diff --git a/schemas/2015-07-01/Microsoft.Authorization.Authz.json b/schemas/2015-07-01/Microsoft.Authorization.Authz.json deleted file mode 100644 index 60459e988b..0000000000 --- a/schemas/2015-07-01/Microsoft.Authorization.Authz.json +++ /dev/null @@ -1,187 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.Authz.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Authorization", - "description": "Microsoft Authorization Resource Types", - "resourceDefinitions": {}, - "unknown_resourceDefinitions": { - "roleAssignments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2015-07-01" - ] - }, - "name": { - "type": "string", - "description": "The name of the role assignment to create. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role assignment properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleAssignments" - }, - "roleDefinitions": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2015-07-01" - ] - }, - "name": { - "type": "string", - "description": "The ID of the role definition." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleDefinitionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role definition properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleDefinitions" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleDefinitions" - } - }, - "definitions": { - "Permission": { - "type": "object", - "properties": { - "actions": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Allowed actions." - }, - "notActions": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Denied actions." - } - }, - "description": "Role definition permissions." - }, - "RoleAssignmentProperties": { - "type": "object", - "properties": { - "principalId": { - "type": "string", - "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID used in the role assignment." - } - }, - "required": [ - "principalId", - "roleDefinitionId" - ], - "description": "Role assignment properties." - }, - "RoleDefinitionProperties": { - "type": "object", - "properties": { - "assignableScopes": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role definition assignable scopes." - }, - "description": { - "type": "string", - "description": "The role definition description." - }, - "permissions": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/Permission" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role definition permissions." - }, - "roleName": { - "type": "string", - "description": "The role name." - }, - "type": { - "type": "string", - "description": "The role type." - } - }, - "description": "Role definition properties." - } - } -} \ No newline at end of file diff --git a/schemas/2017-10-01-preview/Microsoft.Authorization.Authz.json b/schemas/2017-10-01-preview/Microsoft.Authorization.Authz.json deleted file mode 100644 index ec80c5a64b..0000000000 --- a/schemas/2017-10-01-preview/Microsoft.Authorization.Authz.json +++ /dev/null @@ -1,75 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2017-10-01-preview/Microsoft.Authorization.Authz.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Authorization", - "description": "Microsoft Authorization Resource Types", - "resourceDefinitions": {}, - "unknown_resourceDefinitions": { - "roleAssignments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2017-10-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the role assignment to create. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role assignment properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleAssignments" - } - }, - "definitions": { - "RoleAssignmentProperties": { - "type": "object", - "properties": { - "canDelegate": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The delegation flag used for creating a role assignment" - }, - "principalId": { - "type": "string", - "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID used in the role assignment." - } - }, - "description": "Role assignment properties." - } - } -} \ No newline at end of file diff --git a/schemas/2018-01-01-preview/Microsoft.Authorization.Authz.json b/schemas/2018-01-01-preview/Microsoft.Authorization.Authz.json deleted file mode 100644 index 2eb130ee3b..0000000000 --- a/schemas/2018-01-01-preview/Microsoft.Authorization.Authz.json +++ /dev/null @@ -1,226 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.Authz.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Authorization", - "description": "Microsoft Authorization Resource Types", - "resourceDefinitions": {}, - "unknown_resourceDefinitions": { - "roleAssignments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2018-01-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the role assignment to create. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role assignment properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleAssignments" - }, - "roleDefinitions": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2018-01-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The ID of the role definition." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleDefinitionProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role definition properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleDefinitions" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleDefinitions" - } - }, - "definitions": { - "Permission": { - "type": "object", - "properties": { - "actions": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Allowed actions." - }, - "dataActions": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Allowed Data actions." - }, - "notActions": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Denied actions." - }, - "notDataActions": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Denied Data actions." - } - }, - "description": "Role definition permissions." - }, - "RoleAssignmentProperties": { - "type": "object", - "properties": { - "canDelegate": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The delegation flag used for creating a role assignment" - }, - "principalId": { - "type": "string", - "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID used in the role assignment." - } - }, - "required": [ - "principalId", - "roleDefinitionId" - ], - "description": "Role assignment properties." - }, - "RoleDefinitionProperties": { - "type": "object", - "properties": { - "assignableScopes": { - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role definition assignable scopes." - }, - "description": { - "type": "string", - "description": "The role definition description." - }, - "permissions": { - "oneOf": [ - { - "type": "array", - "items": { - "$ref": "#/definitions/Permission" - } - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role definition permissions." - }, - "roleName": { - "type": "string", - "description": "The role name." - }, - "type": { - "type": "string", - "description": "The role type." - } - }, - "description": "Role definition properties." - } - } -} \ No newline at end of file diff --git a/schemas/2018-09-01-preview/Microsoft.Authorization.Authz.json b/schemas/2018-09-01-preview/Microsoft.Authorization.Authz.json deleted file mode 100644 index bec57b76ad..0000000000 --- a/schemas/2018-09-01-preview/Microsoft.Authorization.Authz.json +++ /dev/null @@ -1,96 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2018-09-01-preview/Microsoft.Authorization.Authz.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Authorization", - "description": "Microsoft Authorization Resource Types", - "resourceDefinitions": {}, - "unknown_resourceDefinitions": { - "roleAssignments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2018-09-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the role assignment to create. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role assignment properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleAssignments" - } - }, - "definitions": { - "RoleAssignmentProperties": { - "type": "object", - "properties": { - "canDelegate": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The delegation flag used for creating a role assignment" - }, - "principalId": { - "type": "string", - "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." - }, - "principalType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "User", - "Group", - "ServicePrincipal", - "ForeignGroup" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The principal type of the assigned principal ID." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID used in the role assignment." - } - }, - "required": [ - "principalId", - "roleDefinitionId" - ], - "description": "Role assignment properties." - } - } -} \ No newline at end of file diff --git a/schemas/2019-08-01/tenantDeploymentTemplate.json b/schemas/2019-08-01/tenantDeploymentTemplate.json index e787eba347..777d2e7bb5 100644 --- a/schemas/2019-08-01/tenantDeploymentTemplate.json +++ b/schemas/2019-08-01/tenantDeploymentTemplate.json @@ -508,48 +508,6 @@ { "$ref": "https://schema.management.azure.com/schemas/2017-04-01-preview/Microsoft.Aadiam.json#/tenant_resourceDefinitions/diagnosticSettings" }, - { - "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleAssignments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleDefinitions" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2017-10-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleAssignments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleAssignments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleDefinitions" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2018-09-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleAssignments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-03-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleAssignments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-04-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleAssignments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-08-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleAssignments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-10-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleAssignments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-10-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleAssignmentScheduleRequests" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-10-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleEligibilityScheduleRequests" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2020-10-01-preview/Microsoft.Authorization.Authz.json#/unknown_resourceDefinitions/roleManagementPolicyAssignments" - }, - { - "$ref": "https://schema.management.azure.com/schemas/2021-01-01-preview/Microsoft.Authorization.Authz.json#/tenant_resourceDefinitions/roleAssignmentApprovals_stages" - }, { "$ref": "https://schema.management.azure.com/schemas/2017-09-01/Microsoft.Authorization.json#/resourceDefinitions/roleAssignments" }, diff --git a/schemas/2020-03-01-preview/Microsoft.Authorization.Authz.json b/schemas/2020-03-01-preview/Microsoft.Authorization.Authz.json deleted file mode 100644 index 0f0421396a..0000000000 --- a/schemas/2020-03-01-preview/Microsoft.Authorization.Authz.json +++ /dev/null @@ -1,112 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-03-01-preview/Microsoft.Authorization.Authz.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Authorization", - "description": "Microsoft Authorization Resource Types", - "resourceDefinitions": {}, - "unknown_resourceDefinitions": { - "roleAssignments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-03-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the role assignment. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role assignment properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleAssignments" - } - }, - "definitions": { - "RoleAssignmentProperties": { - "type": "object", - "properties": { - "canDelegate": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The delegation flag used for creating a role assignment" - }, - "condition": { - "type": "string", - "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" - }, - "conditionVersion": { - "type": "string", - "description": "Version of the condition. Currently accepted value is '2.0'" - }, - "delegatedManagedIdentityResourceId": { - "type": "string", - "description": "Id of the delegated managed identity resource" - }, - "principalId": { - "type": "string", - "description": "The principal ID." - }, - "principalType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "User", - "Group", - "ServicePrincipal", - "ForeignGroup" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The principal type of the assigned principal ID." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID." - }, - "scope": { - "type": "string", - "description": "The role assignment scope." - } - }, - "required": [ - "principalId", - "roleDefinitionId" - ], - "description": "Role assignment properties." - } - } -} \ No newline at end of file diff --git a/schemas/2020-04-01-preview/Microsoft.Authorization.Authz.json b/schemas/2020-04-01-preview/Microsoft.Authorization.Authz.json deleted file mode 100644 index 7f23fb752a..0000000000 --- a/schemas/2020-04-01-preview/Microsoft.Authorization.Authz.json +++ /dev/null @@ -1,112 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-04-01-preview/Microsoft.Authorization.Authz.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Authorization", - "description": "Microsoft Authorization Resource Types", - "resourceDefinitions": {}, - "unknown_resourceDefinitions": { - "roleAssignments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-04-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the role assignment to create. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role assignment properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleAssignments" - } - }, - "definitions": { - "RoleAssignmentProperties": { - "type": "object", - "properties": { - "canDelegate": { - "oneOf": [ - { - "type": "boolean" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The delegation flag used for creating a role assignment" - }, - "condition": { - "type": "string", - "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" - }, - "conditionVersion": { - "type": "string", - "description": "Version of the condition. Currently accepted value is '2.0'" - }, - "delegatedManagedIdentityResourceId": { - "type": "string", - "description": "Id of the delegated managed identity resource" - }, - "description": { - "type": "string", - "description": "Description of role assignment" - }, - "principalId": { - "type": "string", - "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." - }, - "principalType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "User", - "Group", - "ServicePrincipal", - "ForeignGroup" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The principal type of the assigned principal ID." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID used in the role assignment." - } - }, - "required": [ - "principalId", - "roleDefinitionId" - ], - "description": "Role assignment properties." - } - } -} \ No newline at end of file diff --git a/schemas/2020-08-01-preview/Microsoft.Authorization.Authz.json b/schemas/2020-08-01-preview/Microsoft.Authorization.Authz.json deleted file mode 100644 index d44777a873..0000000000 --- a/schemas/2020-08-01-preview/Microsoft.Authorization.Authz.json +++ /dev/null @@ -1,101 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-08-01-preview/Microsoft.Authorization.Authz.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Authorization", - "description": "Microsoft Authorization Resource Types", - "resourceDefinitions": {}, - "unknown_resourceDefinitions": { - "roleAssignments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-08-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the role assignment. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role assignment properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleAssignments" - } - }, - "definitions": { - "RoleAssignmentProperties": { - "type": "object", - "properties": { - "condition": { - "type": "string", - "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" - }, - "conditionVersion": { - "type": "string", - "description": "Version of the condition. Currently accepted value is '2.0'" - }, - "delegatedManagedIdentityResourceId": { - "type": "string", - "description": "Id of the delegated managed identity resource" - }, - "description": { - "type": "string", - "description": "Description of role assignment" - }, - "principalId": { - "type": "string", - "description": "The principal ID." - }, - "principalType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "User", - "Group", - "ServicePrincipal", - "ForeignGroup" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The principal type of the assigned principal ID." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID." - } - }, - "required": [ - "principalId", - "roleDefinitionId" - ], - "description": "Role assignment properties." - } - } -} \ No newline at end of file diff --git a/schemas/2020-10-01-preview/Microsoft.Authorization.Authz.json b/schemas/2020-10-01-preview/Microsoft.Authorization.Authz.json deleted file mode 100644 index fb89becfe0..0000000000 --- a/schemas/2020-10-01-preview/Microsoft.Authorization.Authz.json +++ /dev/null @@ -1,541 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2020-10-01-preview/Microsoft.Authorization.Authz.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Authorization", - "description": "Microsoft Authorization Resource Types", - "resourceDefinitions": {}, - "unknown_resourceDefinitions": { - "roleAssignments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-10-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the role assignment. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role assignment properties." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleAssignments" - }, - "roleAssignmentScheduleRequests": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-10-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the role assignment to create. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentScheduleRequestProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role assignment schedule request properties with scope." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignmentScheduleRequests" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleAssignmentScheduleRequests" - }, - "roleEligibilityScheduleRequests": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-10-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of the role eligibility to create. It can be any valid GUID." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleEligibilityScheduleRequestProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role eligibility schedule request properties with scope." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleEligibilityScheduleRequests" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleEligibilityScheduleRequests" - }, - "roleManagementPolicyAssignments": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2020-10-01-preview" - ] - }, - "name": { - "type": "string", - "description": "The name of format {guid_guid} the role management policy assignment to upsert." - }, - "properties": { - "oneOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyAssignmentProperties" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Role management policy assignment properties with scope." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleManagementPolicyAssignments" - ] - } - }, - "required": [ - "apiVersion", - "name", - "properties", - "type" - ], - "description": "Microsoft.Authorization/roleManagementPolicyAssignments" - } - }, - "definitions": { - "RoleAssignmentProperties": { - "type": "object", - "properties": { - "condition": { - "type": "string", - "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" - }, - "conditionVersion": { - "type": "string", - "description": "Version of the condition. Currently accepted value is '2.0'" - }, - "delegatedManagedIdentityResourceId": { - "type": "string", - "description": "Id of the delegated managed identity resource" - }, - "description": { - "type": "string", - "description": "Description of role assignment" - }, - "principalId": { - "type": "string", - "description": "The principal ID." - }, - "principalType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "User", - "Group", - "ServicePrincipal", - "ForeignGroup", - "Device" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The principal type of the assigned principal ID." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID." - } - }, - "required": [ - "principalId", - "roleDefinitionId" - ], - "description": "Role assignment properties." - }, - "RoleAssignmentScheduleRequestProperties": { - "type": "object", - "properties": { - "condition": { - "type": "string", - "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" - }, - "conditionVersion": { - "type": "string", - "description": "Version of the condition. Currently accepted value is '2.0'" - }, - "justification": { - "type": "string", - "description": "Justification for the role assignment" - }, - "linkedRoleEligibilityScheduleId": { - "type": "string", - "description": "The linked role eligibility schedule id - to activate an eligibility." - }, - "principalId": { - "type": "string", - "description": "The principal ID." - }, - "requestType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "AdminAssign", - "AdminRemove", - "AdminUpdate", - "AdminExtend", - "AdminRenew", - "SelfActivate", - "SelfDeactivate", - "SelfExtend", - "SelfRenew" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID." - }, - "scheduleInfo": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentScheduleRequestPropertiesScheduleInfo" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Schedule info of the role assignment schedule" - }, - "targetRoleAssignmentScheduleId": { - "type": "string", - "description": "The resultant role assignment schedule id or the role assignment schedule id being updated" - }, - "targetRoleAssignmentScheduleInstanceId": { - "type": "string", - "description": "The role assignment schedule instance id being updated" - }, - "ticketInfo": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentScheduleRequestPropertiesTicketInfo" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Ticket Info of the role assignment" - } - }, - "required": [ - "principalId", - "requestType", - "roleDefinitionId" - ], - "description": "Role assignment schedule request properties with scope." - }, - "RoleAssignmentScheduleRequestPropertiesScheduleInfo": { - "type": "object", - "properties": { - "expiration": { - "oneOf": [ - { - "$ref": "#/definitions/RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Expiration of the role assignment schedule" - }, - "startDateTime": { - "type": "string", - "format": "date-time", - "description": "Start DateTime of the role assignment schedule." - } - }, - "description": "Schedule info of the role assignment schedule" - }, - "RoleAssignmentScheduleRequestPropertiesScheduleInfoExpiration": { - "type": "object", - "properties": { - "duration": { - "type": "string", - "description": "Duration of the role assignment schedule in TimeSpan." - }, - "endDateTime": { - "type": "string", - "format": "date-time", - "description": "End DateTime of the role assignment schedule." - }, - "type": { - "oneOf": [ - { - "type": "string", - "enum": [ - "AfterDuration", - "AfterDateTime", - "NoExpiration" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Type of the role assignment schedule expiration." - } - }, - "description": "Expiration of the role assignment schedule" - }, - "RoleAssignmentScheduleRequestPropertiesTicketInfo": { - "type": "object", - "properties": { - "ticketNumber": { - "type": "string", - "description": "Ticket number for the role assignment" - }, - "ticketSystem": { - "type": "string", - "description": "Ticket system name for the role assignment" - } - }, - "description": "Ticket Info of the role assignment" - }, - "RoleEligibilityScheduleRequestProperties": { - "type": "object", - "properties": { - "condition": { - "type": "string", - "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" - }, - "conditionVersion": { - "type": "string", - "description": "Version of the condition. Currently accepted value is '2.0'" - }, - "justification": { - "type": "string", - "description": "Justification for the role eligibility" - }, - "principalId": { - "type": "string", - "description": "The principal ID." - }, - "requestType": { - "oneOf": [ - { - "type": "string", - "enum": [ - "AdminAssign", - "AdminRemove", - "AdminUpdate", - "AdminExtend", - "AdminRenew", - "SelfActivate", - "SelfDeactivate", - "SelfExtend", - "SelfRenew" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition ID." - }, - "scheduleInfo": { - "oneOf": [ - { - "$ref": "#/definitions/RoleEligibilityScheduleRequestPropertiesScheduleInfo" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Schedule info of the role eligibility schedule" - }, - "targetRoleEligibilityScheduleId": { - "type": "string", - "description": "The resultant role eligibility schedule id or the role eligibility schedule id being updated" - }, - "targetRoleEligibilityScheduleInstanceId": { - "type": "string", - "description": "The role eligibility schedule instance id being updated" - }, - "ticketInfo": { - "oneOf": [ - { - "$ref": "#/definitions/RoleEligibilityScheduleRequestPropertiesTicketInfo" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Ticket Info of the role eligibility" - } - }, - "required": [ - "principalId", - "requestType", - "roleDefinitionId" - ], - "description": "Role eligibility schedule request properties with scope." - }, - "RoleEligibilityScheduleRequestPropertiesScheduleInfo": { - "type": "object", - "properties": { - "expiration": { - "oneOf": [ - { - "$ref": "#/definitions/RoleEligibilityScheduleRequestPropertiesScheduleInfoExpiration" - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Expiration of the role eligibility schedule" - }, - "startDateTime": { - "type": "string", - "format": "date-time", - "description": "Start DateTime of the role eligibility schedule." - } - }, - "description": "Schedule info of the role eligibility schedule" - }, - "RoleEligibilityScheduleRequestPropertiesScheduleInfoExpiration": { - "type": "object", - "properties": { - "duration": { - "type": "string", - "description": "Duration of the role eligibility schedule in TimeSpan." - }, - "endDateTime": { - "type": "string", - "format": "date-time", - "description": "End DateTime of the role eligibility schedule." - }, - "type": { - "oneOf": [ - { - "type": "string", - "enum": [ - "AfterDuration", - "AfterDateTime", - "NoExpiration" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "Type of the role eligibility schedule expiration." - } - }, - "description": "Expiration of the role eligibility schedule" - }, - "RoleEligibilityScheduleRequestPropertiesTicketInfo": { - "type": "object", - "properties": { - "ticketNumber": { - "type": "string", - "description": "Ticket number for the role eligibility" - }, - "ticketSystem": { - "type": "string", - "description": "Ticket system name for the role eligibility" - } - }, - "description": "Ticket Info of the role eligibility" - }, - "RoleManagementPolicyAssignmentProperties": { - "type": "object", - "properties": { - "policyId": { - "type": "string", - "description": "The policy id role management policy assignment." - }, - "roleDefinitionId": { - "type": "string", - "description": "The role definition of management policy assignment." - }, - "scope": { - "type": "string", - "description": "The role management policy scope." - } - }, - "description": "Role management policy assignment properties with scope." - } - } -} \ No newline at end of file diff --git a/schemas/2021-01-01-preview/Microsoft.Authorization.Authz.json b/schemas/2021-01-01-preview/Microsoft.Authorization.Authz.json deleted file mode 100644 index 44e635cf0b..0000000000 --- a/schemas/2021-01-01-preview/Microsoft.Authorization.Authz.json +++ /dev/null @@ -1,114 +0,0 @@ -{ - "id": "https://schema.management.azure.com/schemas/2021-01-01-preview/Microsoft.Authorization.Authz.json#", - "$schema": "http://json-schema.org/draft-04/schema#", - "title": "Microsoft.Authorization", - "description": "Microsoft Authorization Resource Types", - "resourceDefinitions": {}, - "tenant_resourceDefinitions": { - "roleAssignmentApprovals_stages": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2021-01-01-preview" - ] - }, - "displayName": { - "type": "string", - "description": "The display name for the approval stage." - }, - "justification": { - "type": "string", - "description": "Justification provided by approvers for their action" - }, - "name": { - "type": "string", - "description": "The id of the role assignment approval stage." - }, - "reviewResult": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Approve", - "Deny", - "NotReviewed" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The decision on the approval stage. This value is initially set to NotReviewed. Approvers can take action of Approve/Deny." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignmentApprovals/stages" - ] - } - }, - "required": [ - "apiVersion", - "name", - "type" - ], - "description": "Microsoft.Authorization/roleAssignmentApprovals/stages" - } - }, - "unknown_resourceDefinitions": { - "roleAssignmentApprovals_stages": { - "type": "object", - "properties": { - "apiVersion": { - "type": "string", - "enum": [ - "2021-01-01-preview" - ] - }, - "displayName": { - "type": "string", - "description": "The display name for the approval stage." - }, - "justification": { - "type": "string", - "description": "Justification provided by approvers for their action" - }, - "name": { - "type": "string", - "description": "The id of the role assignment approval stage." - }, - "reviewResult": { - "oneOf": [ - { - "type": "string", - "enum": [ - "Approve", - "Deny", - "NotReviewed" - ] - }, - { - "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" - } - ], - "description": "The decision on the approval stage. This value is initially set to NotReviewed. Approvers can take action of Approve/Deny." - }, - "type": { - "type": "string", - "enum": [ - "Microsoft.Authorization/roleAssignmentApprovals/stages" - ] - } - }, - "required": [ - "apiVersion", - "name", - "type" - ], - "description": "Microsoft.Authorization/roleAssignmentApprovals/stages" - } - }, - "definitions": {} -} \ No newline at end of file