From eae5b916e65f04d25e282c6e08990951006e039e Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Tue, 29 Mar 2022 11:28:20 -0700 Subject: [PATCH 01/11] Initial commit: copy 2020-10-01-preview to stable --- .../2020-10-01/EligibleChildResources.json | 154 +++ .../2020-10-01/RoleAssignmentSchedule.json | 420 +++++++ .../RoleAssignmentScheduleInstance.json | 427 +++++++ .../RoleAssignmentScheduleRequest.json | 584 +++++++++ .../2020-10-01/RoleEligibilitySchedule.json | 404 ++++++ .../RoleEligibilityScheduleInstance.json | 403 ++++++ .../RoleEligibilityScheduleRequest.json | 580 +++++++++ .../2020-10-01/RoleManagementPolicy.json | 707 +++++++++++ .../RoleManagementPolicyAssignment.json | 384 ++++++ .../stable/2020-10-01/common-types.json | 116 ++ ...elRoleAssignmentScheduleRequestByName.json | 10 + ...lRoleEligibilityScheduleRequestByName.json | 10 + .../examples/DeleteRoleManagementPolicy.json | 11 + .../DeleteRoleManagementPolicyAssignment.json | 11 + .../GetEligibleChildResourcesByScope.json | 25 + .../GetRoleAssignmentScheduleByName.json | 51 + ...tRoleAssignmentScheduleInstanceByName.json | 52 + ...oleAssignmentScheduleInstancesByScope.json | 56 + ...etRoleAssignmentScheduleRequestByName.json | 62 + ...tRoleAssignmentScheduleRequestByScope.json | 66 + .../GetRoleAssignmentSchedulesByScope.json | 55 + .../GetRoleEligibilityScheduleByName.json | 49 + ...RoleEligibilityScheduleInstanceByName.json | 48 + ...leEligibilityScheduleInstancesByScope.json | 52 + ...tRoleEligibilityScheduleRequestByName.json | 62 + ...RoleEligibilityScheduleRequestByScope.json | 66 + .../GetRoleEligibilitySchedulesByScope.json | 53 + ...tRoleManagementPolicyAssignmentByName.json | 43 + ...RoleManagementPolicyAssignmentByScope.json | 46 + .../GetRoleManagementPolicyByName.json | 732 +++++++++++ .../GetRoleManagementPolicyByScope.json | 735 +++++++++++ .../PatchPartialRoleManagementPolicy.json | 775 ++++++++++++ .../examples/PatchRoleManagementPolicy.json | 1084 +++++++++++++++++ .../PutRoleAssignmentScheduleRequest.json | 80 ++ .../PutRoleEligibilityScheduleRequest.json | 79 ++ .../PutRoleManagementPolicyAssignment.json | 45 + .../examples/RoleAssignments_CreateById.json | 41 + .../RoleAssignments_CreateForResource.json | 42 + ...oleAssignments_CreateForResourceGroup.json | 42 + ...RoleAssignments_CreateForSubscription.json | 42 + .../examples/RoleAssignments_Delete.json | 23 + .../examples/RoleAssignments_DeleteById.json | 22 + .../examples/RoleAssignments_Get.json | 22 + .../examples/RoleAssignments_GetById.json | 21 + .../RoleAssignments_ListForResource.json | 51 + .../RoleAssignments_ListForResourceGroup.json | 37 + .../RoleAssignments_ListForScope.json | 25 + .../RoleAssignments_ListForSubscription.json | 25 + .../RoleAssignments_ValidateByIdInvalid.json | 24 + .../RoleAssignments_ValidateByIdValid.json | 20 + .../RoleAssignments_ValidateInvalid.json | 25 + .../RoleAssignments_ValidateValid.json | 21 + 52 files changed, 9020 insertions(+) create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json new file mode 100644 index 000000000000..2660c051713c --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json @@ -0,0 +1,154 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/eligibleChildResources": { + "get": { + "tags": [ + "eligibleChildResources" + ], + "operationId": "EligibleChildResources_Get", + "description": "Get the child resources of a resource on which user has eligible access", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=resourceType+eq+'Subscription' to filter on only resource of type = 'Subscription'. Use $filter=resourceType+eq+'subscription'+or+resourceType+eq+'resourcegroup' to filter on resource of type = 'Subscription' or 'ResourceGroup'" + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role management policy.", + "schema": { + "$ref": "#/definitions/EligibleChildResourcesListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetEligibleChildResourcesByScope": { + "$ref": "./examples/GetEligibleChildResourcesByScope.json" + } + } + } + } + }, + "definitions": { + "EligibleChildResourcesListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/EligibleChildResource" + }, + "description": "Eligible child resource list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Eligible child resources list operation result." + }, + "EligibleChildResource": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The resource scope Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The resource name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The resource type." + } + }, + "type": "object", + "description": "Eligible child resource" + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json new file mode 100644 index 000000000000..7046e5620434 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json @@ -0,0 +1,420 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules/{roleAssignmentScheduleName}": { + "get": { + "tags": [ + "roleAssignmentSchedules" + ], + "operationId": "RoleAssignmentSchedules_Get", + "description": "Get the specified role assignment schedule for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role assignment schedule to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule.", + "schema": { + "$ref": "#/definitions/RoleAssignmentSchedule" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleByName": { + "$ref": "./examples/GetRoleAssignmentScheduleByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentSchedules": { + "get": { + "tags": [ + "roleAssignmentSchedules" + ], + "operationId": "RoleAssignmentSchedules_ListForScope", + "description": "Gets role assignment schedules for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role assignment schedules for the current user. Use $filter=asTarget() to return all role assignment schedules created for the current user." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments schedules.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleFilter", + "x-ms-examples": { + "GetRoleAssignmentSchedulesByScope": { + "$ref": "./examples/GetRoleAssignmentSchedulesByScope.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment schedule of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment schedule of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific status." + } + }, + "type": "object", + "description": "Role assignment schedule filter" + }, + "RoleAssignmentScheduleProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role assignment schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "roleAssignmentScheduleRequestId": { + "type": "string", + "description": "The id of roleAssignmentScheduleRequest used to create this roleAssignmentSchedule" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "The id of roleEligibilitySchedule used to activated this roleAssignmentSchedule" + }, + "assignmentType": { + "type": "string", + "description": "Assignment type of the role assignment schedule", + "enum": [ + "Activated", + "Assigned" + ], + "x-ms-enum": { + "name": "AssignmentType", + "modelAsString": true + } + }, + "memberType": { + "type": "string", + "description": "Membership type of the role assignment schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "description": "The status of the role assignment schedule.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime when role assignment schedule" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime when role assignment schedule" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role assignment schedule was created" + }, + "updatedOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role assignment schedule was modified" + }, + "expandedProperties": { + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "type": "object", + "description": "Role assignment schedule properties with scope." + }, + "RoleAssignmentSchedule": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleProperties", + "description": "Role assignment schedule properties." + } + }, + "type": "object", + "description": "Role Assignment schedule" + }, + "RoleAssignmentScheduleListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentSchedule" + }, + "description": "Role assignment schedule list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role assignment schedule list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json new file mode 100644 index 000000000000..510f6fdd58bb --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json @@ -0,0 +1,427 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleInstances": { + "get": { + "tags": [ + "roleAssignmentScheduleInstances" + ], + "operationId": "RoleAssignmentScheduleInstances_ListForScope", + "description": "Gets role assignment schedule instances of a role assignment schedule.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role assignment schedule instances for the user. Use $filter=asTarget() to return all role assignment schedule instances created for the current user." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns array of role assignment schedule instances.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleInstanceListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleInstanceFilter", + "x-ms-examples": { + "GetRoleAssignmentScheduleInstancesByScope": { + "$ref": "./examples/GetRoleAssignmentScheduleInstancesByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleInstances/{roleAssignmentScheduleInstanceName}": { + "get": { + "tags": [ + "roleAssignmentScheduleInstances" + ], + "operationId": "RoleAssignmentScheduleInstances_Get", + "description": "Gets the specified role assignment schedule instance.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleInstanceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (hash of schedule name + time) of the role assignment schedule to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule instance.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleInstance" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleInstanceByName": { + "$ref": "./examples/GetRoleAssignmentScheduleInstanceByName.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleInstanceFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role assignment schedule instances of the specific status." + }, + "roleAssignmentScheduleId": { + "type": "string", + "description": "Returns role assignment schedule instances belonging to a specific role assignment schedule." + } + }, + "type": "object", + "description": "Role assignment schedule instance filter" + }, + "RoleAssignmentScheduleInstanceProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role assignment schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "roleAssignmentScheduleId": { + "type": "string", + "description": "Id of the master role assignment schedule" + }, + "originRoleAssignmentId": { + "type": "string", + "description": "Role Assignment Id in external system" + }, + "status": { + "type": "string", + "description": "The status of the role assignment schedule instance.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "The startDateTime of the role assignment schedule instance" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "The endDateTime of the role assignment schedule instance" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "roleEligibilityScheduleId used to activate" + }, + "linkedRoleEligibilityScheduleInstanceId": { + "type": "string", + "description": "roleEligibilityScheduleInstanceId linked to this roleAssignmentScheduleInstance" + }, + "assignmentType": { + "type": "string", + "description": "Assignment type of the role assignment schedule", + "enum": [ + "Activated", + "Assigned" + ], + "x-ms-enum": { + "name": "AssignmentType", + "modelAsString": true + } + }, + "memberType": { + "type": "string", + "description": "Membership type of the role assignment schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role assignment schedule was created" + }, + "expandedProperties": { + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "type": "object", + "description": "Role assignment schedule properties with scope." + }, + "RoleAssignmentScheduleInstance": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule instance ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule instance name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule instance type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleInstanceProperties", + "description": "Role assignment schedule instance properties." + } + }, + "type": "object", + "description": "Information about current or upcoming role assignment schedule instance" + }, + "RoleAssignmentScheduleInstanceListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentScheduleInstance" + }, + "description": "Role assignment schedule instance list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role assignment schedule instance list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json new file mode 100644 index 000000000000..70527b318b19 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json @@ -0,0 +1,584 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}": { + "put": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Create", + "description": "Creates a role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule request to create. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' for a subscription, '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "A GUID for the role assignment to create. The name must be unique and different for each role assignment." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Parameters for the role assignment schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role assignment.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleAssignmentScheduleRequest": { + "$ref": "./examples/PutRoleAssignmentScheduleRequest.json" + } + } + }, + "get": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Get", + "description": "Get the specified role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment schedule request.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role assignment schedule request to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment schedule request.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/GetRoleAssignmentScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests": { + "get": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_ListForScope", + "description": "Gets role assignment schedule requests for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignments schedule requests.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedule requests at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role assignment schedule requests requested by the current user. Use $filter=asTarget() to return all role assignment schedule requests created for the current user. Use $filter=asApprover() to return all role assignment schedule requests where the current user is an approver." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role assignments schedule requests.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequestListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleAssignmentScheduleRequestFilter", + "x-ms-examples": { + "GetRoleAssignmentScheduleRequestByScope": { + "$ref": "./examples/GetRoleAssignmentScheduleRequestByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/cancel": { + "post": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Cancel", + "description": "Cancels a pending role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment request to cancel.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment request to cancel." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns success." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "CancelRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/CancelRoleAssignmentScheduleRequestByName.json" + } + } + } + } + }, + "definitions": { + "RoleAssignmentScheduleRequestFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role assignment requests of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role assignment requests of the specific role definition." + }, + "requestorId": { + "type": "string", + "description": "Returns role assignment requests created by specific principal." + }, + "status": { + "type": "string", + "description": "Returns role assignment requests of specific status." + } + }, + "type": "object", + "description": "Role assignment schedule request filter" + }, + "RoleAssignmentScheduleRequestProperties": { + "properties": { + "scope": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "readOnly": true, + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "requestType": { + "type": "string", + "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc", + "enum": [ + "AdminAssign", + "AdminRemove", + "AdminUpdate", + "AdminExtend", + "AdminRenew", + "SelfActivate", + "SelfDeactivate", + "SelfExtend", + "SelfRenew" + ], + "x-ms-enum": { + "name": "RequestType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "readOnly": true, + "description": "The status of the role assignment schedule request.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "approvalId": { + "type": "string", + "readOnly": true, + "description": "The approvalId of the role assignment schedule request." + }, + "targetRoleAssignmentScheduleId": { + "type": "string", + "description": "The resultant role assignment schedule id or the role assignment schedule id being updated" + }, + "targetRoleAssignmentScheduleInstanceId": { + "type": "string", + "description": "The role assignment schedule instance id being updated" + }, + "scheduleInfo": { + "properties": { + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime of the role assignment schedule." + }, + "expiration": { + "properties": { + "type": { + "type": "string", + "description": "Type of the role assignment schedule expiration", + "enum": [ + "AfterDuration", + "AfterDateTime", + "NoExpiration" + ], + "x-ms-enum": { + "name": "Type", + "modelAsString": true + } + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime of the role assignment schedule." + }, + "duration": { + "type": "string", + "description": "Duration of the role assignment schedule in TimeSpan." + } + }, + "type": "object", + "description": "Expiration of the role assignment schedule" + } + }, + "type": "object", + "description": "Schedule info of the role assignment schedule" + }, + "linkedRoleEligibilityScheduleId": { + "type": "string", + "description": "The linked role eligibility schedule id - to activate an eligibility." + }, + "justification": { + "type": "string", + "description": "Justification for the role assignment" + }, + "ticketInfo": { + "properties": { + "ticketNumber": { + "type": "string", + "description": "Ticket number for the role assignment" + }, + "ticketSystem": { + "type": "string", + "description": "Ticket system name for the role assignment" + } + }, + "type": "object", + "description": "Ticket Info of the role assignment" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "readOnly": true, + "description": "DateTime when role assignment schedule request was created" + }, + "requestorId": { + "type": "string", + "readOnly": true, + "description": "Id of the user who created this request" + }, + "expandedProperties": { + "type": "object", + "readOnly": true, + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "required": [ + "roleDefinitionId", + "principalId", + "requestType" + ], + "type": "object", + "description": "Role assignment schedule request properties with scope." + }, + "RoleAssignmentScheduleRequest": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role assignment schedule request type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleAssignmentScheduleRequestProperties", + "description": "Role assignment schedule request properties." + } + }, + "type": "object", + "description": "Role Assignment schedule request" + }, + "RoleAssignmentScheduleRequestListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Role assignment schedule request list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role assignment schedule request list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json new file mode 100644 index 000000000000..03dbe865e556 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json @@ -0,0 +1,404 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules/{roleEligibilityScheduleName}": { + "get": { + "tags": [ + "roleEligibilitySchedules" + ], + "operationId": "RoleEligibilitySchedules_Get", + "description": "Get the specified role eligibility schedule for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role eligibility schedule to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule.", + "schema": { + "$ref": "#/definitions/RoleEligibilitySchedule" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleByName": { + "$ref": "./examples/GetRoleEligibilityScheduleByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilitySchedules": { + "get": { + "tags": [ + "roleEligibilitySchedules" + ], + "operationId": "RoleEligibilitySchedules_ListForScope", + "description": "Gets role eligibility schedules for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedules at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role eligibility schedules for the user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role eligibility schedules.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleFilter", + "x-ms-examples": { + "GetRoleEligibilitySchedulesByScope": { + "$ref": "./examples/GetRoleEligibilitySchedulesByScope.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility schedule of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility schedule of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role eligibility schedule of the specific status." + } + }, + "type": "object", + "description": "Role eligibility schedule filter" + }, + "RoleEligibilityScheduleProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role eligibility schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "roleEligibilityScheduleRequestId": { + "type": "string", + "description": "The id of roleEligibilityScheduleRequest used to create this roleAssignmentSchedule" + }, + "memberType": { + "type": "string", + "description": "Membership type of the role eligibility schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "description": "The status of the role eligibility schedule.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime when role eligibility schedule" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime when role eligibility schedule" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role eligibility schedule was created" + }, + "updatedOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role eligibility schedule was modified" + }, + "expandedProperties": { + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "type": "object", + "description": "Role eligibility schedule properties with scope." + }, + "RoleEligibilitySchedule": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleProperties", + "description": "role eligibility schedule properties." + } + }, + "type": "object", + "description": "Role eligibility schedule" + }, + "RoleEligibilityScheduleListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilitySchedule" + }, + "description": "role eligibility schedule list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "role eligibility schedule list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json new file mode 100644 index 000000000000..449f8337b337 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json @@ -0,0 +1,403 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances": { + "get": { + "tags": [ + "roleEligibilityScheduleInstances" + ], + "operationId": "RoleEligibilityScheduleInstances_ListForScope", + "description": "Gets role eligibility schedule instances of a role eligibility schedule.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role assignment schedules at or above the scope. Use $filter=principalId eq {id} to return all role assignment schedules at, above or below the scope for the specified principal. Use $filter=assignedTo('{userId}') to return all role eligibility schedules for the user. Use $filter=asTarget() to return all role eligibility schedules created for the current user." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns array of role eligibility schedule instances.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleInstanceListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleInstanceFilter", + "x-ms-examples": { + "GetRoleEligibilityScheduleInstancesByScope": { + "$ref": "./examples/GetRoleEligibilityScheduleInstancesByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleInstances/{roleEligibilityScheduleInstanceName}": { + "get": { + "tags": [ + "roleEligibilityScheduleInstances" + ], + "operationId": "RoleEligibilityScheduleInstances_Get", + "description": "Gets the specified role eligibility schedule instance.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedules.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleInstanceName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (hash of schedule name + time) of the role eligibility schedule to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule instance.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleInstance" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleInstanceByName": { + "$ref": "./examples/GetRoleEligibilityScheduleInstanceByName.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleInstanceFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility schedule instances of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility schedule instances of the specific role definition." + }, + "status": { + "type": "string", + "description": "Returns role eligibility schedule instances of the specific status." + }, + "roleEligibilityScheduleId": { + "type": "string", + "description": "Returns role eligibility schedule instances belonging to a specific role eligibility schedule." + } + }, + "type": "object", + "description": "Role eligibility schedule instance filter" + }, + "RoleEligibilityScheduleInstanceProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role eligibility schedule scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "roleEligibilityScheduleId": { + "type": "string", + "description": "Id of the master role eligibility schedule" + }, + "status": { + "type": "string", + "description": "The status of the role eligibility schedule instance", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "The startDateTime of the role eligibility schedule instance" + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "The endDateTime of the role eligibility schedule instance" + }, + "memberType": { + "type": "string", + "description": "Membership type of the role eligibility schedule", + "enum": [ + "Inherited", + "Direct", + "Group" + ], + "x-ms-enum": { + "name": "MemberType", + "modelAsString": true + } + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "format": "date-time", + "description": "DateTime when role eligibility schedule was created" + }, + "expandedProperties": { + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "type": "object", + "description": "Role eligibility schedule properties with scope." + }, + "RoleEligibilityScheduleInstance": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule instance ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule instance name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule instance type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleInstanceProperties", + "description": "Role eligibility schedule instance properties." + } + }, + "type": "object", + "description": "Information about current or upcoming role eligibility schedule instance" + }, + "RoleEligibilityScheduleInstanceListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilityScheduleInstance" + }, + "description": "Role eligibility schedule instance list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role eligibility schedule instance list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json new file mode 100644 index 000000000000..bfd5c9995aaa --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -0,0 +1,580 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}": { + "put": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Create", + "description": "Creates a role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule request to create. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' for a subscription, '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility to create. It can be any valid GUID." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Parameters for the role eligibility schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleEligibilityScheduleRequest": { + "$ref": "./examples/PutRoleEligibilityScheduleRequest.json" + } + } + }, + "get": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Get", + "description": "Get the specified role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule request.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role eligibility schedule request to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/GetRoleEligibilityScheduleRequestByName.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests": { + "get": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_ListForScope", + "description": "Gets role eligibility schedule requests for a scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility schedule requests.", + "x-ms-skip-url-encoding": true + }, + { + "name": "$filter", + "in": "query", + "required": false, + "type": "string", + "description": "The filter to apply on the operation. Use $filter=atScope() to return all role eligibility schedule requests at or above the scope. Use $filter=principalId eq {id} to return all role eligibility schedule requests at, above or below the scope for the specified principal. Use $filter=asRequestor() to return all role eligibility schedule requests requested by the current user. Use $filter=asTarget() to return all role eligibility schedule requests created for the current user. Use $filter=asApprover() to return all role eligibility schedule requests where the current user is an approver." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role eligibility schedule requests.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequestListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-odata": "#/definitions/RoleEligibilityScheduleRequestFilter", + "x-ms-examples": { + "GetRoleEligibilityScheduleRequestByScope": { + "$ref": "./examples/GetRoleEligibilityScheduleRequestByScope.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/cancel": { + "post": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Cancel", + "description": "Cancels a pending role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility request to cancel.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility request to cancel." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns success." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "CancelRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/CancelRoleEligibilityScheduleRequestByName.json" + } + } + } + } + }, + "definitions": { + "RoleEligibilityScheduleRequestFilter": { + "properties": { + "principalId": { + "type": "string", + "description": "Returns role eligibility requests of the specific principal." + }, + "roleDefinitionId": { + "type": "string", + "description": "Returns role eligibility requests of the specific role definition." + }, + "requestorId": { + "type": "string", + "description": "Returns role eligibility requests created by specific principal." + }, + "status": { + "type": "string", + "description": "Returns role eligibility requests of specific status." + } + }, + "type": "object", + "description": "Role eligibility schedule request filter" + }, + "RoleEligibilityScheduleRequestProperties": { + "properties": { + "scope": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition ID." + }, + "principalId": { + "type": "string", + "description": "The principal ID." + }, + "principalType": { + "type": "string", + "readOnly": true, + "description": "The principal type of the assigned principal ID.", + "enum": [ + "User", + "Group", + "ServicePrincipal", + "ForeignGroup", + "Device" + ], + "x-ms-enum": { + "name": "principalType", + "modelAsString": true + } + }, + "requestType": { + "type": "string", + "description": "The type of the role assignment schedule request. Eg: SelfActivate, AdminAssign etc", + "enum": [ + "AdminAssign", + "AdminRemove", + "AdminUpdate", + "AdminExtend", + "AdminRenew", + "SelfActivate", + "SelfDeactivate", + "SelfExtend", + "SelfRenew" + ], + "x-ms-enum": { + "name": "RequestType", + "modelAsString": true + } + }, + "status": { + "type": "string", + "readOnly": true, + "description": "The status of the role eligibility schedule request.", + "enum": [ + "Accepted", + "PendingEvaluation", + "Granted", + "Denied", + "PendingProvisioning", + "Provisioned", + "PendingRevocation", + "Revoked", + "Canceled", + "Failed", + "PendingApprovalProvisioning", + "PendingApproval", + "FailedAsResourceIsLocked", + "PendingAdminDecision", + "AdminApproved", + "AdminDenied", + "TimedOut", + "ProvisioningStarted", + "Invalid", + "PendingScheduleCreation", + "ScheduleCreated", + "PendingExternalProvisioning" + ], + "x-ms-enum": { + "name": "Status", + "modelAsString": true + } + }, + "approvalId": { + "type": "string", + "readOnly": true, + "description": "The approvalId of the role eligibility schedule request." + }, + "scheduleInfo": { + "properties": { + "startDateTime": { + "type": "string", + "format": "date-time", + "description": "Start DateTime of the role eligibility schedule." + }, + "expiration": { + "properties": { + "type": { + "type": "string", + "description": "Type of the role eligibility schedule expiration", + "enum": [ + "AfterDuration", + "AfterDateTime", + "NoExpiration" + ], + "x-ms-enum": { + "name": "Type", + "modelAsString": true + } + }, + "endDateTime": { + "type": "string", + "format": "date-time", + "description": "End DateTime of the role eligibility schedule." + }, + "duration": { + "type": "string", + "description": "Duration of the role eligibility schedule in TimeSpan." + } + }, + "type": "object", + "description": "Expiration of the role eligibility schedule" + } + }, + "type": "object", + "description": "Schedule info of the role eligibility schedule" + }, + "targetRoleEligibilityScheduleId": { + "type": "string", + "description": "The resultant role eligibility schedule id or the role eligibility schedule id being updated" + }, + "targetRoleEligibilityScheduleInstanceId": { + "type": "string", + "description": "The role eligibility schedule instance id being updated" + }, + "justification": { + "type": "string", + "description": "Justification for the role eligibility" + }, + "ticketInfo": { + "properties": { + "ticketNumber": { + "type": "string", + "description": "Ticket number for the role eligibility" + }, + "ticketSystem": { + "type": "string", + "description": "Ticket system name for the role eligibility" + } + }, + "type": "object", + "description": "Ticket Info of the role eligibility" + }, + "condition": { + "type": "string", + "description": "The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'" + }, + "conditionVersion": { + "type": "string", + "description": "Version of the condition. Currently accepted value is '2.0'" + }, + "createdOn": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "DateTime when role eligibility schedule request was created" + }, + "requestorId": { + "type": "string", + "readOnly": true, + "description": "Id of the user who created this request" + }, + "expandedProperties": { + "readOnly": true, + "type": "object", + "description": "Additional properties of principal, scope and role definition", + "$ref": "#/definitions/ExpandedProperties" + } + }, + "required": [ + "roleDefinitionId", + "principalId", + "requestType" + ], + "type": "object", + "description": "Role eligibility schedule request properties with scope." + }, + "RoleEligibilityScheduleRequest": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request ID." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role eligibility schedule request type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleEligibilityScheduleRequestProperties", + "description": "Role eligibility schedule request properties." + } + }, + "type": "object", + "description": "Role Eligibility schedule request" + }, + "RoleEligibilityScheduleRequestListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Role eligibility schedule request list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role eligibility schedule request list operation result." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + }, + "ExpandedProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "principal": { + "type": "object", + "description": "Details of the principal", + "properties": { + "id": { + "type": "string", + "description": "Id of the principal" + }, + "displayName": { + "type": "string", + "description": "Display name of the principal" + }, + "email": { + "type": "string", + "description": "Email id of the principal" + }, + "type": { + "type": "string", + "description": "Type of the principal" + } + } + } + }, + "type": "object" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json new file mode 100644 index 000000000000..0b378e9a5b4e --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json @@ -0,0 +1,707 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies/{roleManagementPolicyName}": { + "get": { + "tags": [ + "roleManagementPolicies" + ], + "operationId": "RoleManagementPolicies_Get", + "description": "Get the specified role management policy for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role management policy to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role management policy.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetRoleManagementPolicyByName": { + "$ref": "./examples/GetRoleManagementPolicyByName.json" + } + } + }, + "patch": { + "tags": [ + "roleManagementPolicies" + ], + "operationId": "RoleManagementPolicies_Update", + "description": "Update a role management policy", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy to upsert.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role management policy to upsert." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleManagementPolicy" + }, + "description": "Parameters for the role management policy." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "Ok - Returns the updated policy.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicy" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PatchRoleManagementPolicy": { + "$ref": "./examples/PatchRoleManagementPolicy.json" + }, + "PatchPartialRoleManagementPolicy": { + "$ref": "./examples/PatchPartialRoleManagementPolicy.json" + } + } + }, + "delete": { + "tags": [ + "roleManagementPolicies" + ], + "operationId": "RoleManagementPolicies_Delete", + "description": "Delete a role management policy", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy to upsert.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyName", + "in": "path", + "required": true, + "type": "string", + "description": "The name (guid) of the role management policy to upsert." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Successfully deleted the policy." + }, + "204": { + "description": "NoContent - policy does not exists." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "DeleteRoleManagementPolicy": { + "$ref": "./examples/DeleteRoleManagementPolicy.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicies": { + "get": { + "tags": [ + "roleManagementPolicies" + ], + "operationId": "RoleManagementPolicies_ListForScope", + "description": "Gets role management policies for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role management policies.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicyListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetRoleManagementPolicyByRoleDefinitionFilter": { + "$ref": "./examples/GetRoleManagementPolicyByScope.json" + } + } + } + } + }, + "definitions": { + "RoleManagementPolicyProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role management policy scope." + }, + "displayName": { + "type": "string", + "description": "The role management policy display name." + }, + "description": { + "type": "string", + "description": "The role management policy description." + }, + "isOrganizationDefault": { + "type": "boolean", + "description": "The role management policy is default policy." + }, + "lastModifiedBy": { + "$ref": "./common-types.json#/definitions/Principal" + }, + "lastModifiedDateTime": { + "type": "string", + "readOnly": true, + "format": "date-time", + "description": "The last modified date time." + }, + "rules": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleManagementPolicyRule" + }, + "description": "The rule applied to the policy." + }, + "effectiveRules": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleManagementPolicyRule" + }, + "readOnly": true, + "description": "The readonly computed rule applied to the policy." + }, + "policyProperties": { + "readOnly": true, + "type": "object", + "description": "Additional properties of scope", + "$ref": "#/definitions/PolicyProperties" + } + }, + "type": "object", + "description": "Role management policy properties with scope." + }, + "RoleManagementPolicy": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role management policy Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role management policy name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role management policy type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleManagementPolicyProperties", + "description": "Role management policy properties." + } + }, + "type": "object", + "description": "Role management policy" + }, + "RoleManagementPolicyListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleManagementPolicy" + }, + "description": "Role management policy list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role management policy list operation result." + }, + "RoleManagementPolicyRule": { + "description": "The role management policy rule.", + "type": "object", + "required": [ + "ruleType" + ], + "discriminator": "ruleType", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/RoleManagementPolicyRuleType" + }, + "target": { + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", + "description": "The target of the current rule." + } + } + }, + "RoleManagementPolicyApprovalRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "setting": { + "$ref": "#/definitions/ApprovalSettings", + "description": "The approval setting" + } + } + }, + "ApprovalSettings": { + "description": "The approval settings.", + "type": "object", + "properties": { + "isApprovalRequired": { + "type": "boolean", + "description": "Determine whether approval is required or not." + }, + "isApprovalRequiredForExtension": { + "type": "boolean", + "description": "Determine whether approval is required for assignment extension." + }, + "isRequestorJustificationRequired": { + "type": "boolean", + "description": "Determine whether requestor justification required." + }, + "approvalMode": { + "type": "string", + "description": "The type of rule", + "enum": [ + "SingleStage", + "Serial", + "Parallel", + "NoApproval" + ], + "x-ms-enum": { + "name": "ApprovalMode", + "modelAsString": true + } + }, + "approvalStages": { + "type": "array", + "items": { + "$ref": "#/definitions/ApprovalStage" + }, + "x-ms-identifiers": [], + "description": "The approval stages of the request." + } + } + }, + "ApprovalStage": { + "description": "The approval stage.", + "type": "object", + "properties": { + "approvalStageTimeOutInDays": { + "type": "integer", + "format": "int32", + "description": "The time in days when approval request would be timed out." + }, + "isApproverJustificationRequired": { + "type": "boolean", + "description": "Determine whether approver need to provide justification for his decision." + }, + "escalationTimeInMinutes": { + "type": "integer", + "format": "int32", + "description": "The time in minutes when the approval request would be escalated if the primary approver does not approves." + }, + "primaryApprovers": { + "type": "array", + "description": "The primary approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + }, + "isEscalationEnabled": { + "type": "boolean", + "description": "The value determine whether escalation feature is enabled." + }, + "escalationApprovers": { + "type": "array", + "description": "The escalation approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + } + } + }, + "UserSet": { + "description": "The detail of a user.", + "type": "object", + "properties": { + "userType": { + "type": "string", + "description": "The type of user.", + "enum": [ + "User", + "Group" + ], + "x-ms-enum": { + "name": "UserType", + "modelAsString": true + } + }, + "isBackup": { + "type": "boolean", + "description": "The value indicating whether the user is a backup fallback approver" + }, + "id": { + "type": "string", + "description": "The object id of the user." + }, + "description": { + "type": "string", + "description": "The description of the user." + } + } + }, + "RoleManagementPolicyAuthenticationContextRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "The value indicating if rule is enabled." + }, + "claimValue": { + "type": "string", + "description": "The claim value." + } + } + }, + "RoleManagementPolicyEnablementRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "enabledRules": { + "type": "array", + "items": { + "type": "string", + "description": "The type of enable rules", + "enum": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "x-ms-enum": { + "name": "EnablementRules", + "modelAsString": true + } + }, + "description": "The list of enabled rules." + } + } + }, + "RoleManagementPolicyExpirationRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isExpirationRequired": { + "type": "boolean", + "description": "The value indicating whether expiration is required." + }, + "maximumDuration": { + "type": "string", + "description": "The maximum duration of expiration in timespan." + } + } + }, + "RoleManagementPolicyNotificationRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "notificationType": { + "type": "string", + "description": "The type of notification.", + "enum": [ + "Email" + ], + "x-ms-enum": { + "name": "NotificationDeliveryMechanism", + "modelAsString": true + } + }, + "notificationLevel": { + "type": "string", + "description": "The notification level.", + "enum": [ + "None", + "Critical", + "All" + ], + "x-ms-enum": { + "name": "NotificationLevel", + "modelAsString": true + } + }, + "recipientType": { + "type": "string", + "description": "The recipient type.", + "enum": [ + "Requestor", + "Approver", + "Admin" + ], + "x-ms-enum": { + "name": "RecipientType", + "modelAsString": true + } + }, + "notificationRecipients": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list notification recipients." + }, + "isDefaultRecipientsEnabled": { + "type": "boolean", + "description": "Its value determine if the notification need to be sent to the recipient type specified in policy rule." + } + } + }, + "RoleManagementPolicyRuleTarget": { + "description": "The role management policy rule target.", + "type": "object", + "properties": { + "caller": { + "type": "string", + "description": "The caller of the setting." + }, + "operations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The type of operation." + }, + "level": { + "type": "string", + "description": "The assignment level to which it is applied." + }, + "targetObjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target objects." + }, + "inheritableSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of inheritable settings." + }, + "enforcedSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of enforced settings." + } + } + }, + "RoleManagementPolicyRuleType": { + "type": "string", + "description": "The type of rule", + "enum": [ + "RoleManagementPolicyApprovalRule", + "RoleManagementPolicyAuthenticationContextRule", + "RoleManagementPolicyEnablementRule", + "RoleManagementPolicyExpirationRule", + "RoleManagementPolicyNotificationRule" + ], + "x-ms-enum": { + "name": "RoleManagementPolicyRuleType", + "modelAsString": true + } + }, + "PolicyProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "readOnly": true, + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + } + }, + "type": "object" + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json new file mode 100644 index 000000000000..89d75009d609 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json @@ -0,0 +1,384 @@ +{ + "swagger": "2.0", + "info": { + "title": "AuthorizationManagementClient", + "version": "2020-10-01-preview", + "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "consumes": [ + "application/json" + ], + "produces": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments/{roleManagementPolicyAssignmentName}": { + "get": { + "tags": [ + "roleManagementPolicyAssignments" + ], + "operationId": "RoleManagementPolicyAssignments_Get", + "description": "Get the specified role management policy assignment for a resource scope", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of format {guid_guid} the role management policy assignment to get." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role management policy.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "GetConfigurations": { + "$ref": "./examples/GetRoleManagementPolicyAssignmentByName.json" + } + } + }, + "put": { + "tags": [ + "roleManagementPolicyAssignments" + ], + "operationId": "RoleManagementPolicyAssignments_Create", + "description": "Create a role management policy assignment", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy assignment to upsert.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of format {guid_guid} the role management policy assignment to upsert." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleManagementPolicyAssignment" + }, + "description": "Parameters for the role management policy assignment." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "201": { + "description": "Created - Returns the created or updated policy assignment.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicyAssignment" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "PutRoleManagementPolicyAssignment": { + "$ref": "./examples/PutRoleManagementPolicyAssignment.json" + } + } + }, + "delete": { + "tags": [ + "roleManagementPolicyAssignments" + ], + "operationId": "RoleManagementPolicyAssignments_Delete", + "description": "Delete a role management policy assignment", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy assignment to delete.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleManagementPolicyAssignmentName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of format {guid_guid} the role management policy assignment to delete." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Successfully deleted the policy assignment." + }, + "204": { + "description": "NoContent - policy assignment does not exists." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "DeleteRoleManagementPolicyAssignment": { + "$ref": "./examples/DeleteRoleManagementPolicyAssignment.json" + } + } + } + }, + "/{scope}/providers/Microsoft.Authorization/roleManagementPolicyAssignments": { + "get": { + "tags": [ + "roleManagementPolicyAssignments" + ], + "operationId": "RoleManagementPolicyAssignments_ListForScope", + "description": "Gets role management assignment policies for a resource scope.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role management policy.", + "x-ms-skip-url-encoding": true + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns an array of role management policies.", + "schema": { + "$ref": "#/definitions/RoleManagementPolicyAssignmentListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + }, + "x-ms-examples": { + "GetRoleManagementPolicyAssignmentByScope": { + "$ref": "./examples/GetRoleManagementPolicyAssignmentByScope.json" + } + } + } + } + }, + "definitions": { + "RoleManagementPolicyAssignment": { + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The role management policy Id." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The role management policy name." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The role management policy type." + }, + "properties": { + "x-ms-client-flatten": true, + "$ref": "#/definitions/RoleManagementPolicyAssignmentProperties", + "description": "Role management policy properties." + } + }, + "type": "object", + "description": "Role management policy" + }, + "RoleManagementPolicyAssignmentProperties": { + "properties": { + "scope": { + "type": "string", + "description": "The role management policy scope." + }, + "roleDefinitionId": { + "type": "string", + "description": "The role definition of management policy assignment." + }, + "policyId": { + "type": "string", + "description": "The policy id role management policy assignment." + }, + "policyAssignmentProperties": { + "readOnly": true, + "type": "object", + "description": "Additional properties of scope, role definition and policy", + "$ref": "#/definitions/PolicyAssignmentProperties" + } + }, + "type": "object", + "description": "Role management policy assignment properties with scope." + }, + "RoleManagementPolicyAssignmentListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleManagementPolicyAssignment" + }, + "description": "Role management policy assignment list." + }, + "nextLink": { + "type": "string", + "description": "The URL to use for getting the next set of results." + } + }, + "type": "object", + "description": "Role management policy assignment list operation result." + }, + "PolicyAssignmentProperties": { + "properties": { + "scope": { + "type": "object", + "description": "Details of the resource scope", + "properties": { + "id": { + "type": "string", + "description": "Scope id of the resource" + }, + "displayName": { + "type": "string", + "description": "Display name of the resource" + }, + "type": { + "type": "string", + "description": "Type of the resource" + } + } + }, + "roleDefinition": { + "type": "object", + "description": "Details of role definition", + "properties": { + "id": { + "type": "string", + "description": "Id of the role definition" + }, + "displayName": { + "type": "string", + "description": "Display name of the role definition" + }, + "type": { + "type": "string", + "description": "Type of the role definition" + } + } + }, + "policy": { + "type": "object", + "description": "Details of the policy", + "properties": { + "id": { + "type": "string", + "description": "Id of the policy" + }, + "lastModifiedBy": { + "$ref": "./common-types.json#/definitions/Principal" + }, + "lastModifiedDateTime": { + "type": "string", + "format": "date-time", + "description": "The last modified date time." + } + } + } + }, + "type": "object" + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "$ref": "#/definitions/CloudErrorBody" + } + }, + "type": "object", + "description": "An error response from the service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + } + }, + "type": "object", + "description": "An error response from the service." + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json new file mode 100644 index 000000000000..3c0fb90b0621 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json @@ -0,0 +1,116 @@ +{ + "swagger": "2.0", + "info": { + "version": "2020-10-01-preview", + "title": "AuthorizationManagementClient" + }, + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": {}, + "definitions": { + "Permission": { + "properties": { + "actions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed actions." + }, + "notActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied actions." + }, + "dataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Allowed Data actions." + }, + "notDataActions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "Denied Data actions." + } + }, + "type": "object", + "description": "Role definition permissions." + }, + "Principal": { + "readOnly": true, + "type": "object", + "description": "The name of the entity last modified it", + "properties": { + "id": { + "type": "string", + "description": "The id of the principal made changes" + }, + "displayName": { + "type": "string", + "description": "The name of the principal made changes" + }, + "type": { + "type": "string", + "description": "Type of principal such as user , group etc" + }, + "email": { + "type": "string", + "description": "Email of principal" + } + } + } + }, + "parameters": { + "ResourceProviderNamespaceParameter": { + "name": "resourceProviderNamespace", + "in": "path", + "required": true, + "type": "string", + "description": "The namespace of the resource provider.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ResourceTypeParameter": { + "name": "resourceType", + "in": "path", + "required": true, + "type": "string", + "description": "The resource type name. For example the type name of a web app is 'sites' (from Microsoft.Web/sites).", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ResourceNameParameter": { + "name": "resourceName", + "in": "path", + "required": true, + "type": "string", + "description": "The resource name.", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + }, + "ScopeParameter": { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the operation or resource. Valid scopes are: subscription (format: '/subscriptions/{subscriptionId}'), resource group (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}', or resource (format: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/[{parentResourcePath}/]{resourceType}/{resourceName}'", + "x-ms-skip-url-encoding": true, + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..12010a0260c3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,10 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..81c5d55f7320 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,10 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json new file mode 100644 index 000000000000..2deccf44affd --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json @@ -0,0 +1,11 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json new file mode 100644 index 000000000000..5b8fd9b70f22 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json @@ -0,0 +1,11 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyAssignmentName": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json new file mode 100644 index 000000000000..76cb6f443086 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "api-version": "2020-10-01-preview", + "$filter": "resourceType+eq+'resourcegroup'" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "name": "RG-1", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/resourceGroups/RG-1", + "type": "resourcegroup" + }, + { + "name": "RG-2", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/resourceGroups/RG-2", + "type": "resourcegroup" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json new file mode 100644 index 000000000000..a71aa12566fe --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleName": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "assignmentType": "Assigned", + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleAssignmentScheduleRequestId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "updatedOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "type": "Microsoft.Authorization/RoleAssignmentSchedules" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json new file mode 100644 index 000000000000..bc7afb86410d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json @@ -0,0 +1,52 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleInstanceName": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "originRoleAssignmentId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignments/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "linkedRoleEligibilityScheduleInstanceId": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "assignmentType": "Assigned", + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Accepted", + "roleAssignmentScheduleId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "type": "Microsoft.Authorization/RoleAssignmentScheduleInstances" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json new file mode 100644 index 000000000000..c43b3cc2d43e --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json @@ -0,0 +1,56 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "originRoleAssignmentId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignments/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "linkedRoleEligibilityScheduleInstanceId": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "assignmentType": "Assigned", + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Accepted", + "roleAssignmentScheduleId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "type": "Microsoft.Authorization/RoleAssignmentScheduleInstances" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..a9f0442b637f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,62 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json new file mode 100644 index 000000000000..b15b3cc2edec --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json @@ -0,0 +1,66 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json new file mode 100644 index 000000000000..d2d087f53b23 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json @@ -0,0 +1,55 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "assignmentType": "Assigned", + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleAssignmentScheduleRequestId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "startDateTime": "2020-09-09T21:35:27.91Z", + "endDateTime": "2020-09-10T05:35:17.91Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:35:27.91Z", + "updatedOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "type": "Microsoft.Authorization/RoleAssignmentSchedules" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json new file mode 100644 index 000000000000..fed3924b122e --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json @@ -0,0 +1,49 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleName": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleRequestId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "startDateTime": "2020-09-09T21:33:14.557Z", + "endDateTime": "2021-09-09T21:32:28.49Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:33:06.3Z", + "updatedOn": "2020-09-09T22:27:00.513Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "type": "Microsoft.Authorization/RoleEligibilitySchedules" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json new file mode 100644 index 000000000000..af39532a34d2 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleInstanceName": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "startDateTime": "2020-09-10T00:32:36.86Z", + "endDateTime": "2021-09-10T00:31:41.477Z", + "memberType": "Direct", + "createdOn": "2020-09-10T00:32:36.86Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "type": "Microsoft.Authorization/RoleEligibilityScheduleInstances" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json new file mode 100644 index 000000000000..829f0410d347 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json @@ -0,0 +1,52 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "startDateTime": "2020-09-10T00:32:36.86Z", + "endDateTime": "2021-09-10T00:31:41.477Z", + "memberType": "Direct", + "createdOn": "2020-09-10T00:32:36.86Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "type": "Microsoft.Authorization/RoleEligibilityScheduleInstances" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..53f10851ec93 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,62 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json new file mode 100644 index 000000000000..9bfca5590185 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json @@ -0,0 +1,66 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityRequests" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json new file mode 100644 index 000000000000..a635a7f135c5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json @@ -0,0 +1,53 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "status": "Provisioned", + "roleEligibilityScheduleRequestId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "startDateTime": "2020-09-09T21:33:14.557Z", + "endDateTime": "2021-09-09T21:32:28.49Z", + "memberType": "Direct", + "createdOn": "2020-09-09T21:33:06.3Z", + "updatedOn": "2020-09-09T22:27:00.513Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "type": "Microsoft.Authorization/RoleEligibilitySchedules" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json new file mode 100644 index 000000000000..95d0531850d9 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json @@ -0,0 +1,43 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyAssignmentName": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "policyAssignmentProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "displayName": "FHIR Data Converter", + "type": "BuiltInRole" + }, + "policy": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "lastModifiedDateTime": null + } + } + }, + "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json new file mode 100644 index 000000000000..37f17032cbb3 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json @@ -0,0 +1,46 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "policyAssignmentProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "displayName": "FHIR Data Converter", + "type": "BuiltInRole" + }, + "policy": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "lastModifiedDateTime": null + } + } + }, + "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json new file mode 100644 index 000000000000..24eb61daaa85 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json @@ -0,0 +1,732 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastModifiedDateTime": "2021-03-17T02:54:27.167+00:00", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "rules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + } + } + }, + "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "type": "Microsoft.Authorization/RoleManagementPolicies" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json new file mode 100644 index 000000000000..7b12f8c8e2a0 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json @@ -0,0 +1,735 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastModifiedDateTime": "2021-03-17T02:54:27.167+00:00", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "rules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + } + } + }, + "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "type": "Microsoft.Authorization/RoleManagementPolicies" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json new file mode 100644 index 000000000000..6b8c3ce11adc --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json @@ -0,0 +1,775 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ] + } + } + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastModifiedDateTime": "2021-03-17T16:35:27.91+00:00", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + } + } + }, + "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "type": "Microsoft.Authorization/RoleManagementPolicies" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json new file mode 100644 index 000000000000..fa90678e6b8f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json @@ -0,0 +1,1084 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ] + } + } + }, + "responses": { + "200": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": null, + "description": null, + "isOrganizationDefault": false, + "lastModifiedDateTime": "2021-03-17T16:35:27.91+00:00", + "lastModifiedBy": { + "id": null, + "displayName": "Admin", + "type": null, + "email": null + }, + "rules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "effectiveRules": [ + { + "isExpirationRequired": false, + "maximumDuration": "P180D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "Justification", + "MultiFactorAuthentication", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], + "policyProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + } + } + }, + "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "type": "Microsoft.Authorization/RoleManagementPolicies" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json new file mode 100644 index 000000000000..e374bb892137 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json @@ -0,0 +1,80 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "SelfActivate", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01-preview" + }, + "responses": { + "201": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json new file mode 100644 index 000000000000..5d8dc971105d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json @@ -0,0 +1,79 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "AdminAssign", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2020-10-01-preview" + }, + "responses": { + "201": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json new file mode 100644 index 000000000000..54fd4ac29539 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json @@ -0,0 +1,45 @@ +{ + "parameters": { + "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleManagementPolicyAssignmentName": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "policyAssignmentProperties": { + "scope": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "displayName": "FHIR Data Converter", + "type": "BuiltInRole" + }, + "policy": { + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "lastModifiedBy": null, + "lastModifiedDateTime": null + } + } + }, + "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json new file mode 100644 index 000000000000..b172307d1b28 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json @@ -0,0 +1,41 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json new file mode 100644 index 000000000000..11ded8825d3a --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json new file mode 100644 index 000000000000..37a69263995f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json new file mode 100644 index 000000000000..60c5abcccc2c --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json @@ -0,0 +1,42 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "201": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + }, + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json new file mode 100644 index 000000000000..d8b002860e45 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json @@ -0,0 +1,23 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + }, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json new file mode 100644 index 000000000000..a414596e76e5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + }, + "204": {} + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json new file mode 100644 index 000000000000..93052cf0c395 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json new file mode 100644 index 000000000000..a5d8de87a3ad --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json @@ -0,0 +1,21 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json new file mode 100644 index 000000000000..85683823c41f --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "resourceGroupName": "testrg", + "resourceProviderNamespace": "Microsoft.DocumentDb", + "resourceType": "databaseAccounts", + "resourceName": "test-db-account", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + }, + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/96786e4b-dede-4c2e-8736-8ab911987f08", + "type": "Microsoft.Authorization/roleAssignments", + "name": "96786e4b-dede-4c2e-8736-8ab911987f08" + }, + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", + "type": "Microsoft.Authorization/roleAssignments", + "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json new file mode 100644 index 000000000000..80054fb926d5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json @@ -0,0 +1,37 @@ +{ + "parameters": { + "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "resourceGroupName": "testrg", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + }, + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/96786e4b-dede-4c2e-8736-8ab911987f08", + "type": "Microsoft.Authorization/roleAssignments", + "name": "96786e4b-dede-4c2e-8736-8ab911987f08" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json new file mode 100644 index 000000000000..fde73619393d --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json new file mode 100644 index 000000000000..91082f6498b2 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "api-version": "2020-10-01-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User", + "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" + }, + "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "type": "Microsoft.Authorization/roleAssignments", + "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" + } + ] + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json new file mode 100644 index 000000000000..7f5a3391adf5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json @@ -0,0 +1,24 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": false, + "errorInfo": { + "code": "InvalidRoleDefinitionId", + "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." + } + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json new file mode 100644 index 000000000000..e533ed6a6352 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json @@ -0,0 +1,20 @@ +{ + "parameters": { + "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": true + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json new file mode 100644 index 000000000000..9fdd04ebcaf5 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": false, + "errorInfo": { + "code": "InvalidRoleDefinitionId", + "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." + } + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json new file mode 100644 index 000000000000..c6065de7bdae --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json @@ -0,0 +1,21 @@ +{ + "parameters": { + "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", + "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", + "api-version": "2020-10-01-preview", + "parameters": { + "properties": { + "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", + "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", + "principalType": "User" + } + } + }, + "responses": { + "200": { + "body": { + "isValid": true + } + } + } +} From b8850cce835ad3329318f43d070fa56544013e93 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Tue, 29 Mar 2022 11:31:47 -0700 Subject: [PATCH 02/11] Remove -preview tag from 2020-10-01 --- .../stable/2020-10-01/EligibleChildResources.json | 2 +- .../stable/2020-10-01/RoleAssignmentSchedule.json | 2 +- .../stable/2020-10-01/RoleAssignmentScheduleInstance.json | 2 +- .../stable/2020-10-01/RoleAssignmentScheduleRequest.json | 2 +- .../stable/2020-10-01/RoleEligibilitySchedule.json | 2 +- .../stable/2020-10-01/RoleEligibilityScheduleInstance.json | 2 +- .../stable/2020-10-01/RoleEligibilityScheduleRequest.json | 2 +- .../stable/2020-10-01/RoleManagementPolicy.json | 2 +- .../stable/2020-10-01/RoleManagementPolicyAssignment.json | 2 +- .../Microsoft.Authorization/stable/2020-10-01/common-types.json | 2 +- .../examples/CancelRoleAssignmentScheduleRequestByName.json | 2 +- .../examples/CancelRoleEligibilityScheduleRequestByName.json | 2 +- .../stable/2020-10-01/examples/DeleteRoleManagementPolicy.json | 2 +- .../examples/DeleteRoleManagementPolicyAssignment.json | 2 +- .../2020-10-01/examples/GetEligibleChildResourcesByScope.json | 2 +- .../2020-10-01/examples/GetRoleAssignmentScheduleByName.json | 2 +- .../examples/GetRoleAssignmentScheduleInstanceByName.json | 2 +- .../examples/GetRoleAssignmentScheduleInstancesByScope.json | 2 +- .../examples/GetRoleAssignmentScheduleRequestByName.json | 2 +- .../examples/GetRoleAssignmentScheduleRequestByScope.json | 2 +- .../2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json | 2 +- .../2020-10-01/examples/GetRoleEligibilityScheduleByName.json | 2 +- .../examples/GetRoleEligibilityScheduleInstanceByName.json | 2 +- .../examples/GetRoleEligibilityScheduleInstancesByScope.json | 2 +- .../examples/GetRoleEligibilityScheduleRequestByName.json | 2 +- .../examples/GetRoleEligibilityScheduleRequestByScope.json | 2 +- .../2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json | 2 +- .../examples/GetRoleManagementPolicyAssignmentByName.json | 2 +- .../examples/GetRoleManagementPolicyAssignmentByScope.json | 2 +- .../2020-10-01/examples/GetRoleManagementPolicyByName.json | 2 +- .../2020-10-01/examples/GetRoleManagementPolicyByScope.json | 2 +- .../2020-10-01/examples/PatchPartialRoleManagementPolicy.json | 2 +- .../stable/2020-10-01/examples/PatchRoleManagementPolicy.json | 2 +- .../2020-10-01/examples/PutRoleAssignmentScheduleRequest.json | 2 +- .../2020-10-01/examples/PutRoleEligibilityScheduleRequest.json | 2 +- .../2020-10-01/examples/PutRoleManagementPolicyAssignment.json | 2 +- .../stable/2020-10-01/examples/RoleAssignments_CreateById.json | 2 +- .../2020-10-01/examples/RoleAssignments_CreateForResource.json | 2 +- .../examples/RoleAssignments_CreateForResourceGroup.json | 2 +- .../examples/RoleAssignments_CreateForSubscription.json | 2 +- .../stable/2020-10-01/examples/RoleAssignments_Delete.json | 2 +- .../stable/2020-10-01/examples/RoleAssignments_DeleteById.json | 2 +- .../stable/2020-10-01/examples/RoleAssignments_Get.json | 2 +- .../stable/2020-10-01/examples/RoleAssignments_GetById.json | 2 +- .../2020-10-01/examples/RoleAssignments_ListForResource.json | 2 +- .../examples/RoleAssignments_ListForResourceGroup.json | 2 +- .../2020-10-01/examples/RoleAssignments_ListForScope.json | 2 +- .../examples/RoleAssignments_ListForSubscription.json | 2 +- .../examples/RoleAssignments_ValidateByIdInvalid.json | 2 +- .../2020-10-01/examples/RoleAssignments_ValidateByIdValid.json | 2 +- .../2020-10-01/examples/RoleAssignments_ValidateInvalid.json | 2 +- .../2020-10-01/examples/RoleAssignments_ValidateValid.json | 2 +- 52 files changed, 52 insertions(+), 52 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json index 2660c051713c..ad8390f5ec56 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2020-10-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json index 7046e5620434..63dbf6ac245d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2020-10-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json index 510f6fdd58bb..db3b478005e3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2020-10-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json index 70527b318b19..868f08238455 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2020-10-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json index 03dbe865e556..c1ce76de975b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2020-10-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json index 449f8337b337..f7324ea02362 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2020-10-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json index bfd5c9995aaa..ef73929b4e90 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2020-10-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role eligibility grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json index 0b378e9a5b4e..4f21ff15a45e 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2020-10-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json index 89d75009d609..452106e20f2f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json @@ -2,7 +2,7 @@ "swagger": "2.0", "info": { "title": "AuthorizationManagementClient", - "version": "2020-10-01-preview", + "version": "2020-10-01", "description": "Role based access control provides you a way to apply granular level policy administration down to individual resources or resource groups. These operations enable you to manage role assignments. A role assignment grants access to Azure Active Directory users." }, "host": "management.azure.com", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json index 3c0fb90b0621..403a3ad36221 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json @@ -1,7 +1,7 @@ { "swagger": "2.0", "info": { - "version": "2020-10-01-preview", + "version": "2020-10-01", "title": "AuthorizationManagementClient" }, "securityDefinitions": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json index 12010a0260c3..5226f6a4623a 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleAssignmentScheduleRequestByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": {} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json index 81c5d55f7320..9abd0376b0b0 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/CancelRoleEligibilityScheduleRequestByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": {} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json index 2deccf44affd..ed27563fbbe7 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicy.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": {}, diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json index 5b8fd9b70f22..8db2585f06b0 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/DeleteRoleManagementPolicyAssignment.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleManagementPolicyAssignmentName": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": {}, diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json index 76cb6f443086..bcebb1ec6b8d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "$filter": "resourceType+eq+'resourcegroup'" }, "responses": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json index a71aa12566fe..d434d086b6cf 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleAssignmentScheduleName": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json index bc7afb86410d..1d4a0c8cf07b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleAssignmentScheduleInstanceName": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json index c43b3cc2d43e..5b9a70ff32d7 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json index a9f0442b637f..a941bb4e82e3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json index b15b3cc2edec..cf8bae8c747c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json index d2d087f53b23..f5b6940c336d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json index fed3924b122e..b21a80228234 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleEligibilityScheduleName": "b1477448-2cc6-4ceb-93b4-54a202a89413", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json index af39532a34d2..6010b59e6b91 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleEligibilityScheduleInstanceName": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json index 829f0410d347..f0144aa702a8 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json index 53f10851ec93..88fd14fa11cd 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json index 9bfca5590185..9a054b60e47e 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "$filter": "assignedTo('A3BB8764-CB92-4276-9D2A-CA1E895E55EA')", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json index a635a7f135c5..87e156bcf713 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "$filter": "assignedTo('a3bb8764-cb92-4276-9d2a-ca1e895e55ea')", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json index 95d0531850d9..70747e87f1aa 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleManagementPolicyAssignmentName": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json index 37f17032cbb3..05e0998316c2 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json index 24eb61daaa85..53bf7f514a00 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json index 7b12f8c8e2a0..230273bfff1a 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json index 6b8c3ce11adc..26ccb631a864 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "rules": [ diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json index fa90678e6b8f..e9f28d89bac0 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleManagementPolicyName": "570c3619-7688-4b34-b290-2b8bb3ccab2a", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "rules": [ diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json index e374bb892137..3fcaca3db2aa 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json @@ -20,7 +20,7 @@ "conditionVersion": "1.0" } }, - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "201": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json index 5d8dc971105d..a5efbbe6a279 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json @@ -19,7 +19,7 @@ "conditionVersion": "1.0" } }, - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "201": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json index 54fd4ac29539..db41bb686f57 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json @@ -2,7 +2,7 @@ "parameters": { "scope": "providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleManagementPolicyAssignmentName": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json index b172307d1b28..f4add2af51d3 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json index 11ded8825d3a..9a078b072a7d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json index 37a69263995f..04eeb9ba9b9d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json index 60c5abcccc2c..ce7b16e465fd 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json index d8b002860e45..30b6b869b345 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json index a414596e76e5..bed5e8734118 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json index 93052cf0c395..959b45f6971f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json index a5d8de87a3ad..c7ef752dc5c8 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json index 85683823c41f..2acccbf7e257 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json @@ -5,7 +5,7 @@ "resourceProviderNamespace": "Microsoft.DocumentDb", "resourceType": "databaseAccounts", "resourceName": "test-db-account", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json index 80054fb926d5..5507f00e9eaf 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json @@ -2,7 +2,7 @@ "parameters": { "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "resourceGroupName": "testrg", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json index fde73619393d..cde921d6a676 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json @@ -1,7 +1,7 @@ { "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json index 91082f6498b2..c484aadd1d09 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json @@ -1,7 +1,7 @@ { "parameters": { "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "api-version": "2020-10-01-preview" + "api-version": "2020-10-01" }, "responses": { "200": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json index 7f5a3391adf5..f88b44819a20 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json index e533ed6a6352..a602db6c4b75 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json @@ -1,7 +1,7 @@ { "parameters": { "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json index 9fdd04ebcaf5..a31e9171769f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json index c6065de7bdae..ee763d42798d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json @@ -2,7 +2,7 @@ "parameters": { "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01-preview", + "api-version": "2020-10-01", "parameters": { "properties": { "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", From 3623ee5974e89088aaa4eb0f0fa1d0b173bd02ff Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Tue, 29 Mar 2022 11:36:31 -0700 Subject: [PATCH 03/11] Update readme.md --- .../authorization/resource-manager/readme.md | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 6b8cdfd52385..904af8a864c6 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -82,6 +82,29 @@ directive: reason: common-types doesn't need to reference api version. ``` +### Tag: package-2020-10-01 + +These settings apply only when `--tag=package-2020-10-01` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01' +input-file: +- Microsoft.Authorization/stable/2015-07-01/authorization-RoleDefinitionsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ProviderOperationsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ElevateAccessCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-RoleAssignmentsCalls.json +- Microsoft.Authorization/stable/2015-07-01/authorization-ClassicAdminCalls.json +- Microsoft.Authorization/stable/2020-10-01/common-types.json +- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +``` + ### Tag: package-2022-04-01-preview-only These settings apply only when `--tag=package-2022-04-01-preview-only` is specified on the command line. From f10eba2912f3d99e5ddea7e7fb94359091d57a18 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Tue, 29 Mar 2022 11:42:00 -0700 Subject: [PATCH 04/11] [New Change] Add /validate to request models --- .../RoleAssignmentScheduleRequest.json | 57 +++++++++++++ .../RoleEligibilityScheduleRequest.json | 57 +++++++++++++ ...teRoleAssignmentScheduleRequestByName.json | 80 +++++++++++++++++++ ...eRoleEligibilityScheduleRequestByName.json | 79 ++++++++++++++++++ 4 files changed, 273 insertions(+) create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json create mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json index 868f08238455..5409e4bb0d7d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json @@ -233,6 +233,63 @@ } } } + }, + "/{scope}/providers/Microsoft.Authorization/roleAssignmentScheduleRequests/{roleAssignmentScheduleRequestName}/validate": { + "post": { + "tags": [ + "RoleAssignmentScheduleRequests" + ], + "operationId": "RoleAssignmentScheduleRequests_Validate", + "description": "Validates a new role assignment schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role assignment request to validate.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleAssignmentScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role assignment request to validate." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + }, + "description": "Parameters for the role assignment schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role assignment request.", + "schema": { + "$ref": "#/definitions/RoleAssignmentScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "ValidateRoleAssignmentScheduleRequestByName": { + "$ref": "./examples/ValidateRoleAssignmentScheduleRequestByName.json" + } + } + } } }, "definitions": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json index ef73929b4e90..70ed7792f6c8 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -233,6 +233,63 @@ } } } + }, + "/{scope}/providers/Microsoft.Authorization/roleEligibilityScheduleRequests/{roleEligibilityScheduleRequestName}/validate": { + "post": { + "tags": [ + "RoleEligibilityScheduleRequests" + ], + "operationId": "RoleEligibilityScheduleRequests_Validate", + "description": "Validates a new role eligibility schedule request.", + "parameters": [ + { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The scope of the role eligibility request to validate.", + "x-ms-skip-url-encoding": true + }, + { + "name": "roleEligibilityScheduleRequestName", + "in": "path", + "required": true, + "type": "string", + "description": "The name of the role eligibility request to validate." + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + }, + "description": "Parameters for the role eligibility schedule request." + }, + { + "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK - Returns information about the role eligibility schedule request.", + "schema": { + "$ref": "#/definitions/RoleEligibilityScheduleRequest" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-examples": { + "ValidateRoleEligibilityScheduleRequestByName": { + "$ref": "./examples/ValidateRoleEligibilityScheduleRequestByName.json" + } + } + } } }, "definitions": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json new file mode 100644 index 000000000000..b76a28b4e7c6 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json @@ -0,0 +1,80 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleAssignmentScheduleRequestName": "fea7a502-9a96-4806-a26f-eee560e52045", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "SelfActivate", + "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2022-04-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "targetRoleAssignmentScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "SelfActivate", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:35:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "PT8H" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:35:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" + } + } + } +} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json new file mode 100644 index 000000000000..b36177539fd6 --- /dev/null +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json @@ -0,0 +1,79 @@ +{ + "parameters": { + "scope": "subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleEligibilityScheduleRequestName": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "parameters": { + "properties": { + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "requestType": "AdminAssign", + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0" + } + }, + "api-version": "2022-04-01" + }, + "responses": { + "200": { + "body": { + "properties": { + "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", + "targetRoleEligibilityScheduleInstanceId": null, + "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "principalType": "User", + "requestType": "AdminAssign", + "status": "Provisioned", + "approvalId": null, + "scheduleInfo": { + "startDateTime": "2020-09-09T21:31:27.91Z", + "expiration": { + "type": "AfterDuration", + "endDateTime": null, + "duration": "P365D" + } + }, + "ticketInfo": { + "ticketNumber": null, + "ticketSystem": null + }, + "justification": null, + "requestorId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "createdOn": "2020-09-09T21:32:27.91Z", + "condition": "@Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase 'foo_storage_container'", + "conditionVersion": "1.0", + "expandedProperties": { + "scope": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "displayName": "Pay-As-You-Go", + "type": "subscription" + }, + "roleDefinition": { + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", + "displayName": "Contributor", + "type": "BuiltInRole" + }, + "principal": { + "id": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", + "displayName": "User Account", + "email": "user@my-tenant.com", + "type": "User" + } + } + }, + "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "type": "Microsoft.Authorization/RoleEligibilityScheduleRequests" + } + } + } +} From dcc4a8b481241b05c74667a201258b1f35f1ac08 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Tue, 29 Mar 2022 11:53:58 -0700 Subject: [PATCH 05/11] [New] Add effectiveRules in policyAsignment model --- .../RoleManagementPolicyAssignment.json | 335 +++++++++++++++++ ...tRoleManagementPolicyAssignmentByName.json | 348 ++++++++++++++++++ ...RoleManagementPolicyAssignmentByScope.json | 348 ++++++++++++++++++ .../PutRoleManagementPolicyAssignment.json | 348 ++++++++++++++++++ 4 files changed, 1379 insertions(+) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json index 452106e20f2f..2f2a8f07f4a1 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json @@ -269,6 +269,14 @@ "type": "string", "description": "The policy id role management policy assignment." }, + "effectiveRules": { + "type": "array", + "items": { + "$ref": "#/definitions/RoleManagementPolicyRule" + }, + "readOnly": true, + "description": "The readonly computed rule applied to the policy." + }, "policyAssignmentProperties": { "readOnly": true, "type": "object", @@ -355,6 +363,333 @@ }, "type": "object" }, + "RoleManagementPolicyRule": { + "description": "The role management policy rule.", + "type": "object", + "required": [ + "ruleType" + ], + "discriminator": "ruleType", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/RoleManagementPolicyRuleType" + }, + "target": { + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", + "description": "The target of the current rule." + } + } + }, + "RoleManagementPolicyRuleType": { + "type": "string", + "description": "The type of rule", + "enum": [ + "RoleManagementPolicyApprovalRule", + "RoleManagementPolicyAuthenticationContextRule", + "RoleManagementPolicyEnablementRule", + "RoleManagementPolicyExpirationRule", + "RoleManagementPolicyNotificationRule" + ], + "x-ms-enum": { + "name": "RoleManagementPolicyRuleType", + "modelAsString": true + } + }, + "RoleManagementPolicyRuleTarget": { + "description": "The role management policy rule target.", + "type": "object", + "properties": { + "caller": { + "type": "string", + "description": "The caller of the setting." + }, + "operations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The type of operation." + }, + "level": { + "type": "string", + "description": "The assignment level to which it is applied." + }, + "targetObjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target objects." + }, + "inheritableSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of inheritable settings." + }, + "enforcedSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of enforced settings." + } + } + }, + "RoleManagementPolicyApprovalRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "setting": { + "$ref": "#/definitions/ApprovalSettings", + "description": "The approval setting" + } + } + }, + "ApprovalSettings": { + "description": "The approval settings.", + "type": "object", + "properties": { + "isApprovalRequired": { + "type": "boolean", + "description": "Determine whether approval is required or not." + }, + "isApprovalRequiredForExtension": { + "type": "boolean", + "description": "Determine whether approval is required for assignment extension." + }, + "isRequestorJustificationRequired": { + "type": "boolean", + "description": "Determine whether requestor justification required." + }, + "approvalMode": { + "type": "string", + "description": "The type of rule", + "enum": [ + "SingleStage", + "Serial", + "Parallel", + "NoApproval" + ], + "x-ms-enum": { + "name": "ApprovalMode", + "modelAsString": true + } + }, + "approvalStages": { + "type": "array", + "items": { + "$ref": "#/definitions/ApprovalStage" + }, + "x-ms-identifiers": [], + "description": "The approval stages of the request." + } + } + }, + "ApprovalStage": { + "description": "The approval stage.", + "type": "object", + "properties": { + "approvalStageTimeOutInDays": { + "type": "integer", + "format": "int32", + "description": "The time in days when approval request would be timed out." + }, + "isApproverJustificationRequired": { + "type": "boolean", + "description": "Determine whether approver need to provide justification for his decision." + }, + "escalationTimeInMinutes": { + "type": "integer", + "format": "int32", + "description": "The time in minutes when the approval request would be escalated if the primary approver does not approves." + }, + "primaryApprovers": { + "type": "array", + "description": "The primary approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + }, + "isEscalationEnabled": { + "type": "boolean", + "description": "The value determine whether escalation feature is enabled." + }, + "escalationApprovers": { + "type": "array", + "description": "The escalation approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + } + } + }, + "UserSet": { + "description": "The detail of a user.", + "type": "object", + "properties": { + "userType": { + "type": "string", + "description": "The type of user.", + "enum": [ + "User", + "Group" + ], + "x-ms-enum": { + "name": "UserType", + "modelAsString": true + } + }, + "isBackup": { + "type": "boolean", + "description": "The value indicating whether the user is a backup fallback approver" + }, + "id": { + "type": "string", + "description": "The object id of the user." + }, + "description": { + "type": "string", + "description": "The description of the user." + } + } + }, + "RoleManagementPolicyAuthenticationContextRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "The value indicating if rule is enabled." + }, + "claimValue": { + "type": "string", + "description": "The claim value." + } + } + }, + "RoleManagementPolicyEnablementRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "enabledRules": { + "type": "array", + "items": { + "type": "string", + "description": "The type of enable rules", + "enum": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "x-ms-enum": { + "name": "EnablementRules", + "modelAsString": true + } + }, + "description": "The list of enabled rules." + } + } + }, + "RoleManagementPolicyExpirationRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isExpirationRequired": { + "type": "boolean", + "description": "The value indicating whether expiration is required." + }, + "maximumDuration": { + "type": "string", + "description": "The maximum duration of expiration in timespan." + } + } + }, + "RoleManagementPolicyNotificationRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "notificationType": { + "type": "string", + "description": "The type of notification.", + "enum": [ + "Email" + ], + "x-ms-enum": { + "name": "NotificationDeliveryMechanism", + "modelAsString": true + } + }, + "notificationLevel": { + "type": "string", + "description": "The notification level.", + "enum": [ + "None", + "Critical", + "All" + ], + "x-ms-enum": { + "name": "NotificationLevel", + "modelAsString": true + } + }, + "recipientType": { + "type": "string", + "description": "The recipient type.", + "enum": [ + "Requestor", + "Approver", + "Admin" + ], + "x-ms-enum": { + "name": "RecipientType", + "modelAsString": true + } + }, + "notificationRecipients": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list notification recipients." + }, + "isDefaultRecipientsEnabled": { + "type": "boolean", + "description": "Its value determine if the notification need to be sent to the recipient type specified in policy rule." + } + } + }, "CloudError": { "x-ms-external": true, "properties": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json index 70747e87f1aa..9bdf4abbd4bc 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json @@ -11,6 +11,354 @@ "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], "policyAssignmentProperties": { "scope": { "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json index 05e0998316c2..135703593a51 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json @@ -12,6 +12,354 @@ "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], "policyAssignmentProperties": { "scope": { "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json index db41bb686f57..ecbdb5f4d6c7 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json @@ -18,6 +18,354 @@ "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "effectiveRules": [ + { + "enabledRules": [], + "id": "Enablement_Admin_Eligibility", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Eligibility", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_eligible@test.com" + ], + "id": "Notification_Admin_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_eligible@test.com" + ], + "id": "Notification_Requestor_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_eligible@test.com" + ], + "id": "Notification_Approver_Admin_Eligibility", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Eligibility", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification" + ], + "id": "Enablement_Admin_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": false, + "maximumDuration": "P90D", + "id": "Expiration_Admin_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_admin_member@test.com" + ], + "id": "Notification_Admin_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_admin_member@test.com" + ], + "id": "Notification_Requestor_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "approver_admin_member@test.com" + ], + "id": "Notification_Approver_Admin_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "Admin", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "setting": { + "isApprovalRequired": true, + "isApprovalRequiredForExtension": false, + "isRequestorJustificationRequired": true, + "approvalMode": "SingleStage", + "approvalStages": [ + { + "approvalStageTimeOutInDays": 1, + "isApproverJustificationRequired": true, + "escalationTimeInMinutes": 0, + "primaryApprovers": [ + { + "id": "2385b0f3-5fa9-43cf-8ca4-b01dc97298cd", + "description": "amansw_new_group", + "isBackup": false, + "userType": "Group" + }, + { + "id": "2f4913c9-d15b-406a-9946-1d66a28f2690", + "description": "amansw_group", + "isBackup": false, + "userType": "Group" + } + ], + "isEscalationEnabled": false, + "escalationApprovers": null + } + ] + }, + "id": "Approval_EndUser_Assignment", + "ruleType": "RoleManagementPolicyApprovalRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isEnabled": false, + "claimValue": "", + "id": "AuthenticationContext_EndUser_Assignment", + "ruleType": "RoleManagementPolicyAuthenticationContextRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "enabledRules": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "id": "Enablement_EndUser_Assignment", + "ruleType": "RoleManagementPolicyEnablementRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "isExpirationRequired": true, + "maximumDuration": "PT7H", + "id": "Expiration_EndUser_Assignment", + "ruleType": "RoleManagementPolicyExpirationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Admin", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "admin_enduser_member@test.com" + ], + "id": "Notification_Admin_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Requestor", + "isDefaultRecipientsEnabled": false, + "notificationLevel": "Critical", + "notificationRecipients": [ + "requestor_enduser_member@test.com" + ], + "id": "Notification_Requestor_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + }, + { + "notificationType": "Email", + "recipientType": "Approver", + "isDefaultRecipientsEnabled": true, + "notificationLevel": "Critical", + "notificationRecipients": null, + "id": "Notification_Approver_EndUser_Assignment", + "ruleType": "RoleManagementPolicyNotificationRule", + "target": { + "caller": "EndUser", + "operations": [ + "All" + ], + "level": "Assignment", + "targetObjects": null, + "inheritableSettings": null, + "enforcedSettings": null + } + } + ], "policyAssignmentProperties": { "scope": { "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", From a42616cdd83aba02cec0e9d3c6cd3020bfb78d80 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Tue, 29 Mar 2022 11:57:34 -0700 Subject: [PATCH 06/11] remove /providers/Microsoft.Subscription in exampl --- .../stable/2020-10-01/RoleAssignmentScheduleRequest.json | 2 +- .../stable/2020-10-01/RoleEligibilityScheduleRequest.json | 2 +- .../examples/GetEligibleChildResourcesByScope.json | 4 ++-- .../examples/GetRoleAssignmentScheduleByName.json | 6 +++--- .../examples/GetRoleAssignmentScheduleInstanceByName.json | 8 ++++---- .../GetRoleAssignmentScheduleInstancesByScope.json | 6 +++--- .../examples/GetRoleAssignmentScheduleRequestByName.json | 4 ++-- .../examples/GetRoleAssignmentScheduleRequestByScope.json | 4 ++-- .../examples/GetRoleAssignmentSchedulesByScope.json | 6 +++--- .../examples/GetRoleEligibilityScheduleByName.json | 6 +++--- .../GetRoleEligibilityScheduleInstanceByName.json | 6 +++--- .../GetRoleEligibilityScheduleInstancesByScope.json | 6 +++--- .../examples/GetRoleEligibilityScheduleRequestByName.json | 4 ++-- .../GetRoleEligibilityScheduleRequestByScope.json | 4 ++-- .../examples/GetRoleEligibilitySchedulesByScope.json | 6 +++--- .../examples/GetRoleManagementPolicyAssignmentByName.json | 4 ++-- .../GetRoleManagementPolicyAssignmentByScope.json | 4 ++-- .../examples/GetRoleManagementPolicyByName.json | 2 +- .../examples/GetRoleManagementPolicyByScope.json | 2 +- .../examples/PatchPartialRoleManagementPolicy.json | 2 +- .../2020-10-01/examples/PatchRoleManagementPolicy.json | 2 +- .../examples/PutRoleAssignmentScheduleRequest.json | 4 ++-- .../examples/PutRoleEligibilityScheduleRequest.json | 4 ++-- .../examples/PutRoleManagementPolicyAssignment.json | 6 +++--- .../ValidateRoleAssignmentScheduleRequestByName.json | 4 ++-- .../ValidateRoleEligibilityScheduleRequestByName.json | 4 ++-- 26 files changed, 56 insertions(+), 56 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json index 5409e4bb0d7d..5482d52f453f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json @@ -47,7 +47,7 @@ "in": "path", "required": true, "type": "string", - "description": "The scope of the role assignment schedule request to create. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' for a subscription, '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "description": "The scope of the role assignment schedule request to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", "x-ms-skip-url-encoding": true }, { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json index 70ed7792f6c8..f6ce2ed6839c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -47,7 +47,7 @@ "in": "path", "required": true, "type": "string", - "description": "The scope of the role eligibility schedule request to create. The scope can be any REST resource instance. For example, use '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/' for a subscription, '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/providers/Microsoft.Subscription/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", + "description": "The scope of the role eligibility schedule request to create. The scope can be any REST resource instance. For example, use '/subscriptions/{subscription-id}/' for a subscription, '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}' for a resource group, and '/subscriptions/{subscription-id}/resourceGroups/{resource-group-name}/providers/{resource-provider}/{resource-type}/{resource-name}' for a resource.", "x-ms-skip-url-encoding": true }, { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json index bcebb1ec6b8d..387a6cc7f656 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetEligibleChildResourcesByScope.json @@ -10,12 +10,12 @@ "value": [ { "name": "RG-1", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/resourceGroups/RG-1", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/resourceGroups/RG-1", "type": "resourcegroup" }, { "name": "RG-2", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/resourceGroups/RG-2", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/resourceGroups/RG-2", "type": "resourcegroup" } ] diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json index d434d086b6cf..d9bb7ab2259f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleByName.json @@ -10,12 +10,12 @@ "properties": { "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "assignmentType": "Assigned", - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", "status": "Provisioned", - "roleAssignmentScheduleRequestId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "roleAssignmentScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", "startDateTime": "2020-09-09T21:35:27.91Z", "endDateTime": "2020-09-10T05:35:17.91Z", "memberType": "Direct", @@ -43,7 +43,7 @@ } }, "name": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", "type": "Microsoft.Authorization/RoleAssignmentSchedules" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json index 1d4a0c8cf07b..3bbbf21b258d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstanceByName.json @@ -8,16 +8,16 @@ "200": { "body": { "properties": { - "originRoleAssignmentId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignments/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "originRoleAssignmentId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleAssignments/ed9b8180-cef7-4c77-a63c-b8566ecfc412", "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "linkedRoleEligibilityScheduleInstanceId": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", "assignmentType": "Assigned", - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", "status": "Accepted", - "roleAssignmentScheduleId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "roleAssignmentScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", "startDateTime": "2020-09-09T21:35:27.91Z", "endDateTime": "2020-09-10T05:35:17.91Z", "memberType": "Direct", @@ -44,7 +44,7 @@ } }, "name": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", "type": "Microsoft.Authorization/RoleAssignmentScheduleInstances" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json index 5b9a70ff32d7..e69d3e7d48ed 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleInstancesByScope.json @@ -14,12 +14,12 @@ "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "linkedRoleEligibilityScheduleInstanceId": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", "assignmentType": "Assigned", - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", "status": "Accepted", - "roleAssignmentScheduleId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "roleAssignmentScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", "startDateTime": "2020-09-09T21:35:27.91Z", "endDateTime": "2020-09-10T05:35:17.91Z", "memberType": "Direct", @@ -46,7 +46,7 @@ } }, "name": "ed9b8180-cef7-4c77-a63c-b8566ecfc412", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleInstances/ed9b8180-cef7-4c77-a63c-b8566ecfc412", "type": "Microsoft.Authorization/RoleAssignmentScheduleInstances" } ] diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json index a941bb4e82e3..5e17544c2e0b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByName.json @@ -10,7 +10,7 @@ "properties": { "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "targetRoleAssignmentScheduleInstanceId": null, - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", @@ -54,7 +54,7 @@ } }, "name": "fea7a502-9a96-4806-a26f-eee560e52045", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json index cf8bae8c747c..882fd03c965c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentScheduleRequestByScope.json @@ -12,7 +12,7 @@ "properties": { "targetRoleAssignmentScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "targetRoleAssignmentScheduleInstanceId": null, - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", @@ -56,7 +56,7 @@ } }, "name": "fea7a502-9a96-4806-a26f-eee560e52045", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" } ] diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json index f5b6940c336d..756bb3019f0e 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleAssignmentSchedulesByScope.json @@ -12,12 +12,12 @@ "properties": { "linkedRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "assignmentType": "Assigned", - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", "status": "Provisioned", - "roleAssignmentScheduleRequestId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "roleAssignmentScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", "startDateTime": "2020-09-09T21:35:27.91Z", "endDateTime": "2020-09-10T05:35:17.91Z", "memberType": "Direct", @@ -45,7 +45,7 @@ } }, "name": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentSchedules/c9e264ff-3133-4776-a81a-ebc7c33c8ec6", "type": "Microsoft.Authorization/RoleAssignmentSchedules" } ] diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json index b21a80228234..b2d944e91700 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleByName.json @@ -8,12 +8,12 @@ "200": { "body": { "properties": { - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", "status": "Provisioned", - "roleEligibilityScheduleRequestId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "roleEligibilityScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", "startDateTime": "2020-09-09T21:33:14.557Z", "endDateTime": "2021-09-09T21:32:28.49Z", "memberType": "Direct", @@ -41,7 +41,7 @@ } }, "name": "b1477448-2cc6-4ceb-93b4-54a202a89413", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", "type": "Microsoft.Authorization/RoleEligibilitySchedules" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json index 6010b59e6b91..ea21b20e063c 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstanceByName.json @@ -8,12 +8,12 @@ "200": { "body": { "properties": { - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", "status": "Provisioned", - "roleEligibilityScheduleId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "roleEligibilityScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", "startDateTime": "2020-09-10T00:32:36.86Z", "endDateTime": "2021-09-10T00:31:41.477Z", "memberType": "Direct", @@ -40,7 +40,7 @@ } }, "name": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", "type": "Microsoft.Authorization/RoleEligibilityScheduleInstances" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json index f0144aa702a8..b7725a9345fe 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleInstancesByScope.json @@ -10,12 +10,12 @@ "value": [ { "properties": { - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", "status": "Provisioned", - "roleEligibilityScheduleId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "roleEligibilityScheduleId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", "startDateTime": "2020-09-10T00:32:36.86Z", "endDateTime": "2021-09-10T00:31:41.477Z", "memberType": "Direct", @@ -42,7 +42,7 @@ } }, "name": "21e4b59a-0499-4fe0-a3c3-43a3055b773a", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleInstances/21e4b59a-0499-4fe0-a3c3-43a3055b773a", "type": "Microsoft.Authorization/RoleEligibilityScheduleInstances" } ] diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json index 88fd14fa11cd..afe63b5d15fd 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByName.json @@ -10,7 +10,7 @@ "properties": { "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "targetRoleEligibilityScheduleInstanceId": null, - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", @@ -54,7 +54,7 @@ } }, "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", "type": "Microsoft.Authorization/RoleEligibilityRequests" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json index 9a054b60e47e..ff7300f136c5 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilityScheduleRequestByScope.json @@ -12,7 +12,7 @@ "properties": { "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "targetRoleEligibilityScheduleInstanceId": null, - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", @@ -56,7 +56,7 @@ } }, "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", "type": "Microsoft.Authorization/RoleEligibilityRequests" } ] diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json index 87e156bcf713..c1c7d106b455 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleEligibilitySchedulesByScope.json @@ -10,12 +10,12 @@ "value": [ { "properties": { - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", "status": "Provisioned", - "roleEligibilityScheduleRequestId": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "roleEligibilityScheduleRequestId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", "startDateTime": "2020-09-09T21:33:14.557Z", "endDateTime": "2021-09-09T21:32:28.49Z", "memberType": "Direct", @@ -43,7 +43,7 @@ } }, "name": "b1477448-2cc6-4ceb-93b4-54a202a89413", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilitySchedules/b1477448-2cc6-4ceb-93b4-54a202a89413", "type": "Microsoft.Authorization/RoleEligibilitySchedules" } ] diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json index 9bdf4abbd4bc..23c8f9d798e5 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByName.json @@ -10,7 +10,7 @@ "properties": { "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", "effectiveRules": [ { "enabledRules": [], @@ -383,7 +383,7 @@ } }, "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json index 135703593a51..c13e8ab2ee06 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyAssignmentByScope.json @@ -11,7 +11,7 @@ "properties": { "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", "effectiveRules": [ { "enabledRules": [], @@ -384,7 +384,7 @@ } }, "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" } ] diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json index 53bf7f514a00..12ffa1aa396d 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByName.json @@ -724,7 +724,7 @@ } }, "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", - "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", "type": "Microsoft.Authorization/RoleManagementPolicies" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json index 230273bfff1a..08e6c796138f 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/GetRoleManagementPolicyByScope.json @@ -725,7 +725,7 @@ } }, "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", - "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", "type": "Microsoft.Authorization/RoleManagementPolicies" } ] diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json index 26ccb631a864..62d3b232d29e 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchPartialRoleManagementPolicy.json @@ -767,7 +767,7 @@ } }, "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", - "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", "type": "Microsoft.Authorization/RoleManagementPolicies" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json index e9f28d89bac0..0f5e3e1c85cb 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PatchRoleManagementPolicy.json @@ -1076,7 +1076,7 @@ } }, "name": "570c3619-7688-4b34-b290-2b8bb3ccab2a", - "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/570c3619-7688-4b34-b290-2b8bb3ccab2a", "type": "Microsoft.Authorization/RoleManagementPolicies" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json index 3fcaca3db2aa..53d11cc9487b 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleAssignmentScheduleRequest.json @@ -28,7 +28,7 @@ "properties": { "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", "targetRoleAssignmentScheduleInstanceId": null, - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", @@ -72,7 +72,7 @@ } }, "name": "fea7a502-9a96-4806-a26f-eee560e52045", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json index a5efbbe6a279..5bb91f385a35 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleEligibilityScheduleRequest.json @@ -27,7 +27,7 @@ "properties": { "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "targetRoleEligibilityScheduleInstanceId": null, - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", @@ -71,7 +71,7 @@ } }, "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", "type": "Microsoft.Authorization/RoleEligibilityScheduleRequests" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json index ecbdb5f4d6c7..a7d4bafae636 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/PutRoleManagementPolicyAssignment.json @@ -7,7 +7,7 @@ "properties": { "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9" + "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9" } } }, @@ -17,7 +17,7 @@ "properties": { "scope": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368", "roleDefinitionId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleDefinitions/a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "policyId": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", + "policyId": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicies/b959d571-f0b5-4042-88a7-01be6cb22db9", "effectiveRules": [ { "enabledRules": [], @@ -385,7 +385,7 @@ } }, "name": "b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", - "id": "/providers/Microsoft.Subscription/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", + "id": "/subscriptions/129ff972-28f8-46b8-a726-e497be039368/providers/Microsoft.Authorization/roleManagementPolicyAssignment/b959d571-f0b5-4042-88a7-01be6cb22db9_a1705bd2-3a8f-45a5-8683-466fcfd5cc24", "type": "Microsoft.Authorization/RoleManagementPolicyAssignment" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json index b76a28b4e7c6..c3c963c59b45 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleAssignmentScheduleRequestByName.json @@ -28,7 +28,7 @@ "properties": { "targetRoleAssignmentScheduleId": "c9e264ff-3133-4776-a81a-ebc7c33c8ec6", "targetRoleAssignmentScheduleInstanceId": null, - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", @@ -72,7 +72,7 @@ } }, "name": "fea7a502-9a96-4806-a26f-eee560e52045", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleAssignmentScheduleRequests/fea7a502-9a96-4806-a26f-eee560e52045", "type": "Microsoft.Authorization/RoleAssignmentScheduleRequests" } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json index b36177539fd6..fe18e4519d13 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/ValidateRoleEligibilityScheduleRequestByName.json @@ -27,7 +27,7 @@ "properties": { "targetRoleEligibilityScheduleId": "b1477448-2cc6-4ceb-93b4-54a202a89413", "targetRoleEligibilityScheduleInstanceId": null, - "scope": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", + "scope": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f", "roleDefinitionId": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/roleDefinitions/c8d4ff99-41c3-41a8-9f60-21dfdad59608", "principalId": "a3bb8764-cb92-4276-9d2a-ca1e895e55ea", "principalType": "User", @@ -71,7 +71,7 @@ } }, "name": "64caffb6-55c0-4deb-a585-68e948ea1ad6", - "id": "/providers/Microsoft.Subscription/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", + "id": "/subscriptions/dfa2a084-766f-4003-8ae1-c4aeb893a99f/providers/Microsoft.Authorization/RoleEligibilityScheduleRequests/64caffb6-55c0-4deb-a585-68e948ea1ad6", "type": "Microsoft.Authorization/RoleEligibilityScheduleRequests" } } From 0e5deef868c82d9ee1941ae5d6c10f3a3bb1864f Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Tue, 29 Mar 2022 12:15:21 -0700 Subject: [PATCH 07/11] Misc fixes --- .../RoleEligibilityScheduleRequest.json | 3 +- .../2020-10-01/RoleManagementPolicy.json | 3 +- .../RoleManagementPolicyAssignment.json | 3 +- .../examples/RoleAssignments_CreateById.json | 41 --------------- .../RoleAssignments_CreateForResource.json | 42 --------------- ...oleAssignments_CreateForResourceGroup.json | 42 --------------- ...RoleAssignments_CreateForSubscription.json | 42 --------------- .../examples/RoleAssignments_Delete.json | 23 --------- .../examples/RoleAssignments_DeleteById.json | 22 -------- .../examples/RoleAssignments_Get.json | 22 -------- .../examples/RoleAssignments_GetById.json | 21 -------- .../RoleAssignments_ListForResource.json | 51 ------------------- .../RoleAssignments_ListForResourceGroup.json | 37 -------------- .../RoleAssignments_ListForScope.json | 25 --------- .../RoleAssignments_ListForSubscription.json | 25 --------- .../RoleAssignments_ValidateByIdInvalid.json | 24 --------- .../RoleAssignments_ValidateByIdValid.json | 20 -------- .../RoleAssignments_ValidateInvalid.json | 25 --------- .../RoleAssignments_ValidateValid.json | 21 -------- 19 files changed, 6 insertions(+), 486 deletions(-) delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json delete mode 100644 specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json index f6ce2ed6839c..f519e06d0263 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json @@ -631,7 +631,8 @@ } } }, - "type": "object" + "type": "object", + "description": "Expanded info of resource, role and principal" } } } diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json index 4f21ff15a45e..4c4ea5942074 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json @@ -676,7 +676,8 @@ } } }, - "type": "object" + "type": "object", + "description": "Expanded info of resource scope" }, "CloudError": { "x-ms-external": true, diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json index 2f2a8f07f4a1..a59d2b999f6e 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json @@ -361,7 +361,8 @@ } } }, - "type": "object" + "type": "object", + "description": "Expanded info of resource scope, role definition and policy" }, "RoleManagementPolicyRule": { "description": "The role management policy rule.", diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json deleted file mode 100644 index f4add2af51d3..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateById.json +++ /dev/null @@ -1,41 +0,0 @@ -{ - "parameters": { - "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01", - "parameters": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "201": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - } - }, - "200": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json deleted file mode 100644 index 9a078b072a7d..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResource.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account", - "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01", - "parameters": { - "properties": { - "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "201": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", - "type": "Microsoft.Authorization/roleAssignments", - "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" - } - }, - "200": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", - "type": "Microsoft.Authorization/roleAssignments", - "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json deleted file mode 100644 index 04eeb9ba9b9d..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForResourceGroup.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg", - "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01", - "parameters": { - "properties": { - "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "201": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", - "type": "Microsoft.Authorization/roleAssignments", - "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" - } - }, - "200": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", - "type": "Microsoft.Authorization/roleAssignments", - "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json deleted file mode 100644 index ce7b16e465fd..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_CreateForSubscription.json +++ /dev/null @@ -1,42 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01", - "parameters": { - "properties": { - "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "201": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", - "type": "Microsoft.Authorization/roleAssignments", - "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" - } - }, - "200": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", - "type": "Microsoft.Authorization/roleAssignments", - "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json deleted file mode 100644 index 30b6b869b345..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Delete.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01" - }, - "responses": { - "200": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - } - }, - "204": {} - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json deleted file mode 100644 index bed5e8734118..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_DeleteById.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "parameters": { - "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01" - }, - "responses": { - "200": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - } - }, - "204": {} - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json deleted file mode 100644 index 959b45f6971f..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_Get.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "roleAssignmentName": "b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01" - }, - "responses": { - "200": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json deleted file mode 100644 index c7ef752dc5c8..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_GetById.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "parameters": { - "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01" - }, - "responses": { - "200": { - "body": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json deleted file mode 100644 index 2acccbf7e257..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResource.json +++ /dev/null @@ -1,51 +0,0 @@ -{ - "parameters": { - "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "resourceGroupName": "testrg", - "resourceProviderNamespace": "Microsoft.DocumentDb", - "resourceType": "databaseAccounts", - "resourceName": "test-db-account", - "api-version": "2020-10-01" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - }, - { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/96786e4b-dede-4c2e-8736-8ab911987f08", - "type": "Microsoft.Authorization/roleAssignments", - "name": "96786e4b-dede-4c2e-8736-8ab911987f08" - }, - { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.DocumentDb/databaseAccounts/test-db-account/providers/Microsoft.Authorization/roleAssignments/05c5a614-a7d6-4502-b150-c2fb455033ff", - "type": "Microsoft.Authorization/roleAssignments", - "name": "05c5a614-a7d6-4502-b150-c2fb455033ff" - } - ] - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json deleted file mode 100644 index 5507f00e9eaf..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForResourceGroup.json +++ /dev/null @@ -1,37 +0,0 @@ -{ - "parameters": { - "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "resourceGroupName": "testrg", - "api-version": "2020-10-01" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - }, - { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/resourceGroups/testrg/providers/Microsoft.Authorization/roleAssignments/96786e4b-dede-4c2e-8736-8ab911987f08", - "type": "Microsoft.Authorization/roleAssignments", - "name": "96786e4b-dede-4c2e-8736-8ab911987f08" - } - ] - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json deleted file mode 100644 index cde921d6a676..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForScope.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "api-version": "2020-10-01" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - } - ] - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json deleted file mode 100644 index c484aadd1d09..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ListForSubscription.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "parameters": { - "subscriptionId": "a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "api-version": "2020-10-01" - }, - "responses": { - "200": { - "body": { - "value": [ - { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User", - "scope": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2" - }, - "id": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "type": "Microsoft.Authorization/roleAssignments", - "name": "b0f43c54-e787-4862-89b1-a653fa9cf747" - } - ] - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json deleted file mode 100644 index f88b44819a20..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdInvalid.json +++ /dev/null @@ -1,24 +0,0 @@ -{ - "parameters": { - "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01", - "parameters": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": false, - "errorInfo": { - "code": "InvalidRoleDefinitionId", - "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." - } - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json deleted file mode 100644 index a602db6c4b75..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateByIdValid.json +++ /dev/null @@ -1,20 +0,0 @@ -{ - "parameters": { - "roleAssignmentId": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleAssignments/b0f43c54-e787-4862-89b1-a653fa9cf747", - "api-version": "2020-10-01", - "parameters": { - "properties": { - "roleDefinitionId": "/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": true - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json deleted file mode 100644 index a31e9171769f..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateInvalid.json +++ /dev/null @@ -1,25 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01", - "parameters": { - "properties": { - "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": false, - "errorInfo": { - "code": "InvalidRoleDefinitionId", - "message": "The specified role definition with ID '0b5fe924-9a61-425c-96af-cfe6e287ca2d' does not exist." - } - } - } - } -} diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json deleted file mode 100644 index ee763d42798d..000000000000 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/examples/RoleAssignments_ValidateValid.json +++ /dev/null @@ -1,21 +0,0 @@ -{ - "parameters": { - "scope": "subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2", - "roleAssignmentName": "05c5a614-a7d6-4502-b150-c2fb455033ff", - "api-version": "2020-10-01", - "parameters": { - "properties": { - "roleDefinitionId": "/subscriptions/a925f2f7-5c63-4b7b-8799-25a5f97bc3b2/providers/Microsoft.Authorization/roleDefinitions/0b5fe924-9a61-425c-96af-cfe6e287ca2d", - "principalId": "ce2ce14e-85d7-4629-bdbc-454d0519d987", - "principalType": "User" - } - } - }, - "responses": { - "200": { - "body": { - "isValid": true - } - } - } -} From 615e2b73b9e56d7f6b77f320f1751e73e36c0df1 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Wed, 30 Mar 2022 18:49:35 -0700 Subject: [PATCH 08/11] Refactory common model for rules --- .../2020-10-01/RoleManagementPolicy.json | 331 +----------------- .../RoleManagementPolicyAssignment.json | 329 +---------------- .../stable/2020-10-01/common-types.json | 327 +++++++++++++++++ 3 files changed, 330 insertions(+), 657 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json index 4c4ea5942074..b34c09c8ce22 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json @@ -262,14 +262,14 @@ "rules": { "type": "array", "items": { - "$ref": "#/definitions/RoleManagementPolicyRule" + "$ref": "./common-types.json#/definitions/RoleManagementPolicyRule" }, "description": "The rule applied to the policy." }, "effectiveRules": { "type": "array", "items": { - "$ref": "#/definitions/RoleManagementPolicyRule" + "$ref": "./common-types.json#/definitions/RoleManagementPolicyRule" }, "readOnly": true, "description": "The readonly computed rule applied to the policy." @@ -327,333 +327,6 @@ "type": "object", "description": "Role management policy list operation result." }, - "RoleManagementPolicyRule": { - "description": "The role management policy rule.", - "type": "object", - "required": [ - "ruleType" - ], - "discriminator": "ruleType", - "properties": { - "id": { - "type": "string", - "description": "The id of the rule." - }, - "ruleType": { - "description": "The type of rule", - "$ref": "#/definitions/RoleManagementPolicyRuleType" - }, - "target": { - "$ref": "#/definitions/RoleManagementPolicyRuleTarget", - "description": "The target of the current rule." - } - } - }, - "RoleManagementPolicyApprovalRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "setting": { - "$ref": "#/definitions/ApprovalSettings", - "description": "The approval setting" - } - } - }, - "ApprovalSettings": { - "description": "The approval settings.", - "type": "object", - "properties": { - "isApprovalRequired": { - "type": "boolean", - "description": "Determine whether approval is required or not." - }, - "isApprovalRequiredForExtension": { - "type": "boolean", - "description": "Determine whether approval is required for assignment extension." - }, - "isRequestorJustificationRequired": { - "type": "boolean", - "description": "Determine whether requestor justification required." - }, - "approvalMode": { - "type": "string", - "description": "The type of rule", - "enum": [ - "SingleStage", - "Serial", - "Parallel", - "NoApproval" - ], - "x-ms-enum": { - "name": "ApprovalMode", - "modelAsString": true - } - }, - "approvalStages": { - "type": "array", - "items": { - "$ref": "#/definitions/ApprovalStage" - }, - "x-ms-identifiers": [], - "description": "The approval stages of the request." - } - } - }, - "ApprovalStage": { - "description": "The approval stage.", - "type": "object", - "properties": { - "approvalStageTimeOutInDays": { - "type": "integer", - "format": "int32", - "description": "The time in days when approval request would be timed out." - }, - "isApproverJustificationRequired": { - "type": "boolean", - "description": "Determine whether approver need to provide justification for his decision." - }, - "escalationTimeInMinutes": { - "type": "integer", - "format": "int32", - "description": "The time in minutes when the approval request would be escalated if the primary approver does not approves." - }, - "primaryApprovers": { - "type": "array", - "description": "The primary approver of the request.", - "items": { - "$ref": "#/definitions/UserSet" - } - }, - "isEscalationEnabled": { - "type": "boolean", - "description": "The value determine whether escalation feature is enabled." - }, - "escalationApprovers": { - "type": "array", - "description": "The escalation approver of the request.", - "items": { - "$ref": "#/definitions/UserSet" - } - } - } - }, - "UserSet": { - "description": "The detail of a user.", - "type": "object", - "properties": { - "userType": { - "type": "string", - "description": "The type of user.", - "enum": [ - "User", - "Group" - ], - "x-ms-enum": { - "name": "UserType", - "modelAsString": true - } - }, - "isBackup": { - "type": "boolean", - "description": "The value indicating whether the user is a backup fallback approver" - }, - "id": { - "type": "string", - "description": "The object id of the user." - }, - "description": { - "type": "string", - "description": "The description of the user." - } - } - }, - "RoleManagementPolicyAuthenticationContextRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "isEnabled": { - "type": "boolean", - "description": "The value indicating if rule is enabled." - }, - "claimValue": { - "type": "string", - "description": "The claim value." - } - } - }, - "RoleManagementPolicyEnablementRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "enabledRules": { - "type": "array", - "items": { - "type": "string", - "description": "The type of enable rules", - "enum": [ - "MultiFactorAuthentication", - "Justification", - "Ticketing" - ], - "x-ms-enum": { - "name": "EnablementRules", - "modelAsString": true - } - }, - "description": "The list of enabled rules." - } - } - }, - "RoleManagementPolicyExpirationRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "isExpirationRequired": { - "type": "boolean", - "description": "The value indicating whether expiration is required." - }, - "maximumDuration": { - "type": "string", - "description": "The maximum duration of expiration in timespan." - } - } - }, - "RoleManagementPolicyNotificationRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "notificationType": { - "type": "string", - "description": "The type of notification.", - "enum": [ - "Email" - ], - "x-ms-enum": { - "name": "NotificationDeliveryMechanism", - "modelAsString": true - } - }, - "notificationLevel": { - "type": "string", - "description": "The notification level.", - "enum": [ - "None", - "Critical", - "All" - ], - "x-ms-enum": { - "name": "NotificationLevel", - "modelAsString": true - } - }, - "recipientType": { - "type": "string", - "description": "The recipient type.", - "enum": [ - "Requestor", - "Approver", - "Admin" - ], - "x-ms-enum": { - "name": "RecipientType", - "modelAsString": true - } - }, - "notificationRecipients": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The list notification recipients." - }, - "isDefaultRecipientsEnabled": { - "type": "boolean", - "description": "Its value determine if the notification need to be sent to the recipient type specified in policy rule." - } - } - }, - "RoleManagementPolicyRuleTarget": { - "description": "The role management policy rule target.", - "type": "object", - "properties": { - "caller": { - "type": "string", - "description": "The caller of the setting." - }, - "operations": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The type of operation." - }, - "level": { - "type": "string", - "description": "The assignment level to which it is applied." - }, - "targetObjects": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The list of target objects." - }, - "inheritableSettings": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The list of inheritable settings." - }, - "enforcedSettings": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The list of enforced settings." - } - } - }, - "RoleManagementPolicyRuleType": { - "type": "string", - "description": "The type of rule", - "enum": [ - "RoleManagementPolicyApprovalRule", - "RoleManagementPolicyAuthenticationContextRule", - "RoleManagementPolicyEnablementRule", - "RoleManagementPolicyExpirationRule", - "RoleManagementPolicyNotificationRule" - ], - "x-ms-enum": { - "name": "RoleManagementPolicyRuleType", - "modelAsString": true - } - }, "PolicyProperties": { "properties": { "scope": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json index a59d2b999f6e..b195345ffd72 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json @@ -272,7 +272,7 @@ "effectiveRules": { "type": "array", "items": { - "$ref": "#/definitions/RoleManagementPolicyRule" + "$ref": "./common-types.json#/definitions/RoleManagementPolicyRule" }, "readOnly": true, "description": "The readonly computed rule applied to the policy." @@ -364,333 +364,6 @@ "type": "object", "description": "Expanded info of resource scope, role definition and policy" }, - "RoleManagementPolicyRule": { - "description": "The role management policy rule.", - "type": "object", - "required": [ - "ruleType" - ], - "discriminator": "ruleType", - "properties": { - "id": { - "type": "string", - "description": "The id of the rule." - }, - "ruleType": { - "description": "The type of rule", - "$ref": "#/definitions/RoleManagementPolicyRuleType" - }, - "target": { - "$ref": "#/definitions/RoleManagementPolicyRuleTarget", - "description": "The target of the current rule." - } - } - }, - "RoleManagementPolicyRuleType": { - "type": "string", - "description": "The type of rule", - "enum": [ - "RoleManagementPolicyApprovalRule", - "RoleManagementPolicyAuthenticationContextRule", - "RoleManagementPolicyEnablementRule", - "RoleManagementPolicyExpirationRule", - "RoleManagementPolicyNotificationRule" - ], - "x-ms-enum": { - "name": "RoleManagementPolicyRuleType", - "modelAsString": true - } - }, - "RoleManagementPolicyRuleTarget": { - "description": "The role management policy rule target.", - "type": "object", - "properties": { - "caller": { - "type": "string", - "description": "The caller of the setting." - }, - "operations": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The type of operation." - }, - "level": { - "type": "string", - "description": "The assignment level to which it is applied." - }, - "targetObjects": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The list of target objects." - }, - "inheritableSettings": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The list of inheritable settings." - }, - "enforcedSettings": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The list of enforced settings." - } - } - }, - "RoleManagementPolicyApprovalRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "setting": { - "$ref": "#/definitions/ApprovalSettings", - "description": "The approval setting" - } - } - }, - "ApprovalSettings": { - "description": "The approval settings.", - "type": "object", - "properties": { - "isApprovalRequired": { - "type": "boolean", - "description": "Determine whether approval is required or not." - }, - "isApprovalRequiredForExtension": { - "type": "boolean", - "description": "Determine whether approval is required for assignment extension." - }, - "isRequestorJustificationRequired": { - "type": "boolean", - "description": "Determine whether requestor justification required." - }, - "approvalMode": { - "type": "string", - "description": "The type of rule", - "enum": [ - "SingleStage", - "Serial", - "Parallel", - "NoApproval" - ], - "x-ms-enum": { - "name": "ApprovalMode", - "modelAsString": true - } - }, - "approvalStages": { - "type": "array", - "items": { - "$ref": "#/definitions/ApprovalStage" - }, - "x-ms-identifiers": [], - "description": "The approval stages of the request." - } - } - }, - "ApprovalStage": { - "description": "The approval stage.", - "type": "object", - "properties": { - "approvalStageTimeOutInDays": { - "type": "integer", - "format": "int32", - "description": "The time in days when approval request would be timed out." - }, - "isApproverJustificationRequired": { - "type": "boolean", - "description": "Determine whether approver need to provide justification for his decision." - }, - "escalationTimeInMinutes": { - "type": "integer", - "format": "int32", - "description": "The time in minutes when the approval request would be escalated if the primary approver does not approves." - }, - "primaryApprovers": { - "type": "array", - "description": "The primary approver of the request.", - "items": { - "$ref": "#/definitions/UserSet" - } - }, - "isEscalationEnabled": { - "type": "boolean", - "description": "The value determine whether escalation feature is enabled." - }, - "escalationApprovers": { - "type": "array", - "description": "The escalation approver of the request.", - "items": { - "$ref": "#/definitions/UserSet" - } - } - } - }, - "UserSet": { - "description": "The detail of a user.", - "type": "object", - "properties": { - "userType": { - "type": "string", - "description": "The type of user.", - "enum": [ - "User", - "Group" - ], - "x-ms-enum": { - "name": "UserType", - "modelAsString": true - } - }, - "isBackup": { - "type": "boolean", - "description": "The value indicating whether the user is a backup fallback approver" - }, - "id": { - "type": "string", - "description": "The object id of the user." - }, - "description": { - "type": "string", - "description": "The description of the user." - } - } - }, - "RoleManagementPolicyAuthenticationContextRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "isEnabled": { - "type": "boolean", - "description": "The value indicating if rule is enabled." - }, - "claimValue": { - "type": "string", - "description": "The claim value." - } - } - }, - "RoleManagementPolicyEnablementRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "enabledRules": { - "type": "array", - "items": { - "type": "string", - "description": "The type of enable rules", - "enum": [ - "MultiFactorAuthentication", - "Justification", - "Ticketing" - ], - "x-ms-enum": { - "name": "EnablementRules", - "modelAsString": true - } - }, - "description": "The list of enabled rules." - } - } - }, - "RoleManagementPolicyExpirationRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "isExpirationRequired": { - "type": "boolean", - "description": "The value indicating whether expiration is required." - }, - "maximumDuration": { - "type": "string", - "description": "The maximum duration of expiration in timespan." - } - } - }, - "RoleManagementPolicyNotificationRule": { - "description": "The role management policy rule.", - "allOf": [ - { - "$ref": "#/definitions/RoleManagementPolicyRule" - } - ], - "type": "object", - "properties": { - "notificationType": { - "type": "string", - "description": "The type of notification.", - "enum": [ - "Email" - ], - "x-ms-enum": { - "name": "NotificationDeliveryMechanism", - "modelAsString": true - } - }, - "notificationLevel": { - "type": "string", - "description": "The notification level.", - "enum": [ - "None", - "Critical", - "All" - ], - "x-ms-enum": { - "name": "NotificationLevel", - "modelAsString": true - } - }, - "recipientType": { - "type": "string", - "description": "The recipient type.", - "enum": [ - "Requestor", - "Approver", - "Admin" - ], - "x-ms-enum": { - "name": "RecipientType", - "modelAsString": true - } - }, - "notificationRecipients": { - "type": "array", - "items": { - "type": "string" - }, - "description": "The list notification recipients." - }, - "isDefaultRecipientsEnabled": { - "type": "boolean", - "description": "Its value determine if the notification need to be sent to the recipient type specified in policy rule." - } - } - }, "CloudError": { "x-ms-external": true, "properties": { diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json index 403a3ad36221..90a06d1d598a 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json @@ -73,6 +73,333 @@ "description": "Email of principal" } } + }, + "RoleManagementPolicyRule": { + "description": "The role management policy rule.", + "type": "object", + "required": [ + "ruleType" + ], + "discriminator": "ruleType", + "properties": { + "id": { + "type": "string", + "description": "The id of the rule." + }, + "ruleType": { + "description": "The type of rule", + "$ref": "#/definitions/RoleManagementPolicyRuleType" + }, + "target": { + "$ref": "#/definitions/RoleManagementPolicyRuleTarget", + "description": "The target of the current rule." + } + } + }, + "RoleManagementPolicyApprovalRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "setting": { + "$ref": "#/definitions/ApprovalSettings", + "description": "The approval setting" + } + } + }, + "ApprovalSettings": { + "description": "The approval settings.", + "type": "object", + "properties": { + "isApprovalRequired": { + "type": "boolean", + "description": "Determine whether approval is required or not." + }, + "isApprovalRequiredForExtension": { + "type": "boolean", + "description": "Determine whether approval is required for assignment extension." + }, + "isRequestorJustificationRequired": { + "type": "boolean", + "description": "Determine whether requestor justification required." + }, + "approvalMode": { + "type": "string", + "description": "The type of rule", + "enum": [ + "SingleStage", + "Serial", + "Parallel", + "NoApproval" + ], + "x-ms-enum": { + "name": "ApprovalMode", + "modelAsString": true + } + }, + "approvalStages": { + "type": "array", + "items": { + "$ref": "#/definitions/ApprovalStage" + }, + "x-ms-identifiers": [], + "description": "The approval stages of the request." + } + } + }, + "ApprovalStage": { + "description": "The approval stage.", + "type": "object", + "properties": { + "approvalStageTimeOutInDays": { + "type": "integer", + "format": "int32", + "description": "The time in days when approval request would be timed out." + }, + "isApproverJustificationRequired": { + "type": "boolean", + "description": "Determine whether approver need to provide justification for his decision." + }, + "escalationTimeInMinutes": { + "type": "integer", + "format": "int32", + "description": "The time in minutes when the approval request would be escalated if the primary approver does not approves." + }, + "primaryApprovers": { + "type": "array", + "description": "The primary approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + }, + "isEscalationEnabled": { + "type": "boolean", + "description": "The value determine whether escalation feature is enabled." + }, + "escalationApprovers": { + "type": "array", + "description": "The escalation approver of the request.", + "items": { + "$ref": "#/definitions/UserSet" + } + } + } + }, + "UserSet": { + "description": "The detail of a user.", + "type": "object", + "properties": { + "userType": { + "type": "string", + "description": "The type of user.", + "enum": [ + "User", + "Group" + ], + "x-ms-enum": { + "name": "UserType", + "modelAsString": true + } + }, + "isBackup": { + "type": "boolean", + "description": "The value indicating whether the user is a backup fallback approver" + }, + "id": { + "type": "string", + "description": "The object id of the user." + }, + "description": { + "type": "string", + "description": "The description of the user." + } + } + }, + "RoleManagementPolicyAuthenticationContextRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isEnabled": { + "type": "boolean", + "description": "The value indicating if rule is enabled." + }, + "claimValue": { + "type": "string", + "description": "The claim value." + } + } + }, + "RoleManagementPolicyEnablementRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "enabledRules": { + "type": "array", + "items": { + "type": "string", + "description": "The type of enable rules", + "enum": [ + "MultiFactorAuthentication", + "Justification", + "Ticketing" + ], + "x-ms-enum": { + "name": "EnablementRules", + "modelAsString": true + } + }, + "description": "The list of enabled rules." + } + } + }, + "RoleManagementPolicyExpirationRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "isExpirationRequired": { + "type": "boolean", + "description": "The value indicating whether expiration is required." + }, + "maximumDuration": { + "type": "string", + "description": "The maximum duration of expiration in timespan." + } + } + }, + "RoleManagementPolicyNotificationRule": { + "description": "The role management policy rule.", + "allOf": [ + { + "$ref": "#/definitions/RoleManagementPolicyRule" + } + ], + "type": "object", + "properties": { + "notificationType": { + "type": "string", + "description": "The type of notification.", + "enum": [ + "Email" + ], + "x-ms-enum": { + "name": "NotificationDeliveryMechanism", + "modelAsString": true + } + }, + "notificationLevel": { + "type": "string", + "description": "The notification level.", + "enum": [ + "None", + "Critical", + "All" + ], + "x-ms-enum": { + "name": "NotificationLevel", + "modelAsString": true + } + }, + "recipientType": { + "type": "string", + "description": "The recipient type.", + "enum": [ + "Requestor", + "Approver", + "Admin" + ], + "x-ms-enum": { + "name": "RecipientType", + "modelAsString": true + } + }, + "notificationRecipients": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list notification recipients." + }, + "isDefaultRecipientsEnabled": { + "type": "boolean", + "description": "Its value determine if the notification need to be sent to the recipient type specified in policy rule." + } + } + }, + "RoleManagementPolicyRuleTarget": { + "description": "The role management policy rule target.", + "type": "object", + "properties": { + "caller": { + "type": "string", + "description": "The caller of the setting." + }, + "operations": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The type of operation." + }, + "level": { + "type": "string", + "description": "The assignment level to which it is applied." + }, + "targetObjects": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of target objects." + }, + "inheritableSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of inheritable settings." + }, + "enforcedSettings": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of enforced settings." + } + } + }, + "RoleManagementPolicyRuleType": { + "type": "string", + "description": "The type of rule", + "enum": [ + "RoleManagementPolicyApprovalRule", + "RoleManagementPolicyAuthenticationContextRule", + "RoleManagementPolicyEnablementRule", + "RoleManagementPolicyExpirationRule", + "RoleManagementPolicyNotificationRule" + ], + "x-ms-enum": { + "name": "RoleManagementPolicyRuleType", + "modelAsString": true + } } }, "parameters": { From ba6510fc254a16b1f72401c4b2cd3314d126f5d5 Mon Sep 17 00:00:00 2001 From: Aman Swaika Date: Wed, 30 Mar 2022 18:58:02 -0700 Subject: [PATCH 09/11] Grammar fixes --- .../stable/2020-10-01/common-types.json | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json index 90a06d1d598a..b373809143bf 100644 --- a/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json +++ b/specification/authorization/resource-manager/Microsoft.Authorization/stable/2020-10-01/common-types.json @@ -97,7 +97,7 @@ } }, "RoleManagementPolicyApprovalRule": { - "description": "The role management policy rule.", + "description": "The role management policy approval rule.", "allOf": [ { "$ref": "#/definitions/RoleManagementPolicyRule" @@ -117,15 +117,15 @@ "properties": { "isApprovalRequired": { "type": "boolean", - "description": "Determine whether approval is required or not." + "description": "Determines whether approval is required or not." }, "isApprovalRequiredForExtension": { "type": "boolean", - "description": "Determine whether approval is required for assignment extension." + "description": "Determines whether approval is required for assignment extension." }, "isRequestorJustificationRequired": { "type": "boolean", - "description": "Determine whether requestor justification required." + "description": "Determine whether requestor justification is required." }, "approvalMode": { "type": "string", @@ -158,16 +158,16 @@ "approvalStageTimeOutInDays": { "type": "integer", "format": "int32", - "description": "The time in days when approval request would be timed out." + "description": "The time in days when approval request would be timed out" }, "isApproverJustificationRequired": { "type": "boolean", - "description": "Determine whether approver need to provide justification for his decision." + "description": "Determines whether approver need to provide justification for his decision." }, "escalationTimeInMinutes": { "type": "integer", "format": "int32", - "description": "The time in minutes when the approval request would be escalated if the primary approver does not approves." + "description": "The time in minutes when the approval request would be escalated if the primary approver does not approve" }, "primaryApprovers": { "type": "array", @@ -220,7 +220,7 @@ } }, "RoleManagementPolicyAuthenticationContextRule": { - "description": "The role management policy rule.", + "description": "The role management policy authentication context rule.", "allOf": [ { "$ref": "#/definitions/RoleManagementPolicyRule" @@ -239,7 +239,7 @@ } }, "RoleManagementPolicyEnablementRule": { - "description": "The role management policy rule.", + "description": "The role management policy enablement rule.", "allOf": [ { "$ref": "#/definitions/RoleManagementPolicyRule" @@ -251,7 +251,7 @@ "type": "array", "items": { "type": "string", - "description": "The type of enable rules", + "description": "The type of enablement rule", "enum": [ "MultiFactorAuthentication", "Justification", @@ -267,7 +267,7 @@ } }, "RoleManagementPolicyExpirationRule": { - "description": "The role management policy rule.", + "description": "The role management policy expiration rule.", "allOf": [ { "$ref": "#/definitions/RoleManagementPolicyRule" @@ -286,7 +286,7 @@ } }, "RoleManagementPolicyNotificationRule": { - "description": "The role management policy rule.", + "description": "The role management policy notification rule.", "allOf": [ { "$ref": "#/definitions/RoleManagementPolicyRule" @@ -336,11 +336,11 @@ "items": { "type": "string" }, - "description": "The list notification recipients." + "description": "The list of notification recipients." }, "isDefaultRecipientsEnabled": { "type": "boolean", - "description": "Its value determine if the notification need to be sent to the recipient type specified in policy rule." + "description": "Determines if the notification will be sent to the recipient type specified in the policy rule." } } }, @@ -361,7 +361,7 @@ }, "level": { "type": "string", - "description": "The assignment level to which it is applied." + "description": "The assignment level to which rule is applied." }, "targetObjects": { "type": "array", From 7b40fbd32dfc812b98c78f898f724e6a19c83a2b Mon Sep 17 00:00:00 2001 From: "Jiefeng Chen (WICRESOFT NORTH AMERICA LTD)" Date: Thu, 31 Mar 2022 13:53:15 +0800 Subject: [PATCH 10/11] config readme.python --- .../authorization/resource-manager/readme.md | 17 +++++++++++++++++ .../resource-manager/readme.python.md | 11 +++++++++++ 2 files changed, 28 insertions(+) diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 904af8a864c6..68b3fc95871b 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -105,6 +105,23 @@ input-file: - Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json ``` +### Tag: package-2020-10-01-only + +These settings apply only when `--tag=package-2020-10-01-only` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01-only' +input-file: +- Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilitySchedule.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleInstance.json +- Microsoft.Authorization/stable/2020-10-01/RoleEligibilityScheduleRequest.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicy.json +- Microsoft.Authorization/stable/2020-10-01/RoleManagementPolicyAssignment.json +``` + ### Tag: package-2022-04-01-preview-only These settings apply only when `--tag=package-2022-04-01-preview-only` is specified on the command line. diff --git a/specification/authorization/resource-manager/readme.python.md b/specification/authorization/resource-manager/readme.python.md index fbeb54932348..2c49d1a70ba8 100644 --- a/specification/authorization/resource-manager/readme.python.md +++ b/specification/authorization/resource-manager/readme.python.md @@ -20,6 +20,7 @@ batch: - tag: package-2021-07-01-preview-only - tag: package-2021-03-01-preview-only - tag: package-2021-01-01-preview-only + - tag: package-2020-10-01-only - tag: package-2020-10-01-preview-only - tag: package-2020-04-01-preview-only - tag: package-2019-08-01-preview-only @@ -63,6 +64,16 @@ These settings apply only when `--tag=package-2021-01-01-preview-only --python` namespace: azure.mgmt.authorization.v2021_01_01_preview output-folder: $(python-sdks-folder)/authorization/azure-mgmt-authorization/azure/mgmt/authorization/v2021_01_01_preview ``` + +### Tag: package-2020-10-01-only and python + +These settings apply only when `--tag=package-2020-10-01-only --python` is specified on the command line. + +``` yaml $(tag) == 'package-2020-10-01-only' && $(python) +namespace: azure.mgmt.authorization.v2020_10_01 +output-folder: $(python-sdks-folder)/authorization/azure-mgmt-authorization/azure/mgmt/authorization/v2020_10_01 +``` + ### Tag: package-2020-10-01-preview-only and python These settings apply only when `--tag=package-2020-10-01-preview-only --python` is specified on the command line. From 01575f1a9430751c5318295e9f00d5fe4c655dad Mon Sep 17 00:00:00 2001 From: "Jiefeng Chen (WICRESOFT NORTH AMERICA LTD)" Date: Thu, 31 Mar 2022 14:24:10 +0800 Subject: [PATCH 11/11] update --- specification/authorization/resource-manager/readme.md | 1 + 1 file changed, 1 insertion(+) diff --git a/specification/authorization/resource-manager/readme.md b/specification/authorization/resource-manager/readme.md index 68b3fc95871b..ada09dcfb8a6 100644 --- a/specification/authorization/resource-manager/readme.md +++ b/specification/authorization/resource-manager/readme.md @@ -111,6 +111,7 @@ These settings apply only when `--tag=package-2020-10-01-only` is specified on t ``` yaml $(tag) == 'package-2020-10-01-only' input-file: +- Microsoft.Authorization/stable/2020-10-01/common-types.json - Microsoft.Authorization/stable/2020-10-01/EligibleChildResources.json - Microsoft.Authorization/stable/2020-10-01/RoleAssignmentSchedule.json - Microsoft.Authorization/stable/2020-10-01/RoleAssignmentScheduleInstance.json