-
Notifications
You must be signed in to change notification settings - Fork 5.1k
/
FirewallRules.json
377 lines (377 loc) · 18.4 KB
/
FirewallRules.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
{
"swagger": "2.0",
"info": {
"version": "2023-02-01-preview",
"title": "SqlManagementClient",
"description": "The Azure SQL Database management API provides a RESTful set of web APIs that interact with Azure SQL Database services to manage your databases. The API enables users to create, retrieve, update, and delete databases, servers, and other entities."
},
"host": "management.azure.com",
"schemes": [
"https"
],
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"paths": {
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/firewallRules": {
"get": {
"tags": [
"FirewallRules"
],
"description": "Gets a list of firewall rules.",
"operationId": "FirewallRules_ListByServer",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"$ref": "#/parameters/ServerNameParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully retrieved the list of firewall rules.",
"schema": {
"$ref": "#/definitions/FirewallRuleListResult"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 409 ServerDisabled - Server is disabled."
}
},
"x-ms-pageable": {
"nextLinkName": "nextLink"
},
"x-ms-examples": {
"List Firewall Rules": {
"$ref": "./examples/FirewallRuleList.json"
}
}
},
"put": {
"tags": [
"FirewallRules"
],
"description": "Replaces all firewall rules on the server.",
"operationId": "FirewallRules_Replace",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"$ref": "#/parameters/ServerNameParameter"
},
{
"name": "parameters",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/FirewallRuleList"
}
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully updated the firewall rules.",
"schema": {
"$ref": "#/definitions/FirewallRule"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidResourceId - Invalid resource identifier.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 MismatchingServerNameWithUrl - The provided server name did not match the name in the Url.\n\n * 400 InvalidServerFirewallRuleResourceRequest - The server firewall rule resource request is invalid.\n\n * 400 InvalidServerFirewallRuleResourceParameters - The server firewall rule resource parameter is invalid.\n\n * 400 TooManyFirewallRules - The provided firewall rules are over the limit.\n\n * 400 DenyPublicEndpointEnabled - Unable to create or modify firewall rules when public network interface for the server is disabled. To manage server or database level firewall rules, please enable the public network interface.\n\n * 400 FirewallRuleInvalidRange - The specified firewall rule range is invalid.\n\n * 400 FirewallRuleNameTooLong - The provided firewall rule name is too long\n\n * 400 FirewallRuleNameEmpty - The provided firewall rule name is empty\n\n * 400 FirewallRuleNotIPv4Address - The provided firewall rule address is not IPv4\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources."
},
"202": {
"description": "Creating or updating the Server Firewall Rules is in progress."
}
},
"x-ms-examples": {
"Replace firewall rules": {
"$ref": "./examples/FirewallRuleReplace.json"
}
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/firewallRules/{firewallRuleName}": {
"get": {
"tags": [
"FirewallRules"
],
"description": "Gets a firewall rule.",
"operationId": "FirewallRules_Get",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"$ref": "#/parameters/ServerNameParameter"
},
{
"name": "firewallRuleName",
"in": "path",
"description": "The name of the firewall rule.",
"required": true,
"type": "string"
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully retrieved the specified firewall rule.",
"schema": {
"$ref": "#/definitions/FirewallRule"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 ResourceNotFound - The requested resource was not found.\n\n * 409 ServerDisabled - Server is disabled."
}
},
"x-ms-examples": {
"Get Firewall Rule": {
"$ref": "./examples/FirewallRuleGet.json"
}
}
},
"put": {
"tags": [
"FirewallRules"
],
"description": "Creates or updates a firewall rule.",
"operationId": "FirewallRules_CreateOrUpdate",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"$ref": "#/parameters/ServerNameParameter"
},
{
"name": "firewallRuleName",
"in": "path",
"description": "The name of the firewall rule.",
"required": true,
"type": "string"
},
{
"name": "parameters",
"in": "body",
"description": "The required parameters for creating or updating a firewall rule.",
"required": true,
"schema": {
"$ref": "#/definitions/FirewallRule"
}
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully updated the firewall rule.",
"schema": {
"$ref": "#/definitions/FirewallRule"
}
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidResourceId - Invalid resource identifier.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 MismatchingServerNameWithUrl - The provided server name did not match the name in the Url.\n\n * 400 InvalidServerFirewallRuleResourceRequest - The server firewall rule resource request is invalid.\n\n * 400 InvalidServerFirewallRuleResourceParameters - The server firewall rule resource parameter is invalid.\n\n * 400 TooManyFirewallRules - The provided firewall rules are over the limit.\n\n * 400 DenyPublicEndpointEnabled - Unable to create or modify firewall rules when public network interface for the server is disabled. To manage server or database level firewall rules, please enable the public network interface.\n\n * 400 FirewallRuleInvalidRange - The specified firewall rule range is invalid.\n\n * 400 FirewallRuleNameTooLong - The provided firewall rule name is too long\n\n * 400 FirewallRuleNameEmpty - The provided firewall rule name is empty\n\n * 400 FirewallRuleNotIPv4Address - The provided firewall rule address is not IPv4\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources."
},
"201": {
"description": "Successfully created the firewall rule.",
"schema": {
"$ref": "#/definitions/FirewallRule"
}
}
},
"x-ms-examples": {
"Create a firewall rule max/min": {
"$ref": "./examples/FirewallRuleCreate.json"
},
"Update a firewall rule max/min": {
"$ref": "./examples/FirewallRuleUpdate.json"
}
}
},
"delete": {
"tags": [
"FirewallRules"
],
"description": "Deletes a firewall rule.",
"operationId": "FirewallRules_Delete",
"parameters": [
{
"$ref": "../../../common/v1/types.json#/parameters/ResourceGroupParameter"
},
{
"$ref": "#/parameters/ServerNameParameter"
},
{
"name": "firewallRuleName",
"in": "path",
"description": "The name of the firewall rule.",
"required": true,
"type": "string"
},
{
"$ref": "../../../common/v1/types.json#/parameters/SubscriptionIdParameter"
},
{
"$ref": "../../../common/v1/types.json#/parameters/ApiVersionParameter"
}
],
"responses": {
"200": {
"description": "Successfully deleted the firewall rule."
},
"default": {
"description": "*** Error Responses: ***\n\n * 400 ManagedInstanceStoppingOrStopped - Conflicting operation submitted while instance is in stopping/stopped state\n\n * 400 ManagedInstanceStarting - Conflicting operation submitted while instance is in starting state\n\n * 400 InvalidResourceId - Invalid resource identifier.\n\n * 400 MismatchingSubscriptionWithUrl - The provided subscription did not match the subscription in the Url.\n\n * 400 MismatchingResourceGroupNameWithUrl - The provided resource group name did not match the name in the Url.\n\n * 400 MismatchingServerNameWithUrl - The provided server name did not match the name in the Url.\n\n * 400 InvalidServerFirewallRuleResourceRequest - The server firewall rule resource request is invalid.\n\n * 404 SubscriptionDoesNotHaveServer - The requested server was not found\n\n * 404 ServerNotInSubscriptionResourceGroup - Specified server does not exist in the specified resource group and subscription.\n\n * 404 OperationIdNotFound - The operation with Id does not exist.\n\n * 409 OperationCancelled - The operation has been cancelled by user.\n\n * 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.\n\n * 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.\n\n * 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.\n\n * 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.\n\n * 503 TooManyRequests - Requests beyond max requests that can be processed by available resources."
},
"204": {
"description": "The specified firewall rule does not exist."
}
},
"x-ms-examples": {
"Delete a firewall rule": {
"$ref": "./examples/FirewallRuleDelete.json"
}
}
}
}
},
"definitions": {
"FirewallRule": {
"description": "A server firewall rule.",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ProxyResourceWithWritableName"
}
],
"properties": {
"properties": {
"$ref": "#/definitions/ServerFirewallRuleProperties",
"description": "Resource properties.",
"x-ms-client-flatten": true
}
}
},
"FirewallRuleList": {
"description": "A list of server firewall rules.",
"type": "object",
"properties": {
"values": {
"type": "array",
"items": {
"$ref": "#/definitions/FirewallRule"
}
}
}
},
"FirewallRuleListResult": {
"description": "The response to a list firewall rules request",
"type": "object",
"properties": {
"value": {
"description": "Array of results.",
"type": "array",
"items": {
"$ref": "#/definitions/FirewallRule"
},
"readOnly": true
},
"nextLink": {
"description": "Link to retrieve next page of results.",
"type": "string",
"readOnly": true
}
}
},
"ProxyResourceWithWritableName": {
"description": "ARM proxy resource.",
"type": "object",
"allOf": [
{
"$ref": "#/definitions/ResourceWithWritableName"
}
],
"properties": {}
},
"ResourceWithWritableName": {
"description": "ARM resource.",
"type": "object",
"properties": {
"id": {
"description": "Resource ID.",
"type": "string",
"readOnly": true
},
"name": {
"description": "Resource name.",
"type": "string"
},
"type": {
"description": "Resource type.",
"type": "string",
"readOnly": true
}
},
"x-ms-azure-resource": true
},
"ServerFirewallRuleProperties": {
"description": "The properties of a server firewall rule.",
"type": "object",
"properties": {
"startIpAddress": {
"description": "The start IP address of the firewall rule. Must be IPv4 format. Use value '0.0.0.0' for all Azure-internal IP addresses.",
"type": "string"
},
"endIpAddress": {
"description": "The end IP address of the firewall rule. Must be IPv4 format. Must be greater than or equal to startIpAddress. Use value '0.0.0.0' for all Azure-internal IP addresses.",
"type": "string"
}
}
}
},
"parameters": {
"ServerNameParameter": {
"name": "serverName",
"in": "path",
"description": "The name of the server.",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
}
},
"securityDefinitions": {
"azure_auth": {
"type": "oauth2",
"description": "Azure Active Directory OAuth2 Flow",
"flow": "implicit",
"authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
"scopes": {
"user_impersonation": "impersonate your user account"
}
}
}
}