Adding new resource type to SecurityInsights - already reviewed/appro…

…ved in private repo (Azure#14499) * Copy commit from private repo * Make new API version * Remove old examples * Fix exclusion for Metadata list endpoint * Move back to initial preview version * Change id to contentId, sourceId * Fix sourceId in get all example
mkarmark · Jul 20, 2021 · a9a8723 · a9a8723
1 parent e5b4c7a
commit a9a8723
Show file tree

Hide file tree

Showing 9 changed files with 1,253 additions and 0 deletions.
diff --git a/...ghts/resource-manager/Microsoft.SecurityInsights/preview/2021-03-01-preview/Metadata.json b/...ghts/resource-manager/Microsoft.SecurityInsights/preview/2021-03-01-preview/Metadata.json
diff --git a/...crosoft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/DeleteMetadata.json b/...crosoft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/DeleteMetadata.json
@@ -0,0 +1,14 @@
+{
+  "parameters": {
+    "api-version": "2021-03-01-preview",
+    "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0",
+    "resourceGroupName": "myRg",
+    "workspaceName": "myWorkspace",
+    "operationalInsightsResourceProvider": "Microsoft.OperationalInsights",
+    "metadataName": "metadataName"
+  },
+  "responses": {
+    "200": {},
+    "204": {}
+  }
+}
diff --git a/...crosoft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/GetAllMetadata.json b/...crosoft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/GetAllMetadata.json
@@ -0,0 +1,65 @@
+{
+  "parameters": {
+    "api-version": "2021-03-01-preview",
+    "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0",
+    "resourceGroupName": "myRg",
+    "workspaceName": "myWorkspace",
+    "operationalInsightsResourceProvider": "Microsoft.OperationalInsights"
+  },
+  "responses": {
+    "200": {
+      "body": {
+        "value": [
+          {
+            "id": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName1",
+            "name": "metadataName1",
+            "type": "Microsoft.SecurityInsights/metadata",
+            "properties": {
+              "contentId": "c00ee137-7475-47c8-9cce-ec6f0f1bedd0",
+              "version": "1.0.0.0",
+              "kind": "analyticRule",
+              "parentId": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName",
+              "source": {
+                "kind": "solution",
+                "name": "Contoso Solution 1.0",
+                "sourceId": "b688a130-76f4-4a07-bf57-762222a3cadf"
+              }
+            }
+          },
+          {
+            "id": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName2",
+            "name": "metadataName2",
+            "type": "Microsoft.SecurityInsights/metadata",
+            "properties": {
+              "contentId": "f5160682-0e10-4e23-8fcf-df3df49c5522",
+              "version": "1.0.0.0",
+              "kind": "analyticRule",
+              "parentId": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName2",
+              "source": {
+                "kind": "solution",
+                "name": "Contoso Solution 1.0",
+                "sourceId": "b688a130-76f4-4a07-bf57-762222a3cadf"
+              }
+            }
+          },
+          {
+            "id": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.Insights/workbooks/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName3",
+            "name": "metadataName3",
+            "type": "Microsoft.SecurityInsights/metadata",
+            "properties": {
+              "contentId": "f593501d-ec01-4057-8146-a1de35c461ef",
+              "version": "1.0.0.0",
+              "kind": "workbook",
+              "parentId": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.Insights/workbooks/workbookName",
+              "source": {
+                "kind": "solution",
+                "name": "Contoso Solution 1.0",
+                "sourceId": "b688a130-76f4-4a07-bf57-762222a3cadf"
+              }
+            }
+          }
+        ]
+      }
+    }
+  }
+}
diff --git a/...ft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/GetAllMetadataOData.json b/...ft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/GetAllMetadataOData.json
@@ -0,0 +1,53 @@
+{
+  "parameters": {
+    "api-version": "2021-03-01-preview",
+    "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0",
+    "resourceGroupName": "myRg",
+    "workspaceName": "myWorkspace",
+    "operationalInsightsResourceProvider": "Microsoft.OperationalInsights",
+    "ODataFilter": "properties/kind eq 'analyticRule'",
+    "ODataOrderBy": "properties/parentId desc",
+    "ODataSkip": "2",
+    "ODataTop": "2"
+  },
+  "responses": {
+    "200": {
+      "body": {
+        "value": [
+          {
+            "id": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName1",
+            "name": "metadataName1",
+            "type": "Microsoft.SecurityInsights/metadata",
+            "properties": {
+              "contentId": "c00ee137-7475-47c8-9cce-ec6f0f1bedd0",
+              "version": "1.0.0.0",
+              "kind": "analyticRule",
+              "parentId": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName1",
+              "source": {
+                "kind": "solution",
+                "name": "Contoso Solution 1.0",
+                "sourceId": "b688a130-76f4-4a07-bf57-762222a3cadf"
+              }
+            }
+          },
+          {
+            "id": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName2",
+            "name": "metadataName2",
+            "type": "Microsoft.SecurityInsights/metadata",
+            "properties": {
+              "contentId": "f5160682-0e10-4e23-8fcf-df3df49c5522",
+              "version": "1.0.0.0",
+              "kind": "analyticRule",
+              "parentId": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName2",
+              "source": {
+                "kind": "solution",
+                "name": "Contoso Solution 1.0",
+                "sourceId": "b688a130-76f4-4a07-bf57-762222a3cadf"
+              }
+            }
+          }
+        ]
+      }
+    }
+  }
+}
diff --git a/.../Microsoft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/GetMetadata.json b/.../Microsoft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/GetMetadata.json
@@ -0,0 +1,72 @@
+{
+  "parameters": {
+    "api-version": "2021-03-01-preview",
+    "subscriptionId": "2e1dc338-d04d-4443-b721-037eff4fdcac",
+    "resourceGroupName": "myRg",
+    "workspaceName": "myWorkspace",
+    "operationalInsightsResourceProvider": "Microsoft.OperationalInsights",
+    "metadataName": "metadataName"
+  },
+  "responses": {
+    "200": {
+      "body": {
+        "id": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName",
+        "name": "metadataName",
+        "type": "Microsoft.SecurityInsights/metadata",
+        "properties": {
+          "contentId": "c00ee137-7475-47c8-9cce-ec6f0f1bedd0",
+          "version": "1.0.0.0",
+          "kind": "analyticRule",
+          "parentId": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName",
+          "source": {
+            "kind": "solution",
+            "name": "Contoso Solution 1.0",
+            "sourceId": "b688a130-76f4-4a07-bf57-762222a3cadf"
+          },
+          "author": {
+            "name": "User Name",
+            "email": "[email protected]"
+          },
+          "support": {
+            "name": "Microsoft",
+            "email": "[email protected]",
+            "link": "https://support.microsoft.com/",
+            "tier": "developer"
+          },
+          "dependencies": {
+            "operator": "AND",
+            "criteria": [
+              {
+                "operator": "OR",
+                "criteria": [
+                  {
+                    "contentId": "045d06d0-ee72-4794-aba4-cf5646e4c756",
+                    "kind": "dataConnector"
+                  },
+                  {
+                    "contentId": "dbfcb2cc-d782-40ef-8d94-fe7af58a6f2d",
+                    "kind": "dataConnector"
+                  },
+                  {
+                    "contentId": "de4dca9b-eb37-47d6-a56f-b8b06b261593",
+                    "kind": "dataConnector",
+                    "version": "2.0"
+                  }
+                ]
+              },
+              {
+                "kind": "playbook",
+                "contentId": "31ee11cc-9989-4de8-b176-5e0ef5c4dbab",
+                "version": "1.0"
+              },
+              {
+                "kind": "parser",
+                "contentId": "21ba424a-9438-4444-953a-7059539a7a1b"
+              }
+            ]
+          }
+        }
+      }
+    }
+  }
+}
diff --git a/...icrosoft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/PatchMetadata.json b/...icrosoft.SecurityInsights/preview/2021-03-01-preview/examples/metadata/PatchMetadata.json
@@ -0,0 +1,36 @@
+{
+  "parameters": {
+    "api-version": "2021-03-01-preview",
+    "subscriptionId": "d0cfe6b2-9ac0-4464-9919-dccaee2e48c0",
+    "resourceGroupName": "myRg",
+    "workspaceName": "myWorkspace",
+    "operationalInsightsResourceProvider": "Microsoft.OperationalInsights",
+    "metadataName": "metadataName",
+    "metadataPatch": {
+      "properties": {
+        "author": {
+          "name": "User Name",
+          "email": "[email protected]"
+        }
+      }
+    }
+  },
+  "responses": {
+    "200": {
+      "body": {
+        "id": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/metadata/metadataName",
+        "name": "metadataName",
+        "type": "Microsoft.SecurityInsights/metadata",
+        "properties": {
+          "contentId": "c00ee137-7475-47c8-9cce-ec6f0f1bedd0",
+          "kind": "analyticRule",
+          "parentId": "/subscriptions/2e1dc338-d04d-4443-b721-037eff4fdcac/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/ruleName",
+          "author": {
+            "name": "User Name",
+            "email": "[email protected]"
+          }
+        }
+      }
+    }
+  }
+}