-
Notifications
You must be signed in to change notification settings - Fork 5.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dev security microsoft.security 2020 08 06 preview #10418
Dev security microsoft.security 2020 08 06 preview #10418
Conversation
…-01 to version 2020-08-06-preview
[Staging] Swagger Validation Report
️✔️ |
Azure Pipelines successfully started running 1 pipeline(s). |
Can one of the admins verify this patch? |
Azure CLI Extension Generation - Release
No readme.md specification configuration files were found that are associated with the files modified in this pull request, or swagger_to_sdk section in readme.md is not configured
|
azure-sdk-for-go - Release
|
azure-sdk-for-js - Release
|
azure-sdk-for-java - Release
No readme.md specification configuration files were found that are associated with the files modified in this pull request, or swagger_to_sdk section in readme.md is not configured
|
azure-sdk-for-python - Release
|
azure-sdk-for-python-track2 - Release
No readme.md specification configuration files were found that are associated with the files modified in this pull request, or swagger_to_sdk section in readme.md is not configured
|
Trenton Generation - Release
No readme.md specification configuration files were found that are associated with the files modified in this pull request, or swagger_to_sdk section in readme.md is not configured
|
azure-sdk-for-net - Release
|
} | ||
} | ||
}, | ||
"/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotDefenderSettings/default": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/subscriptions/{subscriptionId}/ [](start = 5, length = 32)
Is it a Proxy resource? Tracked resources are only modeled under a RG.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, this would be a proxy resource.
}, | ||
"allOf": [ | ||
{ | ||
"$ref": "../../../common/v1/types.json#/definitions/Resource" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
#/definitions/Resource" [](start = 48, length = 23)
Check if it's a tracked or ProxyResource.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The shared Resource
definition includes only the standard id
, type
, name
fields.
iotDefenderSettings
would be a proxy resource that would use them.
"IotDefenderSettingsProperties": { | ||
"type": "object", | ||
"description": "IoT Defender settings properties", | ||
"properties": {} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No properties for this object?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Planned to be added in the future, but not as part of this preview API version.
} | ||
}, | ||
"paths": { | ||
"/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotDefenderSettings": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
iotDefenderSettings [](start = 66, length = 19)
Can you explain the scenario? Why does it needs to be subscription level? Can this be different per resource group? How about reusing it across a Management group?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The service ("Defender for IoT") is similar in nature to Azure Security Center while also operates in a subscription level. So some of our (proxy) resource types are also maintained at the subscription level.
} | ||
}, | ||
"paths": { | ||
"/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotSensors": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Microsoft.Security/iotSensors [](start = 47, length = 29)
Can you explain why IOT objects are modeled under Microsoft namespace?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
IoT Defender is a new security service that specializes in enhancing security/discoverability of IoT devices.
In Service Tree, it's located under Cloud + AI Platform \ Security \ Azure IoT Security
, and it's resources are available under the Microsoft.Security
provider (that is, sharing the provider with Azure Security Center).
Azure Pipelines successfully started running 1 pipeline(s). |
Azure Pipelines successfully started running 1 pipeline(s). |
Azure Pipelines successfully started running 1 pipeline(s). |
Azure Pipelines successfully started running 1 pipeline(s). |
Azure Pipelines successfully started running 1 pipeline(s). |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@liranc few comments
} | ||
} | ||
}, | ||
"put": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no request body?
} | ||
} | ||
}, | ||
"put": { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
request body?
"IotSensorProperties": { | ||
"type": "object", | ||
"description": "IoT sensor properties", | ||
"properties": {} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this is weird, Is this resource type currently in test? if so, why do you have it in public repo. empty properties dont make sense.
After discussion with Liran, the device name is the deviceId which identifies the iotSensor, in the next few months the team will add more properties as per the schema of the iotSensor. and this is preview while team is exploring the scenario. signing off from ARM side. |
@leni-msft to check why schema generation fail |
@akning-ms @leni-msft , just to make sure we're aligned, the failure is on a different resource type, from an old preview API version (isn't related to this PR). |
Hi @liranc, you're right. It's an existing lint violation (UniqueXmsEnumName) in old apiVersion swagger causing the schema generation failure. Though it doesn't block this PR, yet please note that, it will block the ARM template schema auto-generation for your swagger. Would you consider fixing the lint violation with another PR? cc. @apclouds |
@leni-msft I assume we'll eventually have to if that's the case 🙂 |
MSFT employees can try out our new experience at OpenAPI Hub - one location for using our validation tools and finding your workflow.
Contribution checklist:
If any further question about AME onboarding or validation tools, please view the FAQ.
ARM API Review Checklist
Ensure to check this box if one of the following scenarios meet updates in the PR, so that label “WaitForARMFeedback” will be added automatically to involve ARM API Review. Failure to comply may result in delays for manifest application. Note this does not apply to data plane APIs, all “removals” and “adding a new property” no more require ARM API review.
If you are blocked on ARM review and want to get the PR merged with urgency, please get the ARM oncall for reviews (RP Manifest Approvers team under Azure Resource Manager service) from IcM and reach out to them.
Breaking Change Review Checklist
If there are following updates in the PR, ensure to request an approval from API Review Board as defined in the Breaking Change Policy.
Please follow the link to find more details on PR review process.