diff --git a/schemas/2019-01-01-preview/Microsoft.Security.json b/schemas/2019-01-01-preview/Microsoft.Security.json index 852b485023..a40fed39b8 100644 --- a/schemas/2019-01-01-preview/Microsoft.Security.json +++ b/schemas/2019-01-01-preview/Microsoft.Security.json @@ -472,7 +472,9 @@ "type": "string", "enum": [ "Assessments", + "AssessmentsSnapshot", "SubAssessments", + "SubAssessmentsSnapshot", "Alerts", "SecureScores", "SecureScoresSnapshot", diff --git a/schemas/2021-06-01/Microsoft.Security.json b/schemas/2021-06-01/Microsoft.Security.json index a75669a511..c178c8051d 100644 --- a/schemas/2021-06-01/Microsoft.Security.json +++ b/schemas/2021-06-01/Microsoft.Security.json @@ -622,9 +622,8 @@ "Network Sniffing", "Non-Application Layer Protocol", "Non-Standard Port", - "Obfuscated Files or Information", "Obtain Capabilities", - "Obuscated Files or Information", + "Obfuscated Files or Information", "Office Application Startup", "OS Credential Dumping", "Permission Groups Discovery", diff --git a/schemas/2021-07-01-preview/Microsoft.Security.json b/schemas/2021-07-01-preview/Microsoft.Security.json index 9928a03099..3fc8a2866b 100644 --- a/schemas/2021-07-01-preview/Microsoft.Security.json +++ b/schemas/2021-07-01-preview/Microsoft.Security.json @@ -20,7 +20,7 @@ "properties": { "oneOf": [ { - "$ref": "#/definitions/CustomAssessmentAutomationProperties" + "$ref": "#/definitions/CustomAssessmentAutomationRequestProperties" }, { "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" @@ -81,35 +81,137 @@ "type" ], "description": "Microsoft.Security/customEntityStoreAssignments" - } - }, - "definitions": { - "CustomAssessmentAutomationProperties": { + }, + "securityConnectors": { "type": "object", "properties": { - "compressedQuery": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-07-01-preview" + ] + }, + "etag": { "type": "string", - "description": "GZip encoded KQL query representing the assessment automation results required." + "description": "Entity tag is used for comparing two or more entities from the same requested resource." }, - "description": { + "kind": { "type": "string", - "description": "The description to relate to the assessments generated by this assessment automation." + "description": "Kind of the resource" + }, + "location": { + "type": "string", + "description": "Location where the resource is stored" + }, + "name": { + "type": "string", + "description": "The security connector name." }, - "implementationEffort": { + "properties": { "oneOf": [ { - "type": "string", - "enum": [ - "High", - "Moderate", - "Low" - ] + "$ref": "#/definitions/SecurityConnectorProperties" }, { "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" } ], - "description": "The implementation effort to relate to the assessments generated by this assessment automation." + "description": "A set of properties that defines the security connector configuration." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A list of key value pairs that describe the resource." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Security/securityConnectors" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Security/securityConnectors" + } + }, + "definitions": { + "CloudOffering": { + "type": "object", + "oneOf": [ + { + "$ref": "#/definitions/CspmMonitorAwsOffering" + }, + { + "$ref": "#/definitions/DefenderForContainersAwsOffering" + }, + { + "$ref": "#/definitions/DefenderForServersAwsOffering" + } + ], + "properties": {}, + "description": "The security offering details" + }, + "CspmMonitorAwsOffering": { + "type": "object", + "properties": { + "nativeCloudConnection": { + "oneOf": [ + { + "$ref": "#/definitions/CspmMonitorAwsOfferingNativeCloudConnection" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The native cloud connection configuration" + }, + "offeringType": { + "type": "string", + "enum": [ + "CspmMonitorAws" + ] + } + }, + "required": [ + "offeringType" + ], + "description": "The CSPM monitoring for AWS offering configurations" + }, + "CspmMonitorAwsOfferingNativeCloudConnection": { + "type": "object", + "properties": { + "cloudRoleArn": { + "type": "string", + "description": "The cloud role ARN in AWS for this feature" + } + }, + "description": "The native cloud connection configuration" + }, + "CustomAssessmentAutomationRequestProperties": { + "type": "object", + "properties": { + "compressedQuery": { + "type": "string", + "description": "Base 64 encoded KQL query representing the assessment automation results required." + }, + "description": { + "type": "string", + "description": "The description to relate to the assessments generated by this assessment automation." }, "remediationDescription": { "type": "string", @@ -144,35 +246,305 @@ } ], "description": "Relevant cloud for the custom assessment automation." + } + }, + "description": "describes the Custom Assessment Automation properties" + }, + "CustomEntityStoreAssignmentRequestProperties": { + "type": "object", + "properties": { + "principal": { + "type": "string", + "description": "The principal assigned with entity store. If not provided, will use caller principal. Format of principal is: [AAD type]=[PrincipalObjectId];[TenantId]" + } + }, + "description": "describes properties of custom entity store assignment request" + }, + "DefenderForContainersAwsOffering": { + "type": "object", + "properties": { + "cloudWatchToKinesis": { + "oneOf": [ + { + "$ref": "#/definitions/DefenderForContainersAwsOfferingCloudWatchToKinesis" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The cloudwatch to kinesis connection configuration" + }, + "kinesisToS3": { + "oneOf": [ + { + "$ref": "#/definitions/DefenderForContainersAwsOfferingKinesisToS3" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The kinesis to s3 connection configuration" + }, + "kubernetesScubaReader": { + "oneOf": [ + { + "$ref": "#/definitions/DefenderForContainersAwsOfferingKubernetesScubaReader" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The kubernetes to scuba connection configuration" }, - "userImpact": { + "kubernetesService": { + "oneOf": [ + { + "$ref": "#/definitions/DefenderForContainersAwsOfferingKubernetesService" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The kubernetes service connection configuration" + }, + "offeringType": { + "type": "string", + "enum": [ + "DefenderForContainersAws" + ] + } + }, + "required": [ + "offeringType" + ], + "description": "The Defender for Containers AWS offering configurations" + }, + "DefenderForContainersAwsOfferingCloudWatchToKinesis": { + "type": "object", + "properties": { + "cloudRoleArn": { + "type": "string", + "description": "The cloud role ARN in AWS for this feature" + } + }, + "description": "The cloudwatch to kinesis connection configuration" + }, + "DefenderForContainersAwsOfferingKinesisToS3": { + "type": "object", + "properties": { + "cloudRoleArn": { + "type": "string", + "description": "The cloud role ARN in AWS for this feature" + } + }, + "description": "The kinesis to s3 connection configuration" + }, + "DefenderForContainersAwsOfferingKubernetesScubaReader": { + "type": "object", + "properties": { + "cloudRoleArn": { + "type": "string", + "description": "The cloud role ARN in AWS for this feature" + } + }, + "description": "The kubernetes to scuba connection configuration" + }, + "DefenderForContainersAwsOfferingKubernetesService": { + "type": "object", + "properties": { + "cloudRoleArn": { + "type": "string", + "description": "The cloud role ARN in AWS for this feature" + } + }, + "description": "The kubernetes service connection configuration" + }, + "DefenderForServersAwsOffering": { + "type": "object", + "properties": { + "arcAutoProvisioning": { + "oneOf": [ + { + "$ref": "#/definitions/DefenderForServersAwsOfferingArcAutoProvisioning" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The ARC autoprovisioning configuration" + }, + "defenderForServers": { + "oneOf": [ + { + "$ref": "#/definitions/DefenderForServersAwsOfferingDefenderForServers" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Defender for servers connection configuration" + }, + "offeringType": { + "type": "string", + "enum": [ + "DefenderForServersAWS" + ] + } + }, + "required": [ + "offeringType" + ], + "description": "The Defender for Servers AWS offering configurations" + }, + "DefenderForServersAwsOfferingArcAutoProvisioning": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Is arc auto provisioning enabled" + }, + "servicePrincipalSecretMetadata": { + "oneOf": [ + { + "$ref": "#/definitions/DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Metadata of Service Principal secret for autoprovisioning" + } + }, + "description": "The ARC autoprovisioning configuration" + }, + "DefenderForServersAwsOfferingArcAutoProvisioningServicePrincipalSecretMetadata": { + "type": "object", + "properties": { + "expiryDate": { + "type": "string", + "description": "expiration date of service principal secret" + }, + "parameterNameInStore": { + "type": "string", + "description": "name of secret resource in parameter store" + }, + "parameterStoreRegion": { + "type": "string", + "description": "region of parameter store where secret is kept" + } + }, + "description": "Metadata of Service Principal secret for autoprovisioning" + }, + "DefenderForServersAwsOfferingDefenderForServers": { + "type": "object", + "properties": { + "cloudRoleArn": { + "type": "string", + "description": "The cloud role ARN in AWS for this feature" + } + }, + "description": "The Defender for servers connection configuration" + }, + "SecurityConnectorProperties": { + "type": "object", + "properties": { + "cloudName": { "oneOf": [ { "type": "string", "enum": [ - "High", - "Moderate", - "Low" + "Azure", + "AWS", + "GCP" ] }, { "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" } ], - "description": "The user impact to relate to the assessments generated by this assessment automation." + "description": "The multi cloud resource's cloud name." + }, + "hierarchyIdentifier": { + "type": "string", + "description": "The multi cloud resource identifier (account id in case of AWS connector)." + }, + "offerings": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/CloudOffering" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A collection of offerings for the security connector." + }, + "organizationalData": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityConnectorPropertiesOrganizationalData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The multi cloud account's organizational data" } }, - "description": "describes the Custom Assessment Automation properties" + "description": "A set of properties that defines the security connector configuration." }, - "CustomEntityStoreAssignmentRequestProperties": { + "SecurityConnectorPropertiesOrganizationalData": { "type": "object", "properties": { - "principal": { + "excludedAccountIds": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "If the multi cloud account is of membership type organization, list of accounts excluded from offering" + }, + "organizationMembershipType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Member", + "Organization" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The multi cloud account's membership type in the organization." + }, + "parentHierarchyId": { "type": "string", - "description": "The principal assigned with entity store. If not provided, will use caller principal. Format of principal is: [AAD type]=[PrincipalObjectId];[TenantId]" + "description": "If the multi cloud account is not of membership type organization, this will be the ID of the account's parent" + }, + "stacksetName": { + "type": "string", + "description": "If the multi cloud account is of membership type organization, this will be the name of the onboarding stackset" } }, - "description": "describes properties of custom entity store assignment request" + "description": "The multi cloud account's organizational data" } } } \ No newline at end of file diff --git a/schemas/common/autogeneratedResources.json b/schemas/common/autogeneratedResources.json index bbfcb896af..7c460828b9 100644 --- a/schemas/common/autogeneratedResources.json +++ b/schemas/common/autogeneratedResources.json @@ -10723,6 +10723,9 @@ { "$ref": "https://schema.management.azure.com/schemas/2021-07-01-preview/Microsoft.Security.json#/resourceDefinitions/customEntityStoreAssignments" }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-07-01-preview/Microsoft.Security.json#/resourceDefinitions/securityConnectors" + }, { "$ref": "https://schema.management.azure.com/schemas/2021-08-01-preview/Microsoft.Security.json#/resourceDefinitions/assignments" },