Dev sentinel securityinsights microsoft.security insights 2024 04 01 preview

[xuhumsft]

ARM (Control Plane) API Specification Update Pull Request

[!TIP] Overwhelmed by all this guidance? See the Getting help section at the bottom of this PR description.

[!NOTE] As of January 2024 there is no PR assignee. This is expected. See https://aka.ms/azsdk/pr-arm-review.

PR review workflow diagram

Please understand this diagram before proceeding. It explains how to get your PR approved & merged.

Click here to see the details of Step 1, Breaking Changes review

If you are in purview of Step 1 of the diagram, follow the Breaking Changes review process.
IMPORTANT! This applies even if you believe your PR was mislabeled, for any reason, including tool failure.

Click here to see the details of Step 2, ARM review

See https://aka.ms/azsdk/pr-arm-review.

Click here to see the diagram footnotes

Diagram footnotes

[1] See ARM review queue (for PR merge queues, see [2]).
[2] public repo merge queue, private repo merge queue (for ARM review queue, [1])
The ARM reviewer on-call engineer visits the merge queue twice a day, so the approximate ETA for merges is 12 - 24 hours.

Purpose of this PR

What's the purpose of this PR? Check the specific option that applies. This is mandatory!

• [ ] New resource provider.
• [x] New API version for an existing resource provider. (If API spec is not defined in TypeSpec, the PR should have been generated using OpenAPI Hub).
• [ ] Update existing version for a new feature. (This is applicable only when you are revising a private preview API version.)
• [ ] Update existing version to fix OpenAPI spec quality issues in S360.
• [ ] Other, please clarify:
  • edit this with your clarification

Due diligence checklist

To merge this PR, you must go through the following checklist and confirm you understood and followed the instructions by checking all the boxes:

• [ ] I confirm this PR is modifying Azure Resource Manager (ARM) related specifications, and not data plane related specifications.
• [ ] I have reviewed following Resource Provider guidelines, including ARM resource provider contract and REST guidelines (estimated time: 4 hours).
  I understand this is required before I can proceed to the diagram Step 2, "ARM API changes review", for this PR.

Additional information

Viewing API changes

For convenient view of the API changes made by this PR, refer to the URLs provided in the table in the Generated ApiView comment added to this PR. You can use ApiView to show API versions diff.

Suppressing failures

If one or multiple validation error/warning suppression(s) is detected in your PR, please follow the suppressions guide to get approval.

Getting help

• First, please carefully read through this PR description, from top to bottom. Please fill out the Purpose of this PR and Due diligence checklist.
• To understand what you must do next to merge this PR, see the Next Steps to Merge comment. It will appear within few minutes of submitting this PR and will continue to be up-to-date with current PR state.
• For guidance on fixing this PR CI check failures, see the hyperlinks provided in given failure and https://aka.ms/ci-fix.
• For help with PR workflow diagram Step 2 (ARM review), see https://aka.ms/azsdk/pr-arm-review.
• If the PR CI checks appear to be stuck in queued state, please add a comment with contents /azp run. This should result in a new comment denoting a PR validation pipeline has started and the checks should be updated after few minutes.
• If the help provided by the previous points is not enough, post to https://aka.ms/azsdk/support/specreview-channel and link to this PR.

[openapi-pipeline-app[bot]]

Next Steps to Merge

✅ All automated merging requirements have been met! To get your PR merged, see aka.ms/azsdk/specreview/merge.

[openapi-pipeline-app[bot]]

Swagger Validation Report

️️✔️BreakingChange succeeded [Detail] [Expand]

There are no breaking changes.

️❌Breaking Change(Cross-Version): 10 Errors, 91 Warnings failed [Detail]

Compared specs (v0.10.12)	new version	base version
AlertRules.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
AutomationRules.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
AutomationRules.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
BillingStatistics.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
Bookmarks.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
Bookmarks.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
ContentPackages.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
ContentPackages.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
ContentProductPackages.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
ContentProductPackages.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
ContentProductTemplates.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
ContentProductTemplates.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
ContentTemplates.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
ContentTemplates.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
EnrichmentWithWorkspace.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
Entities.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
EntityQueries.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
EntityQueryTemplates.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
FileImports.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
Hunts.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
Incidents.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
Incidents.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
Metadata.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
Metadata.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
OfficeConsents.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
OnboardingStates.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
OnboardingStates.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
Recommendations.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
SecurityMLAnalyticsSettings.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
SecurityMLAnalyticsSettings.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
Settings.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
SourceControls.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
SourceControls.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
ThreatIntelligence.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
ThreatIntelligence.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
ThreatIntelligenceCount.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
ThreatIntelligenceQuery.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
TriggeredAnalyticsRuleRuns.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
Watchlists.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
Watchlists.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
WorkspaceManagerAssignments.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
WorkspaceManagerConfigurations.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
WorkspaceManagerGroups.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
WorkspaceManagerMembers.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
AlertTypes.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
AlertTypes.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
ContentCommonTypes.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
ContentCommonTypes.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
EntityTypes.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
EntityTypes.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
IncidentTypes.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
IncidentTypes.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
RelationTypes.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
ThreatIntelligenceTypes.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
dataConnectorDefinitions.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
dataConnectors.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)
operations.json	2024-04-01-preview(1f2419e)	2024-03-01(main)
operations.json	2024-04-01-preview(1f2419e)	2024-01-01-preview(main)

The following breaking changes are detected by comparison with the latest stable version:

Only 8 items are listed, please refer to log for more details.

Rule	Message
❌ 1036 - ConstraintChanged	The new version has a different 'pattern' value than the previous one. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/Incidents.json#L713:9 Old: Microsoft.SecurityInsights/stable/2024-03-01/Incidents.json#L658:9
❌ 1036 - ConstraintChanged	The new version has a different 'pattern' value than the previous one. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/Incidents.json#L762:9 Old: Microsoft.SecurityInsights/stable/2024-03-01/Incidents.json#L704:9
❌ 1036 - ConstraintChanged	The new version has a different 'pattern' value than the previous one. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/Incidents.json#L820:9 Old: Microsoft.SecurityInsights/stable/2024-03-01/Incidents.json#L759:9
❌ 1036 - ConstraintChanged	The new version has a different 'pattern' value than the previous one. New: preview/2024-04-01-preview/common/RelationTypes.json#L76:5 Old: Microsoft.SecurityInsights/stable/2024-03-01/Incidents.json#L1647:5
❌ 1042 - ChangedParameterOrder	The order of parameter with Name: '$top', In: 'Query', was changed. Expected param at index '3' but instead found it at index '4'. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/ThreatIntelligence.json#L100:9 Old: Microsoft.SecurityInsights/stable/2024-03-01/ThreatIntelligence.json#L100:9
❌ 1042 - ChangedParameterOrder	The order of parameter with Name: '$skipToken', In: 'Query', was changed. Expected param at index '4' but instead found it at index '5'. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/ThreatIntelligence.json#L100:9 Old: Microsoft.SecurityInsights/stable/2024-03-01/ThreatIntelligence.json#L100:9
❌ 1042 - ChangedParameterOrder	The order of parameter with Name: '$orderby', In: 'Query', was changed. Expected param at index '5' but instead found it at index '3'. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/ThreatIntelligence.json#L100:9 Old: Microsoft.SecurityInsights/stable/2024-03-01/ThreatIntelligence.json#L100:9
❌ 1042 - ChangedParameterOrder	The order of parameter with Name: 'watchlistAlias', In: 'Path', was changed. Expected param at index '2' but instead found it at index '3'. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/Watchlists.json#L252:9 Old: Microsoft.SecurityInsights/stable/2024-03-01/Watchlists.json#L240:9

The following breaking changes are detected by comparison with the latest preview version:

Only 8 items are listed, please refer to log for more details.

Rule	Message
❌ Runtime Exception	"new":"https://github.com/Azure/azure-rest-api-specs/blob/1f2419ec0bdfe4f3747a214c3b0b6fe0eb71d5a9/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2024-04-01-preview/AlertRules.json", "old":"https://github.com/Azure/azure-rest-api-specs/blob/main/specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2024-01-01-preview/AlertRules.json", "details":"Command failed: dotnet "/mnt/vss/_work/_tasks/AzureApiValidation_5654d05d-82c1-48da-ad8f-161b817f6d41/0.0.111/common/temp/node_modules/.pnpm/@[email protected]/node_modules/@azure/oad/dlls/OpenApiDiff.dll" -o /tmp/oad-psdW6Y/old-resolved.json -n /tmp/oad-rnEBVX/new-resolved.json\nUnhandled exception. System.NullReferenceException: Object reference not set to an instance of an object.\n at AutoRest.Swagger.Model.Schema.CompareRequired(ComparisonContext1 context,<br> Schema priorSchema) in D:\\a\\_work\\1\\s\\openapi-diff\\src\\modeler\\AutoRest.Swagger\\Model\\Schema.cs:line 214\n at AutoRest.Swagger.Model.Schema.Compare(ComparisonContext1 context, Schema previous) in D:\a\_work\1\s\openapi-diff\src\modeler\AutoRest.Swagger\Model\Schema.cs:line 181\n at AutoRest.Swagger.Model.Schema.CompareProperties(ComparisonContext1 context,<br> Schema priorSchema) in D:\\a\\_work\\1\\s\\openapi-diff\\src\\modeler\\AutoRest.Swagger\\Model\\Schema.cs:line 270\n at AutoRest.Swagger.Model.Schema.Compare(ComparisonContext1 context, Schema previous)"
:warning: 1011 - AddingResponseCode	The new version adds a response code '200'. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/FileImports.json#L176:11
:warning: 1011 - AddingResponseCode	The new version adds a response code '201'. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/Settings.json#L207:11
:warning: 1017 - ReferenceRedirection	The '$ref' property points to different models in the old and new versions. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/FileImports.json#L84:13 Old: Microsoft.SecurityInsights/preview/2024-01-01-preview/FileImports.json#L84:13
:warning: 1017 - ReferenceRedirection	The '$ref' property points to different models in the old and new versions. New: common-types/resource-management/v5/types.json#L307:9 Old: resource-manager/common/2.0/types.json#L77:9
:warning: 1017 - ReferenceRedirection	The '$ref' property points to different models in the old and new versions. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/FileImports.json#L132:13 Old: Microsoft.SecurityInsights/preview/2024-01-01-preview/FileImports.json#L132:13
:warning: 1017 - ReferenceRedirection	The '$ref' property points to different models in the old and new versions. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/FileImports.json#L184:13 Old: Microsoft.SecurityInsights/preview/2024-01-01-preview/FileImports.json#L178:13
:warning: 1017 - ReferenceRedirection	The '$ref' property points to different models in the old and new versions. New: Microsoft.SecurityInsights/preview/2024-04-01-preview/FileImports.json#L235:13 Old: Microsoft.SecurityInsights/preview/2024-01-01-preview/FileImports.json#L224:13

️️✔️CredScan succeeded [Detail] [Expand]

There is no credential detected.

️❌LintDiff: 38 Errors, 392 Warnings failed [Detail]

Compared specs (v2.2.2)	new version	base version
package-preview-2024-04	package-preview-2024-04(1f2419e)	default(main)

[must fix]The following errors/warnings are introduced by current PR:

Only 8 items are listed, please refer to log for more details.

Rule	Message	Related RPC [For API reviewers]
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/AlertRules.json#L781	RPC-Policy-V1-05, RPC-Put-V1-23
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/AlertRules.json#L1792	RPC-Policy-V1-05, RPC-Put-V1-23
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/dataConnectors.json#L1472	RPC-Policy-V1-05, RPC-Put-V1-23
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/dataConnectors.json#L1543	RPC-Policy-V1-05, RPC-Put-V1-23
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/dataConnectors.json#L1550	RPC-Policy-V1-05, RPC-Put-V1-23
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/dataConnectors.json#L1722	RPC-Policy-V1-05, RPC-Put-V1-23
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/dataConnectors.json#L2096	RPC-Policy-V1-05, RPC-Put-V1-23
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/dataConnectors.json#L2103	RPC-Policy-V1-05, RPC-Put-V1-23

The following errors/warnings exist before current PR submission:

Only 8 items are listed, please refer to log for more details.

Rule	Message
❌ PutRequestResponseSchemeArm	A PUT operation request body schema should be the same as its 200 response schema, to allow reusing the same entity between GET and PUT. If the schema of the PUT request body is a superset of the GET response body, make sure you have a PATCH operation to make the resource updatable. Operation: 'Actions_CreateOrUpdate' Request Model: 'parameters[6].schema' Response Model: 'responses[200].schema' Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/AlertRules.json#L338
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/AlertRules.json#L1926
❌ AvoidAdditionalProperties	Definitions must not have properties named additionalProperties except for user defined tags or predefined references. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/AlertRules.json#L2103
❌ DeleteResponseBodyEmpty	The delete response body must be empty. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/AutomationRules.json#L148
❌ DeleteResponseBodyEmpty	The delete response body must be empty. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/AutomationRules.json#L154
❌ PatchBodyParametersSchema	Properties of a PATCH request body must not be required, property:kind. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/Metadata.json#L266
❌ PatchBodyParametersSchema	Properties of a PATCH request body must not be required, property:tier. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/Metadata.json#L266
❌ ResourceNameRestriction	The resource name parameter 'sentinelOnboardingStateName' should be defined with a 'pattern' restriction. Location: Microsoft.SecurityInsights/preview/2024-04-01-preview/OnboardingStates.json#L37

️❌Avocado: 69 Errors, 0 Warnings failed [Detail]

Only 8 items are listed, please refer to log for more details.

Rule	Message
❌ MISSING_APIS_IN_DEFAULT_TAG	The default tag should contain all APIs. The API path /subscriptions/{}/resourceGroups/{}/providers/{}/workspaces/{}/providers/Microsoft.SecurityInsights/aggregations/{} is not in the default tag. Please make sure the missing API swaggers are in the default tag. readme: specification/securityinsights/resource-manager/readme.md json: Microsoft.SecurityInsights/preview/2019-01-01-preview/Aggregations.json
❌ MISSING_APIS_IN_DEFAULT_TAG	The default tag should contain all APIs. The API path /subscriptions/{}/resourceGroups/{}/providers/{}/workspaces/{}/providers/Microsoft.SecurityInsights/automationRules is not in the default tag. Please make sure the missing API swaggers are in the default tag. readme: specification/securityinsights/resource-manager/readme.md json: Microsoft.SecurityInsights/preview/2019-01-01-preview/AutomationRules.json
❌ MISSING_APIS_IN_DEFAULT_TAG	The default tag should contain all APIs. The API path /subscriptions/{}/resourceGroups/{}/providers/{}/workspaces/{}/providers/Microsoft.SecurityInsights/automationRules/{} is not in the default tag. Please make sure the missing API swaggers are in the default tag. readme: specification/securityinsights/resource-manager/readme.md json: Microsoft.SecurityInsights/preview/2019-01-01-preview/AutomationRules.json
❌ MISSING_APIS_IN_DEFAULT_TAG	The default tag should contain all APIs. The API path /subscriptions/{}/resourceGroups/{}/providers/{}/workspaces/{}/providers/Microsoft.SecurityInsights/bookmarks is not in the default tag. Please make sure the missing API swaggers are in the default tag. readme: specification/securityinsights/resource-manager/readme.md json: Microsoft.SecurityInsights/preview/2019-01-01-preview/Bookmarks.json
❌ MISSING_APIS_IN_DEFAULT_TAG	The default tag should contain all APIs. The API path /subscriptions/{}/resourceGroups/{}/providers/{}/workspaces/{}/providers/Microsoft.SecurityInsights/bookmarks/{} is not in the default tag. Please make sure the missing API swaggers are in the default tag. readme: specification/securityinsights/resource-manager/readme.md json: Microsoft.SecurityInsights/preview/2019-01-01-preview/Bookmarks.json
❌ MISSING_APIS_IN_DEFAULT_TAG	The default tag should contain all APIs. The API path /subscriptions/{}/resourceGroups/{}/providers/{}/workspaces/{}/providers/Microsoft.SecurityInsights/bookmarks/{}/relations is not in the default tag. Please make sure the missing API swaggers are in the default tag. readme: specification/securityinsights/resource-manager/readme.md json: Microsoft.SecurityInsights/preview/2019-01-01-preview/Bookmarks.json
❌ MISSING_APIS_IN_DEFAULT_TAG	The default tag should contain all APIs. The API path /subscriptions/{}/resourceGroups/{}/providers/{}/workspaces/{}/providers/Microsoft.SecurityInsights/bookmarks/{}/expand is not in the default tag. Please make sure the missing API swaggers are in the default tag. readme: specification/securityinsights/resource-manager/readme.md json: Microsoft.SecurityInsights/preview/2019-01-01-preview/Bookmarks.json
❌ MISSING_APIS_IN_DEFAULT_TAG	The default tag should contain all APIs. The API path /subscriptions/{}/resourceGroups/{}/providers/{}/workspaces/{}/providers/Microsoft.SecurityInsights/bookmarks/{}/relations/{} is not in the default tag. Please make sure the missing API swaggers are in the default tag. readme: specification/securityinsights/resource-manager/readme.md json: Microsoft.SecurityInsights/preview/2019-01-01-preview/Bookmarks.json

️️✔️SwaggerAPIView succeeded [Detail] [Expand]

️️✔️TypeSpecAPIView succeeded [Detail] [Expand]

️️✔️ModelValidation succeeded [Detail] [Expand]

Validation passes for ModelValidation.

️️✔️SemanticValidation succeeded [Detail] [Expand]

Validation passes for SemanticValidation.

️️✔️PoliCheck succeeded [Detail] [Expand]

Validation passed for PoliCheck.

️️✔️SpellCheck succeeded [Detail] [Expand]

Validation passes for SpellCheck.

️️✔️Lint(RPaaS) succeeded [Detail] [Expand]

Validation passes for Lint(RPaaS).

️️✔️PR Summary succeeded [Detail] [Expand]

Validation passes for Summary.

️️✔️Automated merging requirements met succeeded [Detail] [Expand]

_{Posted by Swagger Pipeline | How to fix these errors?}

[openapi-pipeline-app[bot]]

Swagger Generation Artifacts

️️✔️ApiDocPreview succeeded [Detail] [Expand]

Only 0 items are rendered, please refer to log for more details.

️⚠️ azure-sdk-for-net-track2 warning [Detail]

Only 0 items are rendered, please refer to log for more details.

️❌ azure-sdk-for-go failed [Detail]

Only 0 items are rendered, please refer to log for more details.

️🔄 azure-sdk-for-python inProgress [Detail]

️🔄 azure-sdk-for-js inProgress [Detail]

️🔄 azure-sdk-for-java inProgress [Detail]

️❌ azure-resource-manager-schemas failed [Detail]

Only 0 items are rendered, please refer to log for more details.

️⚠️ azure-powershell warning [Detail]

Only 0 items are rendered, please refer to log for more details.

_{Posted by Swagger Pipeline | How to fix these errors?}

[openapi-pipeline-app[bot]]

Generated ApiView

Language	Package Name	ApiView Link
Go	sdk/resourcemanager/securityinsights/armsecurityinsights	https://apiview.dev/Assemblies/Review/06b0c4a98e094807b7c161c14692f77d?revisionId=96d7bef932aa4285bc62aa00d5011155
Java	azure-resourcemanager-securityinsights	https://apiview.dev/Assemblies/Review/94d98f0a635f4ee98bd2349d9b276a14?revisionId=fb91c841277e4b03bf0ddafc92434df6
Swagger	Microsoft.SecurityInsights	https://apiview.dev/Assemblies/Review/d30cc3bd7c484ad880bc3b8126f67ba5?revisionId=8287b8f215c5466db038a203ae159845

[openapi-workflow-bot[bot]]

Please address or respond to feedback from the ARM API reviewer.
When you are ready to continue the ARM API review, please remove the ARMChangesRequested label.
This will notify the reviewer to have another look.
If the feedback provided needs further discussion, please use this Teams channel to post your questions - aka.ms/azsdk/support/specreview-channel.
Please include [ARM Query] in the title of your question to indicate that it is ARM-related.

[xuhumsft]

The only newly introduced is business applications agents from https://github.com/Azure/azure-rest-api-specs/pull/28504. The Breaking change, LintDiff etc. is generated from openAPIHub automatically. Please advise what is the next step

[xuhumsft]

The only newly introduced is business applications agents from #28504. The Breaking change, LintDiff etc. is generated from openAPIHub automatically. Please advise what is the next step

https://github.com/Azure/azure-rest-api-specs/pull/28504 is already granted with ARMSignedOff label

[gary-x-li]

Please get a breaking change review before moving to ARM review (step 2).

Please fill out the Due diligence checklist section and the Avocado Errors after you get the breaking change approval.

[raosuhas]

      "azureResourceId": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspaces/myWorkspace",

Is this resource id differentfrom the workspace for which you are creating the "systems " resource ? Why do you need this duplication ?

---

Refers to: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2024-04-01-preview/examples/businessApplicationAgents/systems/Systems_CreateOrUpdate.json:14 in b1c80aa. [](commit_id = b1c80aa7a7b8762f97f0163b3a79645e8d90ab37, deletion_comment = False)

[dvir-ms]

Is this resource id differentfrom the workspace for which you are creating the "systems " resource ? Why do you need this duplication ?

hi @raosuhas

I accidently closed the PR so sorry for that regarding your comment - in this example indeed it is the same but it can be anything and it's not limited to its workspace or generally to a workspace.

[raosuhas]

Next Steps to Merge

Next steps that must be taken to merge this PR:

• ❌ Your PR has at least one breaking change (label: BreakingChangeReviewRequired). See the PR description for help.
• ❌ The required check named Breaking Change(Cross-Version) has failed. Refer to the check in the PR's 'Checks' tab for details on how to fix it. In addition, refer to step 1 in the PR workflow diagram (even if your PR is for data plane, not ARM).

The ARM changes are fine, please follow the steps above to get breaking change approval, before restarting ARM review

[xuhumsft]

Next Steps to Merge

Next steps that must be taken to merge this PR:

• ❌ Your PR has at least one breaking change (label: BreakingChangeReviewRequired). See the PR description for help.
• ❌ The required check named Breaking Change(Cross-Version) has failed. Refer to the check in the PR's 'Checks' tab for details on how to fix it. In addition, refer to step 1 in the PR workflow diagram (even if your PR is for data plane, not ARM).

The ARM changes are fine, please follow the steps above to get breaking change approval, before restarting ARM review

Hi @raosuhas. We talked in the office hour on Monday. The breaking changes and lint diff is generated by openAPI hub. The only change in this release is the businessApplicationAgents. And it is new resource type. We do modify any existing resource types. Thank you.

It is also found the baseline is not latest published preview but the latest stable. This is a preview. I would think it should compare to the last preview version.

[raosuhas]

Discussed this again with the team. The breaking changes are against the latest released stable version. Please work with the breaking changes team and get it approved or fix the changes. You can remove "ARMChangesRequested" once the breaking change label has been taken care of.

[xuhumsft]

The breaking change are resolved. The preview version is consistent with the stable version. For the LintDiff, it seems also caused by properties in preview only. This is not changed from previous preview as we can see in the log.

[TimLovellSmith]

Please compute 'due diligence checklist'

[TimLovellSmith]

Adding suppressions for e.g. 'customDetails' will enable us to 'record' the knowledge that these are not real linter errors for this API, simplifying this and future reviews (once suppression review is done).

[TimLovellSmith]

This part of the API looks probably incorrectly defined to me: it looks like its not actually just a 'get', its a 'list' API, according to ARM conventions, right.

"list all the geodatas of the IP enrichment". (shouldn't enrichments be plural? I suppose geodata is arguably already a plural; 'data' vs 'datum')

But the description says it gets, not lists...

"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.SecurityInsights/enrichment/ip/geodata/": { "get": { "x-ms-examples": { "Get geodata for a single IP address": { "$ref": "./examples/enrichment/GetGeodataByIp.json" } }, "tags": [ "Enrichment" ], "description": "Get geodata for a single IP address", "operationId": "IPGeodata_Get",

[TimLovellSmith]

Aside from what I've mentioned so far there seem to be many lintDiff errors for this new API version, and I don't see them all as justified. Please go through them again.

[openapi-workflow-bot[bot]]

This PR has ARMChangesRequested label. Please address or respond to feedback from the ARM API reviewer.
When you are ready to continue the ARM API review, please remove the ARMChangesRequested label.
Learn more at aka.ms/azsdk/pr-arm-review.

[NoaGoren-Microsoft]

Entities API, EntityQueries API and EntityQueryTemplates API: These APIs rely on Graph entities, which frequently undergo changes in their properties. To accommodate these dynamic changes, additional properties are essential.

Entities API: This API uses additional properties for Entity Edges, which describe relationships between entities. These relationships change frequently and are not defined by a fixed model, necessitating flexible and adaptive properties.

EntityQueries API: This API allows for customer-customized activities. It uses additional properties for the entity filter property, which relies on fields from related entities. Since these fields are undefined in advance and subject to frequent changes, having flexible properties is crucial.

EntityQueryTemplates API: This API lists out-of-the-box activities. Similar to the EntityQueries API, it uses additional properties for entity filters. These filters depend on the dynamic and frequently changing fields of related entities, making flexible properties necessary.

[sagamzu]

DataConnectors API

The DataConnectors API is a service designed to aggregate data from various APIs into the customer's workspace. The customer defines the sources and methods for data collection through the DataConnectors API. Before saving the resource with the provided instructions, we make a request to the given API (using the Scuba service) to validate the instructions.

The API uses additional properties for different configurations that the customer must define to send a request to the desired endpoint ("apiEndpoint" property) and retrieve data. These properties can be different for each API, and we don't know them in advanced.

For example:

• authorizationEndpointQueryParameters: The customer provides an authorization endpoint (that require in order to get data from the "apiEndpoint") and any necessary query parameters to access it. Each API may require different query parameters.
• Headers: To access the endpoint, the customer must provide headers. The required headers vary between endpoints and consist of different sets of key-value pairs, depending on the data source.

[NoaGoren-Microsoft]

Entities API Lint suppressions: We got several Lint errors on this API:

1. Property name should be camel case.
2. Get endpoints for collections of resources must only have the value and nextLink properties in their model.
3. A PUT operation request body schema should be the same as its 200 response schema, to allow reusing the same entity between GET and PUT. If the schema of the PUT request body is a superset of the GET response body, make sure you have a PATCH operation to make the resource updatable. Operation: 'EntityQueries_CreateOrUpdate' Request Model: 'parameters[5].schema' Response Model: 'responses[200].schema'

This API has not been changed in the past year. This is an API used by customers and we haven't recieved such errros beforehand, and we cannot change it much.

[xuhumsft]

Here is the comments for AvoidAdditionalProperties in ThreatIntelligenceQuery.json from @moranraz

We are planning to add new APIs soon that will specify the exact object schemas, and then we will replace the additional properties with those definitions. For now, we got an exemption from the ARM reviewer to use additionalProperties

[mentat9]

/azp run

[azure-pipelines[bot]]

Azure Pipelines successfully started running 3 pipeline(s).

[mentat9]

Entities API Lint suppressions: We got several Lint errors on this API:

1. Property name should be camel case.
2. Get endpoints for collections of resources must only have the value and nextLink properties in their model.
3. A PUT operation request body schema should be the same as its 200 response schema, to allow reusing the same entity between GET and PUT. If the schema of the PUT request body is a superset of the GET response body, make sure you have a PATCH operation to make the resource updatable. Operation: 'EntityQueries_CreateOrUpdate' Request Model: 'parameters[5].schema' Response Model: 'responses[200].schema'

This API has not been changed in the past year. This is an API used by customers and we haven't recieved such errros beforehand, and we cannot change it much.

Please add suppressions for errors on resource types/APIs that are already published in stable API versions (e.g. the above errors you listed, plus a couple AnonymousTypes). See https://aka.ms/azsdk/pr-suppressions for help with suppressions.

Required linter checks that fail on resource types/APIs being added in the current PR need to be fixed. I didn't see any of those, but you should verify.

Note: the BodyTopLevelProperties check is flagging false positives on "value" and "nextLink" properties of collection GET bodies, so those can be ignored. Once suppressions have been added for all the valid errors, reviewers can bypass the false positives.

[ramoka178]

Please fix the lintdiff errors https://github.com/Azure/azure-rest-api-specs/pull/28437/checks?check_run_id=29288998865 There seems to be syntax errors.

[ramoka178]

Please fix the lintdiff errors https://github.com/Azure/azure-rest-api-specs/pull/28437/checks?check_run_id=29288998865 There seems to be syntax errors.

https://github.com/Azure/azure-rest-api-specs/blob/main/documentation/ci-fix.md#swagger-lintdiff-and-swagger-lintrpaas https://github.com/Azure/azure-openapi-validator/blob/main/CONTRIBUTING.md#how-to-locally-reproduce-a-lintdiff-failure-occurring-on-a-pr

Can help

[xuhumsft]

/azp run

[azure-pipelines[bot]]

Azure Pipelines successfully started running 3 pipeline(s).