From 844e7f8426295383848ecbdb6d4dfbfd1420ebf2 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Wed, 9 Sep 2020 16:32:43 -0700 Subject: [PATCH 1/4] remove references from deployment template run generate single add generated files --- generator/autogenlist.ts | 4 + .../2015-07-01/Microsoft.Authorization.json | 187 +++++++++++++++ .../Microsoft.Authorization.json | 75 ++++++ .../Microsoft.Authorization.json | 226 ++++++++++++++++++ .../Microsoft.Authorization.json | 102 ++++++++ schemas/2019-04-01/deploymentTemplate.json | 12 +- .../Microsoft.Authorization.json | 114 +++++++++ 7 files changed, 709 insertions(+), 11 deletions(-) create mode 100644 schemas/2015-07-01/Microsoft.Authorization.json create mode 100644 schemas/2017-10-01-preview/Microsoft.Authorization.json create mode 100644 schemas/2018-01-01-preview/Microsoft.Authorization.json create mode 100644 schemas/2018-09-01-preview/Microsoft.Authorization.json create mode 100644 schemas/2020-04-01-preview/Microsoft.Authorization.json diff --git a/generator/autogenlist.ts b/generator/autogenlist.ts index f4d1022805..8412e1c46a 100644 --- a/generator/autogenlist.ts +++ b/generator/autogenlist.ts @@ -50,6 +50,10 @@ const autogenlist: AutogenlistConfig[] = [ basePath: 'attestation/resource-manager', namespace: 'Microsoft.Attestation', }, + { + basePath: 'authorization/resource-manager', + namespace: 'Microsoft.Authorization', + }, { basePath: 'automation/resource-manager', namespace: 'Microsoft.Automation', diff --git a/schemas/2015-07-01/Microsoft.Authorization.json b/schemas/2015-07-01/Microsoft.Authorization.json new file mode 100644 index 0000000000..e28d5b1d45 --- /dev/null +++ b/schemas/2015-07-01/Microsoft.Authorization.json @@ -0,0 +1,187 @@ +{ + "id": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "Microsoft.Authorization", + "description": "Microsoft Authorization Resource Types", + "resourceDefinitions": {}, + "unknown_resourceDefinitions": { + "roleAssignments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2015-07-01" + ] + }, + "name": { + "type": "string", + "description": "The name of the role assignment to create. It can be any valid GUID." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoleAssignmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role assignment properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Authorization/roleAssignments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Authorization/roleAssignments" + }, + "roleDefinitions": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2015-07-01" + ] + }, + "name": { + "type": "string", + "description": "The ID of the role definition." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoleDefinitionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role definition properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Authorization/roleDefinitions" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Authorization/roleDefinitions" + } + }, + "definitions": { + "Permission": { + "type": "object", + "properties": { + "actions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allowed actions." + }, + "notActions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Denied actions." + } + }, + "description": "Role definition permissions." + }, + "RoleAssignmentProperties": { + "type": "object", + "properties": { + "principalId": { + "type": "string", + "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID used in the role assignment." + } + }, + "required": [ + "principalId", + "roleDefinitionId" + ], + "description": "Role assignment properties." + }, + "RoleDefinitionProperties": { + "type": "object", + "properties": { + "assignableScopes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role definition assignable scopes." + }, + "description": { + "type": "string", + "description": "The role definition description." + }, + "permissions": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/Permission" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role definition permissions." + }, + "roleName": { + "type": "string", + "description": "The role name." + }, + "type": { + "type": "string", + "description": "The role type." + } + }, + "description": "Role definition properties." + } + } +} \ No newline at end of file diff --git a/schemas/2017-10-01-preview/Microsoft.Authorization.json b/schemas/2017-10-01-preview/Microsoft.Authorization.json new file mode 100644 index 0000000000..ce2435d512 --- /dev/null +++ b/schemas/2017-10-01-preview/Microsoft.Authorization.json @@ -0,0 +1,75 @@ +{ + "id": "https://schema.management.azure.com/schemas/2017-10-01-preview/Microsoft.Authorization.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "Microsoft.Authorization", + "description": "Microsoft Authorization Resource Types", + "resourceDefinitions": {}, + "unknown_resourceDefinitions": { + "roleAssignments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2017-10-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the role assignment to create. It can be any valid GUID." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoleAssignmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role assignment properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Authorization/roleAssignments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Authorization/roleAssignments" + } + }, + "definitions": { + "RoleAssignmentProperties": { + "type": "object", + "properties": { + "canDelegate": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The delegation flag used for creating a role assignment" + }, + "principalId": { + "type": "string", + "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID used in the role assignment." + } + }, + "description": "Role assignment properties." + } + } +} \ No newline at end of file diff --git a/schemas/2018-01-01-preview/Microsoft.Authorization.json b/schemas/2018-01-01-preview/Microsoft.Authorization.json new file mode 100644 index 0000000000..3be68dccec --- /dev/null +++ b/schemas/2018-01-01-preview/Microsoft.Authorization.json @@ -0,0 +1,226 @@ +{ + "id": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "Microsoft.Authorization", + "description": "Microsoft Authorization Resource Types", + "resourceDefinitions": {}, + "unknown_resourceDefinitions": { + "roleAssignments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2018-01-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the role assignment to create. It can be any valid GUID." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoleAssignmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role assignment properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Authorization/roleAssignments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Authorization/roleAssignments" + }, + "roleDefinitions": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2018-01-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The ID of the role definition." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoleDefinitionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role definition properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Authorization/roleDefinitions" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Authorization/roleDefinitions" + } + }, + "definitions": { + "Permission": { + "type": "object", + "properties": { + "actions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allowed actions." + }, + "dataActions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allowed Data actions." + }, + "notActions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Denied actions." + }, + "notDataActions": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Denied Data actions." + } + }, + "description": "Role definition permissions." + }, + "RoleAssignmentProperties": { + "type": "object", + "properties": { + "canDelegate": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The delegation flag used for creating a role assignment" + }, + "principalId": { + "type": "string", + "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID used in the role assignment." + } + }, + "required": [ + "principalId", + "roleDefinitionId" + ], + "description": "Role assignment properties." + }, + "RoleDefinitionProperties": { + "type": "object", + "properties": { + "assignableScopes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role definition assignable scopes." + }, + "description": { + "type": "string", + "description": "The role definition description." + }, + "permissions": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/Permission" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role definition permissions." + }, + "roleName": { + "type": "string", + "description": "The role name." + }, + "type": { + "type": "string", + "description": "The role type." + } + }, + "description": "Role definition properties." + } + } +} \ No newline at end of file diff --git a/schemas/2018-09-01-preview/Microsoft.Authorization.json b/schemas/2018-09-01-preview/Microsoft.Authorization.json new file mode 100644 index 0000000000..dfbededeab --- /dev/null +++ b/schemas/2018-09-01-preview/Microsoft.Authorization.json @@ -0,0 +1,102 @@ +{ + "id": "https://schema.management.azure.com/schemas/2018-09-01-preview/Microsoft.Authorization.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "Microsoft.Authorization", + "description": "Microsoft Authorization Resource Types", + "resourceDefinitions": {}, + "unknown_resourceDefinitions": { + "roleAssignments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2018-09-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the role assignment to create. It can be any valid GUID." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoleAssignmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role assignment properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Authorization/roleAssignments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Authorization/roleAssignments" + } + }, + "definitions": { + "RoleAssignmentProperties": { + "type": "object", + "properties": { + "canDelegate": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The delegation flag used for creating a role assignment" + }, + "principalId": { + "type": "string", + "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." + }, + "principalType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "Unknown", + "DirectoryRoleTemplate", + "ForeignGroup", + "Application", + "MSI", + "DirectoryObjectOrGroup", + "Everyone" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The principal type of the assigned principal ID." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID used in the role assignment." + } + }, + "required": [ + "principalId", + "roleDefinitionId" + ], + "description": "Role assignment properties." + } + } +} \ No newline at end of file diff --git a/schemas/2019-04-01/deploymentTemplate.json b/schemas/2019-04-01/deploymentTemplate.json index 33f951375d..d0c86a71e6 100644 --- a/schemas/2019-04-01/deploymentTemplate.json +++ b/schemas/2019-04-01/deploymentTemplate.json @@ -221,7 +221,6 @@ { "$ref": "https://schema.management.azure.com/schemas/2018-07-01/Microsoft.Media.json#/resourceDefinitions/mediaServices_streamingPolicies" }, { "$ref": "https://schema.management.azure.com/schemas/2018-07-01/Microsoft.Media.json#/resourceDefinitions/mediaServices_transforms" }, { "$ref": "https://schema.management.azure.com/schemas/2018-07-01/Microsoft.Media.json#/resourceDefinitions/mediaServices_transforms_jobs" }, - { "$ref": "https://schema.management.azure.com/schemas/2016-09-01/Microsoft.Authorization.json#/resourceDefinitions/locks" }, { "$ref": "https://schema.management.azure.com/schemas/2016-09-01-preview/Microsoft.Solutions.json#/resourceDefinitions/applianceDefinitions" }, { "$ref": "https://schema.management.azure.com/schemas/2016-09-01-preview/Microsoft.Solutions.json#/resourceDefinitions/appliances" }, { "$ref": "https://schema.management.azure.com/schemas/2016-04-30-preview/Microsoft.Compute.json#/resourceDefinitions/disks" }, @@ -1343,11 +1342,6 @@ { "$ref": "https://schema.management.azure.com/schemas/2019-06-01/Microsoft.ManagedServices.json#/resourceDefinitions/registrationAssignments" }, { "$ref": "https://schema.management.azure.com/schemas/2019-06-01/Microsoft.ManagedServices.json#/resourceDefinitions/registrationDefinitions" }, { "$ref": "https://schema.management.azure.com/schemas/2018-09-01-preview/Microsoft.BareMetal.json#/resourceDefinitions/crayServers" }, - { "$ref": "https://schema.management.azure.com/schemas/2018-03-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, - { "$ref": "https://schema.management.azure.com/schemas/2018-05-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, - { "$ref": "https://schema.management.azure.com/schemas/2019-01-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, - { "$ref": "https://schema.management.azure.com/schemas/2019-06-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, - { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, { "$ref": "https://schema.management.azure.com/schemas/2018-02-01/Microsoft.Web.json#/resourceDefinitions/certificates" }, { "$ref": "https://schema.management.azure.com/schemas/2018-02-01/Microsoft.Web.json#/resourceDefinitions/hostingEnvironments" }, { "$ref": "https://schema.management.azure.com/schemas/2018-02-01/Microsoft.Web.json#/resourceDefinitions/hostingEnvironments_multiRolePools" }, @@ -1479,11 +1473,7 @@ }, { "oneOf": [ - { "$ref": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Resources.json#/resourceDefinitions/deployments" }, - { "$ref": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Authorization.json#/resourceDefinitions/locks" }, - { "$ref": "https://schema.management.azure.com/schemas/2014-10-01-preview/Microsoft.Authorization.json#/resourceDefinitions/roleAssignments" }, - { "$ref": "https://schema.management.azure.com/schemas/2017-09-01/Microsoft.Authorization.json#/resourceDefinitions/roleAssignments" }, - { "$ref": "https://schema.management.azure.com/schemas/2017-09-01/Microsoft.Authorization.json#/resourceDefinitions/roleDefinitions" } + { "$ref": "https://schema.management.azure.com/schemas/2015-01-01/Microsoft.Resources.json#/resourceDefinitions/deployments" } ] } ] diff --git a/schemas/2020-04-01-preview/Microsoft.Authorization.json b/schemas/2020-04-01-preview/Microsoft.Authorization.json new file mode 100644 index 0000000000..aef176710f --- /dev/null +++ b/schemas/2020-04-01-preview/Microsoft.Authorization.json @@ -0,0 +1,114 @@ +{ + "id": "https://schema.management.azure.com/schemas/2020-04-01-preview/Microsoft.Authorization.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "Microsoft.Authorization", + "description": "Microsoft Authorization Resource Types", + "resourceDefinitions": {}, + "unknown_resourceDefinitions": { + "roleAssignments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2020-04-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the role assignment to create. It can be any valid GUID." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/RoleAssignmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Role assignment properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Authorization/roleAssignments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Authorization/roleAssignments" + } + }, + "definitions": { + "RoleAssignmentProperties": { + "type": "object", + "properties": { + "canDelegate": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The delegation flag used for creating a role assignment" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition" + }, + "description": { + "type": "string", + "description": "Description of role assignment" + }, + "principalId": { + "type": "string", + "description": "The principal ID assigned to the role. This maps to the ID inside the Active Directory. It can point to a user, service principal, or security group." + }, + "principalType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "Unknown", + "DirectoryRoleTemplate", + "ForeignGroup", + "Application", + "MSI", + "DirectoryObjectOrGroup", + "Everyone" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The principal type of the assigned principal ID." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID used in the role assignment." + } + }, + "required": [ + "principalId", + "roleDefinitionId" + ], + "description": "Role assignment properties." + } + } +} \ No newline at end of file From 31e2e9ebcad56d1efcba4fff40277650fc1897b5 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Fri, 2 Oct 2020 14:17:55 -0700 Subject: [PATCH 2/4] update autogenlist --- generator/autogenlist.ts | 66 +++++++++++++++++++++++----------------- 1 file changed, 38 insertions(+), 28 deletions(-) diff --git a/generator/autogenlist.ts b/generator/autogenlist.ts index c3ed22cba9..f0f6bd10e3 100644 --- a/generator/autogenlist.ts +++ b/generator/autogenlist.ts @@ -14,7 +14,7 @@ const autogenlist: AutogenlistConfig[] = [ basePath: 'adhybridhealthservice/resource-manager', namespace: 'Microsoft.ADHybridHealthService', }, - { + { basePath: 'cdn/resource-manager', namespace: 'Microsoft.Cdn', }, @@ -53,6 +53,16 @@ const autogenlist: AutogenlistConfig[] = [ { basePath: 'authorization/resource-manager', namespace: 'Microsoft.Authorization', + resourceConfig: [ + { + type: 'roleAssignments', + scopes: ScopeType.Tenant | ScopeType.Subcription | ScopeType.ResourceGroup | ScopeType.ManagementGroup, + }, + { + type: 'roleDefinitions', + scopes: ScopeType.Tenant | ScopeType.Subcription | ScopeType.ResourceGroup | ScopeType.ManagementGroup, + }, + ] }, { basePath: 'automation/resource-manager', @@ -66,11 +76,11 @@ const autogenlist: AutogenlistConfig[] = [ basePath: 'azurestack/resource-manager', namespace: 'Microsoft.AzureStack', }, - { + { basePath: 'batch/resource-manager', namespace: 'Microsoft.Batch', }, - { + { basePath: 'batchai/resource-manager', namespace: 'Microsoft.BatchAI', }, @@ -146,7 +156,7 @@ const autogenlist: AutogenlistConfig[] = [ basePath: 'databox/resource-manager', namespace: 'Microsoft.DataBox', }, - { + { basePath: 'operationalinsights/resource-manager', namespace: 'Microsoft.OperationalInsights', }, @@ -209,14 +219,14 @@ const autogenlist: AutogenlistConfig[] = [ namespace: 'Microsoft.DesktopVirtualization', }, { - basePath: 'digitaltwins/resource-manager', - namespace: 'Microsoft.DigitalTwins', - resourceConfig: [ - { - type: 'integrationResources', - scopes: ScopeType.Extension, - } - ] + basePath: 'digitaltwins/resource-manager', + namespace: 'Microsoft.DigitalTwins', + resourceConfig: [ + { + type: 'integrationResources', + scopes: ScopeType.Extension, + } + ] }, { basePath: 'deviceprovisioningservices/resource-manager', @@ -243,7 +253,7 @@ const autogenlist: AutogenlistConfig[] = [ basePath: 'resourcegraph/resource-manager', namespace: 'Microsoft.ResourceGraph', }, - { + { basePath: 'redis/resource-manager', namespace: 'Microsoft.Cache', }, @@ -256,14 +266,14 @@ const autogenlist: AutogenlistConfig[] = [ namespace: 'Microsoft.HDInsight', }, { -        basePath: 'resourcehealth/resource-manager', -        namespace: 'Microsoft.ResourceHealth', -    }, + basePath: 'resourcehealth/resource-manager', + namespace: 'Microsoft.ResourceHealth', + }, { basePath: 'EnterpriseKnowledgeGraph/resource-manager', namespace: 'Microsoft.EnterpriseKnowledgeGraph', }, - { + { basePath: 'domainservices/resource-manager', namespace: 'Microsoft.AAD', }, @@ -312,7 +322,7 @@ const autogenlist: AutogenlistConfig[] = [ basePath: 'labservices/resource-manager', namespace: 'Microsoft.LabServices', }, - { + { basePath: 'eventgrid/resource-manager', namespace: 'Microsoft.EventGrid', resourceConfig: [ @@ -394,8 +404,8 @@ const autogenlist: AutogenlistConfig[] = [ namespace: 'Microsoft.NetApp', }, { - basePath: 'notificationhubs/resource-manager', - namespace: 'Microsoft.NotificationHubs' + basePath: 'notificationhubs/resource-manager', + namespace: 'Microsoft.NotificationHubs' }, { basePath: 'policyinsights/resource-manager', @@ -503,10 +513,10 @@ const autogenlist: AutogenlistConfig[] = [ namespace: 'Microsoft.ImportExport' }, { -        basePath: 'storSimple1200Series/resource-manager', -        namespace: 'Microsoft.StorSimple', + basePath: 'storSimple1200Series/resource-manager', + namespace: 'Microsoft.StorSimple', suffix: '1200' -    }, + }, { basePath: 'storage/resource-manager', namespace: 'Microsoft.Storage', @@ -520,11 +530,11 @@ const autogenlist: AutogenlistConfig[] = [ basePath: 'visualstudio/resource-manager', namespace: 'Microsoft.VisualStudio', }, - { + { basePath: 'sql/resource-manager', namespace: 'Microsoft.Sql', }, - { + { basePath: 'scheduler/resource-manager', namespace: 'Microsoft.Scheduler', }, @@ -532,16 +542,16 @@ const autogenlist: AutogenlistConfig[] = [ basePath: 'search/resource-manager', namespace: 'Microsoft.Search', }, - { + { basePath: 'subscription/resource-manager', namespace: 'Microsoft.Subscription', }, - { + { basePath: 'storsimple8000series/resource-manager', namespace: 'Microsoft.StorSimple', suffix: '8000', }, - { + { basePath: 'support/resource-manager', namespace: 'Microsoft.Support', }, From 194657af27fdef4fc3c9023ba8872896a679fa23 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Fri, 2 Oct 2020 14:18:15 -0700 Subject: [PATCH 3/4] regenerate schemas --- .../subscriptionDeploymentTemplate.json | 21 +++++++++++++++++++ .../managementGroupDeploymentTemplate.json | 21 +++++++++++++++++++ .../2019-08-01/tenantDeploymentTemplate.json | 21 +++++++++++++++++++ .../Microsoft.Authorization.json | 4 ++-- schemas/common/autogeneratedResources.json | 21 +++++++++++++++++++ 5 files changed, 86 insertions(+), 2 deletions(-) diff --git a/schemas/2018-05-01/subscriptionDeploymentTemplate.json b/schemas/2018-05-01/subscriptionDeploymentTemplate.json index 707a51bb79..8dd36b3356 100644 --- a/schemas/2018-05-01/subscriptionDeploymentTemplate.json +++ b/schemas/2018-05-01/subscriptionDeploymentTemplate.json @@ -64,12 +64,27 @@ { "$ref": "https://schema.management.azure.com/schemas/2020-01-01/Microsoft.Advisor.json#/subscription_resourceDefinitions/configurations" }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleDefinitions" + }, { "$ref": "https://schema.management.azure.com/schemas/2017-09-01/Microsoft.Authorization.json#/resourceDefinitions/roleAssignments" }, { "$ref": "https://schema.management.azure.com/schemas/2017-09-01/Microsoft.Authorization.json#/resourceDefinitions/roleDefinitions" }, + { + "$ref": "https://schema.management.azure.com/schemas/2017-10-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleDefinitions" + }, { "$ref": "https://schema.management.azure.com/schemas/2018-03-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, @@ -88,6 +103,9 @@ { "$ref": "https://schema.management.azure.com/schemas/2018-05-01/Microsoft.Authorization.json#/resourceDefinitions/policySetDefinitions" }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-09-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, { "$ref": "https://schema.management.azure.com/schemas/2019-01-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, @@ -115,6 +133,9 @@ { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Authorization.json#/resourceDefinitions/policySetDefinitions" }, + { + "$ref": "https://schema.management.azure.com/schemas/2020-04-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, { "$ref": "https://schema.management.azure.com/schemas/2018-11-01-preview/Microsoft.Billing.json#/subscription_resourceDefinitions/billingAccounts_lineOfCredit" }, diff --git a/schemas/2019-08-01/managementGroupDeploymentTemplate.json b/schemas/2019-08-01/managementGroupDeploymentTemplate.json index a064324e7e..6402fec9e2 100644 --- a/schemas/2019-08-01/managementGroupDeploymentTemplate.json +++ b/schemas/2019-08-01/managementGroupDeploymentTemplate.json @@ -52,12 +52,27 @@ }, { "oneOf": [ + { + "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleDefinitions" + }, { "$ref": "https://schema.management.azure.com/schemas/2017-09-01/Microsoft.Authorization.json#/resourceDefinitions/roleAssignments" }, { "$ref": "https://schema.management.azure.com/schemas/2017-09-01/Microsoft.Authorization.json#/resourceDefinitions/roleDefinitions" }, + { + "$ref": "https://schema.management.azure.com/schemas/2017-10-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleDefinitions" + }, { "$ref": "https://schema.management.azure.com/schemas/2018-03-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, @@ -76,6 +91,9 @@ { "$ref": "https://schema.management.azure.com/schemas/2018-05-01/Microsoft.Authorization.json#/resourceDefinitions/policySetDefinitions" }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-09-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, { "$ref": "https://schema.management.azure.com/schemas/2019-01-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, @@ -103,6 +121,9 @@ { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Authorization.json#/resourceDefinitions/policySetDefinitions" }, + { + "$ref": "https://schema.management.azure.com/schemas/2020-04-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, { "$ref": "https://schema.management.azure.com/schemas/2017-11-11-preview/Microsoft.Blueprint.json#/managementGroup_resourceDefinitions/blueprints" }, diff --git a/schemas/2019-08-01/tenantDeploymentTemplate.json b/schemas/2019-08-01/tenantDeploymentTemplate.json index aad797418a..72b6cd8abc 100644 --- a/schemas/2019-08-01/tenantDeploymentTemplate.json +++ b/schemas/2019-08-01/tenantDeploymentTemplate.json @@ -57,12 +57,27 @@ { "$ref": "https://schema.management.azure.com/schemas/2017-04-01/Microsoft.Aadiam.json#/tenant_resourceDefinitions/diagnosticSettings" }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleDefinitions" + }, { "$ref": "https://schema.management.azure.com/schemas/2017-09-01/Microsoft.Authorization.json#/resourceDefinitions/roleAssignments" }, { "$ref": "https://schema.management.azure.com/schemas/2017-09-01/Microsoft.Authorization.json#/resourceDefinitions/roleDefinitions" }, + { + "$ref": "https://schema.management.azure.com/schemas/2017-10-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleDefinitions" + }, { "$ref": "https://schema.management.azure.com/schemas/2018-03-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, @@ -81,6 +96,9 @@ { "$ref": "https://schema.management.azure.com/schemas/2018-05-01/Microsoft.Authorization.json#/resourceDefinitions/policySetDefinitions" }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-09-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, { "$ref": "https://schema.management.azure.com/schemas/2019-01-01/Microsoft.Authorization.json#/resourceDefinitions/policyAssignments" }, @@ -108,6 +126,9 @@ { "$ref": "https://schema.management.azure.com/schemas/2019-09-01/Microsoft.Authorization.json#/resourceDefinitions/policySetDefinitions" }, + { + "$ref": "https://schema.management.azure.com/schemas/2020-04-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, { "$ref": "https://schema.management.azure.com/schemas/2018-11-01-preview/Microsoft.Billing.json#/tenant_resourceDefinitions/billingAccounts_billingProfiles" }, diff --git a/schemas/2020-04-01-preview/Microsoft.Authorization.json b/schemas/2020-04-01-preview/Microsoft.Authorization.json index aef176710f..586d33eba3 100644 --- a/schemas/2020-04-01-preview/Microsoft.Authorization.json +++ b/schemas/2020-04-01-preview/Microsoft.Authorization.json @@ -62,11 +62,11 @@ }, "condition": { "type": "string", - "description": "The conditions on the role assignment" + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" }, "conditionVersion": { "type": "string", - "description": "Version of the condition" + "description": "Version of the condition. Currently accepted value is '2.0'" }, "description": { "type": "string", diff --git a/schemas/common/autogeneratedResources.json b/schemas/common/autogeneratedResources.json index c21887ae4a..480f86f167 100644 --- a/schemas/common/autogeneratedResources.json +++ b/schemas/common/autogeneratedResources.json @@ -979,6 +979,27 @@ { "$ref": "https://schema.management.azure.com/schemas/2018-09-01-preview/Microsoft.Attestation.json#/resourceDefinitions/attestationProviders" }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2015-07-01/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleDefinitions" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2017-10-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-01-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleDefinitions" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2018-09-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2020-04-01-preview/Microsoft.Authorization.json#/unknown_resourceDefinitions/roleAssignments" + }, { "$ref": "https://schema.management.azure.com/schemas/2015-10-31/Microsoft.Automation.json#/resourceDefinitions/automationAccounts" }, From 25ff278dbe78cabe5f9b29e1182276021b97d8b5 Mon Sep 17 00:00:00 2001 From: Daniel Orozco Date: Mon, 19 Oct 2020 16:08:49 -0700 Subject: [PATCH 4/4] fix missing line --- schemas/2019-04-01/deploymentTemplate.json | 1 + 1 file changed, 1 insertion(+) diff --git a/schemas/2019-04-01/deploymentTemplate.json b/schemas/2019-04-01/deploymentTemplate.json index 2dc412e510..6e97d1669f 100644 --- a/schemas/2019-04-01/deploymentTemplate.json +++ b/schemas/2019-04-01/deploymentTemplate.json @@ -221,6 +221,7 @@ { "$ref": "https://schema.management.azure.com/schemas/2018-07-01/Microsoft.Media.json#/resourceDefinitions/mediaServices_streamingPolicies" }, { "$ref": "https://schema.management.azure.com/schemas/2018-07-01/Microsoft.Media.json#/resourceDefinitions/mediaServices_transforms" }, { "$ref": "https://schema.management.azure.com/schemas/2018-07-01/Microsoft.Media.json#/resourceDefinitions/mediaServices_transforms_jobs" }, + { "$ref": "https://schema.management.azure.com/schemas/2016-09-01/Microsoft.Authorization.json#/resourceDefinitions/locks" }, { "$ref": "https://schema.management.azure.com/schemas/2016-09-01-preview/Microsoft.Solutions.json#/resourceDefinitions/applianceDefinitions" }, { "$ref": "https://schema.management.azure.com/schemas/2016-09-01-preview/Microsoft.Solutions.json#/resourceDefinitions/appliances" }, { "$ref": "https://schema.management.azure.com/schemas/2016-04-30-preview/Microsoft.Compute.json#/resourceDefinitions/disks" },