation retrieves the policy set definition in the given management group with the given name.", + "x-ms-examples": { + "Retrieve a policy set definition at management group level": { + "$ref": "./examples/getPolicySetDefinitionAtManagementGroup.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy set definition.", + "schema": { + "$ref": "#/definitions/PolicySetDefinition" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policySetDefinitions": { + "get": { + "tags": [ + "PolicySetDefinitions" + ], + "operationId": "PolicySetDefinitions_ListByManagementGroup", + "summary": "Retrieves all policy set definitions in management group.", + "description": "This operation retrieves a list of all the policy set definitions in a given management group that match the optional given $filter. Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. If $filter is not provided, the unfiltered list includes all policy set definitions associated with the management group, including those that apply directly or from management groups that contain the given management group. If $filter=atExactScope() is provided, the returned list only includes all policy set definitions that at the given management group. If $filter='policyType -eq {value}' is provided, the returned list only includes all policy set definitions whose type match the {value}. Possible policyType values are NotSpecified, BuiltIn and Custom. If $filter='category -eq {value}' is provided, the returned list only includes all policy set definitions whose category match the {value}.", + "x-ms-examples": { + "List policy set definitions at management group level": { + "$ref": "./examples/listPolicySetDefinitionsByManagementGroup.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, + { + "$ref": "#/parameters/PolicySetDefinitionsFilterParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy set definitions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + } + }, + "definitions": { + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + } + }, + "description": "An error response from a policy operation." + }, + "PolicySetDefinitionProperties": { + "properties": { + "policyType": { + "type": "string", + "description": "The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.", + "enum": [ + "NotSpecified", + "BuiltIn", + "Custom", + "Static" + ], + "x-ms-enum": { + "name": "policyType", + "modelAsString": true + } + }, + "displayName": { + "type": "string", + "description": "The display name of the policy set definition." + }, + "description": { + "type": "string", + "description": "The policy set definition description." + }, + "metadata": { + "type": "object", + "description": "The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs." + }, + "parameters": { + "description": "The policy set definition parameters that can be used in policy definition references.", + "$ref": "./policyDefinitions.json#/definitions/ParameterDefinitions" + }, + "policyDefinitions": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicyDefinitionReference" + }, + "x-ms-identifiers": [ + "policyDefinitionReferenceId" + ], + "description": "An array of policy definition references." + }, + "policyDefinitionGroups": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicyDefinitionGroup" + }, + "x-ms-identifiers": [ + "name" + ], + "description": "The metadata describing groups of policy definition references within the policy set definition." + } + }, + "required": [ + "policyDefinitions" + ], + "description": "The policy set definition properties." + }, + "PolicyDefinitionReference": { + "properties": { + "policyDefinitionId": { + "type": "string", + "description": "The ID of the policy definition or policy set definition." + }, + "parameters": { + "description": "The parameter values for the referenced policy rule. The keys are the parameter names.", + "$ref": "./policyAssignments.json#/definitions/ParameterValues" + }, + "policyDefinitionReferenceId": { + "type": "string", + "description": "A unique id (within the policy set definition) for this policy definition reference." + }, + "groupNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of the groups that this policy definition reference belongs to." + } + }, + "required": [ + "policyDefinitionId" + ], + "description": "The policy definition reference." + }, + "PolicyDefinitionGroup": { + "properties": { + "name": { + "type": "string", + "description": "The name of the group." + }, + "displayName": { + "type": "string", + "description": "The group's display name." + }, + "category": { + "type": "string", + "description": "The group's category." + }, + "description": { + "type": "string", + "description": "The group's description." + }, + "additionalMetadataId": { + "type": "string", + "description": "A resource ID of a resource that contains additional metadata about the group." + } + }, + "required": [ + "name" + ], + "description": "The policy definition group." + }, + "PolicySetDefinition": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PolicySetDefinitionProperties", + "description": "The policy definition properties." + }, + "id": { + "readOnly": true, + "type": "string", + "description": "The ID of the policy set definition." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the policy set definition." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The type of the resource (Microsoft.Authorization/policySetDefinitions)." + }, + "systemData": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData", + "readOnly": true, + "description": "The system metadata relating to this resource." + } + }, + "description": "The policy set definition.", + "x-ms-azure-resource": true + }, + "PolicySetDefinitionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicySetDefinition" + }, + "description": "An array of policy set definitions." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "List of policy set definitions." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ManagementGroupIdParameter": { + "name": "managementGroupId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the management group.", + "x-ms-parameter-location": "method" + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for the operation." + }, + "PolicySetDefinitionsFilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. If $filter is not provided, no filtering is performed. If $filter=atExactScope() is provided, the returned list only includes all policy set definitions that at the given scope. If $filter='policyType -eq {value}' is provided, the returned list only includes all policy set definitions whose type match the {value}. Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. If $filter='category -eq {value}' is provided, the returned list only includes all policy set definitions whose category match the {value}.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "TopParameter": { + "name": "$top", + "in": "query", + "required": false, + "type": "integer", + "format": "int32", + "minimum": 1, + "maximum": 1000, + "description": "Maximum number of records to return. When the $top filter is not provided, it will return 500 records.", + "x-ms-parameter-location": "method" + } + } +} From 11333f5c345577178cf592790f4cc4224a695b31 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Fri, 16 Jun 2023 17:15:46 -0700 Subject: [PATCH 02/24] Add new version properties/apis --- .../createOrUpdatePolicyDefinition.json | 7 +- ...rUpdatePolicyDefinitionAdvancedParams.json | 7 +- ...datePolicyDefinitionAtManagementGroup.json | 7 +- ...createOrUpdatePolicyDefinitionVersion.json | 93 +++ .../createOrUpdatePolicySetDefinition.json | 7 +- ...ePolicySetDefinitionAtManagementGroup.json | 7 +- ...ateOrUpdatePolicySetDefinitionVersion.json | 157 ++++ ...OrUpdatePolicySetDefinitionWithGroups.json | 12 +- ...DefinitionWithGroupsAtManagementGroup.json | 12 +- .../examples/createPolicyAssignment.json | 2 +- .../examples/createPolicyAssignmentById.json | 2 +- ...PolicyAssignmentNonComplianceMessages.json | 2 +- .../createPolicyAssignmentWithIdentity.json | 2 +- ...reatePolicyAssignmentWithIdentityById.json | 2 +- .../createPolicyAssignmentWithOverrides.json | 2 +- ...PolicyAssignmentWithResourceSelectors.json | 2 +- ...icyAssignmentWithUserAssignedIdentity.json | 2 +- ...atePolicyAssignmentWithoutEnforcement.json | 2 +- .../examples/deletePolicyAssignment.json | 2 +- .../examples/deletePolicyAssignmentById.json | 2 +- .../examples/deletePolicyDefinition.json | 2 +- ...letePolicyDefinitionAtManagementGroup.json | 2 +- .../examples/deletePolicySetDefinition.json | 2 +- ...ePolicySetDefinitionAtManagementGroup.json | 2 +- .../getBuiltInPolicySetDefinition.json | 7 +- .../examples/getBuiltinPolicyDefinition.json | 7 +- .../examples/getPolicyAssignment.json | 2 +- .../examples/getPolicyAssignmentById.json | 2 +- .../getPolicyAssignmentWithIdentity.json | 2 +- .../getPolicyAssignmentWithIdentityById.json | 2 +- .../getPolicyAssignmentWithOverrides.json | 2 +- ...PolicyAssignmentWithResourceSelectors.json | 2 +- ...icyAssignmentWithUserAssignedIdentity.json | 2 +- .../examples/getPolicyDefinition.json | 7 +- .../getPolicyDefinitionAtManagementGroup.json | 7 +- .../examples/getPolicySetDefinition.json | 7 +- ...tPolicySetDefinitionAtManagementGroup.json | 7 +- .../listBuiltInPolicyDefinitions.json | 17 +- .../listBuiltInPolicySetDefinitions.json | 7 +- .../examples/listPolicyAssignments.json | 2 +- ...stPolicyAssignmentsForManagementGroup.json | 2 +- .../listPolicyAssignmentsForResource.json | 2 +- ...listPolicyAssignmentsForResourceGroup.json | 2 +- .../examples/listPolicyDefinitions.json | 17 +- ...istPolicyDefinitionsByManagementGroup.json | 12 +- .../examples/listPolicySetDefinitions.json | 12 +- ...PolicySetDefinitionsByManagementGroup.json | 12 +- .../updatePolicyAssignmentWithIdentity.json | 2 +- ...pdatePolicyAssignmentWithIdentityById.json | 2 +- .../updatePolicyAssignmentWithOverrides.json | 2 +- ...PolicyAssignmentWithResourceSelectors.json | 2 +- ...icyAssignmentWithUserAssignedIdentity.json | 2 +- .../stable/2023-04-01/policyAssignments.json | 2 +- .../2023-04-01/policyDefinitionVersions.json | 706 +++++++++++++++++ .../stable/2023-04-01/policyDefinitions.json | 10 +- .../policySetDefinitionVersions.json | 739 ++++++++++++++++++ .../2023-04-01/policySetDefinitions.json | 14 +- .../resources/resource-manager/readme.md | 23 +- 58 files changed, 1928 insertions(+), 56 deletions(-) create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersion.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinition.json index 6e75d0f0abd1..3351aae13371 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinition.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinition.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyDefinitionName": "ResourceNaming", - "api-version": "2021-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "mode": "All", @@ -55,6 +55,11 @@ "metadata": { "category": "Naming" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "not": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAdvancedParams.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAdvancedParams.json index 53b198029a94..adcd000823bf 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAdvancedParams.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAdvancedParams.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyDefinitionName": "EventHubDiagnosticLogs", - "api-version": "2021-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "mode": "Indexed", @@ -69,6 +69,11 @@ "metadata": { "category": "Event Hub" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "field": "type", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAtManagementGroup.json index e3f2052dea6d..c7512f2898fa 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupId": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", - "api-version": "2021-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "mode": "All", @@ -55,6 +55,11 @@ "metadata": { "category": "Naming" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "not": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json new file mode 100644 index 000000000000..2ba65df5237a --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json @@ -0,0 +1,93 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "ResourceNaming", + "version": "1.2.1", + "api-version": "2023-04-01", + "parameters": { + "properties": { + "mode": "All", + "displayName": "Enforce resource naming convention", + "description": "Force resource names to begin with given 'prefix' and/or end with given 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + } + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinition.json index 90333afdb78e..5ed89cf1a9cc 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinition.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinition.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policySetDefinitionName": "CostManagement", - "api-version": "2021-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Cost Management", @@ -61,6 +61,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "parameters": { "namePrefix": { "type": "String", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionAtManagementGroup.json index c23d54035486..2e59efd9898e 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupId": "MyManagementGroup", "policySetDefinitionName": "CostManagement", - "api-version": "2021-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Cost Management", @@ -52,6 +52,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyDefinitions": [ { "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersion.json new file mode 100644 index 000000000000..3d624af72621 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersion.json @@ -0,0 +1,157 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policySetDefinitionName": "CostManagement", + "version": "1.2.1", + "api-version": "2023-04-01", + "parameters": { + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "parameters": { + "namePrefix": { + "type": "String", + "defaultValue": "myPrefix", + "metadata": { + "displayName": "Prefix to enforce on resource names" + } + } + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "[parameters('namePrefix')]" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "parameters": { + "namePrefix": { + "type": "String", + "defaultValue": "myPrefix", + "metadata": { + "displayName": "Prefix to enforce on resource names" + } + } + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "[parameters('namePrefix')]" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "parameters": { + "namePrefix": { + "type": "String", + "defaultValue": "myPrefix", + "metadata": { + "displayName": "Prefix to enforce on resource names" + } + } + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "[parameters('namePrefix')]" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroups.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroups.json index 855291621345..8483ae575b01 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroups.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroups.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policySetDefinitionName": "CostManagement", - "api-version": "2021-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Cost Management", @@ -70,6 +70,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyDefinitionGroups": [ { "name": "CostSaving", @@ -129,6 +134,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyDefinitionGroups": [ { "name": "CostSaving", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json index 9234e862b197..8088c7993a43 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionWithGroupsAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupId": "MyManagementGroup", "policySetDefinitionName": "CostManagement", - "api-version": "2021-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Cost Management", @@ -70,6 +70,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyDefinitionGroups": [ { "name": "CostSaving", @@ -129,6 +134,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyDefinitionGroups": [ { "name": "CostSaving", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignment.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignment.json index 8edf0ee2c07f..507e0d3ade80 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignment.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignment.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Enforce resource naming rules", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentById.json index 8653517ef0e4..9c65dd44d837 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentById.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentById.json @@ -1,7 +1,7 @@ { "parameters": { "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Enforce storage account SKU", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentNonComplianceMessages.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentNonComplianceMessages.json index 57dda2b866e5..aae5a745da0b 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentNonComplianceMessages.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentNonComplianceMessages.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "securityInitAssignment", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Enforce security policies", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentity.json index a022f4feb490..92699f063348 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentity.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentity.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "location": "eastus", "identity": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentityById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentityById.json index aa5d90075cad..a38d483c5ae2 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentityById.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithIdentityById.json @@ -1,7 +1,7 @@ { "parameters": { "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "identity": { "type": "SystemAssigned" diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithOverrides.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithOverrides.json index 19f81f962c9a..936e4dfa6362 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithOverrides.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithOverrides.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "CostManagement", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Limit the resource location and resource SKU", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithResourceSelectors.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithResourceSelectors.json index 53a005b8e3a1..7106dc80f78b 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithResourceSelectors.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithResourceSelectors.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "CostManagement", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Limit the resource location and resource SKU", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithUserAssignedIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithUserAssignedIdentity.json index 10ade6481035..790ddf6e758f 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithUserAssignedIdentity.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithUserAssignedIdentity.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "location": "eastus", "identity": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithoutEnforcement.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithoutEnforcement.json index 542152051aec..8f68a65a8aa1 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithoutEnforcement.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createPolicyAssignmentWithoutEnforcement.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "displayName": "Enforce resource naming rules", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignment.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignment.json index 29c3bcdc5d6f..fe9b87fcf0c1 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignment.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignment.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignmentById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignmentById.json index 2bc4448bc371..3f489e6f385b 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignmentById.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyAssignmentById.json @@ -1,7 +1,7 @@ { "parameters": { "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinition.json index 7afd61dab4f4..7cef7ead331b 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinition.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinition.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyDefinitionName": "ResourceNaming", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionAtManagementGroup.json index b90b79faf86e..0f861fd12f39 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupId": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinition.json index 4ff657f231ab..ffec693fb983 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinition.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinition.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policySetDefinitionName": "CostManagement", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionAtManagementGroup.json index d8d901bc03d5..32df7da33374 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupId": "MyManagementGroup", "policySetDefinitionName": "CostManagement", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinition.json index bec7bb8ff839..628d5a1449d3 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinition.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinition.json @@ -1,7 +1,7 @@ { "parameters": { "policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -14,6 +14,11 @@ "metadata": { "category": "Security Center" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "parameters": {}, "policyDefinitions": [ { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinition.json index 95d4a4009ec6..dc57b4e0ccfd 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinition.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinition.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyDefinitionName": "7433c107-6db4-4ad1-b57a-a76dce0154a1", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -23,6 +23,11 @@ } } }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "allOf": [ diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignment.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignment.json index b4c3a1ae3a45..f3dd1bd16638 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignment.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignment.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentById.json index 20cbfea5380c..167547511c36 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentById.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentById.json @@ -1,7 +1,7 @@ { "parameters": { "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentity.json index 77c75fbd38b5..9aa734ce3fb4 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentity.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentity.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentityById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentityById.json index b4274a042678..426cf0ad6691 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentityById.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithIdentityById.json @@ -1,7 +1,7 @@ { "parameters": { "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithOverrides.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithOverrides.json index e4c8def35beb..24ae6a248f62 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithOverrides.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithOverrides.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "CostManagement", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithResourceSelectors.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithResourceSelectors.json index 66470cfd9538..ccffcbae7aa2 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithResourceSelectors.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithResourceSelectors.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "CostManagement", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithUserAssignedIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithUserAssignedIdentity.json index bd3509c8579e..117b71fe5083 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithUserAssignedIdentity.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyAssignmentWithUserAssignedIdentity.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinition.json index f3bc054a6eeb..1a17ba9df3ba 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinition.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinition.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyDefinitionName": "ResourceNaming", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -15,6 +15,11 @@ "metadata": { "category": "Naming" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "not": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionAtManagementGroup.json index 4cb073faece5..01fb7e2e91b9 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupId": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -18,6 +18,11 @@ "metadata": { "category": "Naming" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "not": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinition.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinition.json index 44b4c4f4005d..06b97ca99930 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinition.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinition.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policySetDefinitionName": "CostManagement", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -17,6 +17,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyDefinitionGroups": [ { "name": "CostSaving", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionAtManagementGroup.json index 506b99046b1e..21a6b10bdb59 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupId": "MyManagementGroup", "policySetDefinitionName": "CostManagement", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -17,6 +17,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyDefinitions": [ { "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitions.json index a02d0d9b5cc6..206a84dd7ce0 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitions.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -25,6 +25,11 @@ ] } }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "field": "type", @@ -67,6 +72,11 @@ } } }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "allOf": [ @@ -109,6 +119,11 @@ } } }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "field": "Microsoft.KeyVault.Data/vaults/certificates/attributes/expiresOn", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitions.json index 98486d14574b..db8b36f80545 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitions.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -15,6 +15,11 @@ "metadata": { "category": "Security Center" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "parameters": {}, "policyDefinitions": [ { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignments.json index 4b4f0a62f28d..d0753ec91f61 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignments.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignments.json @@ -1,7 +1,7 @@ { "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "$filter": "atScope()" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForManagementGroup.json index 493f2efcd90a..716b6f5b6173 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForManagementGroup.json @@ -1,7 +1,7 @@ { "parameters": { "managementGroupId": "TestManagementGroup", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "$filter": "atScope()" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResource.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResource.json index 00a16b983b44..5cb7b5b1f230 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResource.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResource.json @@ -6,7 +6,7 @@ "resourceType": "domainNames", "resourceName": "MyTestComputer.cloudapp.net", "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", - "api-version": "2022-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResourceGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResourceGroup.json index 96fbc1c54328..57967e2d97d7 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResourceGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyAssignmentsForResourceGroup.json @@ -2,7 +2,7 @@ "parameters": { "resourceGroupName": "TestResourceGroup", "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "$filter": "atScope()" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitions.json index 7d47a847c6d2..a8cf022a0902 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitions.json @@ -1,7 +1,7 @@ { "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -24,6 +24,11 @@ } } }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "allOf": [ @@ -72,6 +77,11 @@ } } }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "not": { @@ -106,6 +116,11 @@ } } }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "field": "Microsoft.KeyVault.Data/vaults/certificates/attributes/expiresOn", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionsByManagementGroup.json index 2563c7b2a2ea..33cec02b4f08 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionsByManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionsByManagementGroup.json @@ -1,7 +1,7 @@ { "parameters": { "managementGroupId": "MyManagementGroup", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -24,6 +24,11 @@ } } }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "allOf": [ @@ -59,6 +64,11 @@ "metadata": { "category": "Naming" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyRule": { "if": { "not": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitions.json index 0760092d2814..e39556f2f482 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitions.json @@ -1,7 +1,7 @@ { "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -16,6 +16,11 @@ "metadata": { "category": "Security Center" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "parameters": {}, "policyDefinitions": [ { @@ -74,6 +79,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyDefinitions": [ { "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionsByManagementGroup.json index b9151af9b555..d3155e5e7966 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionsByManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionsByManagementGroup.json @@ -1,7 +1,7 @@ { "parameters": { "managementGroupId": "MyManagementGroup", - "api-version": "2021-06-01" + "api-version": "2023-04-01" }, "responses": { "200": { @@ -16,6 +16,11 @@ "metadata": { "category": "Security Center" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "parameters": {}, "policyDefinitions": [ { @@ -74,6 +79,11 @@ "metadata": { "category": "Cost Management" }, + "version": "1.2.1", + "versions": [ + "1.2.1", + "1.0.0" + ], "policyDefinitions": [ { "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentity.json index 167eca2644e9..af0861f2c6c0 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentity.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentity.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "location": "eastus", "identity": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentityById.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentityById.json index 00b43c23f99d..5348c752720c 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentityById.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithIdentityById.json @@ -1,7 +1,7 @@ { "parameters": { "policyAssignmentId": "providers/Microsoft.Management/managementGroups/MyManagementGroup/providers/Microsoft.Authorization/policyAssignments/LowCostStorage", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "identity": { "type": "SystemAssigned" diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithOverrides.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithOverrides.json index ccefd8cef60d..d3a2e76989ab 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithOverrides.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithOverrides.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "CostManagement", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "overrides": [ diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithResourceSelectors.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithResourceSelectors.json index 94e5a5f91a24..9d1e732d9b9b 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithResourceSelectors.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithResourceSelectors.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "CostManagement", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "properties": { "resourceSelectors": [ diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithUserAssignedIdentity.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithUserAssignedIdentity.json index e2ce22b3bbe5..76077a9496e2 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithUserAssignedIdentity.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/updatePolicyAssignmentWithUserAssignedIdentity.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyAssignmentName": "EnforceNaming", - "api-version": "2022-06-01", + "api-version": "2023-04-01", "parameters": { "location": "eastus", "identity": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json index 097a64136112..d720548b2a46 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "PolicyClient", - "version": "2022-06-01", + "version": "2023-04-01", "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." }, "host": "management.azure.com", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json new file mode 100644 index 000000000000..a15f77afd4c9 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -0,0 +1,706 @@ +{ + "swagger": "2.0", + "info": { + "title": "PolicyClient", + "version": "2023-04-01", + "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow.", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{version}": { + "put": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_CreateOrUpdate", + "summary": "Creates or updates a policy definition in a subscription.", + "description": "This operation creates or updates a policy definition in the given subscription with the given name.", + "x-ms-examples": { + "Create or update a policy definition": { + "$ref": "./examples/createOrUpdatePolicyDefinitionVersion.json" + } + }, + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersion" + }, + "description": "The policy definition properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_Delete", + "summary": "Deletes a policy definition version in a subscription.", + "description": "This operation deletes the policy definition version in the given subscription with the given name.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_Get", + "summary": "Retrieves a policy definition version in a subscription.", + "description": "This operation retrieves the policy definition version in the given subscription with the given name.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{version}": { + "get": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_GetBuiltIn", + "summary": "Retrieves a built-in policy definition version.", + "description": "This operation retrieves the built-in policy definition version with the given name.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the built-in policy definition." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the built-in policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{version}": { + "put": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_CreateOrUpdateAtManagementGroup", + "summary": "Creates or updates a policy definition version in a management group.", + "description": "This operation creates or updates a policy definition version in the given management group with the given name.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to create." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersion" + }, + "description": "The policy definition properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_DeleteAtManagementGroup", + "summary": "Deletes a policy definition in a management group.", + "description": "This operation deletes the policy definition in the given management group with the given name.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to delete." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content" + }, + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_GetAtManagementGroup", + "summary": "Retrieve a policy definition version in a management group.", + "description": "This operation retrieves the policy definition version in the given management group with the given name.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition to get." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy definition.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions": { + "get": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_List", + "summary": "Retrieves policy definition versions for a given policy definintion in a subscription", + "description": "This operation retrieves a list of all the policy definition versions for the given policy definition.", + "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy definition." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy definitions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Authorization/policyDefinitions/policyDefinitionName}/versions": { + "get": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_ListBuiltIn", + "summary": "Retrieve built-in policy definition versions", + "description": "This operation retrieves a list of all the built-in policy definition versions for the given policy definition.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of built-in policy definitions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/policyDefinitionName}/versions": { + "get": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_ListByManagementGroup", + "summary": "Retrieve policy definition versions in a management group policy definition.", + "description": "This operation retrieves a list of all the policy definition versions for the given policy definition in the given management group.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy definitions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + } + }, + "definitions": { + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + } + }, + "description": "An error response from a policy operation." + }, + "PolicyDefinitionVersionProperties": { + "properties": { + "policyType": { + "type": "string", + "description": "The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.", + "enum": [ + "NotSpecified", + "BuiltIn", + "Custom", + "Static" + ], + "x-ms-enum": { + "name": "policyType", + "modelAsString": true + } + }, + "mode": { + "type": "string", + "description": "The policy definition mode. Some examples are All, Indexed, Microsoft.KeyVault.Data.", + "default": "Indexed" + }, + "displayName": { + "type": "string", + "description": "The display name of the policy definition." + }, + "description": { + "type": "string", + "description": "The policy definition description." + }, + "policyRule": { + "type": "object", + "description": "The policy rule." + }, + "metadata": { + "type": "object", + "description": "The policy definition metadata. Metadata is an open ended object and is typically a collection of key value pairs." + }, + "parameters": { + "description": "The parameter definitions for parameters used in the policy rule. The keys are the parameter names.", + "$ref": "#/definitions/ParameterDefinitions" + }, + "version": { + "type": "string", + "description": "The policy definition version in #.#.# format." + } + }, + "description": "The policy definition properties." + }, + "ParameterDefinitionsValue": { + "properties": { + "type": { + "description": "The data type of the parameter.", + "type": "string", + "enum": [ + "String", + "Array", + "Object", + "Boolean", + "Integer", + "Float", + "DateTime" + ], + "x-ms-enum": { + "name": "parameterType", + "modelAsString": true + } + }, + "allowedValues": { + "type": "array", + "items": { + "type": "object" + }, + "x-ms-identifiers": [], + "description": "The allowed values for the parameter." + }, + "defaultValue": { + "type": "object", + "description": "The default value for the parameter if no value is provided." + }, + "metadata": { + "type": "object", + "properties": { + "displayName": { + "type": "string", + "description": "The display name for the parameter." + }, + "description": { + "type": "string", + "description": "The description of the parameter." + }, + "strongType": { + "type": "string", + "description": "Used when assigning the policy definition through the portal. Provides a context aware list of values for the user to choose from." + }, + "assignPermissions": { + "type": "boolean", + "description": "Set to true to have Azure portal create role assignments on the resource ID or resource scope value of this parameter during policy assignment. This property is useful in case you wish to assign permissions outside the assignment scope." + } + }, + "additionalProperties": { + "type": "object" + }, + "description": "General metadata for the parameter." + } + }, + "description": "The definition of a parameter that can be provided to the policy." + }, + "ParameterDefinitions": { + "description": "The parameter definitions for parameters used in the policy. The keys are the parameter names.", + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/ParameterDefinitionsValue" + } + }, + "PolicyDefinitionVersion": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PolicyDefinitionVersionProperties", + "description": "The policy definition version properties." + }, + "id": { + "readOnly": true, + "type": "string", + "description": "The ID of the policy definition version." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the policy definition version." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The type of the resource (Microsoft.Authorization/policyDefinitions/versions)." + }, + "systemData": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData", + "readOnly": true, + "description": "The system metadata relating to this resource." + } + }, + "description": "The ID of the policy definition version.", + "x-ms-azure-resource": true + }, + "PolicyDefinitionVersionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicyDefinitionVersion" + }, + "description": "An array of policy definitions versions." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "List of policy definition versions." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ManagementGroupIdParameter": { + "name": "managementGroupId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the management group.", + "x-ms-parameter-location": "method" + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for the operation." + }, + "PolicyDefinitionsFilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. If $filter is not provided, no filtering is performed. If $filter=atExactScope() is provided, the returned list only includes all policy definitions that at the given scope. If $filter='policyType -eq {value}' is provided, the returned list only includes all policy definitions whose type match the {value}. Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. If $filter='category -eq {value}' is provided, the returned list only includes all policy definitions whose category match the {value}.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "TopParameter": { + "name": "$top", + "in": "query", + "required": false, + "type": "integer", + "format": "int32", + "minimum": 1, + "maximum": 1000, + "description": "Maximum number of records to return. When the $top filter is not provided, it will return 500 records.", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json index a417b2c2b85f..bc1e55d5f815 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "PolicyClient", - "version": "2021-06-01", + "version": "2023-04-01", "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." }, "host": "management.azure.com", @@ -538,6 +538,14 @@ "parameters": { "description": "The parameter definitions for parameters used in the policy rule. The keys are the parameter names.", "$ref": "#/definitions/ParameterDefinitions" + }, + "version": { + "type": "string", + "description": "The policy definition version in #.#.# format." + }, + "versions": { + "type": "array", + "description": "A list of available versions for this policy definition." } }, "description": "The policy definition properties." diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json new file mode 100644 index 000000000000..7806c95fa9e8 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -0,0 +1,739 @@ +{ + "swagger": "2.0", + "info": { + "title": "PolicyClient", + "version": "2023-04-01", + "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow.", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{version}": { + "put": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_CreateOrUpdate", + "summary": "Creates or updates a policy set definition version.", + "description": "This operation creates or updates a policy set definition version in the given subscription with the given name and version.", + "x-ms-examples": { + "Create or update a policy set definition": { + "$ref": "./examples/createOrUpdatePolicySetDefinitionVersion.json" + } + }, + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + }, + "description": "The policy set definition properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy set definition version.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + } + }, + "200": { + "description": "OK - Returns information about the policy set definition version.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_Delete", + "summary": "Deletes a policy set definition version.", + "description": "This operation deletes the policy set definition version in the given subscription with the given name and version.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content - the policy set definition doesn't exist in the subscription." + }, + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_Get", + "summary": "Retrieves a policy set definition version.", + "description": "This operation retrieves the policy set definition version in the given subscription with the given name and version.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy set definition version.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{version}": { + "get": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_GetBuiltIn", + "summary": "Retrieves a built in policy set definition version.", + "description": "This operation retrieves the built-in policy set definition version with the given name and version.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to get." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to create." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the built in policy set definition version.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions": { + "get": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_List", + "summary": "Retrieves the policy set definition versions for a given policy set definition in a subscription.", + "description": "This operation retrieves a list of all the policy set definition versions for the given policy set definition.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy set definition versions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions": { + "get": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_ListBuiltIn", + "summary": "Retrieves built-in policy set definition versions.", + "description": "This operation retrieves a list of all the built-in policy set definition versions for the given built-in policy set definition.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of built in policy set definition versions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{version}": { + "put": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_CreateOrUpdateAtManagementGroup", + "summary": "Creates or updates a policy set definition version.", + "description": "This operation creates or updates a policy set definition version in the given management group with the given name and version.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition to create." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to create." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + }, + "description": "The policy set definition version properties." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the policy set definition version.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + } + }, + "200": { + "description": "OK - Returns information about the policy set definition version.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_DeleteAtManagementGroup", + "summary": "Deletes a policy set definition version.", + "description": "This operation deletes the policy set definition version in the given management group with the given name and version.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to delete." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "204": { + "description": "No Content - the policy set definition doesn't exist in the subscription." + }, + "200": { + "description": "OK" + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_GetAtManagementGroup", + "summary": "Retrieves a policy set definition version.", + "description": "This operation retrieves the policy set definition version in the given management group with the given name and version.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition." + }, + { + "name": "version", + "in": "path", + "required": true, + "type": "string", + "description": "The version to get." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the policy set definition version.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions": { + "get": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_ListByManagementGroup", + "summary": "Retrieves all policy set definition versions for a given policy set definition in a management group.", + "description": "This operation retrieves a list of all the policy set definition versions for the given policy set definition in a given management group.", + "parameters": [ + { + "name": "policySetDefinitionName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the policy set definition." + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy set definitions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + } + }, + "definitions": { + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + } + }, + "description": "An error response from a policy operation." + }, + "PolicySetDefinitionVersionProperties": { + "properties": { + "policyType": { + "type": "string", + "description": "The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.", + "enum": [ + "NotSpecified", + "BuiltIn", + "Custom", + "Static" + ], + "x-ms-enum": { + "name": "policyType", + "modelAsString": true + } + }, + "displayName": { + "type": "string", + "description": "The display name of the policy set definition." + }, + "description": { + "type": "string", + "description": "The policy set definition description." + }, + "metadata": { + "type": "object", + "description": "The policy set definition metadata. Metadata is an open ended object and is typically a collection of key value pairs." + }, + "parameters": { + "description": "The policy set definition parameters that can be used in policy definition references.", + "$ref": "./policyDefinitions.json#/definitions/ParameterDefinitions" + }, + "policyDefinitions": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicyDefinitionReference" + }, + "x-ms-identifiers": [ + "policyDefinitionReferenceId" + ], + "description": "An array of policy definition references." + }, + "policyDefinitionGroups": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicyDefinitionGroup" + }, + "x-ms-identifiers": [ + "name" + ], + "description": "The metadata describing groups of policy definition references within the policy set definition." + }, + "version": { + "type": "string", + "description": "The policy set definition version in #.#.# format." + }, + "versions": { + "type": "array", + "description": "A list of available versions for this policy set definition." + } + }, + "required": [ + "policyDefinitions" + ], + "description": "The policy set definition properties." + }, + "PolicyDefinitionReference": { + "properties": { + "policyDefinitionId": { + "type": "string", + "description": "The ID of the policy definition or policy set definition." + }, + "parameters": { + "description": "The parameter values for the referenced policy rule. The keys are the parameter names.", + "$ref": "./policyAssignments.json#/definitions/ParameterValues" + }, + "policyDefinitionReferenceId": { + "type": "string", + "description": "A unique id (within the policy set definition) for this policy definition reference." + }, + "groupNames": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The name of the groups that this policy definition reference belongs to." + } + }, + "required": [ + "policyDefinitionId" + ], + "description": "The policy definition reference." + }, + "PolicyDefinitionGroup": { + "properties": { + "name": { + "type": "string", + "description": "The name of the group." + }, + "displayName": { + "type": "string", + "description": "The group's display name." + }, + "category": { + "type": "string", + "description": "The group's category." + }, + "description": { + "type": "string", + "description": "The group's description." + }, + "additionalMetadataId": { + "type": "string", + "description": "A resource ID of a resource that contains additional metadata about the group." + } + }, + "required": [ + "name" + ], + "description": "The policy definition group." + }, + "PolicySetDefinitionVersion": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/PolicySetDefinitionVersionProperties", + "description": "The policy set definition version properties." + }, + "id": { + "readOnly": true, + "type": "string", + "description": "The ID of the policy set definition version." + }, + "name": { + "readOnly": true, + "type": "string", + "description": "The name of the policy set definition version." + }, + "type": { + "readOnly": true, + "type": "string", + "description": "The type of the resource (Microsoft.Authorization/policySetDefinitions/versions)." + }, + "systemData": { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData", + "readOnly": true, + "description": "The system metadata relating to this resource." + } + }, + "description": "The policy set definition version.", + "x-ms-azure-resource": true + }, + "PolicySetDefinitionVersionListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/PolicySetDefinitionVersion" + }, + "description": "An array of policy set definition versions." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "description": "List of policy set definition versions." + } + }, + "parameters": { + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the target subscription." + }, + "ManagementGroupIdParameter": { + "name": "managementGroupId", + "in": "path", + "required": true, + "type": "string", + "description": "The ID of the management group.", + "x-ms-parameter-location": "method" + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "required": true, + "type": "string", + "description": "The API version to use for the operation." + }, + "PolicySetDefinitionsFilterParameter": { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Valid values for $filter are: 'atExactScope()', 'policyType -eq {value}' or 'category eq '{value}''. If $filter is not provided, no filtering is performed. If $filter=atExactScope() is provided, the returned list only includes all policy set definitions that at the given scope. If $filter='policyType -eq {value}' is provided, the returned list only includes all policy set definitions whose type match the {value}. Possible policyType values are NotSpecified, BuiltIn, Custom, and Static. If $filter='category -eq {value}' is provided, the returned list only includes all policy set definitions whose category match the {value}.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "TopParameter": { + "name": "$top", + "in": "query", + "required": false, + "type": "integer", + "format": "int32", + "minimum": 1, + "maximum": 1000, + "description": "Maximum number of records to return. When the $top filter is not provided, it will return 500 records.", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json index b7d2325138c2..0b1ff3e547c4 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "PolicyClient", - "version": "2021-06-01", + "version": "2023-04-01", "description": "To manage and control access to your resources, you can define customized policies and assign them at a scope." }, "host": "management.azure.com", @@ -517,7 +517,7 @@ "properties": { "policyType": { "type": "string", - "description": "The type of policy definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.", + "description": "The type of policy set definition. Possible values are NotSpecified, BuiltIn, Custom, and Static.", "enum": [ "NotSpecified", "BuiltIn", @@ -564,6 +564,14 @@ "name" ], "description": "The metadata describing groups of policy definition references within the policy set definition." + }, + "version": { + "type": "string", + "description": "The policy set definition version in #.#.# format." + }, + "versions": { + "type": "array", + "description": "A list of available versions for this policy set definition." } }, "required": [ @@ -631,7 +639,7 @@ "properties": { "x-ms-client-flatten": true, "$ref": "#/definitions/PolicySetDefinitionProperties", - "description": "The policy definition properties." + "description": "The policy set definition properties." }, "id": { "readOnly": true, diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index bbf4732e39b2..7c68579e4a73 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -42,7 +42,7 @@ tag: package-locks-2020-05 ``` ``` yaml $(package-policy) -tag: package-policy-2022-06 +tag: package-policy-2023-04 ``` ``` yaml $(package-resources) @@ -77,6 +77,27 @@ tag: package-changes-2022-05 tag: package-snapshots-2022-11 ``` +### Tag: package-policy-2023-04 + +These settings apply only when `--tag=package-policy-2023-04` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2023-04' +input-file: +- Microsoft.Authorization/stable/2020-09-01/dataPolicyManifests.json +- Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +- Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +- Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +- Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +- Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +- Microsoft.Authorization/preview/2022-07-01-preview/policyExemptions.json +- Microsoft.Authorization/preview/2022-08-01-preview/policyVariables.json +- Microsoft.Authorization/preview/2022-08-01-preview/policyVariableValues.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient +``` + ### Tag: package-policy-2022-06 These settings apply only when `--tag=package-policy-2022-06` is specified on the command line. From da0f647b4219fe7edbf3f6883b87dfacdec73901 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Sat, 17 Jun 2023 10:10:25 -0700 Subject: [PATCH 03/24] Add new list apis --- .../2023-04-01/policyDefinitionVersions.json | 117 +++++++++++++++++- .../policySetDefinitionVersions.json | 113 ++++++++++++++++- 2 files changed, 226 insertions(+), 4 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index a15f77afd4c9..a68cd287b968 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -34,6 +34,117 @@ } }, "paths": { + "/providers/Microsoft.Authorization/listPolicyDefinitionVersions": { + "post": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_ListAllBuiltins", + "summary": "Lists all built-in policy definition versions.", + "description": "This operation lists all the built-in policy definition versions for all built-in policy definitions.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy definition versions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/listPolicyDefinitionVersions": { + "post": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_ListAllAtManagementGroup", + "summary": "Lists all policy definition versions at management group scope.", + "description": "This operation lists all the policy definition versions for all policy definitions at the management group scope.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy definition versions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/listPolicyDefinitionVersions": { + "post": { + "tags": [ + "PolicyDefinitionVersions" + ], + "operationId": "PolicyDefinitionVersions_ListAll", + "summary": "Lists all policy definition versions within a subscription.", + "description": "This operation lists all the policy definition versions for all policy definitions within a subscription.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy definition versions.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{version}": { "put": { "tags": [ @@ -396,7 +507,7 @@ ], "responses": { "200": { - "description": "OK - Returns an array of policy definitions.", + "description": "OK - Returns an array of policy definition versions.", "schema": { "$ref": "#/definitions/PolicyDefinitionVersionListResult" } @@ -431,7 +542,7 @@ ], "responses": { "200": { - "description": "OK - Returns an array of built-in policy definitions.", + "description": "OK - Returns an array of built-in policy definition versions.", "schema": { "$ref": "#/definitions/PolicyDefinitionVersionListResult" } @@ -469,7 +580,7 @@ ], "responses": { "200": { - "description": "OK - Returns an array of policy definitions.", + "description": "OK - Returns an array of policy definition versions.", "schema": { "$ref": "#/definitions/PolicyDefinitionVersionListResult" } diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 7806c95fa9e8..83ec9223abb4 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -34,6 +34,117 @@ } }, "paths": { + "/providers/Microsoft.Authorization/listPolicySetDefinitionVersions": { + "post": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_ListAllBuiltins", + "summary": "Lists all built-in policy set definition versions.", + "description": "This operation lists all the built-in policy set definition versions for all built-in policy set definitions.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy set definition versions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/listPolicySetDefinitionVersions": { + "post": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_ListAllAtManagementGroup", + "summary": "Lists all policy set definition versions at management group scope.", + "description": "This operation lists all the policy set definition versions for all policy set definitions at the management group scope.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy set definition versions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/listPolicySetDefinitionVersions": { + "post": { + "tags": [ + "PolicySetDefinitionVersions" + ], + "operationId": "PolicySetDefinitionVersions_ListAll", + "summary": "Lists all policy set definition versions within a subscription.", + "description": "This operation lists all the policy set definition versions for all policy set definitions within a subscription.", + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/TopParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of policy set definition versions.", + "schema": { + "$ref": "#/definitions/PolicySetDefinitionVersionListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{version}": { "put": { "tags": [ @@ -495,7 +606,7 @@ ], "responses": { "200": { - "description": "OK - Returns an array of policy set definitions.", + "description": "OK - Returns an array of policy set definition versions.", "schema": { "$ref": "#/definitions/PolicySetDefinitionVersionListResult" } From bbdc4f5a84949d11757701d76a8c353dd035f1c6 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 21 Jun 2023 14:00:01 -0700 Subject: [PATCH 04/24] Sync with main --- .../resources/resource-manager/readme.md | 175 ++++++++++++++++-- 1 file changed, 158 insertions(+), 17 deletions(-) diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index 7c68579e4a73..4edb6d949335 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -26,7 +26,7 @@ These are the global settings for the Resource API. ``` yaml openapi-type: arm -tag: package-changes-2022-05 +tag: package-subscriptions-2022-12 ``` ``` yaml $(package-privatelinks) @@ -42,7 +42,7 @@ tag: package-locks-2020-05 ``` ``` yaml $(package-policy) -tag: package-policy-2023-04 +tag: package-policy-2022-06 ``` ``` yaml $(package-resources) @@ -50,7 +50,7 @@ tag: package-resources-2022-09 ``` ``` yaml $(package-subscriptions) -tag: package-subscriptions-2021-01 +tag: package-subscriptions-2022-12 ``` ``` yaml $(package-links) @@ -69,6 +69,10 @@ tag: package-deploymentscripts-2020-10 tag: package-templatespecs-2022-02 ``` +``` yaml $(package-deploymentstacks) +tag: package-deploymentstacks-2022-08-preview +``` + ``` yaml $(package-changes) tag: package-changes-2022-05 ``` @@ -77,19 +81,22 @@ tag: package-changes-2022-05 tag: package-snapshots-2022-11 ``` -### Tag: package-policy-2023-04 -These settings apply only when `--tag=package-policy-2023-04` is specified on the command line. +### Tag: package-2022-12 + +These settings apply only when `--tag=package-2022-12` is specified on the command line. -``` yaml $(tag) == 'package-policy-2023-04' +```yaml $(tag) == 'package-2022-12' +input-file: + - Microsoft.Resources/stable/2022-12-01/subscriptions.json +``` + +### Tag: package-policy-2022-08-preview-only + +These settings apply only when `--tag=package-policy-2022-08-preview-only` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2022-08-preview-only' input-file: -- Microsoft.Authorization/stable/2020-09-01/dataPolicyManifests.json -- Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json -- Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json -- Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json -- Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json -- Microsoft.Authorization/stable/2023-04-01/policyAssignments.json -- Microsoft.Authorization/preview/2022-07-01-preview/policyExemptions.json - Microsoft.Authorization/preview/2022-08-01-preview/policyVariables.json - Microsoft.Authorization/preview/2022-08-01-preview/policyVariableValues.json @@ -98,6 +105,32 @@ override-info: title: PolicyClient ``` +### Tag: package-policy-2022-07-preview-only + +These settings apply only when `--tag=package-policy-2022-07-preview-only` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2022-07-preview-only' +input-file: +- Microsoft.Authorization/preview/2022-07-01-preview/policyExemptions.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient +``` + +### Tag: package-policy-2022-06-only + +These settings apply only when `--tag=package-policy-2022-06-only` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2022-06-only' +input-file: +- Microsoft.Authorization/stable/2022-06-01/policyAssignments.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient +``` + ### Tag: package-policy-2022-06 These settings apply only when `--tag=package-policy-2022-06` is specified on the command line. @@ -117,6 +150,24 @@ override-info: title: PolicyClient ``` +### Tag: package-changes-2023-03-01-preview + +These settings apply only when `--tag=package-changes-2023-03-01-preview` is specified on the command line. + +``` yaml $(tag) == 'package-changes-2023-03-01-preview' +input-file: +- Microsoft.Resources/preview/2023-03-01-preview/changes.json +``` + +### Tag: package-changes-2023-07-01-preview + +These settings apply only when `--tag=package-changes-2023-07-01-preview` is specified on the command line. + +``` yaml $(tag) == 'package-changes-2023-07-01-preview' +input-file: +- Microsoft.Resources/preview/2023-07-01-preview/changes.json +``` + ### Tag: package-snapshots-2022-11 These settings apply only when `--tag=package-snapshots-2022-11` is specified on the command line. @@ -163,6 +214,21 @@ override-info: title: PolicyClient ``` +### Tag: package-policy-2021-06-only + +These settings apply only when `--tag=package-policy-2021-06-only` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2021-06-only' +input-file: +- Microsoft.Authorization/stable/2021-06-01/policyAssignments.json +- Microsoft.Authorization/stable/2021-06-01/policyDefinitions.json +- Microsoft.Authorization/stable/2021-06-01/policySetDefinitions.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient +``` + ### Tag: package-privatelinks-2020-05 These settings apply only when `--tag=package-privatelinks-2020-05` is specified on the command line. @@ -206,6 +272,23 @@ input-file: override-info: title: PolicyClient ``` + +### Tag: package-policy-2020-09-only + +These settings apply only when `--tag=package-policy-2020-09-only` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2020-09-only' +input-file: +- Microsoft.Authorization/stable/2020-09-01/dataPolicyManifests.json +- Microsoft.Authorization/stable/2020-09-01/policyAssignments.json +- Microsoft.Authorization/stable/2020-09-01/policyDefinitions.json +- Microsoft.Authorization/stable/2020-09-01/policySetDefinitions.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient +``` + ### Tag: package-locks-2017-04 These settings apply only when `--tag=package-locks-2017-04` is specified on the command line. @@ -215,7 +298,6 @@ input-file: - Microsoft.Authorization/stable/2017-04-01/locks.json ``` - ### Tag: package-preview-2020-08 These settings apply only when `--tag=package-preview-2020-08` is specified on the command line. @@ -225,6 +307,15 @@ input-file: - Microsoft.Solutions/preview/2020-08-21-preview/managedapplications.json ``` +### Tag: package-subscriptions-2022-12 + +These settings apply only when `--tag=package-subscriptions-2022-12` is specified on the command line. + +``` yaml $(tag) == 'package-subscriptions-2022-12' +input-file: +- Microsoft.Resources/stable/2022-12-01/subscriptions.json +``` + ### Tag: package-subscriptions-2021-01 @@ -235,7 +326,6 @@ input-file: - Microsoft.Resources/stable/2021-01-01/subscriptions.json ``` - ### Tag: package-deploymentscripts-2020-10 These settings apply only when `--tag=package-deploymentscripts-2020-10` is specified on the command line. @@ -311,6 +401,19 @@ override-info: title: PolicyClient ``` +### Tag: package-policy-2020-07-preview-only + +These settings apply only when `--tag=package-policy-2020-07-preview-only` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2020-07-preview-only' +input-file: +- Microsoft.Authorization/preview/2020-07-01-preview/policyExemptions.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient +``` + ### Tag: package-policy-2019-09 These settings apply only when `--tag=package-policy-2019-09` is specified on the command line. @@ -415,6 +518,20 @@ override-info: title: PolicyClient ``` +### Tag: package-policy-2017-06-preview-only + +These settings apply only when `--tag=package-policy-2017-06-preview-only` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2017-06-preview-only' +input-file: +- Microsoft.Authorization/preview/2017-06-01-preview/policyAssignments.json +- Microsoft.Authorization/preview/2017-06-01-preview/policySetDefinitions.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient +``` + ### Tag: package-templatespecs-2022-02 These settings apply only when `--tag=package-templatespecs-2022-02` is specified on the command line. @@ -451,6 +568,15 @@ input-file: - Microsoft.Resources/preview/2019-06-01-preview/templateSpecs.json ``` +### Tag: package-deploymentstacks-2022-08-preview + +These settings apply only when `--tag=package-deploymentstacks-2022-08-preview` is specified on the command line. + +``` yaml $(tag) == 'package-deploymentstacks-2022-08-preview' +input-file: +- Microsoft.Resources/preview/2022-08-01-preview/deploymentStacks.json +``` + ### Tag: package-policy-2016-12 These settings apply only when `--tag=package-policy-2016-12` is specified on the command line. @@ -879,6 +1005,10 @@ directive: - $.definitions.AzureCliScript.properties - $.definitions.AzurePowerShellScript.properties reason: Currently systemData is not allowed + - from: deploymentStacks.json + suppress: OperationsAPIImplementation + where: $.paths + reason: OperationsAPI will come from Resources - suppress: OperationsAPIImplementation from: templateSpecs.json where: $.paths @@ -899,6 +1029,10 @@ directive: from: templateSpecs.json where: $.definitions.TemplateSpecVersion reason: Tooling issue + - from: deploymentStacks.json + suppress: TrackedResourcePatchOperation + where: $.definitions + reason: Not a tracked resource. - suppress: OperationsAPIImplementation where: $.paths from: dataPolicyManifests.json @@ -964,13 +1098,19 @@ directive: - suppress: RequiredReadOnlySystemData from: changes.json reason: System Metadata from a change resource perspective is irrelevant + - suppress: ResourceNameRestriction + from: changes.json + reason: change resources cannot be created or named by end users + - from: changes.json + suppress: OperationsAPIImplementation + reason: Duplicate Operations API causes generation issues - from: resources.json suppress: R4009 where: - '$.paths["/{scope}/providers/Microsoft.Resources/tags/default"].put' - '$.paths["/{scope}/providers/Microsoft.Resources/tags/default"].patch' - '$.paths["/{scope}/providers/Microsoft.Resources/tags/default"].get' - reason: The tags API does not support system data + reason: The tags API does not support system data ``` --- @@ -993,6 +1133,7 @@ swagger-to-sdk: - repo: azure-resource-manager-schemas - repo: azure-powershell ``` + ## Python See configuration in [readme.python.md](./readme.python.md) @@ -1020,6 +1161,7 @@ batch: - package-managedapplications: true - package-deploymentscripts: true - package-templatespecs: true + - package-deploymentstacks: true - package-changes: true - package-snapshots: true ``` @@ -1040,4 +1182,3 @@ input-file: override-info: title: PolicyClient ``` - From 947a6911eebb47a93a6a19617afc4a7e90446661 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 21 Jun 2023 14:54:53 -0700 Subject: [PATCH 05/24] Update readme files --- .../resources/resource-manager/readme.go.md | 11 ++++++++++ .../resources/resource-manager/readme.java.md | 18 +++++++++++++++ .../resources/resource-manager/readme.md | 22 ++++++++++++++++++- .../resource-manager/readme.python.md | 11 ++++++++++ 4 files changed, 61 insertions(+), 1 deletion(-) diff --git a/specification/resources/resource-manager/readme.go.md b/specification/resources/resource-manager/readme.go.md index 42ba1bdeee0d..c6fd28e643c8 100644 --- a/specification/resources/resource-manager/readme.go.md +++ b/specification/resources/resource-manager/readme.go.md @@ -109,6 +109,7 @@ batch: - tag: package-features-2021-07 - tag: package-locks-2016-09 - tag: package-locks-2015-01 + - tag: package-policy-2023-04 - tag: package-policy-2021-06 - tag: package-policy-2020-09 - tag: package-policy-2020-03 @@ -208,6 +209,16 @@ namespace: locks output-folder: $(go-sdk-folder)/services/resources/mgmt/2015-01-01/locks ``` +### Tag: package-policy-2023-04 and go + +These settings apply only when `--tag=package-policy-2023-04 --go` is specified on the command line. +Please also specify `--go-sdk-folder=`. + +``` yaml $(tag) == 'package-policy-2023-04' && $(go) +namespace: policy +output-folder: $(go-sdk-folder)/services/preview/resources/mgmt/2023-04-01-preview/policy +``` + ### Tag: package-policy-2021-06 and go These settings apply only when `--tag=package-policy-2021-06 --go` is specified on the command line. diff --git a/specification/resources/resource-manager/readme.java.md b/specification/resources/resource-manager/readme.java.md index 3028cce811ae..396db84aaf9a 100644 --- a/specification/resources/resource-manager/readme.java.md +++ b/specification/resources/resource-manager/readme.java.md @@ -54,6 +54,7 @@ batch: - tag: package-features-2021-07 - tag: package-locks-2016-09 - tag: package-managedapplications-2019-07 + - tag: package-policy-2023-04 - tag: package-policy-2021-06 - tag: package-policy-2020-09 - tag: package-policy-2019-09 @@ -132,6 +133,23 @@ regenerate-manager: true generate-interface: true fconfig: '{"moduleName": "ManagedApplications"}' ``` +### Tag: package-policy-2023-04 and java + +These settings apply only when `--tag=package-policy-2023-04 --java` is specified on the command line. +Please also specify `--azure-libraries-for-java-folder=`. + +``` yaml $(tag) == 'package-policy-2023-04' && $(java) && $(multiapi) +java: + namespace: com.microsoft.azure.management.policy.v2023_04_01 + output-folder: $(azure-libraries-for-java-folder)/sdk/policy/mgmt-v2023_04_01 +regenerate-manager: true +generate-interface: true +fconfig: '{"moduleName": "Policy"}' +directive: + from: policyAssignments.json + where: $.definitions.PolicyAssignmentProperties.properties.scope + transform: $['x-ms-client-name'] = 'scopeProperty' +``` ### Tag: package-policy-2021-06 and java diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index 4edb6d949335..ec4c49c0521d 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -42,7 +42,7 @@ tag: package-locks-2020-05 ``` ``` yaml $(package-policy) -tag: package-policy-2022-06 +tag: package-policy-2023-04 ``` ``` yaml $(package-resources) @@ -81,6 +81,26 @@ tag: package-changes-2022-05 tag: package-snapshots-2022-11 ``` +### Tag: package-policy-2023-04 + +These settings apply only when `--tag=package-policy-2023-04` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2023-04' +input-file: +- Microsoft.Authorization/stable/2020-09-01/dataPolicyManifests.json +- Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +- Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +- Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +- Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +- Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +- Microsoft.Authorization/preview/2022-07-01-preview/policyExemptions.json +- Microsoft.Authorization/preview/2022-08-01-preview/policyVariables.json +- Microsoft.Authorization/preview/2022-08-01-preview/policyVariableValues.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient +``` ### Tag: package-2022-12 diff --git a/specification/resources/resource-manager/readme.python.md b/specification/resources/resource-manager/readme.python.md index 4582ee01f2d1..40792d6c104e 100644 --- a/specification/resources/resource-manager/readme.python.md +++ b/specification/resources/resource-manager/readme.python.md @@ -34,6 +34,7 @@ batch: - multiapiscript-locks: true - tag: package-managedapplications-2019-07 - multiapiscript-managedapplications: true + - tag: package-policy-2023-04 - tag: package-policy-2021-06 - tag: package-policy-2020-09 - tag: package-policy-2019-09 @@ -240,6 +241,16 @@ namespace: azure.mgmt.resource.managedapplications.v2019_07_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/managedapplications/v2019_07_01 ``` +### Tag: package-policy-2023-04 and python + +These settings apply only when `--tag=package-policy-2023-04 --python` is specified on the command line. +Please also specify `--python-sdks-folder=`. + +``` yaml $(tag) == 'package-policy-2023-04' +namespace: azure.mgmt.resource.policy.v2021_06_01 +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2021_06_01 +``` + ### Tag: package-policy-2021-06 and python These settings apply only when `--tag=package-policy-2021-06 --python` is specified on the command line. From 72c7354cc4f37ba644825577420e3c4103462c45 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 21 Jun 2023 15:05:14 -0700 Subject: [PATCH 06/24] Updated python readme --- .../resource-manager/readme.python.md | 116 +++++++++++++++--- 1 file changed, 100 insertions(+), 16 deletions(-) diff --git a/specification/resources/resource-manager/readme.python.md b/specification/resources/resource-manager/readme.python.md index 40792d6c104e..a56cf89760ac 100644 --- a/specification/resources/resource-manager/readme.python.md +++ b/specification/resources/resource-manager/readme.python.md @@ -19,7 +19,6 @@ Generate all API versions currently shipped for this package ```yaml $(python) multiapi: true -default-api-version: "2022-09-01" clear-output-folder: true batch: - tag: package-privatelinks-2020-05 @@ -35,14 +34,18 @@ batch: - tag: package-managedapplications-2019-07 - multiapiscript-managedapplications: true - tag: package-policy-2023-04 - - tag: package-policy-2021-06 - - tag: package-policy-2020-09 + - tag: package-policy-2022-08-preview-only + - tag: package-policy-2022-07-preview-only + - tag: package-policy-2022-06-only + - tag: package-policy-2021-06-only + - tag: package-policy-2020-09-only + - tag: package-policy-2020-07-preview-only - tag: package-policy-2019-09 - tag: package-policy-2019-06 - tag: package-policy-2019-01 - tag: package-policy-2018-05 - tag: package-policy-2018-03 - - tag: package-policy-2017-06 + - tag: package-policy-2017-06-preview-only - tag: package-policy-2016-12 - tag: package-policy-2016-04 - tag: package-policy-2015-10 @@ -64,6 +67,7 @@ batch: - tag: package-resources-2016-09 - tag: package-resources-2016-02 - multiapiscript-resources: true + - tag: package-subscriptions-2022-12 - tag: package-subscriptions-2021-01 - tag: package-subscriptions-2019-11 - tag: package-subscriptions-2019-06 @@ -78,6 +82,8 @@ batch: - tag: package-templatespecs-2021-03-preview - tag: package-templatespecs-2019-06-preview - multiapiscript-templatespecs: true + - tag: package-deploymentstacks-2022-08-preview + - multiapiscript-deploymentstacks: true - tag: package-changes-2022-05 - multiapiscript-changes: true ``` @@ -139,6 +145,12 @@ output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/re perform-load: false ``` +```yaml $(multiapiscript-deploymentstacks) +package-name: azure-mgmt-resource#deploymentstacks +multiapiscript: true +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/deploymentstacks +perform-load: false +``` ```yaml $(multiapiscript-locks) package-name: azure-mgmt-resource#locks @@ -167,6 +179,7 @@ These settings apply only when `--tag=package-changes-2022-05 --python` is speci Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-changes-2022-05' +default-api-version: "2022-05-01" namespace: azure.mgmt.resource.changes.v2022_05_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/changes/v2022_05_01 ``` @@ -177,6 +190,7 @@ These settings apply only when `--tag=package-privatelinks-2020-05 --python` is Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-privatelinks-2020-05' +default-api-version: "2020-05-01" namespace: azure.mgmt.resource.privatelinks.v2020_05_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/privatelinks/v2020_05_01 ``` @@ -187,6 +201,7 @@ These settings apply only when `--tag=package-features-2021-07 --python` is spec Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-features-2021-07' +default-api-version: "2021-07-01" namespace: azure.mgmt.resource.features.v2021_07_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/features/v2021_07_01 ``` @@ -207,6 +222,7 @@ These settings apply only when `--tag=package-links-2016-09 --python` is specifi Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-links-2016-09' +default-api-version: "2016-09-01" namespace: azure.mgmt.resource.links.v2016_09_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/links/v2016_09_01 ``` @@ -217,6 +233,7 @@ These settings apply only when `--tag=package-locks-2016-09 --python` is specifi Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-locks-2016-09' +default-api-version: "2016-09-01" namespace: azure.mgmt.resource.locks.v2016_09_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/locks/v2016_09_01 ``` @@ -237,40 +254,82 @@ These settings apply only when `--tag=package-managedapplications-2019-07 --pyth Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-managedapplications-2019-07' +default-api-version: "2019-07-01" namespace: azure.mgmt.resource.managedapplications.v2019_07_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/managedapplications/v2019_07_01 ``` -### Tag: package-policy-2023-04 and python +### Tag: package-package-policy-2023-04 and python These settings apply only when `--tag=package-policy-2023-04 --python` is specified on the command line. Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-policy-2023-04' -namespace: azure.mgmt.resource.policy.v2021_06_01 -output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2021_06_01 +namespace: azure.mgmt.resource.policy.v2023_04_01 +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2023_04_01 ``` -### Tag: package-policy-2021-06 and python +### Tag: package-policy-2022-08-preview-only and python -These settings apply only when `--tag=package-policy-2021-06 --python` is specified on the command line. +These settings apply only when `--tag=package-policy-2022-08-preview-only --python` is specified on the command line. Please also specify `--python-sdks-folder=`. -``` yaml $(tag) == 'package-policy-2021-06' +``` yaml $(tag) == 'package-policy-2022-08-preview-only' +namespace: azure.mgmt.resource.policy.v2022_08_01_preview +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2022_08_01_preview +``` + +### Tag: package-policy-2022-07-preview-only and python + +These settings apply only when `--tag=package-policy-2022-07-preview-only --python` is specified on the command line. +Please also specify `--python-sdks-folder=`. + +``` yaml $(tag) == 'package-policy-2022-07-preview-only' +namespace: azure.mgmt.resource.policy.v2022_07_01_preview +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2022_07_01_preview +``` + +### Tag: package-policy-2022-06-only and python + +These settings apply only when `--tag=package-policy-2022-06-only --python` is specified on the command line. +Please also specify `--python-sdks-folder=`. + +``` yaml $(tag) == 'package-policy-2022-06-only' +default-api-version: "2022-06-01" +namespace: azure.mgmt.resource.policy.v2022_06_01 +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2022_06_01 +``` + +### Tag: package-policy-2021-06-only and python + +These settings apply only when `--tag=package-policy-2021-06-only --python` is specified on the command line. +Please also specify `--python-sdks-folder=`. + +``` yaml $(tag) == 'package-policy-2021-06-only' namespace: azure.mgmt.resource.policy.v2021_06_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2021_06_01 ``` -### Tag: package-policy-2020-09 and python +### Tag: package-policy-2020-09-only and python -These settings apply only when `--tag=package-policy-2020-09 --python` is specified on the command line. +These settings apply only when `--tag=package-policy-2020-09-only --python` is specified on the command line. Please also specify `--python-sdks-folder=`. -``` yaml $(tag) == 'package-policy-2020-09' +``` yaml $(tag) == 'package-policy-2020-09-only' namespace: azure.mgmt.resource.policy.v2020_09_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2020_09_01 ``` +### Tag: package-policy-2020-07-preview-only and python + +These settings apply only when `--tag=package-policy-2020-07-preview-only --python` is specified on the command line. +Please also specify `--python-sdks-folder=`. + +``` yaml $(tag) == 'package-policy-2020-07-preview-only' +namespace: azure.mgmt.resource.policy.v2020_07_01_preview +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2020_07_01_preview +``` + ### Tag: package-policy-2019-09 and python These settings apply only when `--tag=package-policy-2019-09 --python` is specified on the command line. @@ -321,12 +380,12 @@ namespace: azure.mgmt.resource.policy.v2018_03_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2018_03_01 ``` -### Tag: package-policy-2017-06 and python +### Tag: package-policy-2017-06-preview-only and python -These settings apply only when `--tag=package-policy-2017-06 --python` is specified on the command line. +These settings apply only when `--tag=package-policy-2017-06-preview-only --python` is specified on the command line. Please also specify `--python-sdks-folder=`. -``` yaml $(tag) == 'package-policy-2017-06' +``` yaml $(tag) == 'package-policy-2017-06-preview-only' namespace: azure.mgmt.resource.policy.v2017_06_01_preview output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2017_06_01_preview ``` @@ -367,6 +426,7 @@ These settings apply only when `--tag=package-resources-2022-09 --python` is spe Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-resources-2022-09' +default-api-version: "2022-09-01" namespace: azure.mgmt.resource.resources.v2022_09_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/resources/v2022_09_01 ``` @@ -521,6 +581,17 @@ namespace: azure.mgmt.resource.resources.v2016_02_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/resources/v2016_02_01 ``` +### Tag: package-subscriptions-2022-12 and python + +These settings apply only when `--tag=package-subscriptions-2022-12 --python` is specified on the command line. +Please also specify `--python-sdks-folder=`. + +``` yaml $(tag) == 'package-subscriptions-2022-12' +default-api-version: "2022-12-01" +namespace: azure.mgmt.resource.subscriptions.v2022_12_01 +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/subscriptions/v2022_12_01 +``` + ### Tag: package-subscriptions-2021-01 and python These settings apply only when `--tag=package-subscriptions-2021-01 --python` is specified on the command line. @@ -587,6 +658,7 @@ These settings apply only when `--tag=package-deploymentscripts-2020-10` is spec Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-deploymentscripts-2020-10' +default-api-version: "2020-10-01" namespace: azure.mgmt.resource.deploymentscripts.v2020_10_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/deploymentscripts/v2020_10_01 ``` @@ -627,10 +699,22 @@ These settings apply only when `--tag=package-templatespecs-2022-02` is specifie Please also specify `--python-sdks-folder=`. ``` yaml $(tag) == 'package-templatespecs-2022-02' +default-api-version: "2022-02-01" namespace: azure.mgmt.resource.templatespecs.v2022_02_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/templatespecs/v2022_02_01 ``` +### Tag: package-deploymentstacks-2022-08-preview and python + +These settings apply only when `--tag=package-deploymentstacks-2022-08-preview` is specified on the command line. +Please also specify `--python-sdks-folder=`. + +``` yaml $(tag) == 'package-deploymentstacks-2022-08-preview' +default-api-version: "2022-08-01-preview" +namespace: azure.mgmt.resource.deploymentstacks.v2022_08_01_preview +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/deploymentstacks/v2022_08_01_preview +``` + ``` yaml $(python) modelerfour: lenient-model-deduplication: true From 55730064a2f7f94ebd6d2271c94128274e2c8ae3 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 21 Jun 2023 15:07:41 -0700 Subject: [PATCH 07/24] reverting to sync with main --- .../resources/resource-manager/readme.md | 22 +------------------ .../resource-manager/readme.python.md | 11 ---------- 2 files changed, 1 insertion(+), 32 deletions(-) diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index ec4c49c0521d..4edb6d949335 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -42,7 +42,7 @@ tag: package-locks-2020-05 ``` ``` yaml $(package-policy) -tag: package-policy-2023-04 +tag: package-policy-2022-06 ``` ``` yaml $(package-resources) @@ -81,26 +81,6 @@ tag: package-changes-2022-05 tag: package-snapshots-2022-11 ``` -### Tag: package-policy-2023-04 - -These settings apply only when `--tag=package-policy-2023-04` is specified on the command line. - -``` yaml $(tag) == 'package-policy-2023-04' -input-file: -- Microsoft.Authorization/stable/2020-09-01/dataPolicyManifests.json -- Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json -- Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json -- Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json -- Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json -- Microsoft.Authorization/stable/2023-04-01/policyAssignments.json -- Microsoft.Authorization/preview/2022-07-01-preview/policyExemptions.json -- Microsoft.Authorization/preview/2022-08-01-preview/policyVariables.json -- Microsoft.Authorization/preview/2022-08-01-preview/policyVariableValues.json - -# Needed when there is more than one input file -override-info: - title: PolicyClient -``` ### Tag: package-2022-12 diff --git a/specification/resources/resource-manager/readme.python.md b/specification/resources/resource-manager/readme.python.md index a56cf89760ac..5f3f66ca3fb8 100644 --- a/specification/resources/resource-manager/readme.python.md +++ b/specification/resources/resource-manager/readme.python.md @@ -33,7 +33,6 @@ batch: - multiapiscript-locks: true - tag: package-managedapplications-2019-07 - multiapiscript-managedapplications: true - - tag: package-policy-2023-04 - tag: package-policy-2022-08-preview-only - tag: package-policy-2022-07-preview-only - tag: package-policy-2022-06-only @@ -259,16 +258,6 @@ namespace: azure.mgmt.resource.managedapplications.v2019_07_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/managedapplications/v2019_07_01 ``` -### Tag: package-package-policy-2023-04 and python - -These settings apply only when `--tag=package-policy-2023-04 --python` is specified on the command line. -Please also specify `--python-sdks-folder=`. - -``` yaml $(tag) == 'package-policy-2023-04' -namespace: azure.mgmt.resource.policy.v2023_04_01 -output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2023_04_01 -``` - ### Tag: package-policy-2022-08-preview-only and python These settings apply only when `--tag=package-policy-2022-08-preview-only --python` is specified on the command line. From a9de5d24280ed4c23dce30f366f2e557ba08f4de Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 21 Jun 2023 15:11:23 -0700 Subject: [PATCH 08/24] updating python and main readme --- .../resources/resource-manager/readme.md | 22 ++++++++++++++++++- .../resource-manager/readme.python.md | 11 ++++++++++ 2 files changed, 32 insertions(+), 1 deletion(-) diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index 4edb6d949335..ec4c49c0521d 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -42,7 +42,7 @@ tag: package-locks-2020-05 ``` ``` yaml $(package-policy) -tag: package-policy-2022-06 +tag: package-policy-2023-04 ``` ``` yaml $(package-resources) @@ -81,6 +81,26 @@ tag: package-changes-2022-05 tag: package-snapshots-2022-11 ``` +### Tag: package-policy-2023-04 + +These settings apply only when `--tag=package-policy-2023-04` is specified on the command line. + +``` yaml $(tag) == 'package-policy-2023-04' +input-file: +- Microsoft.Authorization/stable/2020-09-01/dataPolicyManifests.json +- Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +- Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +- Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +- Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +- Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +- Microsoft.Authorization/preview/2022-07-01-preview/policyExemptions.json +- Microsoft.Authorization/preview/2022-08-01-preview/policyVariables.json +- Microsoft.Authorization/preview/2022-08-01-preview/policyVariableValues.json + +# Needed when there is more than one input file +override-info: + title: PolicyClient +``` ### Tag: package-2022-12 diff --git a/specification/resources/resource-manager/readme.python.md b/specification/resources/resource-manager/readme.python.md index 5f3f66ca3fb8..71ba49767ec8 100644 --- a/specification/resources/resource-manager/readme.python.md +++ b/specification/resources/resource-manager/readme.python.md @@ -33,6 +33,7 @@ batch: - multiapiscript-locks: true - tag: package-managedapplications-2019-07 - multiapiscript-managedapplications: true + - tag: package-policy-2023-04 - tag: package-policy-2022-08-preview-only - tag: package-policy-2022-07-preview-only - tag: package-policy-2022-06-only @@ -258,6 +259,16 @@ namespace: azure.mgmt.resource.managedapplications.v2019_07_01 output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/managedapplications/v2019_07_01 ``` +### Tag: package-policy-2023-04 and python + +These settings apply only when `--tag=package-policy-2023-04 --python` is specified on the command line. +Please also specify `--python-sdks-folder=`. + +``` yaml $(tag) == 'package-policy-2023-04' +namespace: azure.mgmt.resource.policy.v2023_04_01 +output-folder: $(python-sdks-folder)/resources/azure-mgmt-resource/azure/mgmt/resource/policy/v2023_04_01 +``` + ### Tag: package-policy-2022-08-preview-only and python These settings apply only when `--tag=package-policy-2022-08-preview-only --python` is specified on the command line. From a0728ec7177a10f44fbcaeee90a7fad61897904f Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 21 Jun 2023 16:48:41 -0700 Subject: [PATCH 09/24] Fixing some automation failures --- .../2023-04-01/policyDefinitionVersions.json | 28 ++++++++++--------- .../stable/2023-04-01/policyDefinitions.json | 9 ++++-- .../policySetDefinitionVersions.json | 10 +++---- .../2023-04-01/policySetDefinitions.json | 9 ++++-- 4 files changed, 33 insertions(+), 23 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index a68cd287b968..1889675f3444 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -79,10 +79,10 @@ "description": "This operation lists all the policy definition versions for all policy definitions at the management group scope.", "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "#/parameters/ManagementGroupIdParameter" }, { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/TopParameter" @@ -369,10 +369,10 @@ "description": "The policy definition properties." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "#/parameters/ManagementGroupIdParameter" }, { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "#/parameters/ApiVersionParameter" } ], "responses": { @@ -413,10 +413,10 @@ "description": "The version to delete." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "#/parameters/ManagementGroupIdParameter" }, { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "#/parameters/ApiVersionParameter" } ], "responses": { @@ -457,10 +457,10 @@ "description": "The version to get." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "#/parameters/ManagementGroupIdParameter" }, { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "#/parameters/ApiVersionParameter" } ], "responses": { @@ -485,7 +485,7 @@ "PolicyDefinitionVersions" ], "operationId": "PolicyDefinitionVersions_List", - "summary": "Retrieves policy definition versions for a given policy definintion in a subscription", + "summary": "Retrieves policy definition versions for a given policy definition in a subscription", "description": "This operation retrieves a list of all the policy definition versions for the given policy definition.", "parameters": [ { @@ -569,10 +569,10 @@ "description": "This operation retrieves a list of all the policy definition versions for the given policy definition in the given management group.", "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "#/parameters/ManagementGroupIdParameter" }, { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/TopParameter" @@ -776,7 +776,8 @@ "in": "path", "required": true, "type": "string", - "description": "The ID of the target subscription." + "description": "The ID of the target subscription.", + "x-ms-parameter-location": "method" }, "ManagementGroupIdParameter": { "name": "managementGroupId", @@ -791,7 +792,8 @@ "in": "query", "required": true, "type": "string", - "description": "The API version to use for the operation." + "description": "The API version to use for the operation.", + "x-ms-parameter-location": "method" }, "PolicyDefinitionsFilterParameter": { "name": "$filter", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json index bc1e55d5f815..61e79b383bc6 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json @@ -545,6 +545,9 @@ }, "versions": { "type": "array", + "items": { + "type": "string" + }, "description": "A list of available versions for this policy definition." } }, @@ -670,7 +673,8 @@ "in": "path", "required": true, "type": "string", - "description": "The ID of the target subscription." + "description": "The ID of the target subscription.", + "x-ms-parameter-location": "method" }, "ManagementGroupIdParameter": { "name": "managementGroupId", @@ -685,7 +689,8 @@ "in": "query", "required": true, "type": "string", - "description": "The API version to use for the operation." + "description": "The API version to use for the operation.", + "x-ms-parameter-location": "method" }, "PolicyDefinitionsFilterParameter": { "name": "$filter", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 83ec9223abb4..4f7a9c079039 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -689,10 +689,6 @@ "version": { "type": "string", "description": "The policy set definition version in #.#.# format." - }, - "versions": { - "type": "array", - "description": "A list of available versions for this policy set definition." } }, "required": [ @@ -809,7 +805,8 @@ "in": "path", "required": true, "type": "string", - "description": "The ID of the target subscription." + "description": "The ID of the target subscription.", + "x-ms-parameter-location": "method" }, "ManagementGroupIdParameter": { "name": "managementGroupId", @@ -824,7 +821,8 @@ "in": "query", "required": true, "type": "string", - "description": "The API version to use for the operation." + "description": "The API version to use for the operation.", + "x-ms-parameter-location": "method" }, "PolicySetDefinitionsFilterParameter": { "name": "$filter", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json index 0b1ff3e547c4..7976246eaeab 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json @@ -571,6 +571,9 @@ }, "versions": { "type": "array", + "items": { + "type": "string" + }, "description": "A list of available versions for this policy set definition." } }, @@ -688,7 +691,8 @@ "in": "path", "required": true, "type": "string", - "description": "The ID of the target subscription." + "description": "The ID of the target subscription.", + "x-ms-parameter-location": "method" }, "ManagementGroupIdParameter": { "name": "managementGroupId", @@ -703,7 +707,8 @@ "in": "query", "required": true, "type": "string", - "description": "The API version to use for the operation." + "description": "The API version to use for the operation.", + "x-ms-parameter-location": "method" }, "PolicySetDefinitionsFilterParameter": { "name": "$filter", From 5d6d7798483e4264efbaae3ba538a2c6fcd86652 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Mon, 10 Jul 2023 10:28:11 -0700 Subject: [PATCH 10/24] add examples for all policyDefinitionVersion apis --- ...icyDefinitionVersionAtManagementGroup.json | 93 +++++++++++++++ .../deletePolicyDefinitionVersion.json | 16 +++ ...icyDefinitionVersionAtManagementGroup.json | 16 +++ .../getBuiltinPolicyDefinitionVersion.json | 54 +++++++++ .../examples/getPolicyDefinitionVersion.json | 55 +++++++++ ...icyDefinitionVersionAtManagementGroup.json | 55 +++++++++ ...istAllBuiltInPolicyDefinitionVersions.json | 105 +++++++++++++++++ .../listAllPolicyDefinitionVersions.json | 99 ++++++++++++++++ ...cyDefinitionVersionsByManagementGroup.json | 99 ++++++++++++++++ .../listBuiltInPolicyDefinitionVersions.json | 106 ++++++++++++++++++ .../listPolicyDefinitionVersions.json | 100 +++++++++++++++++ ...cyDefinitionVersionsByManagementGroup.json | 100 +++++++++++++++++ .../2023-04-01/policyDefinitionVersions.json | 63 ++++++++++- 13 files changed, 960 insertions(+), 1 deletion(-) create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersion.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinitionVersion.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersion.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllBuiltInPolicyDefinitionVersions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersionsByManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitionVersions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersionsByManagementGroup.json diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json new file mode 100644 index 000000000000..252c50b2bb0e --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json @@ -0,0 +1,93 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policyDefinitionName": "ResourceNaming", + "version": "1.2.1", + "api-version": "2023-04-01", + "parameters": { + "properties": { + "mode": "All", + "displayName": "Enforce resource naming convention", + "description": "Force resource names to begin with given 'prefix' and/or end with given 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + } + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersion.json new file mode 100644 index 000000000000..149ef18687b0 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersion.json @@ -0,0 +1,16 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "ResourceNaming", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {} + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json new file mode 100644 index 000000000000..9fa02b408a1e --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json @@ -0,0 +1,16 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policyDefinitionName": "ResourceNaming", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {} + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinitionVersion.json new file mode 100644 index 000000000000..5b7f87a2e185 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinitionVersion.json @@ -0,0 +1,54 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "7433c107-6db4-4ad1-b57a-a76dce0154a1", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "mode": "All", + "displayName": "Allowed storage account SKUs", + "policyType": "BuiltIn", + "description": "This policy enables you to specify a set of storage account SKUs that your organization can deploy.", + "parameters": { + "listOfAllowedSKUs": { + "type": "Array", + "metadata": { + "description": "The list of SKUs that can be specified for storage accounts.", + "displayName": "Allowed SKUs", + "strongType": "StorageSKUs" + } + } + }, + "version": "1.2.1", + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "not": { + "field": "Microsoft.Storage/storageAccounts/sku.name", + "in": "[parameters('listOfAllowedSKUs')]" + } + } + ] + }, + "then": { + "effect": "Deny" + } + } + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersion.json new file mode 100644 index 000000000000..f08dee6e471e --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersion.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "ResourceNaming", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json new file mode 100644 index 000000000000..b1ec9335834e --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policyDefinitionName": "ResourceNaming", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllBuiltInPolicyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllBuiltInPolicyDefinitionVersions.json new file mode 100644 index 000000000000..44cc3910cdc9 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllBuiltInPolicyDefinitionVersions.json @@ -0,0 +1,105 @@ +{ + "parameters": { + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "mode": "All", + "displayName": "Audit SQL DB Level Audit Setting", + "policyType": "BuiltIn", + "description": "Audit DB level audit setting for SQL databases", + "parameters": { + "setting": { + "type": "String", + "metadata": { + "displayName": "Audit Setting" + }, + "allowedValues": [ + "enabled", + "disabled" + ] + } + }, + "version": "1.2.1", + "policyRule": { + "if": { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + "then": { + "effect": "AuditIfNotExists", + "details": { + "type": "Microsoft.Sql/servers/databases/auditingSettings", + "name": "default", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Sql/auditingSettings.state", + "equals": "[parameters('setting')]" + } + ] + } + } + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a12/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1" + }, + { + "properties": { + "mode": "All", + "displayName": "Audit SQL DB Level Audit Setting", + "policyType": "BuiltIn", + "description": "Audit DB level audit setting for SQL databases", + "parameters": { + "setting": { + "type": "String", + "metadata": { + "displayName": "Audit Setting" + }, + "allowedValues": [ + "enabled", + "disabled", + "default" + ] + } + }, + "version": "1.0.0", + "policyRule": { + "if": { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + "then": { + "effect": "AuditIfNotExists", + "details": { + "type": "Microsoft.Sql/servers/databases/auditingSettings", + "name": "default", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Sql/auditingSettings.state", + "equals": "[parameters('setting')]" + } + ] + } + } + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a12/versions/1.0.0", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.0.0" + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersions.json new file mode 100644 index 000000000000..42d415b43cc2 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersions.json @@ -0,0 +1,99 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "policyType": "Custom" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1" + }, + { + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "version": "1.0.0", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '-*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "policyType": "Custom" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/versions/1.0.0", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "1.0.0" + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersionsByManagementGroup.json new file mode 100644 index 000000000000..700511c74013 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersionsByManagementGroup.json @@ -0,0 +1,99 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + }, + { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.0.0", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.0.0", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '-*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitionVersions.json new file mode 100644 index 000000000000..b296421218ba --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicyDefinitionVersions.json @@ -0,0 +1,106 @@ +{ + "parameters": { + "policyDefinitionName": "06a78e20-9358-41c9-923c-fb736d382a12", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "mode": "All", + "displayName": "Audit SQL DB Level Audit Setting", + "policyType": "BuiltIn", + "description": "Audit DB level audit setting for SQL databases", + "parameters": { + "setting": { + "type": "String", + "metadata": { + "displayName": "Audit Setting" + }, + "allowedValues": [ + "enabled", + "disabled" + ] + } + }, + "version": "1.2.1", + "policyRule": { + "if": { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + "then": { + "effect": "AuditIfNotExists", + "details": { + "type": "Microsoft.Sql/servers/databases/auditingSettings", + "name": "default", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Sql/auditingSettings.state", + "equals": "[parameters('setting')]" + } + ] + } + } + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a12/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1" + }, + { + "properties": { + "mode": "All", + "displayName": "Audit SQL DB Level Audit Setting", + "policyType": "BuiltIn", + "description": "Audit DB level audit setting for SQL databases", + "parameters": { + "setting": { + "type": "String", + "metadata": { + "displayName": "Audit Setting" + }, + "allowedValues": [ + "enabled", + "disabled", + "default" + ] + } + }, + "version": "1.0.0", + "policyRule": { + "if": { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + "then": { + "effect": "AuditIfNotExists", + "details": { + "type": "Microsoft.Sql/servers/databases/auditingSettings", + "name": "default", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Sql/auditingSettings.state", + "equals": "[parameters('setting')]" + } + ] + } + } + } + } + }, + "id": "/providers/Microsoft.Authorization/policyDefinitions/06a78e20-9358-41c9-923c-fb736d382a12/versions/1.0.0", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.0.0" + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersions.json new file mode 100644 index 000000000000..875d0fc55a9f --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersions.json @@ -0,0 +1,100 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policyDefinitionName": "ResourceNaming", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "policyType": "Custom" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1" + }, + { + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "version": "1.0.0", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '-*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "policyType": "Custom" + }, + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/versions/1.0.0", + "type": "Microsoft.Authorization/policyDefinitions", + "name": "1.0.0" + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersionsByManagementGroup.json new file mode 100644 index 000000000000..6f09fdbacc0c --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersionsByManagementGroup.json @@ -0,0 +1,100 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policyDefinitionName": "ResourceNaming", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + }, + { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.0.0", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.0.0", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '-*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index 1889675f3444..30b92cede745 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -42,6 +42,11 @@ "operationId": "PolicyDefinitionVersions_ListAllBuiltins", "summary": "Lists all built-in policy definition versions.", "description": "This operation lists all the built-in policy definition versions for all built-in policy definitions.", + "x-ms-examples": { + "List all built-in policy definition versions": { + "$ref": "./examples/listAllBuiltInPolicyDefinitionVersions.json" + } + }, "parameters": [ { "$ref": "#/parameters/ApiVersionParameter" @@ -77,6 +82,11 @@ "operationId": "PolicyDefinitionVersions_ListAllAtManagementGroup", "summary": "Lists all policy definition versions at management group scope.", "description": "This operation lists all the policy definition versions for all policy definitions at the management group scope.", + "x-ms-examples": { + "List all policy definition versions at management group": { + "$ref": "./examples/listAllPolicyDefinitionVersionsByManagementGroup.json" + } + }, "parameters": [ { "$ref": "#/parameters/ManagementGroupIdParameter" @@ -115,6 +125,12 @@ "operationId": "PolicyDefinitionVersions_ListAll", "summary": "Lists all policy definition versions within a subscription.", "description": "This operation lists all the policy definition versions for all policy definitions within a subscription.", + "x-ms-examples": { + "List all policy definition versions at subscription": { + "$ref": "./examples/listAllPolicyDefinitionVersions.json" + } + }, + "parameters": [ { "$ref": "#/parameters/ApiVersionParameter" @@ -154,7 +170,7 @@ "summary": "Creates or updates a policy definition in a subscription.", "description": "This operation creates or updates a policy definition in the given subscription with the given name.", "x-ms-examples": { - "Create or update a policy definition": { + "Create or update a policy definition version": { "$ref": "./examples/createOrUpdatePolicyDefinitionVersion.json" } }, @@ -211,6 +227,11 @@ "operationId": "PolicyDefinitionVersions_Delete", "summary": "Deletes a policy definition version in a subscription.", "description": "This operation deletes the policy definition version in the given subscription with the given name.", + "x-ms-examples": { + "Delete a policy definition version": { + "$ref": "./examples/deletePolicyDefinitionVersion.json" + } + }, "parameters": [ { "name": "policyDefinitionName", @@ -255,6 +276,11 @@ "operationId": "PolicyDefinitionVersions_Get", "summary": "Retrieves a policy definition version in a subscription.", "description": "This operation retrieves the policy definition version in the given subscription with the given name.", + "x-ms-examples": { + "Retrieve a policy definition version": { + "$ref": "./examples/getPolicyDefinitionVersion.json" + } + }, "parameters": [ { "name": "policyDefinitionName", @@ -301,6 +327,11 @@ "operationId": "PolicyDefinitionVersions_GetBuiltIn", "summary": "Retrieves a built-in policy definition version.", "description": "This operation retrieves the built-in policy definition version with the given name.", + "x-ms-examples": { + "Retrieve a built-in policy definition version": { + "$ref": "./examples/getBuiltinPolicyDefinitionVersion.json" + } + }, "parameters": [ { "name": "policyDefinitionName", @@ -344,6 +375,11 @@ "operationId": "PolicyDefinitionVersions_CreateOrUpdateAtManagementGroup", "summary": "Creates or updates a policy definition version in a management group.", "description": "This operation creates or updates a policy definition version in the given management group with the given name.", + "x-ms-examples": { + "Create or update a policy definition version at management group level": { + "$ref": "./examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json" + } + }, "parameters": [ { "name": "policyDefinitionName", @@ -397,6 +433,11 @@ "operationId": "PolicyDefinitionVersions_DeleteAtManagementGroup", "summary": "Deletes a policy definition in a management group.", "description": "This operation deletes the policy definition in the given management group with the given name.", + "x-ms-examples": { + "Delete a policy definition version at management group level": { + "$ref": "./examples/deletePolicyDefinitionVersionAtManagementGroup.json" + } + }, "parameters": [ { "name": "policyDefinitionName", @@ -441,6 +482,11 @@ "operationId": "PolicyDefinitionVersions_GetAtManagementGroup", "summary": "Retrieve a policy definition version in a management group.", "description": "This operation retrieves the policy definition version in the given management group with the given name.", + "x-ms-examples": { + "Retrieve a policy definition version at management group level": { + "$ref": "./examples/getPolicyDefinitionVersionAtManagementGroup.json" + } + }, "parameters": [ { "name": "policyDefinitionName", @@ -487,6 +533,11 @@ "operationId": "PolicyDefinitionVersions_List", "summary": "Retrieves policy definition versions for a given policy definition in a subscription", "description": "This operation retrieves a list of all the policy definition versions for the given policy definition.", + "x-ms-examples": { + "List policy definition versions by subscription": { + "$ref": "./examples/listPolicyDefinitionVersions.json" + } + }, "parameters": [ { "name": "policyDefinitionName", @@ -532,6 +583,11 @@ "operationId": "PolicyDefinitionVersions_ListBuiltIn", "summary": "Retrieve built-in policy definition versions", "description": "This operation retrieves a list of all the built-in policy definition versions for the given policy definition.", + "x-ms-examples": { + "List built-in policy definition versions": { + "$ref": "./examples/listBuiltInPolicyDefinitionVersions.json" + } + }, "parameters": [ { "$ref": "#/parameters/ApiVersionParameter" @@ -567,6 +623,11 @@ "operationId": "PolicyDefinitionVersions_ListByManagementGroup", "summary": "Retrieve policy definition versions in a management group policy definition.", "description": "This operation retrieves a list of all the policy definition versions for the given policy definition in the given management group.", + "x-ms-examples": { + "List policy definition versions by management group": { + "$ref": "./examples/listPolicyDefinitionVersionsByManagementGroup.json" + } + }, "parameters": [ { "$ref": "#/parameters/ManagementGroupIdParameter" From a7c8c754cb723e8734ab71a5391809363c05ddcd Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Mon, 10 Jul 2023 17:18:38 -0700 Subject: [PATCH 11/24] Add examples for policy set versions --- ...SetDefinitionVersionAtManagementGroup.json | 129 ++++++++++++++++++ .../deletePolicySetDefinitionVersion.json | 16 +++ ...SetDefinitionVersionAtManagementGroup.json | 16 +++ .../getBuiltInPolicySetDefinitionVersion.json | 69 ++++++++++ .../getPolicySetDefinitionVersion.json | 70 ++++++++++ ...SetDefinitionVersionAtManagementGroup.json | 52 +++++++ ...AllBuiltInPolicySetDefinitionVersions.json | 71 ++++++++++ .../listAllPolicySetDefinitionVersions.json | 54 ++++++++ ...etDefinitionVersionsByManagementGroup.json | 111 +++++++++++++++ ...istBuiltInPolicySetDefinitionVersions.json | 72 ++++++++++ .../listPolicySetDefinitionVersions.json | 55 ++++++++ ...etDefinitionVersionsByManagementGroup.json | 55 ++++++++ .../2023-04-01/policyDefinitionVersions.json | 1 - .../policySetDefinitionVersions.json | 64 ++++++++- 14 files changed, 831 insertions(+), 4 deletions(-) create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersion.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinitionVersion.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersion.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllBuiltInPolicySetDefinitionVersions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersionsByManagementGroup.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitionVersions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersions.json create mode 100644 specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersionsByManagementGroup.json diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json new file mode 100644 index 000000000000..df2bdb14179b --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json @@ -0,0 +1,129 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policySetDefinitionName": "CostManagement", + "version": "1.2.1", + "api-version": "2023-04-01", + "parameters": { + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "responses": { + "201": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + }, + "200": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement", + "type": "Microsoft.Authorization/policySetDefinitions", + "name": "CostManagement", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersion.json new file mode 100644 index 000000000000..e200d3f1936e --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersion.json @@ -0,0 +1,16 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policySetDefinitionName": "CostManagement", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {} + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json new file mode 100644 index 000000000000..d4250d808d64 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json @@ -0,0 +1,16 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policySetDefinitionName": "CostManagement", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {} + }, + "204": { + "headers": {} + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinitionVersion.json new file mode 100644 index 000000000000..dc323e311a50 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinitionVersion.json @@ -0,0 +1,69 @@ +{ + "parameters": { + "policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "properties": { + "displayName": "[Preview]: Enable Monitoring in Azure Security Center", + "policyType": "BuiltIn", + "description": "Monitor all the available security recommendations in Azure Security Center. This is the default policy for Azure Security Center.", + "metadata": { + "category": "Security Center" + }, + "version": "1.2.1", + "parameters": {}, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a8bef009-a5c9-4d0f-90d7-6018734e8a16", + "policyDefinitionReferenceId": "RefId1" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af8051bf-258b-44e2-a2bf-165330459f9d", + "policyDefinitionReferenceId": "RefId2" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86b3d65f-7626-441e-b690-81a8b71cff60", + "policyDefinitionReferenceId": "RefId3" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759", + "policyDefinitionReferenceId": "RefId4" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c", + "policyDefinitionReferenceId": "RefId5" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a6b606-51aa-4496-8bb7-64b11cf66adc", + "policyDefinitionReferenceId": "RefId6" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed", + "policyDefinitionReferenceId": "RefId7" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15", + "policyDefinitionReferenceId": "RefId8" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9", + "policyDefinitionReferenceId": "RefId9" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0961003e-5a0a-4549-abde-af6a37f2724d", + "policyDefinitionReferenceId": "RefId10" + } + ] + }, + "id": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1" + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersion.json new file mode 100644 index 000000000000..e6c4e49bc576 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersion.json @@ -0,0 +1,70 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policySetDefinitionName": "CostManagement", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "policyDefinitionGroups": [ + { + "name": "CostSaving", + "displayName": "Cost Management Policies", + "description": "Policies designed to control spend within a subscription." + }, + { + "name": "Organizational", + "displayName": "Organizational Policies", + "description": "Policies that help enforce resource organization standards within a subscription." + } + ], + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "groupNames": [ + "CostSaving" + ], + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "groupNames": [ + "Organizational" + ], + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json new file mode 100644 index 000000000000..50a22eae434f --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json @@ -0,0 +1,52 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policySetDefinitionName": "CostManagement", + "version": "1.2.1", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllBuiltInPolicySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllBuiltInPolicySetDefinitionVersions.json new file mode 100644 index 000000000000..173fd8c30fb6 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllBuiltInPolicySetDefinitionVersions.json @@ -0,0 +1,71 @@ +{ + "parameters": { + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "displayName": "[Preview]: Enable Monitoring in Azure Security Center", + "policyType": "BuiltIn", + "description": "Monitor all the available security recommendations in Azure Security Center. This is the default policy for Azure Security Center.", + "metadata": { + "category": "Security Center" + }, + "version": "1.2.1", + "parameters": {}, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a8bef009-a5c9-4d0f-90d7-6018734e8a16", + "policyDefinitionReferenceId": "RefId1" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af8051bf-258b-44e2-a2bf-165330459f9d", + "policyDefinitionReferenceId": "RefId2" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86b3d65f-7626-441e-b690-81a8b71cff60", + "policyDefinitionReferenceId": "RefId3" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759", + "policyDefinitionReferenceId": "RefId4" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c", + "policyDefinitionReferenceId": "RefId5" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a6b606-51aa-4496-8bb7-64b11cf66adc", + "policyDefinitionReferenceId": "RefId6" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed", + "policyDefinitionReferenceId": "RefId7" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15", + "policyDefinitionReferenceId": "RefId8" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9", + "policyDefinitionReferenceId": "RefId9" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0961003e-5a0a-4549-abde-af6a37f2724d", + "policyDefinitionReferenceId": "RefId10" + } + ] + }, + "id": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1" + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersions.json new file mode 100644 index 000000000000..f3c08eac8283 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersions.json @@ -0,0 +1,54 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersionsByManagementGroup.json new file mode 100644 index 000000000000..6ed00b82d918 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersionsByManagementGroup.json @@ -0,0 +1,111 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "displayName": "[Preview]: Enable Monitoring in Azure Security Center", + "policyType": "BuiltIn", + "description": "Monitor all the available security recommendations in Azure Security Center. This is the default policy for Azure Security Center.", + "metadata": { + "category": "Security Center" + }, + "version": "1.2.1", + "parameters": {}, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a8bef009-a5c9-4d0f-90d7-6018734e8a16", + "policyDefinitionReferenceId": "RefId1" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af8051bf-258b-44e2-a2bf-165330459f9d", + "policyDefinitionReferenceId": "RefId2" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86b3d65f-7626-441e-b690-81a8b71cff60", + "policyDefinitionReferenceId": "RefId3" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759", + "policyDefinitionReferenceId": "RefId4" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c", + "policyDefinitionReferenceId": "RefId5" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a6b606-51aa-4496-8bb7-64b11cf66adc", + "policyDefinitionReferenceId": "RefId6" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed", + "policyDefinitionReferenceId": "RefId7" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15", + "policyDefinitionReferenceId": "RefId8" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9", + "policyDefinitionReferenceId": "RefId9" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0961003e-5a0a-4549-abde-af6a37f2724d", + "policyDefinitionReferenceId": "RefId10" + } + ] + }, + "id": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8/versoins/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1" + }, + { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitionVersions.json new file mode 100644 index 000000000000..16ed760edba9 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listBuiltInPolicySetDefinitionVersions.json @@ -0,0 +1,72 @@ +{ + "parameters": { + "policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "properties": { + "displayName": "[Preview]: Enable Monitoring in Azure Security Center", + "policyType": "BuiltIn", + "description": "Monitor all the available security recommendations in Azure Security Center. This is the default policy for Azure Security Center.", + "metadata": { + "category": "Security Center" + }, + "version": "1.2.1", + "parameters": {}, + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/a8bef009-a5c9-4d0f-90d7-6018734e8a16", + "policyDefinitionReferenceId": "RefId1" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af8051bf-258b-44e2-a2bf-165330459f9d", + "policyDefinitionReferenceId": "RefId2" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/86b3d65f-7626-441e-b690-81a8b71cff60", + "policyDefinitionReferenceId": "RefId3" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/655cb504-bcee-4362-bd4c-402e6aa38759", + "policyDefinitionReferenceId": "RefId4" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/b0f33259-77d7-4c9e-aac6-3aabcfae693c", + "policyDefinitionReferenceId": "RefId5" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/47a6b606-51aa-4496-8bb7-64b11cf66adc", + "policyDefinitionReferenceId": "RefId6" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/44452482-524f-4bf4-b852-0bff7cc4a3ed", + "policyDefinitionReferenceId": "RefId7" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/e1e5fd5d-3e4c-4ce1-8661-7d1873ae6b15", + "policyDefinitionReferenceId": "RefId8" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/af6cd1bd-1635-48cb-bde7-5b15693900b9", + "policyDefinitionReferenceId": "RefId9" + }, + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/0961003e-5a0a-4549-abde-af6a37f2724d", + "policyDefinitionReferenceId": "RefId10" + } + ] + }, + "id": "/providers/Microsoft.Authorization/policySetDefinitions/1f3afdf9-d0c9-4c3d-847f-89da613e70a8/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1" + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersions.json new file mode 100644 index 000000000000..b0191b4b1b54 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersions.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", + "policySetDefinitionName": "CostManagement", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policySetDefinitions/CostManagement/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "policyDefinitions": [ + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersionsByManagementGroup.json new file mode 100644 index 000000000000..beea1459f814 --- /dev/null +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersionsByManagementGroup.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "managementGroupId": "MyManagementGroup", + "policySetDefinitionName": "CostManagement", + "api-version": "2023-04-01" + }, + "responses": { + "200": { + "headers": {}, + "body": { + "value": [ + { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policySetDefinitions/CostManagement/versions/1.2.1", + "type": "Microsoft.Authorization/policySetDefinitions/versions", + "name": "1.2.1", + "properties": { + "displayName": "Cost Management", + "description": "Policies to enforce low cost storage SKUs", + "metadata": { + "category": "Cost Management" + }, + "version": "1.2.1", + "policyDefinitions": [ + { + "policyDefinitionId": "/providers/Microsoft.Authorization/policyDefinitions/7433c107-6db4-4ad1-b57a-a76dce0154a1", + "policyDefinitionReferenceId": "Limit_Skus", + "parameters": { + "listOfAllowedSKUs": { + "value": [ + "Standard_GRS", + "Standard_LRS" + ] + } + } + }, + { + "policyDefinitionId": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming", + "policyDefinitionReferenceId": "Resource_Naming", + "parameters": { + "prefix": { + "value": "DeptA" + }, + "suffix": { + "value": "-LC" + } + } + } + ] + } + } + ] + } + } + } +} diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index 30b92cede745..c76a63129ba5 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -130,7 +130,6 @@ "$ref": "./examples/listAllPolicyDefinitionVersions.json" } }, - "parameters": [ { "$ref": "#/parameters/ApiVersionParameter" diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 4f7a9c079039..4d25f936c8c9 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -42,6 +42,11 @@ "operationId": "PolicySetDefinitionVersions_ListAllBuiltins", "summary": "Lists all built-in policy set definition versions.", "description": "This operation lists all the built-in policy set definition versions for all built-in policy set definitions.", + "x-ms-examples": { + "List all built-in policy definition versions": { + "$ref": "./examples/listAllBuiltInPolicySetDefinitionVersions.json" + } + }, "parameters": [ { "$ref": "#/parameters/ApiVersionParameter" @@ -77,6 +82,11 @@ "operationId": "PolicySetDefinitionVersions_ListAllAtManagementGroup", "summary": "Lists all policy set definition versions at management group scope.", "description": "This operation lists all the policy set definition versions for all policy set definitions at the management group scope.", + "x-ms-examples": { + "List all policy definition versions at management group": { + "$ref": "./examples/listAllPolicySetDefinitionVersionsByManagementGroup.json" + } + }, "parameters": [ { "$ref": "#/parameters/ApiVersionParameter" @@ -115,6 +125,11 @@ "operationId": "PolicySetDefinitionVersions_ListAll", "summary": "Lists all policy set definition versions within a subscription.", "description": "This operation lists all the policy set definition versions for all policy set definitions within a subscription.", + "x-ms-examples": { + "List all policy definition versions at subscription": { + "$ref": "./examples/listAllPolicySetDefinitionVersions.json" + } + }, "parameters": [ { "$ref": "#/parameters/ApiVersionParameter" @@ -154,7 +169,7 @@ "summary": "Creates or updates a policy set definition version.", "description": "This operation creates or updates a policy set definition version in the given subscription with the given name and version.", "x-ms-examples": { - "Create or update a policy set definition": { + "Create or update a policy set definition version": { "$ref": "./examples/createOrUpdatePolicySetDefinitionVersion.json" } }, @@ -217,6 +232,11 @@ "operationId": "PolicySetDefinitionVersions_Delete", "summary": "Deletes a policy set definition version.", "description": "This operation deletes the policy set definition version in the given subscription with the given name and version.", + "x-ms-examples": { + "Delete a policy set definition version": { + "$ref": "./examples/deletePolicySetDefinitionVersion.json" + } + }, "parameters": [ { "name": "policySetDefinitionName", @@ -261,7 +281,11 @@ "operationId": "PolicySetDefinitionVersions_Get", "summary": "Retrieves a policy set definition version.", "description": "This operation retrieves the policy set definition version in the given subscription with the given name and version.", - "parameters": [ + "x-ms-examples": { + "Retrieve a policy set definition version": { + "$ref": "./examples/getPolicySetDefinitionVersion.json" + } + }, "parameters": [ { "name": "policySetDefinitionName", "in": "path", @@ -307,6 +331,11 @@ "operationId": "PolicySetDefinitionVersions_GetBuiltIn", "summary": "Retrieves a built in policy set definition version.", "description": "This operation retrieves the built-in policy set definition version with the given name and version.", + "x-ms-examples": { + "Retrieve a built-in policy set definition version": { + "$ref": "./examples/getBuiltInPolicySetDefinitionVersion.json" + } + }, "parameters": [ { "name": "policySetDefinitionName", @@ -350,6 +379,11 @@ "operationId": "PolicySetDefinitionVersions_List", "summary": "Retrieves the policy set definition versions for a given policy set definition in a subscription.", "description": "This operation retrieves a list of all the policy set definition versions for the given policy set definition.", + "x-ms-examples": { + "List policy set definitions": { + "$ref": "./examples/listPolicySetDefinitionVersions.json" + } + }, "parameters": [ { "name": "policySetDefinitionName", @@ -395,6 +429,11 @@ "operationId": "PolicySetDefinitionVersions_ListBuiltIn", "summary": "Retrieves built-in policy set definition versions.", "description": "This operation retrieves a list of all the built-in policy set definition versions for the given built-in policy set definition.", + "x-ms-examples": { + "List built-in policy set definitions": { + "$ref": "./examples/listBuiltInPolicySetDefinitionVersions.json" + } + }, "parameters": [ { "name": "policySetDefinitionName", @@ -437,6 +476,11 @@ "operationId": "PolicySetDefinitionVersions_CreateOrUpdateAtManagementGroup", "summary": "Creates or updates a policy set definition version.", "description": "This operation creates or updates a policy set definition version in the given management group with the given name and version.", + "x-ms-examples": { + "Create or update a policy set definition version at management group level": { + "$ref": "./examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json" + } + }, "parameters": [ { "name": "policySetDefinitionName", @@ -496,6 +540,11 @@ "operationId": "PolicySetDefinitionVersions_DeleteAtManagementGroup", "summary": "Deletes a policy set definition version.", "description": "This operation deletes the policy set definition version in the given management group with the given name and version.", + "x-ms-examples": { + "Delete a policy set definition version at management group level": { + "$ref": "./examples/deletePolicySetDefinitionVersionAtManagementGroup.json" + } + }, "parameters": [ { "name": "policySetDefinitionName", @@ -540,7 +589,11 @@ "operationId": "PolicySetDefinitionVersions_GetAtManagementGroup", "summary": "Retrieves a policy set definition version.", "description": "This operation retrieves the policy set definition version in the given management group with the given name and version.", - "parameters": [ + "x-ms-examples": { + "Retrieve a policy set definition version at management group level": { + "$ref": "./examples/getPolicySetDefinitionVersionAtManagementGroup.json" + } + }, "parameters": [ { "name": "policySetDefinitionName", "in": "path", @@ -586,6 +639,11 @@ "operationId": "PolicySetDefinitionVersions_ListByManagementGroup", "summary": "Retrieves all policy set definition versions for a given policy set definition in a management group.", "description": "This operation retrieves a list of all the policy set definition versions for the given policy set definition in a given management group.", + "x-ms-examples": { + "List policy set definitions at management group level": { + "$ref": "./examples/listPolicySetDefinitionVersionsByManagementGroup.json" + } + }, "parameters": [ { "name": "policySetDefinitionName", From e70ac8c1b4be3d30b70de81f70ef3ea821fa7dbb Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 26 Jul 2023 13:27:59 -0700 Subject: [PATCH 12/24] Updated readme to remove tangling tag --- specification/resources/resource-manager/readme.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index ec4c49c0521d..5533be3ab73f 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -26,7 +26,7 @@ These are the global settings for the Resource API. ``` yaml openapi-type: arm -tag: package-subscriptions-2022-12 +tag: package-2022-12 ``` ``` yaml $(package-privatelinks) From 55f5d9e60b6c9ba437ac9a0c9dcf9ad6327d6c92 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 26 Jul 2023 17:07:34 -0700 Subject: [PATCH 13/24] Fix linter issues and and suppression where applicable --- .../stable/2023-04-01/policyAssignments.json | 10 +++++-- .../resources/resource-manager/readme.md | 27 +++++++++++++++++++ 2 files changed, 35 insertions(+), 2 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json index d720548b2a46..632b12b368aa 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json @@ -61,6 +61,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy assignment to delete." }, { @@ -129,6 +130,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy assignment." }, { @@ -197,6 +199,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy assignment to get." }, { @@ -253,6 +256,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy assignment." }, { @@ -1013,14 +1017,16 @@ "in": "path", "required": true, "type": "string", - "description": "The ID of the target subscription." + "description": "The ID of the target subscription.", + "x-ms-parameter-location": "method" }, "ApiVersionParameter": { "name": "api-version", "in": "query", "required": true, "type": "string", - "description": "The API version to use for the operation." + "description": "The API version to use for the operation.", + "x-ms-parameter-location": "method" }, "ManagementGroupIdParameter": { "name": "managementGroupId", diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index 5533be3ab73f..8a7b8d5719b2 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -100,6 +100,33 @@ input-file: # Needed when there is more than one input file override-info: title: PolicyClient + +suppressions: + - code: PathForPutOperation + from: policyDefinitions.json + reason: Policy definitions can be created at management group or subscriptions + - code: PathForPutOperation + from: policySetDefinitions.json + reason: Policy sets can be created at management group or subscriptions + - code: PathForPutOperation + from: policyAssignments.json + reason: Policy assignments can be created at management group or subscriptions + - code: DeleteResponseBodyEmpty + from: policyAssignments.json + reason: Policy assignment body is returned on delete and this must match API + - code: RequestSchemaForTrackedResourcesMustHaveTags + from: policyAssignments.json + reason: Policy assignments are not tracked resources + - code: RepeatedPathInfo + from: policyAssignments.json + reason: Service requires the scope to be in the body + - code: PutResponseSchemaDescription + from: policyAssignments.json + reason: Service only returns 201 on all successful PUTs + - code: UnSupportedPatchProperties + from: policyAssignments.json + reason: The location property represents the user-assigned identity location and is changeable for policy assignments + ``` ### Tag: package-2022-12 From d402c6274ddc0c1a1d3e7f63114e72ab9b86ce71 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Thu, 3 Aug 2023 15:46:07 -0700 Subject: [PATCH 14/24] Fix linter errors for assignmenets swagger --- .../stable/2023-04-01/policyAssignments.json | 13 +++++++------ specification/resources/resource-manager/readme.md | 3 +++ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json index 632b12b368aa..11add8727b9c 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json @@ -302,6 +302,9 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "resourceGroupName", "in": "path", @@ -320,9 +323,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -359,6 +359,9 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "resourceGroupName", "in": "path", @@ -397,6 +400,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^.+$", "description": "The name of the resource." }, { @@ -407,9 +411,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index 8a7b8d5719b2..18ad95f02c13 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -126,6 +126,9 @@ suppressions: - code: UnSupportedPatchProperties from: policyAssignments.json reason: The location property represents the user-assigned identity location and is changeable for policy assignments + - code: PathContainsResourceType + from: policyAssignments.json + reason: The policy assignment id does contain the resource type ``` From 71cdd1a8d1e7650dcb924399ae9d4db769cec861 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Thu, 3 Aug 2023 16:49:50 -0700 Subject: [PATCH 15/24] Fix more linter errors --- .../2023-04-01/policyDefinitionVersions.json | 86 ++++++++++++------- .../stable/2023-04-01/policyDefinitions.json | 48 +++++++---- .../policySetDefinitionVersions.json | 77 +++++++++-------- .../2023-04-01/policySetDefinitions.json | 57 +++++++----- .../resources/resource-manager/readme.md | 24 ++++++ 5 files changed, 182 insertions(+), 110 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index c76a63129ba5..0c4840972d6b 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -50,9 +50,6 @@ "parameters": [ { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/TopParameter" } ], "responses": { @@ -93,9 +90,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/TopParameter" } ], "responses": { @@ -131,14 +125,11 @@ } }, "parameters": [ - { - "$ref": "#/parameters/ApiVersionParameter" - }, { "$ref": "#/parameters/SubscriptionIdParameter" }, { - "$ref": "#/parameters/TopParameter" + "$ref": "#/parameters/ApiVersionParameter" } ], "responses": { @@ -174,11 +165,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition." }, { @@ -199,9 +194,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -232,11 +224,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition." }, { @@ -248,9 +244,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -281,11 +274,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition." }, { @@ -297,9 +294,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -337,6 +331,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the built-in policy definition." }, { @@ -380,11 +375,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition to create." }, { @@ -403,9 +402,6 @@ }, "description": "The policy definition properties." }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" - }, { "$ref": "#/parameters/ApiVersionParameter" } @@ -438,11 +434,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition to delete." }, { @@ -452,9 +452,6 @@ "type": "string", "description": "The version to delete." }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" - }, { "$ref": "#/parameters/ApiVersionParameter" } @@ -487,11 +484,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition to get." }, { @@ -501,9 +502,6 @@ "type": "string", "description": "The version to get." }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" - }, { "$ref": "#/parameters/ApiVersionParameter" } @@ -538,19 +536,20 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition." }, { "$ref": "#/parameters/ApiVersionParameter" }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - }, { "$ref": "#/parameters/TopParameter" } @@ -574,7 +573,7 @@ } } }, - "/providers/Microsoft.Authorization/policyDefinitions/policyDefinitionName}/versions": { + "/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions": { "get": { "tags": [ "PolicyDefinitionVersions" @@ -588,6 +587,14 @@ } }, "parameters": [ + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "description": "The name of the policy definition." + }, { "$ref": "#/parameters/ApiVersionParameter" }, @@ -614,7 +621,7 @@ } } }, - "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/policyDefinitionName}/versions": { + "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions": { "get": { "tags": [ "PolicyDefinitionVersions" @@ -631,6 +638,14 @@ { "$ref": "#/parameters/ManagementGroupIdParameter" }, + { + "name": "policyDefinitionName", + "in": "path", + "required": true, + "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "description": "The name of the policy definition." + }, { "$ref": "#/parameters/ApiVersionParameter" }, @@ -660,6 +675,7 @@ }, "definitions": { "CloudError": { + "type": "object", "x-ms-external": true, "properties": { "error": { @@ -669,6 +685,7 @@ "description": "An error response from a policy operation." }, "PolicyDefinitionVersionProperties": { + "type": "object", "properties": { "policyType": { "type": "string", @@ -717,6 +734,7 @@ "description": "The policy definition properties." }, "ParameterDefinitionsValue": { + "type": "object", "properties": { "type": { "description": "The data type of the parameter.", @@ -783,6 +801,7 @@ } }, "PolicyDefinitionVersion": { + "type": "object", "properties": { "properties": { "x-ms-client-flatten": true, @@ -814,6 +833,7 @@ "x-ms-azure-resource": true }, "PolicyDefinitionVersionListResult": { + "type": "object", "properties": { "value": { "type": "array", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json index 61e79b383bc6..5184a24f338a 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json @@ -51,11 +51,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition to create." }, { @@ -69,9 +73,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -102,18 +103,19 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition to delete." }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -144,18 +146,19 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition to get." }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -193,6 +196,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the built-in policy definition to get." }, { @@ -229,11 +233,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition to create." }, { @@ -247,9 +255,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" } ], "responses": { @@ -280,18 +285,19 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition to delete." }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" } ], "responses": { @@ -322,18 +328,19 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy definition to get." }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" } ], "responses": { @@ -490,6 +497,7 @@ }, "definitions": { "CloudError": { + "type": "object", "x-ms-external": true, "properties": { "error": { @@ -499,6 +507,7 @@ "description": "An error response from a policy operation." }, "PolicyDefinitionProperties": { + "type": "object", "properties": { "policyType": { "type": "string", @@ -554,6 +563,7 @@ "description": "The policy definition properties." }, "ParameterDefinitionsValue": { + "type": "object", "properties": { "type": { "description": "The data type of the parameter.", @@ -620,6 +630,7 @@ } }, "PolicyDefinition": { + "type": "object", "properties": { "properties": { "x-ms-client-flatten": true, @@ -651,6 +662,7 @@ "x-ms-azure-resource": true }, "PolicyDefinitionListResult": { + "type": "object", "properties": { "value": { "type": "array", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 4d25f936c8c9..0330542d6c2d 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -50,9 +50,6 @@ "parameters": [ { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/TopParameter" } ], "responses": { @@ -88,14 +85,11 @@ } }, "parameters": [ - { - "$ref": "#/parameters/ApiVersionParameter" - }, { "$ref": "#/parameters/ManagementGroupIdParameter" }, { - "$ref": "#/parameters/TopParameter" + "$ref": "#/parameters/ApiVersionParameter" } ], "responses": { @@ -131,14 +125,11 @@ } }, "parameters": [ - { - "$ref": "#/parameters/ApiVersionParameter" - }, { "$ref": "#/parameters/SubscriptionIdParameter" }, { - "$ref": "#/parameters/TopParameter" + "$ref": "#/parameters/ApiVersionParameter" } ], "responses": { @@ -174,11 +165,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition." }, { @@ -199,9 +194,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -238,11 +230,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition." }, { @@ -254,9 +250,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -285,12 +278,17 @@ "Retrieve a policy set definition version": { "$ref": "./examples/getPolicySetDefinitionVersion.json" } - }, "parameters": [ + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition." }, { @@ -302,9 +300,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -342,6 +337,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition to get." }, { @@ -385,19 +381,20 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition." }, { "$ref": "#/parameters/ApiVersionParameter" }, - { - "$ref": "#/parameters/SubscriptionIdParameter" - }, { "$ref": "#/parameters/TopParameter" } @@ -440,6 +437,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition." }, { @@ -482,11 +480,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition to create." }, { @@ -507,9 +509,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" } ], "responses": { @@ -546,11 +545,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition." }, { @@ -562,9 +565,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" } ], "responses": { @@ -593,12 +593,17 @@ "Retrieve a policy set definition version at management group level": { "$ref": "./examples/getPolicySetDefinitionVersionAtManagementGroup.json" } - }, "parameters": [ + }, + "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition." }, { @@ -610,9 +615,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" } ], "responses": { @@ -645,19 +647,20 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition." }, { "$ref": "#/parameters/ApiVersionParameter" }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" - }, { "$ref": "#/parameters/TopParameter" } diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json index 7976246eaeab..07d948de5e68 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json @@ -51,11 +51,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition to create." }, { @@ -69,9 +73,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -108,18 +109,19 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition to delete." }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -150,18 +152,19 @@ } }, "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition to get." }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -199,6 +202,7 @@ "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition to get." }, { @@ -236,10 +240,10 @@ }, "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "#/parameters/SubscriptionIdParameter" }, { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/PolicySetDefinitionsFilterParameter" @@ -327,11 +331,15 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition to create." }, { @@ -345,9 +353,6 @@ }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" } ], "responses": { @@ -384,18 +389,19 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition to delete." }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" } ], "responses": { @@ -426,18 +432,19 @@ } }, "parameters": [ + { + "$ref": "#/parameters/ManagementGroupIdParameter" + }, { "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", + "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", "description": "The name of the policy set definition to get." }, { "$ref": "#/parameters/ApiVersionParameter" - }, - { - "$ref": "#/parameters/ManagementGroupIdParameter" } ], "responses": { @@ -471,10 +478,10 @@ }, "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "#/parameters/ManagementGroupIdParameter" }, { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/PolicySetDefinitionsFilterParameter" @@ -505,6 +512,7 @@ }, "definitions": { "CloudError": { + "type": "object", "x-ms-external": true, "properties": { "error": { @@ -514,6 +522,7 @@ "description": "An error response from a policy operation." }, "PolicySetDefinitionProperties": { + "type": "object", "properties": { "policyType": { "type": "string", @@ -583,6 +592,7 @@ "description": "The policy set definition properties." }, "PolicyDefinitionReference": { + "type": "object", "properties": { "policyDefinitionId": { "type": "string", @@ -610,6 +620,7 @@ "description": "The policy definition reference." }, "PolicyDefinitionGroup": { + "type": "object", "properties": { "name": { "type": "string", @@ -638,6 +649,7 @@ "description": "The policy definition group." }, "PolicySetDefinition": { + "type": "object", "properties": { "properties": { "x-ms-client-flatten": true, @@ -669,6 +681,7 @@ "x-ms-azure-resource": true }, "PolicySetDefinitionListResult": { + "type": "object", "properties": { "value": { "type": "array", diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index 18ad95f02c13..d355e835e8b1 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -111,6 +111,12 @@ suppressions: - code: PathForPutOperation from: policyAssignments.json reason: Policy assignments can be created at management group or subscriptions + - code: PathForPutOperation + from: policyDefinitionVersions.json + reason: Policy definition versions can be created at management group or subscriptions + - code: PathForPutOperation + from: policySetDefinitionVersions.json + reason: Policy set versions can be created at management group or subscriptions - code: DeleteResponseBodyEmpty from: policyAssignments.json reason: Policy assignment body is returned on delete and this must match API @@ -120,9 +126,27 @@ suppressions: - code: RepeatedPathInfo from: policyAssignments.json reason: Service requires the scope to be in the body + - code: RepeatedPathInfo + from: policyDefinitionVersions.json + reason: Service requires the version to be in the body + - code: RepeatedPathInfo + from: policySetDefinitionVersions.json + reason: Service requires the version to be in the body - code: PutResponseSchemaDescription from: policyAssignments.json reason: Service only returns 201 on all successful PUTs + - code: PutResponseSchemaDescription + from: policyDefinitions.json.json + reason: Service only returns 201 on all successful PUTs + - code: PutResponseSchemaDescription + from: policySetDefinitions.json.json + reason: Service only returns 201 on all successful PUTs + - code: PutResponseSchemaDescription + from: policyDefinitionVersions.json.json + reason: Service only returns 201 on all successful PUTs + - code: PutResponseSchemaDescription + from: policySetDefinitionVersions.json.json + reason: Service only returns 201 on all successful PUTs - code: UnSupportedPatchProperties from: policyAssignments.json reason: The location property represents the user-assigned identity location and is changeable for policy assignments From a5de78136f28bf70fe883fe654ba07be0e908bf2 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Thu, 3 Aug 2023 17:38:46 -0700 Subject: [PATCH 16/24] fix more linter errors --- .../stable/2023-04-01/policySetDefinitionVersions.json | 6 ++++++ specification/resources/resource-manager/readme.md | 8 ++++---- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 0330542d6c2d..7a9b99d4c3e0 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -687,6 +687,7 @@ }, "definitions": { "CloudError": { + "type": "object", "x-ms-external": true, "properties": { "error": { @@ -696,6 +697,7 @@ "description": "An error response from a policy operation." }, "PolicySetDefinitionVersionProperties": { + "type": "object", "properties": { "policyType": { "type": "string", @@ -758,6 +760,7 @@ "description": "The policy set definition properties." }, "PolicyDefinitionReference": { + "type": "object", "properties": { "policyDefinitionId": { "type": "string", @@ -785,6 +788,7 @@ "description": "The policy definition reference." }, "PolicyDefinitionGroup": { + "type": "object", "properties": { "name": { "type": "string", @@ -813,6 +817,7 @@ "description": "The policy definition group." }, "PolicySetDefinitionVersion": { + "type": "object", "properties": { "properties": { "x-ms-client-flatten": true, @@ -844,6 +849,7 @@ "x-ms-azure-resource": true }, "PolicySetDefinitionVersionListResult": { + "type": "object", "properties": { "value": { "type": "array", diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index d355e835e8b1..a0162ee0f2a9 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -136,16 +136,16 @@ suppressions: from: policyAssignments.json reason: Service only returns 201 on all successful PUTs - code: PutResponseSchemaDescription - from: policyDefinitions.json.json + from: policyDefinitions.json reason: Service only returns 201 on all successful PUTs - code: PutResponseSchemaDescription - from: policySetDefinitions.json.json + from: policySetDefinitions.json reason: Service only returns 201 on all successful PUTs - code: PutResponseSchemaDescription - from: policyDefinitionVersions.json.json + from: policyDefinitionVersions.json reason: Service only returns 201 on all successful PUTs - code: PutResponseSchemaDescription - from: policySetDefinitionVersions.json.json + from: policySetDefinitionVersions.json reason: Service only returns 201 on all successful PUTs - code: UnSupportedPatchProperties from: policyAssignments.json From 481d27bf14c3249cdb97fd2ba120207478cdc2b4 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Fri, 4 Aug 2023 13:55:36 -0700 Subject: [PATCH 17/24] Add schema property to definition parameters to reflect reality --- .../stable/2023-04-01/policyDefinitions.json | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json index 5184a24f338a..e69c7c1a6021 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json @@ -594,6 +594,10 @@ "type": "object", "description": "The default value for the parameter if no value is provided." }, + "schema": { + "type": "object", + "description": "Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/." + }, "metadata": { "type": "object", "properties": { From 06ab5042e928f565d1dcfa9bbce37176e184624e Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Fri, 4 Aug 2023 14:35:37 -0700 Subject: [PATCH 18/24] Fix prettier check issues --- .../stable/2023-04-01/policyAssignments.json | 8 ++++---- .../2023-04-01/policyDefinitionVersions.json | 20 +++++++++---------- .../stable/2023-04-01/policyDefinitions.json | 14 ++++++------- .../policySetDefinitionVersions.json | 20 +++++++++---------- .../2023-04-01/policySetDefinitions.json | 14 ++++++------- 5 files changed, 38 insertions(+), 38 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json index 11add8727b9c..7dd8c674c4a2 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json @@ -61,7 +61,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy assignment to delete." }, { @@ -130,7 +130,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy assignment." }, { @@ -199,7 +199,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy assignment to get." }, { @@ -256,7 +256,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy assignment." }, { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index 0c4840972d6b..b5ad8cc97134 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -173,7 +173,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition." }, { @@ -232,7 +232,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition." }, { @@ -282,7 +282,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition." }, { @@ -331,7 +331,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the built-in policy definition." }, { @@ -383,7 +383,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition to create." }, { @@ -442,7 +442,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition to delete." }, { @@ -492,7 +492,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition to get." }, { @@ -544,7 +544,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition." }, { @@ -592,7 +592,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition." }, { @@ -643,7 +643,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition." }, { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json index e69c7c1a6021..3d1b98c05e90 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json @@ -59,7 +59,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition to create." }, { @@ -111,7 +111,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition to delete." }, { @@ -154,7 +154,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition to get." }, { @@ -196,7 +196,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the built-in policy definition to get." }, { @@ -241,7 +241,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition to create." }, { @@ -293,7 +293,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition to delete." }, { @@ -336,7 +336,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition to get." }, { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 7a9b99d4c3e0..9629a1a23067 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -173,7 +173,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition." }, { @@ -238,7 +238,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition." }, { @@ -288,7 +288,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition." }, { @@ -337,7 +337,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition to get." }, { @@ -389,7 +389,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition." }, { @@ -437,7 +437,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition." }, { @@ -488,7 +488,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition to create." }, { @@ -553,7 +553,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition." }, { @@ -603,7 +603,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition." }, { @@ -655,7 +655,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition." }, { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json index 07d948de5e68..e63ff276552d 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json @@ -59,7 +59,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition to create." }, { @@ -117,7 +117,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition to delete." }, { @@ -160,7 +160,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition to get." }, { @@ -202,7 +202,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition to get." }, { @@ -339,7 +339,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition to create." }, { @@ -397,7 +397,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition to delete." }, { @@ -440,7 +440,7 @@ "in": "path", "required": true, "type": "string", - "pattern": "^[^<>*%&:\\?.+\/]*[^<>*%&:\\?.+\/ ]+$", + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition to get." }, { From 72a863b1ba60647aad7afb1f4e19718a52649ec3 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Mon, 7 Aug 2023 18:41:34 -0700 Subject: [PATCH 19/24] Updated based on feedback --- .../stable/2023-04-01/policyAssignments.json | 4 +- .../2023-04-01/policyDefinitionVersions.json | 223 ++++++------------ .../stable/2023-04-01/policyDefinitions.json | 4 +- .../policySetDefinitionVersions.json | 203 +++++----------- .../2023-04-01/policySetDefinitions.json | 4 +- 5 files changed, 134 insertions(+), 304 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json index 7dd8c674c4a2..a689cd3802ba 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json @@ -722,7 +722,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." @@ -881,7 +881,7 @@ "description": "The managed identity associated with the policy assignment." }, "systemData": { - "$ref": "../../../../../common-types/resource-management/v3/types.json#/definitions/systemData", + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData", "readOnly": true, "description": "The system metadata relating to this resource." } diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index b5ad8cc97134..06b688661043 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -49,7 +49,7 @@ }, "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -65,13 +65,10 @@ "$ref": "#/definitions/CloudError" } } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" } } }, - "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/listPolicyDefinitionVersions": { + "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/listPolicyDefinitionVersions": { "post": { "tags": [ "PolicyDefinitionVersions" @@ -86,10 +83,10 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -105,9 +102,6 @@ "$ref": "#/definitions/CloudError" } } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" } } }, @@ -126,10 +120,10 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -145,9 +139,6 @@ "$ref": "#/definitions/CloudError" } } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" } } }, @@ -166,22 +157,13 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy definition." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to create." + "$ref": "#/parameters/PolicyDefinitionVersion" }, { "name": "parameters", @@ -193,12 +175,18 @@ "description": "The policy definition properties." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { "201": { - "description": "Created - Returns information about the policy definition.", + "description": "Created - Returns information about the policy definition version.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersion" + } + }, + "200": { + "description": "OK - Returns information about the policy definition version.", "schema": { "$ref": "#/definitions/PolicyDefinitionVersion" } @@ -225,25 +213,16 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy definition." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to delete." + "$ref": "#/parameters/PolicyDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -275,25 +254,16 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy definition." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to get." + "$ref": "#/parameters/PolicyDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -327,22 +297,13 @@ }, "parameters": [ { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the built-in policy definition." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to get." + "$ref": "#/parameters/PolicyDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -361,7 +322,7 @@ } } }, - "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{version}": { + "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{version}": { "put": { "tags": [ "PolicyDefinitionVersions" @@ -376,22 +337,13 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy definition to create." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to create." + "$ref": "#/parameters/PolicyDefinitionVersion" }, { "name": "parameters", @@ -403,12 +355,18 @@ "description": "The policy definition properties." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { "201": { - "description": "Created - Returns information about the policy definition.", + "description": "Created - Returns information about the policy definition version.", + "schema": { + "$ref": "#/definitions/PolicyDefinitionVersion" + } + }, + "200": { + "description": "OK - Returns information about the policy definition version.", "schema": { "$ref": "#/definitions/PolicyDefinitionVersion" } @@ -435,25 +393,16 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy definition to delete." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to delete." + "$ref": "#/parameters/PolicyDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -485,25 +434,16 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy definition to get." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to get." + "$ref": "#/parameters/PolicyDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -537,18 +477,13 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy definition." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/TopParameter" @@ -588,15 +523,10 @@ }, "parameters": [ { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy definition." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/TopParameter" @@ -621,7 +551,7 @@ } } }, - "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions": { + "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions": { "get": { "tags": [ "PolicyDefinitionVersions" @@ -636,18 +566,13 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "name": "policyDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy definition." + "$ref": "#/parameters/PolicyDefinitionName" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/TopParameter" @@ -679,7 +604,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." @@ -765,6 +690,10 @@ "type": "object", "description": "The default value for the parameter if no value is provided." }, + "schema": { + "type": "object", + "description": "Provides validation of parameter inputs during assignment using a self-defined JSON schema. This property is only supported for object-type parameters and follows the Json.NET Schema 2019-09 implementation. You can learn more about using schemas at https://json-schema.org/ and test draft schemas at https://www.jsonschemavalidator.net/." + }, "metadata": { "type": "object", "properties": { @@ -824,7 +753,7 @@ "description": "The type of the resource (Microsoft.Authorization/policyDefinitions/versions)." }, "systemData": { - "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData", + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData", "readOnly": true, "description": "The system metadata relating to this resource." } @@ -851,29 +780,23 @@ } }, "parameters": { - "SubscriptionIdParameter": { - "name": "subscriptionId", + "PolicyDefinitionName": + { + "name": "policyDefinitionName", "in": "path", "required": true, "type": "string", - "description": "The ID of the target subscription.", - "x-ms-parameter-location": "method" + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", + "description": "The name of the policy definition." }, - "ManagementGroupIdParameter": { - "name": "managementGroupId", + "PolicyDefinitionVersion": + { + "name": "version", "in": "path", "required": true, "type": "string", - "description": "The ID of the management group.", - "x-ms-parameter-location": "method" - }, - "ApiVersionParameter": { - "name": "api-version", - "in": "query", - "required": true, - "type": "string", - "description": "The API version to use for the operation.", - "x-ms-parameter-location": "method" + "pattern": "^\\d+\\.\\d+\\.\\d+$", + "description": "The policy definition version. The format is x.y.z where x is the major version number, y is the minor version number, and z is the patch number" }, "PolicyDefinitionsFilterParameter": { "name": "$filter", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json index 3d1b98c05e90..b3fe6bd863b7 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json @@ -501,7 +501,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." @@ -657,7 +657,7 @@ "description": "The type of the resource (Microsoft.Authorization/policyDefinitions)." }, "systemData": { - "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData", + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData", "readOnly": true, "description": "The system metadata relating to this resource." } diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 9629a1a23067..7344e12d6986 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -49,7 +49,7 @@ }, "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -65,13 +65,10 @@ "$ref": "#/definitions/CloudError" } } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" } } }, - "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/listPolicySetDefinitionVersions": { + "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/listPolicySetDefinitionVersions": { "post": { "tags": [ "PolicySetDefinitionVersions" @@ -86,10 +83,10 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -105,9 +102,6 @@ "$ref": "#/definitions/CloudError" } } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" } } }, @@ -126,10 +120,10 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -145,9 +139,6 @@ "$ref": "#/definitions/CloudError" } } - }, - "x-ms-pageable": { - "nextLinkName": "nextLink" } } }, @@ -166,22 +157,13 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to create." + "$ref": "#/parameters/PolicySetDefinitionVersion" }, { "name": "parameters", @@ -193,7 +175,7 @@ "description": "The policy set definition properties." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -231,25 +213,16 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to delete." + "$ref": "#/parameters/PolicySetDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -281,25 +254,16 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to get." + "$ref": "#/parameters/PolicySetDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -333,22 +297,13 @@ }, "parameters": [ { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition to get." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to create." + "$ref": "#/parameters/PolicySetDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -382,18 +337,13 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/TopParameter" @@ -433,15 +383,10 @@ }, "parameters": [ { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/TopParameter" @@ -466,7 +411,7 @@ } } }, - "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{version}": { + "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{version}": { "put": { "tags": [ "PolicySetDefinitionVersions" @@ -481,22 +426,13 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition to create." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to create." + "$ref": "#/parameters/PolicySetDefinitionVersion" }, { "name": "parameters", @@ -508,7 +444,7 @@ "description": "The policy set definition version properties." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -546,25 +482,16 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to delete." + "$ref": "#/parameters/PolicySetDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -596,25 +523,16 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "name": "version", - "in": "path", - "required": true, - "type": "string", - "description": "The version to get." + "$ref": "#/parameters/PolicySetDefinitionVersion" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -633,7 +551,7 @@ } } }, - "/providers/Microsoft.Management/managementGroups/{managementGroupId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions": { + "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions": { "get": { "tags": [ "PolicySetDefinitionVersions" @@ -648,18 +566,13 @@ }, "parameters": [ { - "$ref": "#/parameters/ManagementGroupIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ManagementGroupNameParameter" }, { - "name": "policySetDefinitionName", - "in": "path", - "required": true, - "type": "string", - "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", - "description": "The name of the policy set definition." + "$ref": "#/parameters/PolicySetDefinitionName" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/TopParameter" @@ -691,7 +604,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." @@ -840,7 +753,7 @@ "description": "The type of the resource (Microsoft.Authorization/policySetDefinitions/versions)." }, "systemData": { - "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData", + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData", "readOnly": true, "description": "The system metadata relating to this resource." } @@ -867,29 +780,23 @@ } }, "parameters": { - "SubscriptionIdParameter": { - "name": "subscriptionId", + "PolicySetDefinitionName": + { + "name": "policySetDefinitionName", "in": "path", "required": true, "type": "string", - "description": "The ID of the target subscription.", - "x-ms-parameter-location": "method" + "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", + "description": "The name of the policy set definition." }, - "ManagementGroupIdParameter": { - "name": "managementGroupId", + "PolicySetDefinitionVersion": + { + "name": "version", "in": "path", "required": true, "type": "string", - "description": "The ID of the management group.", - "x-ms-parameter-location": "method" - }, - "ApiVersionParameter": { - "name": "api-version", - "in": "query", - "required": true, - "type": "string", - "description": "The API version to use for the operation.", - "x-ms-parameter-location": "method" + "pattern": "^\\d+\\.\\d+\\.\\d+$", + "description": "The policy set definition version. The format is x.y.z where x is the major version number, y is the minor version number, and z is the patch number" }, "PolicySetDefinitionsFilterParameter": { "name": "$filter", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json index e63ff276552d..f87e677b43e0 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json @@ -516,7 +516,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." @@ -672,7 +672,7 @@ "description": "The type of the resource (Microsoft.Authorization/policySetDefinitions)." }, "systemData": { - "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData", + "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData", "readOnly": true, "description": "The system metadata relating to this resource." } From c8259dafba16c2bfadf043078ad0b98bdf29f46e Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Mon, 7 Aug 2023 19:06:51 -0700 Subject: [PATCH 20/24] Fixing linter errors --- .../stable/2023-04-01/policyAssignments.json | 2 +- .../stable/2023-04-01/policyDefinitionVersions.json | 2 +- .../stable/2023-04-01/policyDefinitions.json | 2 +- .../2023-04-01/policySetDefinitionVersions.json | 2 +- .../stable/2023-04-01/policySetDefinitions.json | 2 +- specification/resources/resource-manager/readme.md | 12 ++++++------ 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json index a689cd3802ba..b25f213dfc1d 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json @@ -722,7 +722,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index 06b688661043..b437c3235523 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -604,7 +604,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json index b3fe6bd863b7..91d45c7e9566 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json @@ -501,7 +501,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 7344e12d6986..4cd0a4043f18 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -604,7 +604,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json index f87e677b43e0..9080e8b4cf1f 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json @@ -516,7 +516,7 @@ "x-ms-external": true, "properties": { "error": { - "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse" + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ErrorResponse" } }, "description": "An error response from a policy operation." diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index a0162ee0f2a9..c3ada5734989 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -141,18 +141,18 @@ suppressions: - code: PutResponseSchemaDescription from: policySetDefinitions.json reason: Service only returns 201 on all successful PUTs - - code: PutResponseSchemaDescription - from: policyDefinitionVersions.json - reason: Service only returns 201 on all successful PUTs - - code: PutResponseSchemaDescription - from: policySetDefinitionVersions.json - reason: Service only returns 201 on all successful PUTs - code: UnSupportedPatchProperties from: policyAssignments.json reason: The location property represents the user-assigned identity location and is changeable for policy assignments - code: PathContainsResourceType from: policyAssignments.json reason: The policy assignment id does contain the resource type + - code: ResourceNameRestriction + from: policyDefinitionVersions.json + reason: Using common types for management group name + - code: ResourceNameRestriction + from: policySetDefinitionVersions.json + reason: Using common types for management group name ``` From 9cd8c5083dba7da1d48068f1c3fea90634480303 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Mon, 7 Aug 2023 19:44:47 -0700 Subject: [PATCH 21/24] Fixed more linter errors --- ...createOrUpdatePolicyDefinitionVersion.json | 45 ++++++++++++++++++ ...icyDefinitionVersionAtManagementGroup.json | 47 ++++++++++++++++++- ...SetDefinitionVersionAtManagementGroup.json | 2 +- ...icyDefinitionVersionAtManagementGroup.json | 2 +- ...SetDefinitionVersionAtManagementGroup.json | 2 +- ...icyDefinitionVersionAtManagementGroup.json | 2 +- ...SetDefinitionVersionAtManagementGroup.json | 2 +- ...cyDefinitionVersionsByManagementGroup.json | 2 +- ...etDefinitionVersionsByManagementGroup.json | 2 +- ...cyDefinitionVersionsByManagementGroup.json | 2 +- ...etDefinitionVersionsByManagementGroup.json | 2 +- .../2023-04-01/policyDefinitionVersions.json | 10 ++-- .../policySetDefinitionVersions.json | 10 ++-- 13 files changed, 108 insertions(+), 22 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json index 2ba65df5237a..8b8782093e04 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json @@ -44,6 +44,51 @@ } }, "responses": { + "200": { + "headers": {}, + "body": { + "id": "/subscriptions/ae640e6b-ba3e-4256-9d62-2993eecfa6f2/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + }, "201": { "headers": {}, "body": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json index 252c50b2bb0e..521e137e6e43 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", "version": "1.2.1", "api-version": "2023-04-01", @@ -44,6 +44,51 @@ } }, "responses": { + "200": { + "headers": {}, + "body": { + "id": "/providers/Microsoft.Management/managementgroups/MyManagementGroup/providers/Microsoft.Authorization/policyDefinitions/ResourceNaming/versions/1.2.1", + "type": "Microsoft.Authorization/policyDefinitions/versions", + "name": "1.2.1", + "properties": { + "mode": "All", + "displayName": "Naming Convention", + "description": "Force resource names to begin with 'prefix' and end with 'suffix'", + "metadata": { + "category": "Naming" + }, + "version": "1.2.1", + "policyRule": { + "if": { + "not": { + "field": "name", + "like": "[concat(parameters('prefix'), '*', parameters('suffix'))]" + } + }, + "then": { + "effect": "deny" + } + }, + "parameters": { + "prefix": { + "type": "String", + "metadata": { + "displayName": "Prefix", + "description": "Resource name prefix" + } + }, + "suffix": { + "type": "String", + "metadata": { + "displayName": "Suffix", + "description": "Resource name suffix" + } + } + }, + "policyType": "Custom" + } + } + } "201": { "headers": {}, "body": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json index df2bdb14179b..2328983756e9 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "policySetDefinitionName": "CostManagement", "version": "1.2.1", "api-version": "2023-04-01", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json index 9fa02b408a1e..373eaf49edcc 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", "version": "1.2.1", "api-version": "2023-04-01" diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json index d4250d808d64..db552f02140e 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "policySetDefinitionName": "CostManagement", "version": "1.2.1", "api-version": "2023-04-01" diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json index b1ec9335834e..4aa080a87a21 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", "version": "1.2.1", "api-version": "2023-04-01" diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json index 50a22eae434f..573704953b2e 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "policySetDefinitionName": "CostManagement", "version": "1.2.1", "api-version": "2023-04-01" diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersionsByManagementGroup.json index 700511c74013..f18f95b92181 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersionsByManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicyDefinitionVersionsByManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersionsByManagementGroup.json index 6ed00b82d918..6bdbe39794b9 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersionsByManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listAllPolicySetDefinitionVersionsByManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersionsByManagementGroup.json index 6f09fdbacc0c..983b27de4138 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersionsByManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicyDefinitionVersionsByManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", "api-version": "2023-04-01" }, diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersionsByManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersionsByManagementGroup.json index beea1459f814..fa7e45ed2d50 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersionsByManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/listPolicySetDefinitionVersionsByManagementGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "managementGroupId": "MyManagementGroup", + "managementGroupName": "MyManagementGroup", "policySetDefinitionName": "CostManagement", "api-version": "2023-04-01" }, diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index b437c3235523..72726af83718 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -186,7 +186,7 @@ } }, "200": { - "description": "OK - Returns information about the policy definition version.", + "description": "OK - Successfully updated policy definition version.", "schema": { "$ref": "#/definitions/PolicyDefinitionVersion" } @@ -366,7 +366,7 @@ } }, "200": { - "description": "OK - Returns information about the policy definition version.", + "description": "OK - Successfully updated policy definition version.", "schema": { "$ref": "#/definitions/PolicyDefinitionVersion" } @@ -780,8 +780,7 @@ } }, "parameters": { - "PolicyDefinitionName": - { + "PolicyDefinitionName": { "name": "policyDefinitionName", "in": "path", "required": true, @@ -789,8 +788,7 @@ "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy definition." }, - "PolicyDefinitionVersion": - { + "PolicyDefinitionVersion": { "name": "version", "in": "path", "required": true, diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 4cd0a4043f18..1e494256b847 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -186,7 +186,7 @@ } }, "200": { - "description": "OK - Returns information about the policy set definition version.", + "description": "OK - Successfully updated policy set definition version.", "schema": { "$ref": "#/definitions/PolicySetDefinitionVersion" } @@ -455,7 +455,7 @@ } }, "200": { - "description": "OK - Returns information about the policy set definition version.", + "description": "OK - Successfully updated policy set definition version.", "schema": { "$ref": "#/definitions/PolicySetDefinitionVersion" } @@ -780,8 +780,7 @@ } }, "parameters": { - "PolicySetDefinitionName": - { + "PolicySetDefinitionName": { "name": "policySetDefinitionName", "in": "path", "required": true, @@ -789,8 +788,7 @@ "pattern": "^[^<>*%&:\\?.+/]*[^<>*%&:\\?.+/ ]+$", "description": "The name of the policy set definition." }, - "PolicySetDefinitionVersion": - { + "PolicySetDefinitionVersion": { "name": "version", "in": "path", "required": true, From 73781bb2c054f1cea3a2d320262fa8cbaa94a700 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Mon, 7 Aug 2023 19:50:54 -0700 Subject: [PATCH 22/24] Fix JSON syntax error --- .../createOrUpdatePolicyDefinitionVersionAtManagementGroup.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json index 521e137e6e43..eaec2c08f147 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json @@ -88,7 +88,7 @@ "policyType": "Custom" } } - } + }, "201": { "headers": {}, "body": { From 83ecba77c13d70536ba7179b06e08260902eddb2 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Wed, 9 Aug 2023 09:42:37 -0700 Subject: [PATCH 23/24] updated based on feedback to remove RepeatedPathInfo subpression for new apis --- .../examples/createOrUpdatePolicyDefinitionVersion.json | 2 +- ...eOrUpdatePolicyDefinitionVersionAtManagementGroup.json | 2 +- .../createOrUpdatePolicySetDefinitionVersion.json | 2 +- ...UpdatePolicySetDefinitionVersionAtManagementGroup.json | 2 +- .../examples/deletePolicyDefinitionVersion.json | 2 +- .../deletePolicyDefinitionVersionAtManagementGroup.json | 2 +- .../examples/deletePolicySetDefinitionVersion.json | 2 +- ...deletePolicySetDefinitionVersionAtManagementGroup.json | 2 +- .../examples/getBuiltInPolicySetDefinitionVersion.json | 2 +- .../examples/getBuiltinPolicyDefinitionVersion.json | 2 +- .../2023-04-01/examples/getPolicyDefinitionVersion.json | 2 +- .../getPolicyDefinitionVersionAtManagementGroup.json | 2 +- .../examples/getPolicySetDefinitionVersion.json | 2 +- .../getPolicySetDefinitionVersionAtManagementGroup.json | 2 +- .../stable/2023-04-01/policyDefinitionVersions.json | 8 ++++---- .../stable/2023-04-01/policySetDefinitionVersions.json | 8 ++++---- specification/resources/resource-manager/readme.md | 6 ------ 17 files changed, 22 insertions(+), 28 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json index 8b8782093e04..e3f46efc64c5 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersion.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyDefinitionName": "ResourceNaming", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01", "parameters": { "properties": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json index eaec2c08f147..03bfd8ef7746 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicyDefinitionVersionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupName": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01", "parameters": { "properties": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersion.json index 3d624af72621..a54b244c2b5c 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersion.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersion.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policySetDefinitionName": "CostManagement", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01", "parameters": { "properties": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json index 2328983756e9..a5c60be1ae02 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/createOrUpdatePolicySetDefinitionVersionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupName": "MyManagementGroup", "policySetDefinitionName": "CostManagement", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01", "parameters": { "properties": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersion.json index 149ef18687b0..cb0d190e3a18 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersion.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersion.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyDefinitionName": "ResourceNaming", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json index 373eaf49edcc..3459fba81e21 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicyDefinitionVersionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupName": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersion.json index e200d3f1936e..8a1821390312 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersion.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersion.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policySetDefinitionName": "CostManagement", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json index db552f02140e..7f6a81c492bf 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/deletePolicySetDefinitionVersionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupName": "MyManagementGroup", "policySetDefinitionName": "CostManagement", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinitionVersion.json index dc323e311a50..bd78c6bcb8df 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinitionVersion.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltInPolicySetDefinitionVersion.json @@ -1,7 +1,7 @@ { "parameters": { "policySetDefinitionName": "1f3afdf9-d0c9-4c3d-847f-89da613e70a8", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinitionVersion.json index 5b7f87a2e185..cb73d0c2c171 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinitionVersion.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getBuiltinPolicyDefinitionVersion.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyDefinitionName": "7433c107-6db4-4ad1-b57a-a76dce0154a1", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersion.json index f08dee6e471e..870960801e5b 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersion.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersion.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policyDefinitionName": "ResourceNaming", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json index 4aa080a87a21..917915df916d 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicyDefinitionVersionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupName": "MyManagementGroup", "policyDefinitionName": "ResourceNaming", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersion.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersion.json index e6c4e49bc576..296242856d25 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersion.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersion.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "ae640e6b-ba3e-4256-9d62-2993eecfa6f2", "policySetDefinitionName": "CostManagement", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json index 573704953b2e..48b464589b9f 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/examples/getPolicySetDefinitionVersionAtManagementGroup.json @@ -2,7 +2,7 @@ "parameters": { "managementGroupName": "MyManagementGroup", "policySetDefinitionName": "CostManagement", - "version": "1.2.1", + "policyDefinitionVersion": "1.2.1", "api-version": "2023-04-01" }, "responses": { diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json index 72726af83718..e67a246707f0 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitionVersions.json @@ -142,7 +142,7 @@ } } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{version}": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{policyDefinitionVersion}": { "put": { "tags": [ "PolicyDefinitionVersions" @@ -282,7 +282,7 @@ } } }, - "/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{version}": { + "/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{policyDefinitionVersion}": { "get": { "tags": [ "PolicyDefinitionVersions" @@ -322,7 +322,7 @@ } } }, - "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{version}": { + "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/policyDefinitions/{policyDefinitionName}/versions/{policyDefinitionVersion}": { "put": { "tags": [ "PolicyDefinitionVersions" @@ -789,7 +789,7 @@ "description": "The name of the policy definition." }, "PolicyDefinitionVersion": { - "name": "version", + "name": "policyDefinitionVersion", "in": "path", "required": true, "type": "string", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json index 1e494256b847..762c3043d623 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitionVersions.json @@ -142,7 +142,7 @@ } } }, - "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{version}": { + "/subscriptions/{subscriptionId}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{policyDefinitionVersion}": { "put": { "tags": [ "PolicySetDefinitionVersions" @@ -282,7 +282,7 @@ } } }, - "/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{version}": { + "/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{policyDefinitionVersion}": { "get": { "tags": [ "PolicySetDefinitionVersions" @@ -411,7 +411,7 @@ } } }, - "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{version}": { + "/providers/Microsoft.Management/managementGroups/{managementGroupName}/providers/Microsoft.Authorization/policySetDefinitions/{policySetDefinitionName}/versions/{policyDefinitionVersion}": { "put": { "tags": [ "PolicySetDefinitionVersions" @@ -789,7 +789,7 @@ "description": "The name of the policy set definition." }, "PolicySetDefinitionVersion": { - "name": "version", + "name": "policyDefinitionVersion", "in": "path", "required": true, "type": "string", diff --git a/specification/resources/resource-manager/readme.md b/specification/resources/resource-manager/readme.md index c3ada5734989..986ad79c2fcb 100644 --- a/specification/resources/resource-manager/readme.md +++ b/specification/resources/resource-manager/readme.md @@ -126,12 +126,6 @@ suppressions: - code: RepeatedPathInfo from: policyAssignments.json reason: Service requires the scope to be in the body - - code: RepeatedPathInfo - from: policyDefinitionVersions.json - reason: Service requires the version to be in the body - - code: RepeatedPathInfo - from: policySetDefinitionVersions.json - reason: Service requires the version to be in the body - code: PutResponseSchemaDescription from: policyAssignments.json reason: Service only returns 201 on all successful PUTs From 5a7178baa6f5ca7827c24ca52148651760c52d10 Mon Sep 17 00:00:00 2001 From: Cale Carter Date: Thu, 7 Sep 2023 13:46:42 -0700 Subject: [PATCH 24/24] Updated subid and api version to use common types --- .../stable/2023-04-01/policyAssignments.json | 46 ++++++------------- .../stable/2023-04-01/policyDefinitions.json | 44 ++++++------------ .../2023-04-01/policySetDefinitions.json | 44 ++++++------------ 3 files changed, 43 insertions(+), 91 deletions(-) diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json index b25f213dfc1d..e584799fe24f 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyAssignments.json @@ -65,7 +65,7 @@ "description": "The name of the policy assignment to delete." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -143,7 +143,7 @@ "description": "Parameters for the policy assignment." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -203,7 +203,7 @@ "description": "The name of the policy assignment to get." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -269,7 +269,7 @@ "description": "Parameters for policy assignment patch request." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -303,7 +303,7 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { "name": "resourceGroupName", @@ -322,7 +322,7 @@ "$ref": "#/parameters/TopParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -360,7 +360,7 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { "name": "resourceGroupName", @@ -410,7 +410,7 @@ "$ref": "#/parameters/TopParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -457,7 +457,7 @@ "$ref": "#/parameters/TopParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -500,10 +500,10 @@ "$ref": "#/parameters/TopParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" } ], "responses": { @@ -549,7 +549,7 @@ "x-ms-skip-url-encoding": true }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -604,7 +604,7 @@ "description": "Parameters for policy assignment." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -647,7 +647,7 @@ "x-ms-skip-url-encoding": true }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -696,7 +696,7 @@ "description": "Parameters for policy assignment patch request." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -1013,22 +1013,6 @@ } }, "parameters": { - "SubscriptionIdParameter": { - "name": "subscriptionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the target subscription.", - "x-ms-parameter-location": "method" - }, - "ApiVersionParameter": { - "name": "api-version", - "in": "query", - "required": true, - "type": "string", - "description": "The API version to use for the operation.", - "x-ms-parameter-location": "method" - }, "ManagementGroupIdParameter": { "name": "managementGroupId", "in": "path", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json index 91d45c7e9566..524ef1d83a07 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policyDefinitions.json @@ -52,7 +52,7 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { "name": "policyDefinitionName", @@ -72,7 +72,7 @@ "description": "The policy definition properties." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -104,7 +104,7 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { "name": "policyDefinitionName", @@ -115,7 +115,7 @@ "description": "The name of the policy definition to delete." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -147,7 +147,7 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { "name": "policyDefinitionName", @@ -158,7 +158,7 @@ "description": "The name of the policy definition to get." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -200,7 +200,7 @@ "description": "The name of the built-in policy definition to get." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -254,7 +254,7 @@ "description": "The policy definition properties." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -297,7 +297,7 @@ "description": "The name of the policy definition to delete." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -340,7 +340,7 @@ "description": "The name of the policy definition to get." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -374,10 +374,10 @@ }, "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { "$ref": "#/parameters/PolicyDefinitionsFilterParameter" @@ -420,7 +420,7 @@ }, "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/PolicyDefinitionsFilterParameter" @@ -463,7 +463,7 @@ }, "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/ManagementGroupIdParameter" @@ -684,14 +684,6 @@ } }, "parameters": { - "SubscriptionIdParameter": { - "name": "subscriptionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the target subscription.", - "x-ms-parameter-location": "method" - }, "ManagementGroupIdParameter": { "name": "managementGroupId", "in": "path", @@ -700,14 +692,6 @@ "description": "The ID of the management group.", "x-ms-parameter-location": "method" }, - "ApiVersionParameter": { - "name": "api-version", - "in": "query", - "required": true, - "type": "string", - "description": "The API version to use for the operation.", - "x-ms-parameter-location": "method" - }, "PolicyDefinitionsFilterParameter": { "name": "$filter", "in": "query", diff --git a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json index 9080e8b4cf1f..a9b8cd89659b 100644 --- a/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json +++ b/specification/resources/resource-manager/Microsoft.Authorization/stable/2023-04-01/policySetDefinitions.json @@ -52,7 +52,7 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { "name": "policySetDefinitionName", @@ -72,7 +72,7 @@ "description": "The policy set definition properties." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -110,7 +110,7 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { "name": "policySetDefinitionName", @@ -121,7 +121,7 @@ "description": "The name of the policy set definition to delete." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -153,7 +153,7 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { "name": "policySetDefinitionName", @@ -164,7 +164,7 @@ "description": "The name of the policy set definition to get." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -206,7 +206,7 @@ "description": "The name of the policy set definition to get." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -240,10 +240,10 @@ }, "parameters": [ { - "$ref": "#/parameters/SubscriptionIdParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/PolicySetDefinitionsFilterParameter" @@ -286,7 +286,7 @@ }, "parameters": [ { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/PolicySetDefinitionsFilterParameter" @@ -352,7 +352,7 @@ "description": "The policy set definition properties." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -401,7 +401,7 @@ "description": "The name of the policy set definition to delete." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -444,7 +444,7 @@ "description": "The name of the policy set definition to get." }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" } ], "responses": { @@ -481,7 +481,7 @@ "$ref": "#/parameters/ManagementGroupIdParameter" }, { - "$ref": "#/parameters/ApiVersionParameter" + "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter" }, { "$ref": "#/parameters/PolicySetDefinitionsFilterParameter" @@ -699,14 +699,6 @@ } }, "parameters": { - "SubscriptionIdParameter": { - "name": "subscriptionId", - "in": "path", - "required": true, - "type": "string", - "description": "The ID of the target subscription.", - "x-ms-parameter-location": "method" - }, "ManagementGroupIdParameter": { "name": "managementGroupId", "in": "path", @@ -715,14 +707,6 @@ "description": "The ID of the management group.", "x-ms-parameter-location": "method" }, - "ApiVersionParameter": { - "name": "api-version", - "in": "query", - "required": true, - "type": "string", - "description": "The API version to use for the operation.", - "x-ms-parameter-location": "method" - }, "PolicySetDefinitionsFilterParameter": { "name": "$filter", "in": "query",