From 05b9819d150562f4989e003c050ffe02f0a5f104 Mon Sep 17 00:00:00 2001 From: ayeletshpigelman Date: Wed, 22 Aug 2018 19:50:49 +0300 Subject: [PATCH] Add serverSecurityAlertPolicies APIs for MySQL servers (#3644) --- .../ServerSecurityAlertsCreateMax.json | 39 ++++ .../ServerSecurityAlertsCreateMin.json | 34 +++ .../examples/ServerSecurityAlertsGet.json | 26 +++ .../stable/2017-12-01/mysql.json | 199 ++++++++++++++++++ 4 files changed, 298 insertions(+) create mode 100644 specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMax.json create mode 100644 specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMin.json create mode 100644 specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsGet.json diff --git a/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMax.json b/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMax.json new file mode 100644 index 000000000000..7e0e08e7fce9 --- /dev/null +++ b/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMax.json @@ -0,0 +1,39 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-4799", + "serverName": "securityalert-6440", + "securityAlertPolicyName": "Default", + "api-version": "2017-12-01", + "parameters": { + "properties": { + "state": "Enabled", + "emailAccountAdmins": true, + "emailAddresses": ["testSecurityAlert@microsoft.com"], + "disabledAlerts": ["Access_Anomaly", "Usage_Anomaly"], + "retentionDays": 5, + "storageAccountAccessKey": "sdlfkjabc+sdlfkjsdlkfsjdfLDKFTERLKFDFKLjsdfksjdflsdkfD2342309432849328476458/3RSD==", + "storageEndpoint": "https://mystorage.blob.core.windows.net" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.DBforMySQL/servers/securityalert-6440/securityAlertPolicies/default", + "name": "Default", + "type": "Microsoft.DBforMySQL/servers/securityAlertPolicies", + "properties": { + "state": "Enabled", + "emailAccountAdmins": true, + "emailAddresses": ["testSecurityAlert@microsoft.com"], + "disabledAlerts": ["Access_Anomaly","Usage_Anomaly"], + "retentionDays": 5, + "storageEndpoint": "https://mystorage.blob.core.windows.net" + } + } + }, + "202": { + } + } +} \ No newline at end of file diff --git a/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMin.json b/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMin.json new file mode 100644 index 000000000000..cca181d831ee --- /dev/null +++ b/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsCreateMin.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-4799", + "serverName": "securityalert-6440", + "securityAlertPolicyName": "Default", + "api-version": "2017-12-01", + "parameters": { + "properties": { + "state": "Disabled", + "emailAccountAdmins": true + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.DBforMySQL/servers/securityalert-6440/securityAlertPolicies/default", + "name": "Default", + "type": "Microsoft.DBforMySQL/servers/securityAlertPolicies", + "properties": { + "state": "Enabled", + "emailAccountAdmins": true, + "emailAddresses": [], + "disabledAlerts": [], + "retentionDays": 0, + "storageEndpoint": "" + } + } + }, + "202": { + } + } +} \ No newline at end of file diff --git a/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsGet.json b/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsGet.json new file mode 100644 index 000000000000..d189ddd73a3f --- /dev/null +++ b/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/examples/ServerSecurityAlertsGet.json @@ -0,0 +1,26 @@ +{ + "parameters": { + "subscriptionId": "00000000-1111-2222-3333-444444444444", + "resourceGroupName": "securityalert-4799", + "serverName": "securityalert-6440", + "securityAlertPolicyName": "Default", + "api-version": "2017-03-01-preview" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/securityalert-4799/providers/Microsoft.DBforMySQL/servers/securityalert-6440/securityAlertPolicies/default", + "name": "Default", + "type": "Microsoft.DBforMySQL/servers/securityAlertPolicies", + "properties": { + "state": "Disabled", + "emailAccountAdmins": true, + "emailAddresses": [ "test@microsoft.com;user@microsoft.com" ], + "disabledAlerts": ["Access_Anomaly"], + "retentionDays": 0, + "storageEndpoint": "https://mystorage.blob.core.windows.net" + } + } + } + } +} \ No newline at end of file diff --git a/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/mysql.json b/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/mysql.json index 4c49d15bb9b1..32be2de610b5 100644 --- a/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/mysql.json +++ b/specification/mysql/resource-manager/Microsoft.DBforMySQL/stable/2017-12-01/mysql.json @@ -1062,6 +1062,126 @@ } } }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.DBforMySQL/servers/{serverName}/securityAlertPolicies/{securityAlertPolicyName}": { + "get": { + "tags": [ + "ServerSecurityAlertPolicies" + ], + "description": "Get a server's security alert policy.", + "operationId": "ServerSecurityAlertPolicies_Get", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "$ref": "#/parameters/ServerNameParameter" + }, + { + "name": "securityAlertPolicyName", + "in": "path", + "description": "The name of the security alert policy.", + "required": true, + "type": "string", + "enum": [ + "Default" + ], + "x-ms-enum": { + "name": "SecurityAlertPolicyName", + "modelAsString": true + } + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully retrieved the server threat detection policy.", + "schema": { + "$ref": "#/definitions/ServerSecurityAlertPolicy" + } + }, + "default": { + "description": "Error response describing why the operation of getting security alert policies failed." + } + }, + "x-ms-examples": { + "Get a server's threat detection policy": { + "$ref": "./examples/ServerSecurityAlertsGet.json" + } + } + }, + "put": { + "tags": [ + "ServerSecurityAlertPolicies" + ], + "description": "Creates or updates a threat detection policy.", + "operationId": "ServerSecurityAlertPolicies_CreateOrUpdate", + "parameters": [ + { + "$ref": "#/parameters/ResourceGroupParameter" + }, + { + "$ref": "#/parameters/ServerNameParameter" + }, + { + "name": "securityAlertPolicyName", + "in": "path", + "description": "The name of the threat detection policy.", + "required": true, + "type": "string", + "enum": [ + "Default" + ], + "x-ms-enum": { + "name": "SecurityAlertPolicyName", + "modelAsString": true + } + }, + { + "name": "parameters", + "in": "body", + "description": "The server security alert policy.", + "required": true, + "schema": { + "$ref": "#/definitions/ServerSecurityAlertPolicy" + } + }, + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Successfully updated the threat detection policy.", + "schema": { + "$ref": "#/definitions/ServerSecurityAlertPolicy" + } + }, + "default": { + "description": "Error response describing why the operation of setting security alert policies failed." + }, + "202": { + "description": "Created request to set the server threat detection policy." + } + }, + "x-ms-long-running-operation": true, + "x-ms-examples": { + "Update a server's threat detection policy with all parameters": { + "$ref": "./examples/ServerSecurityAlertsCreateMax.json" + }, + "Update a server's threat detection policy with minimal parameters": { + "$ref": "./examples/ServerSecurityAlertsCreateMin.json" + } + } + } + }, "/providers/Microsoft.DBforMySQL/operations": { "get": { "tags": [ @@ -1916,6 +2036,74 @@ } }, "description": "Represents a resource name availability." + }, + "SecurityAlertPolicyProperties": { + "description": "Properties of a security alert policy.", + "required": [ + "state" + ], + "type": "object", + "properties": { + "state": { + "description": "Specifies the state of the policy, whether it is enabled or disabled.", + "enum": [ + "Enabled", + "Disabled" + ], + "type": "string", + "x-ms-enum": { + "name": "ServerSecurityAlertPolicyState", + "modelAsString": false + } + }, + "disabledAlerts": { + "description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly", + "type": "array", + "items": { + "type": "string" + } + }, + "emailAddresses": { + "description": "Specifies an array of e-mail addresses to which the alert is sent.", + "type": "array", + "items": { + "type": "string" + } + }, + "emailAccountAdmins": { + "description": "Specifies that the alert is sent to the account administrators.", + "type": "boolean" + }, + "storageEndpoint": { + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.", + "type": "string" + }, + "storageAccountAccessKey": { + "description": "Specifies the identifier key of the Threat Detection audit storage account.", + "type": "string" + }, + "retentionDays": { + "format": "int32", + "description": "Specifies the number of days to keep in the Threat Detection audit logs.", + "type": "integer" + } + } + }, + "ServerSecurityAlertPolicy": { + "description": "A server security alert policy.", + "type": "object", + "allOf": [ + { + "$ref": "#/definitions/ProxyResource" + } + ], + "properties": { + "properties": { + "$ref": "#/definitions/SecurityAlertPolicyProperties", + "description": "Resource properties.", + "x-ms-client-flatten": true + } + } } }, "parameters": { @@ -1988,6 +2176,17 @@ "type": "string", "description": "The name of the location.", "x-ms-parameter-location": "method" + }, + "SecurityAlertPolicyNameParameter": { + "name": "securityAlertPolicyName", + "in": "path", + "description": "The name of the security alert policy.", + "required": true, + "type": "string", + "enum": [ + "default" + ], + "x-ms-parameter-location": "method" } } } \ No newline at end of file