MICROSOFT.SECURITY
APICollectionOffboarding_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.serviceName == STRING
input.ReqMap.apiCollectionId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
APICollectionOnboarding_Create
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.serviceName == STRING
input.ReqMap.apiCollectionId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
APICollection_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.serviceName == STRING
input.ReqMap.apiCollectionId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
APICollections_GetByAzureApiManagementService
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.serviceName == STRING
input.ReqMap.apiId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
APICollections_ListByAzureApiManagementService
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.serviceName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
APICollections_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
APICollections_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
APICollections_OffboardAzureApiManagementApi
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.serviceName == STRING
input.ReqMap.apiId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
APICollections_OnboardAzureApiManagementApi
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.serviceName == STRING
input.ReqMap.apiId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AdaptiveApplicationControls_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.groupName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AdaptiveApplicationControls_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.groupName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AdaptiveApplicationControls_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.Qs.includePathRecommendations == BOOLEAN
input.Qs.summary == BOOLEAN
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AdaptiveApplicationControls_Put
enum_ConfigurationStatus := [ "Configured", "NotConfigured", "InProgress", "Failed", "NoStatus" ]
enum_EnforcementMode := [ "Audit", "Enforce", "None" ]
enum_EnforcementSupport := [ "Supported", "NotSupported", "Unknown" ]
enum_FileType := [ "Exe", "Dll", "Msi", "Script", "Executable", "Unknown" ]
enum_RecommendationAction := [ "Recommended", "Add", "Remove" ]
enum_RecommendationType := [ "File", "FileHash", "PublisherSignature", "ProductSignature", "BinarySignature", "VersionAndAboveSignature" ]
valid {
input.Body.properties.enforcementMode == enum_EnforcementMode[_]
input.Body.properties.protectionMode.exe == enum_EnforcementMode[_]
input.Body.properties.protectionMode.msi == enum_EnforcementMode[_]
input.Body.properties.protectionMode.script == enum_EnforcementMode[_]
input.Body.properties.protectionMode.executable == enum_EnforcementMode[_]
input.Body.properties.vmRecommendations[_].configurationStatus == enum_ConfigurationStatus[_]
input.Body.properties.vmRecommendations[_].recommendationAction == enum_RecommendationAction[_]
input.Body.properties.vmRecommendations[_].resourceId == STRING
input.Body.properties.vmRecommendations[_].enforcementSupport == enum_EnforcementSupport[_]
input.Body.properties.pathRecommendations[_].path == STRING
input.Body.properties.pathRecommendations[_].action == enum_RecommendationAction[_]
input.Body.properties.pathRecommendations[_].type == enum_RecommendationType[_]
input.Body.properties.pathRecommendations[_].publisherInfo.publisherName == STRING
input.Body.properties.pathRecommendations[_].publisherInfo.productName == STRING
input.Body.properties.pathRecommendations[_].publisherInfo.binaryName == STRING
input.Body.properties.pathRecommendations[_].publisherInfo.version == STRING
input.Body.properties.pathRecommendations[_].common == BOOLEAN
input.Body.properties.pathRecommendations[_].userSids[_] == STRING
input.Body.properties.pathRecommendations[_].usernames[_].username == STRING
input.Body.properties.pathRecommendations[_].usernames[_].recommendationAction == enum_RecommendationAction[_]
input.Body.properties.pathRecommendations[_].fileType == enum_FileType[_]
input.Body.properties.pathRecommendations[_].configurationStatus == enum_ConfigurationStatus[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.groupName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AdaptiveNetworkHardenings_Enforce
enum_AdaptiveNetworkHardeningEnforceAction := [ "enforce" ]
enum_RuleDirection := [ "Inbound", "Outbound" ]
enum_RuleProtocols := [ "TCP", "UDP" ]
valid {
input.Body.rules[_].name == STRING
input.Body.rules[_].direction == enum_RuleDirection[_]
input.Body.rules[_].destinationPort == INTEGER
input.Body.rules[_].protocols[_] == enum_RuleProtocols[_]
input.Body.rules[_].ipAddresses[_] == STRING
input.Body.networkSecurityGroups[_] == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.resourceNamespace == STRING
input.ReqMap.resourceType == STRING
input.ReqMap.resourceName == STRING
input.ReqMap.adaptiveNetworkHardeningResourceName == STRING
input.ReqMap.adaptiveNetworkHardeningEnforceAction == enum_AdaptiveNetworkHardeningEnforceAction[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AdaptiveNetworkHardenings_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.resourceNamespace == STRING
input.ReqMap.resourceType == STRING
input.ReqMap.resourceName == STRING
input.ReqMap.adaptiveNetworkHardeningResourceName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AdaptiveNetworkHardenings_ListByExtendedResource
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.resourceNamespace == STRING
input.ReqMap.resourceType == STRING
input.ReqMap.resourceName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AdvancedThreatProtection_Create
enum_AdvancedThreatProtectionSettingName := [ "current" ]
valid {
input.Body.properties.isEnabled == BOOLEAN
input.ReqMap.resourceId == STRING
input.ReqMap.settingName == enum_AdvancedThreatProtectionSettingName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
AdvancedThreatProtection_Get
enum_AdvancedThreatProtectionSettingName := [ "current" ]
valid {
input.ReqMap.resourceId == STRING
input.ReqMap.settingName == enum_AdvancedThreatProtectionSettingName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
AlertsSuppressionRules_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.alertsSuppressionRuleName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AlertsSuppressionRules_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.alertsSuppressionRuleName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AlertsSuppressionRules_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.Qs.AlertType == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AlertsSuppressionRules_Update
enum_AlertsSuppressionRulePropertiesState := [ "Enabled", "Disabled", "Expired" ]
valid {
input.Body.properties.alertType == STRING
input.Body.properties.expirationDateUtc == STRING
input.Body.properties.reason == STRING
input.Body.properties.state == enum_AlertsSuppressionRulePropertiesState[_]
input.Body.properties.comment == STRING
input.Body.properties.suppressionAlertsScope.allOf[_].field == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.alertsSuppressionRuleName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Alerts_GetResourceGroupLevel
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Alerts_GetSubscriptionLevel
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Alerts_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Alerts_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Alerts_ListResourceGroupLevelByRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Alerts_ListSubscriptionLevelByRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Alerts_Simulate
enum_AlertSimulatorRequestPropertiesKind := [ "Bundles" ]
valid {
input.Body.properties.kind == enum_AlertSimulatorRequestPropertiesKind[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Alerts_UpdateResourceGroupLevelAlertStateToReactivate
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Alerts_UpdateResourceGroupLevelStateToActivate
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Alerts_UpdateResourceGroupLevelStateToDismiss
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Alerts_UpdateResourceGroupLevelStateToInProgress
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Alerts_UpdateResourceGroupLevelStateToResolve
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Alerts_UpdateSubscriptionLevelAlertStateToReactivate
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Alerts_UpdateSubscriptionLevelStateToActivate
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Alerts_UpdateSubscriptionLevelStateToDismiss
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Alerts_UpdateSubscriptionLevelStateToInProgress
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Alerts_UpdateSubscriptionLevelStateToResolve
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.alertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AllowedConnections_Get
enum_ConnectionType := [ "Internal", "External" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.connectionType == enum_ConnectionType[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AllowedConnections_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AllowedConnections_ListByHomeRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Application_CreateOrUpdate
enum_ApplicationPropertiesSourceResourceType := [ "Assessments" ]
valid {
input.Body.properties.displayName == STRING
input.Body.properties.description == STRING
input.Body.properties.sourceResourceType == enum_ApplicationPropertiesSourceResourceType[_]
input.Body.properties.conditionSets[_].STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.applicationId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Application_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.applicationId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Application_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.applicationId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Applications_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AssessmentsMetadata_CreateInSubscription
enum_SecurityAssessmentMetadataPropertiesAssessmentType := [ "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner" ]
enum_SecurityAssessmentMetadataPropertiesCategories := [ "Compute", "Networking", "Data", "IdentityAndAccess", "IoT" ]
enum_SecurityAssessmentMetadataPropertiesImplementationEffort := [ "Low", "Moderate", "High" ]
enum_SecurityAssessmentMetadataPropertiesResponseTactics := [ "Reconnaissance", "Resource Development", "Initial Access", "Execution", "Persistence", "Privilege Escalation", "Defense Evasion", "Credential Access", "Discovery", "Lateral Movement", "Collection", "Command and Control", "Exfiltration", "Impact" ]
enum_SecurityAssessmentMetadataPropertiesResponseTechniques := [ "Abuse Elevation Control Mechanism", "Access Token Manipulation", "Account Discovery", "Account Manipulation", "Active Scanning", "Application Layer Protocol", "Audio Capture", "Boot or Logon Autostart Execution", "Boot or Logon Initialization Scripts", "Brute Force", "Cloud Infrastructure Discovery", "Cloud Service Dashboard", "Cloud Service Discovery", "Command and Scripting Interpreter", "Compromise Client Software Binary", "Compromise Infrastructure", "Container and Resource Discovery", "Create Account", "Create or Modify System Process", "Credentials from Password Stores", "Data Destruction", "Data Encrypted for Impact", "Data from Cloud Storage Object", "Data from Configuration Repository", "Data from Information Repositories", "Data from Local System", "Data Manipulation", "Data Staged", "Defacement", "Deobfuscate/Decode Files or Information", "Disk Wipe", "Domain Trust Discovery", "Drive-by Compromise", "Dynamic Resolution", "Endpoint Denial of Service", "Event Triggered Execution", "Exfiltration Over Alternative Protocol", "Exploit Public-Facing Application", "Exploitation for Client Execution", "Exploitation for Credential Access", "Exploitation for Defense Evasion", "Exploitation for Privilege Escalation", "Exploitation of Remote Services", "External Remote Services", "Fallback Channels", "File and Directory Discovery", "Gather Victim Network Information", "Hide Artifacts", "Hijack Execution Flow", "Impair Defenses", "Implant Container Image", "Indicator Removal on Host", "Indirect Command Execution", "Ingress Tool Transfer", "Input Capture", "Inter-Process Communication", "Lateral Tool Transfer", "Man-in-the-Middle", "Masquerading", "Modify Authentication Process", "Modify Registry", "Network Denial of Service", "Network Service Scanning", "Network Sniffing", "Non-Application Layer Protocol", "Non-Standard Port", "Obtain Capabilities", "Obfuscated Files or Information", "Office Application Startup", "OS Credential Dumping", "Permission Groups Discovery", "Phishing", "Pre-OS Boot", "Process Discovery", "Process Injection", "Protocol Tunneling", "Proxy", "Query Registry", "Remote Access Software", "Remote Service Session Hijacking", "Remote Services", "Remote System Discovery", "Resource Hijacking", "Scheduled Task/Job", "Screen Capture", "Search Victim-Owned Websites", "Server Software Component", "Service Stop", "Signed Binary Proxy Execution", "Software Deployment Tools", "SQL Stored Procedures", "Steal or Forge Kerberos Tickets", "Subvert Trust Controls", "Supply Chain Compromise", "System Information Discovery", "Taint Shared Content", "Traffic Signaling", "Transfer Data to Cloud Account", "Trusted Relationship", "Unsecured Credentials", "User Execution", "Valid Accounts", "Windows Management Instrumentation", "File and Directory Permissions Modification" ]
enum_SecurityAssessmentMetadataPropertiesSeverity := [ "Low", "Medium", "High" ]
enum_SecurityAssessmentMetadataPropertiesThreats := [ "accountBreach", "dataExfiltration", "dataSpillage", "maliciousInsider", "elevationOfPrivilege", "threatResistance", "missingCoverage", "denialOfService" ]
enum_SecurityAssessmentMetadataPropertiesUserImpact := [ "Low", "Moderate", "High" ]
valid {
input.Body.properties.publishDates.GA == STRING
input.Body.properties.publishDates.public == STRING
input.Body.properties.plannedDeprecationDate == STRING
input.Body.properties.tactics[_] == enum_SecurityAssessmentMetadataPropertiesResponseTactics[_]
input.Body.properties.techniques[_] == enum_SecurityAssessmentMetadataPropertiesResponseTechniques[_]
input.Body.properties.displayName == STRING
input.Body.properties.description == STRING
input.Body.properties.remediationDescription == STRING
input.Body.properties.categories[_] == enum_SecurityAssessmentMetadataPropertiesCategories[_]
input.Body.properties.severity == enum_SecurityAssessmentMetadataPropertiesSeverity[_]
input.Body.properties.userImpact == enum_SecurityAssessmentMetadataPropertiesUserImpact[_]
input.Body.properties.implementationEffort == enum_SecurityAssessmentMetadataPropertiesImplementationEffort[_]
input.Body.properties.threats[_] == enum_SecurityAssessmentMetadataPropertiesThreats[_]
input.Body.properties.preview == BOOLEAN
input.Body.properties.assessmentType == enum_SecurityAssessmentMetadataPropertiesAssessmentType[_]
input.Body.properties.partnerData.partnerName == STRING
input.Body.properties.partnerData.productName == STRING
input.Body.properties.partnerData.secret == STRING
input.ReqMap.assessmentMetadataName == STRING
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AssessmentsMetadata_DeleteInSubscription
valid {
input.ReqMap.assessmentMetadataName == STRING
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AssessmentsMetadata_Get
valid {
input.ReqMap.assessmentMetadataName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
AssessmentsMetadata_GetInSubscription
valid {
input.ReqMap.assessmentMetadataName == STRING
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AssessmentsMetadata_List
valid {
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
AssessmentsMetadata_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Assessments_CreateOrUpdate
enum_AssessmentStatusCode := [ "Healthy", "Unhealthy", "NotApplicable" ]
enum_ResourceDetailsSource := [ "Azure", "OnPremise", "OnPremiseSql" ]
enum_SecurityAssessmentMetadataPropertiesAssessmentType := [ "BuiltIn", "CustomPolicy", "CustomerManaged", "VerifiedPartner" ]
enum_SecurityAssessmentMetadataPropertiesCategories := [ "Compute", "Networking", "Data", "IdentityAndAccess", "IoT" ]
enum_SecurityAssessmentMetadataPropertiesImplementationEffort := [ "Low", "Moderate", "High" ]
enum_SecurityAssessmentMetadataPropertiesSeverity := [ "Low", "Medium", "High" ]
enum_SecurityAssessmentMetadataPropertiesThreats := [ "accountBreach", "dataExfiltration", "dataSpillage", "maliciousInsider", "elevationOfPrivilege", "threatResistance", "missingCoverage", "denialOfService" ]
enum_SecurityAssessmentMetadataPropertiesUserImpact := [ "Low", "Moderate", "High" ]
valid {
input.Body.properties.status.code == enum_AssessmentStatusCode[_]
input.Body.properties.status.cause == STRING
input.Body.properties.status.description == STRING
input.Body.properties.resourceDetails.source == enum_ResourceDetailsSource[_]
input.Body.properties.additionalData.STRING == STRING
input.Body.properties.metadata.displayName == STRING
input.Body.properties.metadata.description == STRING
input.Body.properties.metadata.remediationDescription == STRING
input.Body.properties.metadata.categories[_] == enum_SecurityAssessmentMetadataPropertiesCategories[_]
input.Body.properties.metadata.severity == enum_SecurityAssessmentMetadataPropertiesSeverity[_]
input.Body.properties.metadata.userImpact == enum_SecurityAssessmentMetadataPropertiesUserImpact[_]
input.Body.properties.metadata.implementationEffort == enum_SecurityAssessmentMetadataPropertiesImplementationEffort[_]
input.Body.properties.metadata.threats[_] == enum_SecurityAssessmentMetadataPropertiesThreats[_]
input.Body.properties.metadata.preview == BOOLEAN
input.Body.properties.metadata.assessmentType == enum_SecurityAssessmentMetadataPropertiesAssessmentType[_]
input.Body.properties.metadata.partnerData.partnerName == STRING
input.Body.properties.metadata.partnerData.productName == STRING
input.Body.properties.metadata.partnerData.secret == STRING
input.Body.properties.partnersData.partnerName == STRING
input.Body.properties.partnersData.secret == STRING
input.ReqMap.resourceId == STRING
input.ReqMap.assessmentName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Assessments_Delete
valid {
input.ReqMap.resourceId == STRING
input.ReqMap.assessmentName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Assessments_Get
enum_ExpandAssessments := [ "links", "metadata" ]
valid {
input.ReqMap.resourceId == STRING
input.ReqMap.assessmentName == STRING
input.Qs.api-version == STRING
input.Qs.$expand == enum_ExpandAssessments[_]
input.ProviderMetadata.Region == STRING
}
Assessments_List
valid {
input.ReqMap.scope == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Assignments_CreateOrUpdate
valid {
input.Body.properties.displayName == STRING
input.Body.properties.description == STRING
input.Body.properties.assignedStandard.id == STRING
input.Body.properties.assignedComponent.key == STRING
input.Body.properties.scope == STRING
input.Body.properties.effect == STRING
input.Body.properties.expiresOn == STRING
input.Body.properties.additionalData.exemptionCategory == STRING
input.Body.properties.metadata.STRING == STRING
input.Body.STRING == STRING
input.Body.location == STRING
input.Body.kind == STRING
input.Body.etag == STRING
input.Body.tags.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.assignmentId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Assignments_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.assignmentId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Assignments_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.assignmentId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Assignments_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Assignments_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AutoProvisioningSettings_Create
enum_AutoProvisioningSettingPropertiesAutoProvision := [ "On", "Off" ]
valid {
input.Body.properties.autoProvision == enum_AutoProvisioningSettingPropertiesAutoProvision[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.settingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AutoProvisioningSettings_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.settingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
AutoProvisioningSettings_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Automations_CreateOrUpdate
enum_AutomationActionActionType := [ "LogicApp", "EventHub", "Workspace" ]
enum_AutomationSourceEventSource := [ "Assessments", "AssessmentsSnapshot", "SubAssessments", "SubAssessmentsSnapshot", "Alerts", "SecureScores", "SecureScoresSnapshot", "SecureScoreControls", "SecureScoreControlsSnapshot", "RegulatoryComplianceAssessment", "RegulatoryComplianceAssessmentSnapshot", "AttackPaths", "AttackPathsSnapshot" ]
enum_AutomationTriggeringRuleOperator := [ "Equals", "GreaterThan", "GreaterThanOrEqualTo", "LesserThan", "LesserThanOrEqualTo", "NotEquals", "Contains", "StartsWith", "EndsWith" ]
enum_AutomationTriggeringRulePropertyType := [ "String", "Integer", "Number", "Boolean" ]
valid {
input.Body.properties.description == STRING
input.Body.properties.isEnabled == BOOLEAN
input.Body.properties.scopes[_].description == STRING
input.Body.properties.scopes[_].scopePath == STRING
input.Body.properties.sources[_].eventSource == enum_AutomationSourceEventSource[_]
input.Body.properties.sources[_].ruleSets[_].rules[_].propertyJPath == STRING
input.Body.properties.sources[_].ruleSets[_].rules[_].propertyType == enum_AutomationTriggeringRulePropertyType[_]
input.Body.properties.sources[_].ruleSets[_].rules[_].expectedValue == STRING
input.Body.properties.sources[_].ruleSets[_].rules[_].operator == enum_AutomationTriggeringRuleOperator[_]
input.Body.properties.actions[_].actionType == enum_AutomationActionActionType[_]
input.Body.STRING == STRING
input.Body.location == STRING
input.Body.kind == STRING
input.Body.etag == STRING
input.Body.tags.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.automationName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Automations_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.automationName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Automations_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.automationName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Automations_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Automations_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Automations_Update
enum_AutomationActionActionType := [ "LogicApp", "EventHub", "Workspace" ]
enum_AutomationSourceEventSource := [ "Assessments", "AssessmentsSnapshot", "SubAssessments", "SubAssessmentsSnapshot", "Alerts", "SecureScores", "SecureScoresSnapshot", "SecureScoreControls", "SecureScoreControlsSnapshot", "RegulatoryComplianceAssessment", "RegulatoryComplianceAssessmentSnapshot", "AttackPaths", "AttackPathsSnapshot" ]
enum_AutomationTriggeringRuleOperator := [ "Equals", "GreaterThan", "GreaterThanOrEqualTo", "LesserThan", "LesserThanOrEqualTo", "NotEquals", "Contains", "StartsWith", "EndsWith" ]
enum_AutomationTriggeringRulePropertyType := [ "String", "Integer", "Number", "Boolean" ]
valid {
input.Body.properties.description == STRING
input.Body.properties.isEnabled == BOOLEAN
input.Body.properties.scopes[_].description == STRING
input.Body.properties.scopes[_].scopePath == STRING
input.Body.properties.sources[_].eventSource == enum_AutomationSourceEventSource[_]
input.Body.properties.sources[_].ruleSets[_].rules[_].propertyJPath == STRING
input.Body.properties.sources[_].ruleSets[_].rules[_].propertyType == enum_AutomationTriggeringRulePropertyType[_]
input.Body.properties.sources[_].ruleSets[_].rules[_].expectedValue == STRING
input.Body.properties.sources[_].ruleSets[_].rules[_].operator == enum_AutomationTriggeringRuleOperator[_]
input.Body.properties.actions[_].actionType == enum_AutomationActionActionType[_]
input.Body.tags.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.automationName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Automations_Validate
enum_AutomationActionActionType := [ "LogicApp", "EventHub", "Workspace" ]
enum_AutomationSourceEventSource := [ "Assessments", "AssessmentsSnapshot", "SubAssessments", "SubAssessmentsSnapshot", "Alerts", "SecureScores", "SecureScoresSnapshot", "SecureScoreControls", "SecureScoreControlsSnapshot", "RegulatoryComplianceAssessment", "RegulatoryComplianceAssessmentSnapshot", "AttackPaths", "AttackPathsSnapshot" ]
enum_AutomationTriggeringRuleOperator := [ "Equals", "GreaterThan", "GreaterThanOrEqualTo", "LesserThan", "LesserThanOrEqualTo", "NotEquals", "Contains", "StartsWith", "EndsWith" ]
enum_AutomationTriggeringRulePropertyType := [ "String", "Integer", "Number", "Boolean" ]
valid {
input.Body.properties.description == STRING
input.Body.properties.isEnabled == BOOLEAN
input.Body.properties.scopes[_].description == STRING
input.Body.properties.scopes[_].scopePath == STRING
input.Body.properties.sources[_].eventSource == enum_AutomationSourceEventSource[_]
input.Body.properties.sources[_].ruleSets[_].rules[_].propertyJPath == STRING
input.Body.properties.sources[_].ruleSets[_].rules[_].propertyType == enum_AutomationTriggeringRulePropertyType[_]
input.Body.properties.sources[_].ruleSets[_].rules[_].expectedValue == STRING
input.Body.properties.sources[_].ruleSets[_].rules[_].operator == enum_AutomationTriggeringRuleOperator[_]
input.Body.properties.actions[_].actionType == enum_AutomationActionActionType[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.automationName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsOrgs_CreateOrUpdate
enum_ActionableRemediationState := [ "None", "Disabled", "Enabled" ]
enum_AnnotateDefaultBranchState := [ "Disabled", "Enabled" ]
enum_DevOpsProvisioningState := [ "Succeeded", "Failed", "Canceled", "Pending", "PendingDeletion", "DeletionSuccess", "DeletionFailure" ]
enum_InheritFromParentState := [ "Disabled", "Enabled" ]
enum_OnboardingState := [ "NotApplicable", "OnboardedByOtherConnector", "Onboarded", "NotOnboarded" ]
enum_RuleCategory := [ "Code", "Artifacts", "Dependencies", "Secrets", "IaC", "Containers" ]
valid {
input.Body.properties.provisioningState == enum_DevOpsProvisioningState[_]
input.Body.properties.onboardingState == enum_OnboardingState[_]
input.Body.properties.actionableRemediation.state == enum_ActionableRemediationState[_]
input.Body.properties.actionableRemediation.categoryConfigurations[_].minimumSeverityLevel == STRING
input.Body.properties.actionableRemediation.categoryConfigurations[_].category == enum_RuleCategory[_]
input.Body.properties.actionableRemediation.branchConfiguration.branchNames[_] == STRING
input.Body.properties.actionableRemediation.branchConfiguration.annotateDefaultBranch == enum_AnnotateDefaultBranchState[_]
input.Body.properties.actionableRemediation.inheritFromParentState == enum_InheritFromParentState[_]
input.Body.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsOrgs_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsOrgs_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsOrgs_ListAvailable
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsOrgs_Update
enum_ActionableRemediationState := [ "None", "Disabled", "Enabled" ]
enum_AnnotateDefaultBranchState := [ "Disabled", "Enabled" ]
enum_DevOpsProvisioningState := [ "Succeeded", "Failed", "Canceled", "Pending", "PendingDeletion", "DeletionSuccess", "DeletionFailure" ]
enum_InheritFromParentState := [ "Disabled", "Enabled" ]
enum_OnboardingState := [ "NotApplicable", "OnboardedByOtherConnector", "Onboarded", "NotOnboarded" ]
enum_RuleCategory := [ "Code", "Artifacts", "Dependencies", "Secrets", "IaC", "Containers" ]
valid {
input.Body.properties.provisioningState == enum_DevOpsProvisioningState[_]
input.Body.properties.onboardingState == enum_OnboardingState[_]
input.Body.properties.actionableRemediation.state == enum_ActionableRemediationState[_]
input.Body.properties.actionableRemediation.categoryConfigurations[_].minimumSeverityLevel == STRING
input.Body.properties.actionableRemediation.categoryConfigurations[_].category == enum_RuleCategory[_]
input.Body.properties.actionableRemediation.branchConfiguration.branchNames[_] == STRING
input.Body.properties.actionableRemediation.branchConfiguration.annotateDefaultBranch == enum_AnnotateDefaultBranchState[_]
input.Body.properties.actionableRemediation.inheritFromParentState == enum_InheritFromParentState[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsProjects_CreateOrUpdate
enum_ActionableRemediationState := [ "None", "Disabled", "Enabled" ]
enum_AnnotateDefaultBranchState := [ "Disabled", "Enabled" ]
enum_DevOpsProvisioningState := [ "Succeeded", "Failed", "Canceled", "Pending", "PendingDeletion", "DeletionSuccess", "DeletionFailure" ]
enum_InheritFromParentState := [ "Disabled", "Enabled" ]
enum_OnboardingState := [ "NotApplicable", "OnboardedByOtherConnector", "Onboarded", "NotOnboarded" ]
enum_RuleCategory := [ "Code", "Artifacts", "Dependencies", "Secrets", "IaC", "Containers" ]
valid {
input.Body.properties.provisioningState == enum_DevOpsProvisioningState[_]
input.Body.properties.parentOrgName == STRING
input.Body.properties.onboardingState == enum_OnboardingState[_]
input.Body.properties.actionableRemediation.state == enum_ActionableRemediationState[_]
input.Body.properties.actionableRemediation.categoryConfigurations[_].minimumSeverityLevel == STRING
input.Body.properties.actionableRemediation.categoryConfigurations[_].category == enum_RuleCategory[_]
input.Body.properties.actionableRemediation.branchConfiguration.branchNames[_] == STRING
input.Body.properties.actionableRemediation.branchConfiguration.annotateDefaultBranch == enum_AnnotateDefaultBranchState[_]
input.Body.properties.actionableRemediation.inheritFromParentState == enum_InheritFromParentState[_]
input.Body.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.ReqMap.projectName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsProjects_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.ReqMap.projectName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsProjects_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsProjects_Update
enum_ActionableRemediationState := [ "None", "Disabled", "Enabled" ]
enum_AnnotateDefaultBranchState := [ "Disabled", "Enabled" ]
enum_DevOpsProvisioningState := [ "Succeeded", "Failed", "Canceled", "Pending", "PendingDeletion", "DeletionSuccess", "DeletionFailure" ]
enum_InheritFromParentState := [ "Disabled", "Enabled" ]
enum_OnboardingState := [ "NotApplicable", "OnboardedByOtherConnector", "Onboarded", "NotOnboarded" ]
enum_RuleCategory := [ "Code", "Artifacts", "Dependencies", "Secrets", "IaC", "Containers" ]
valid {
input.Body.properties.provisioningState == enum_DevOpsProvisioningState[_]
input.Body.properties.parentOrgName == STRING
input.Body.properties.onboardingState == enum_OnboardingState[_]
input.Body.properties.actionableRemediation.state == enum_ActionableRemediationState[_]
input.Body.properties.actionableRemediation.categoryConfigurations[_].minimumSeverityLevel == STRING
input.Body.properties.actionableRemediation.categoryConfigurations[_].category == enum_RuleCategory[_]
input.Body.properties.actionableRemediation.branchConfiguration.branchNames[_] == STRING
input.Body.properties.actionableRemediation.branchConfiguration.annotateDefaultBranch == enum_AnnotateDefaultBranchState[_]
input.Body.properties.actionableRemediation.inheritFromParentState == enum_InheritFromParentState[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.ReqMap.projectName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsRepos_CreateOrUpdate
enum_ActionableRemediationState := [ "None", "Disabled", "Enabled" ]
enum_AnnotateDefaultBranchState := [ "Disabled", "Enabled" ]
enum_DevOpsProvisioningState := [ "Succeeded", "Failed", "Canceled", "Pending", "PendingDeletion", "DeletionSuccess", "DeletionFailure" ]
enum_InheritFromParentState := [ "Disabled", "Enabled" ]
enum_OnboardingState := [ "NotApplicable", "OnboardedByOtherConnector", "Onboarded", "NotOnboarded" ]
enum_RuleCategory := [ "Code", "Artifacts", "Dependencies", "Secrets", "IaC", "Containers" ]
valid {
input.Body.properties.provisioningState == enum_DevOpsProvisioningState[_]
input.Body.properties.parentOrgName == STRING
input.Body.properties.parentProjectName == STRING
input.Body.properties.onboardingState == enum_OnboardingState[_]
input.Body.properties.actionableRemediation.state == enum_ActionableRemediationState[_]
input.Body.properties.actionableRemediation.categoryConfigurations[_].minimumSeverityLevel == STRING
input.Body.properties.actionableRemediation.categoryConfigurations[_].category == enum_RuleCategory[_]
input.Body.properties.actionableRemediation.branchConfiguration.branchNames[_] == STRING
input.Body.properties.actionableRemediation.branchConfiguration.annotateDefaultBranch == enum_AnnotateDefaultBranchState[_]
input.Body.properties.actionableRemediation.inheritFromParentState == enum_InheritFromParentState[_]
input.Body.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.ReqMap.projectName == STRING
input.ReqMap.repoName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsRepos_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.ReqMap.projectName == STRING
input.ReqMap.repoName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsRepos_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.ReqMap.projectName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
AzureDevOpsRepos_Update
enum_ActionableRemediationState := [ "None", "Disabled", "Enabled" ]
enum_AnnotateDefaultBranchState := [ "Disabled", "Enabled" ]
enum_DevOpsProvisioningState := [ "Succeeded", "Failed", "Canceled", "Pending", "PendingDeletion", "DeletionSuccess", "DeletionFailure" ]
enum_InheritFromParentState := [ "Disabled", "Enabled" ]
enum_OnboardingState := [ "NotApplicable", "OnboardedByOtherConnector", "Onboarded", "NotOnboarded" ]
enum_RuleCategory := [ "Code", "Artifacts", "Dependencies", "Secrets", "IaC", "Containers" ]
valid {
input.Body.properties.provisioningState == enum_DevOpsProvisioningState[_]
input.Body.properties.parentOrgName == STRING
input.Body.properties.parentProjectName == STRING
input.Body.properties.onboardingState == enum_OnboardingState[_]
input.Body.properties.actionableRemediation.state == enum_ActionableRemediationState[_]
input.Body.properties.actionableRemediation.categoryConfigurations[_].minimumSeverityLevel == STRING
input.Body.properties.actionableRemediation.categoryConfigurations[_].category == enum_RuleCategory[_]
input.Body.properties.actionableRemediation.branchConfiguration.branchNames[_] == STRING
input.Body.properties.actionableRemediation.branchConfiguration.annotateDefaultBranch == enum_AnnotateDefaultBranchState[_]
input.Body.properties.actionableRemediation.inheritFromParentState == enum_InheritFromParentState[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.orgName == STRING
input.ReqMap.projectName == STRING
input.ReqMap.repoName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
ComplianceResults_Get
valid {
input.ReqMap.resourceId == STRING
input.ReqMap.complianceResultName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
ComplianceResults_List
valid {
input.ReqMap.scope == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Compliances_Get
valid {
input.ReqMap.scope == STRING
input.ReqMap.complianceName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Compliances_List
valid {
input.ReqMap.scope == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Connectors_CreateOrUpdate
enum_AuthenticationDetailsPropertiesAuthenticationType := [ "awsCreds", "awsAssumeRole", "gcpCredentials" ]
enum_HybridComputeSettingsPropertiesAutoProvision := [ "On", "Off" ]
valid {
input.Body.properties.hybridComputeSettings.autoProvision == enum_HybridComputeSettingsPropertiesAutoProvision[_]
input.Body.properties.hybridComputeSettings.resourceGroupName == STRING
input.Body.properties.hybridComputeSettings.region == STRING
input.Body.properties.hybridComputeSettings.proxyServer.ip == STRING
input.Body.properties.hybridComputeSettings.proxyServer.port == STRING
input.Body.properties.hybridComputeSettings.servicePrincipal.applicationId == STRING
input.Body.properties.hybridComputeSettings.servicePrincipal.secret == STRING
input.Body.properties.authenticationDetails.authenticationType == enum_AuthenticationDetailsPropertiesAuthenticationType[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.connectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Connectors_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.connectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Connectors_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.connectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Connectors_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
CustomAssessmentAutomations_Create
enum_customAssessmentAutomationRequestPropertiesSeverity := [ "High", "Medium", "Low" ]
enum_customAssessmentAutomationRequestPropertiesSupportedCloud := [ "AWS", "GCP" ]
valid {
input.Body.properties.compressedQuery == STRING
input.Body.properties.supportedCloud == enum_customAssessmentAutomationRequestPropertiesSupportedCloud[_]
input.Body.properties.severity == enum_customAssessmentAutomationRequestPropertiesSeverity[_]
input.Body.properties.displayName == STRING
input.Body.properties.description == STRING
input.Body.properties.remediationDescription == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.customAssessmentAutomationName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
CustomAssessmentAutomations_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.customAssessmentAutomationName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
CustomAssessmentAutomations_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.customAssessmentAutomationName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
CustomAssessmentAutomations_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
CustomAssessmentAutomations_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
CustomEntityStoreAssignments_Create
valid {
input.Body.properties.principal == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.customEntityStoreAssignmentName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
CustomEntityStoreAssignments_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.customEntityStoreAssignmentName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
CustomEntityStoreAssignments_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.customEntityStoreAssignmentName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
CustomEntityStoreAssignments_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
CustomEntityStoreAssignments_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
DefenderForStorage_Create
enum_DefenderForStorageSettingName := [ "current" ]
valid {
input.Body.properties.isEnabled == BOOLEAN
input.Body.properties.malwareScanning.onUpload.isEnabled == BOOLEAN
input.Body.properties.malwareScanning.onUpload.capGBPerMonth == INTEGER
input.Body.properties.malwareScanning.scanResultsEventGridTopicResourceId == STRING
input.Body.properties.sensitiveDataDiscovery.isEnabled == BOOLEAN
input.Body.properties.overrideSubscriptionLevelSettings == BOOLEAN
input.ReqMap.resourceId == STRING
input.ReqMap.settingName == enum_DefenderForStorageSettingName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
DefenderForStorage_Get
enum_DefenderForStorageSettingName := [ "current" ]
valid {
input.ReqMap.resourceId == STRING
input.ReqMap.settingName == enum_DefenderForStorageSettingName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
DevOpsConfigurations_CreateOrUpdate
enum_AutoDiscovery := [ "Disabled", "Enabled", "NotApplicable" ]
enum_DevOpsProvisioningState := [ "Succeeded", "Failed", "Canceled", "Pending", "PendingDeletion", "DeletionSuccess", "DeletionFailure" ]
valid {
input.Body.properties.provisioningState == enum_DevOpsProvisioningState[_]
input.Body.properties.authorization.code == STRING
input.Body.properties.autoDiscovery == enum_AutoDiscovery[_]
input.Body.properties.topLevelInventoryList[_] == STRING
input.Body.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
DevOpsConfigurations_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
DevOpsConfigurations_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
DevOpsConfigurations_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
DevOpsConfigurations_Update
enum_AutoDiscovery := [ "Disabled", "Enabled", "NotApplicable" ]
enum_DevOpsProvisioningState := [ "Succeeded", "Failed", "Canceled", "Pending", "PendingDeletion", "DeletionSuccess", "DeletionFailure" ]
valid {
input.Body.properties.provisioningState == enum_DevOpsProvisioningState[_]
input.Body.properties.authorization.code == STRING
input.Body.properties.autoDiscovery == enum_AutoDiscovery[_]
input.Body.properties.topLevelInventoryList[_] == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
DevOpsOperationResults_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.operationResultId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
DeviceSecurityGroups_CreateOrUpdate
valid {
input.Body.properties.thresholdRules[_].minThreshold == INTEGER
input.Body.properties.thresholdRules[_].maxThreshold == INTEGER
input.Body.properties.thresholdRules[_].isEnabled == BOOLEAN
input.Body.properties.thresholdRules[_].ruleType == STRING
input.Body.properties.timeWindowRules[_].timeWindowSize == STRING
input.Body.properties.timeWindowRules[_].minThreshold == INTEGER
input.Body.properties.timeWindowRules[_].maxThreshold == INTEGER
input.Body.properties.allowlistRules[_].allowlistValues[_] == STRING
input.Body.properties.allowlistRules[_].isEnabled == BOOLEAN
input.Body.properties.allowlistRules[_].ruleType == STRING
input.Body.properties.denylistRules[_].denylistValues[_] == STRING
input.ReqMap.resourceId == STRING
input.ReqMap.deviceSecurityGroupName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
DeviceSecurityGroups_Delete
valid {
input.ReqMap.resourceId == STRING
input.ReqMap.deviceSecurityGroupName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
DeviceSecurityGroups_Get
valid {
input.ReqMap.resourceId == STRING
input.ReqMap.deviceSecurityGroupName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
DeviceSecurityGroups_List
valid {
input.ReqMap.resourceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
DiscoveredSecuritySolutions_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.discoveredSecuritySolutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
DiscoveredSecuritySolutions_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
DiscoveredSecuritySolutions_ListByHomeRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
ExternalSecuritySolutions_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.externalSecuritySolutionsName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
ExternalSecuritySolutions_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
ExternalSecuritySolutions_ListByHomeRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
GitHubOwners_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.ownerName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitHubOwners_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitHubOwners_ListAvailable
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitHubRepos_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.ownerName == STRING
input.ReqMap.repoName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitHubRepos_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.ownerName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitLabGroups_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.groupFQName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitLabGroups_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitLabGroups_ListAvailable
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitLabProjects_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.groupFQName == STRING
input.ReqMap.projectName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitLabProjects_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.groupFQName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GitLabSubgroups_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.groupFQName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
GovernanceAssignments_CreateOrUpdate
valid {
input.Body.properties.owner == STRING
input.Body.properties.remediationDueDate == STRING
input.Body.properties.remediationEta.eta == STRING
input.Body.properties.remediationEta.justification == STRING
input.Body.properties.isGracePeriod == BOOLEAN
input.Body.properties.governanceEmailNotification.disableManagerEmailNotification == BOOLEAN
input.Body.properties.governanceEmailNotification.disableOwnerEmailNotification == BOOLEAN
input.Body.properties.additionalData.ticketNumber == INTEGER
input.Body.properties.additionalData.ticketLink == STRING
input.Body.properties.additionalData.ticketStatus == STRING
input.ReqMap.scope == STRING
input.ReqMap.assessmentName == STRING
input.ReqMap.assignmentKey == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
GovernanceAssignments_Delete
valid {
input.ReqMap.scope == STRING
input.ReqMap.assessmentName == STRING
input.ReqMap.assignmentKey == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
GovernanceAssignments_Get
valid {
input.ReqMap.scope == STRING
input.ReqMap.assessmentName == STRING
input.ReqMap.assignmentKey == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
GovernanceAssignments_List
valid {
input.ReqMap.scope == STRING
input.ReqMap.assessmentName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
GovernanceRules_CreateOrUpdate
enum_GovernanceRuleOwnerSourceType := [ "ByTag", "Manually" ]
enum_GovernanceRulePropertiesRuleType := [ "Integrated", "ServiceNow" ]
enum_GovernanceRulePropertiesSourceResourceType := [ "Assessments" ]
valid {
input.Body.properties.displayName == STRING
input.Body.properties.description == STRING
input.Body.properties.remediationTimeframe == STRING
input.Body.properties.isGracePeriod == BOOLEAN
input.Body.properties.rulePriority == INTEGER
input.Body.properties.isDisabled == BOOLEAN
input.Body.properties.ruleType == enum_GovernanceRulePropertiesRuleType[_]
input.Body.properties.sourceResourceType == enum_GovernanceRulePropertiesSourceResourceType[_]
input.Body.properties.excludedScopes[_] == STRING
input.Body.properties.conditionSets[_].STRING == STRING
input.Body.properties.includeMemberScopes == BOOLEAN
input.Body.properties.ownerSource.type == enum_GovernanceRuleOwnerSourceType[_]
input.Body.properties.ownerSource.value == STRING
input.Body.properties.governanceEmailNotification.disableManagerEmailNotification == BOOLEAN
input.Body.properties.governanceEmailNotification.disableOwnerEmailNotification == BOOLEAN
input.Body.properties.metadata == {}
input.ReqMap.scope == STRING
input.ReqMap.ruleId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
GovernanceRules_Delete
valid {
input.ReqMap.scope == STRING
input.ReqMap.ruleId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
GovernanceRules_Execute
valid {
input.Body.override == BOOLEAN
input.ReqMap.scope == STRING
input.ReqMap.ruleId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
GovernanceRules_Get
valid {
input.ReqMap.scope == STRING
input.ReqMap.ruleId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
GovernanceRules_List
valid {
input.ReqMap.scope == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
GovernanceRules_OperationResults
valid {
input.ReqMap.scope == STRING
input.ReqMap.ruleId == STRING
input.ReqMap.operationId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
HealthReports_Get
valid {
input.ReqMap.resourceId == STRING
input.ReqMap.healthReportName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
HealthReports_List
valid {
input.ReqMap.scope == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
InformationProtectionPolicies_CreateOrUpdate
enum_InformationProtectionPolicyName := [ "effective", "custom" ]
enum_SensitivityLabelRank := [ "None", "Low", "Medium", "High", "Critical" ]
valid {
input.Body.properties.labels.STRING.displayName == STRING
input.Body.properties.labels.STRING.description == STRING
input.Body.properties.labels.STRING.rank == enum_SensitivityLabelRank[_]
input.Body.properties.labels.STRING.order == INTEGER
input.Body.properties.labels.STRING.enabled == BOOLEAN
input.Body.properties.informationTypes.STRING.displayName == STRING
input.Body.properties.informationTypes.STRING.description == STRING
input.Body.properties.informationTypes.STRING.order == INTEGER
input.Body.properties.informationTypes.STRING.recommendedLabelId == STRING
input.Body.properties.informationTypes.STRING.enabled == BOOLEAN
input.Body.properties.informationTypes.STRING.custom == BOOLEAN
input.Body.properties.informationTypes.STRING.keywords[_].pattern == STRING
input.Body.properties.informationTypes.STRING.keywords[_].custom == BOOLEAN
input.Body.properties.informationTypes.STRING.keywords[_].canBeNumeric == BOOLEAN
input.Body.properties.informationTypes.STRING.keywords[_].excluded == BOOLEAN
input.ReqMap.scope == STRING
input.ReqMap.informationProtectionPolicyName == enum_InformationProtectionPolicyName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
InformationProtectionPolicies_Get
enum_InformationProtectionPolicyName := [ "effective", "custom" ]
valid {
input.ReqMap.scope == STRING
input.ReqMap.informationProtectionPolicyName == enum_InformationProtectionPolicyName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
InformationProtectionPolicies_List
valid {
input.ReqMap.scope == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
IotAlertTypes_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.ReqMap.iotAlertTypeName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotAlertTypes_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotAlerts_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.ReqMap.iotAlertId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotAlerts_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.Qs.startTimeUtc> == STRING
input.Qs.startTimeUtc< == STRING
input.Qs.alertType == STRING
input.Qs.compromisedEntity == STRING
input.Qs.$limit == INTEGER
input.Qs.$skipToken == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotRecommendationTypes_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.ReqMap.iotRecommendationTypeName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotRecommendationTypes_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotRecommendations_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.ReqMap.iotRecommendationId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotRecommendations_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.Qs.recommendationType == STRING
input.Qs.deviceId == STRING
input.Qs.$limit == INTEGER
input.Qs.$skipToken == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolutionAnalytics_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolutionAnalytics_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolution_CreateOrUpdate
enum_AdditionalWorkspacesPropertiesDataTypes := [ "Alerts", "RawEvents" ]
enum_AdditionalWorkspacesPropertiesType := [ "Sentinel" ]
enum_IoTSecuritySolutionPropertiesDisabledDataSources := [ "TwinData" ]
enum_IoTSecuritySolutionPropertiesExport := [ "RawEvents" ]
enum_IoTSecuritySolutionPropertiesStatus := [ "Enabled", "Disabled" ]
enum_IoTSecuritySolutionPropertiesUnmaskedIpLoggingStatus := [ "Disabled", "Enabled" ]
enum_RecommendationConfigurationPropertiesRecommendationType := [ "IoT_ACRAuthentication", "IoT_AgentSendsUnutilizedMessages", "IoT_Baseline", "IoT_EdgeHubMemOptimize", "IoT_EdgeLoggingOptions", "IoT_InconsistentModuleSettings", "IoT_InstallAgent", "IoT_IPFilter_DenyAll", "IoT_IPFilter_PermissiveRule", "IoT_OpenPorts", "IoT_PermissiveFirewallPolicy", "IoT_PermissiveInputFirewallRules", "IoT_PermissiveOutputFirewallRules", "IoT_PrivilegedDockerOptions", "IoT_SharedCredentials", "IoT_VulnerableTLSCipherSuite" ]
enum_RecommendationConfigurationPropertiesStatus := [ "Disabled", "Enabled" ]
valid {
input.Body.location == STRING
input.Body.properties.workspace == STRING
input.Body.properties.displayName == STRING
input.Body.properties.status == enum_IoTSecuritySolutionPropertiesStatus[_]
input.Body.properties.export[_] == enum_IoTSecuritySolutionPropertiesExport[_]
input.Body.properties.disabledDataSources[_] == enum_IoTSecuritySolutionPropertiesDisabledDataSources[_]
input.Body.properties.iotHubs[_] == STRING
input.Body.properties.userDefinedResources.query == STRING
input.Body.properties.userDefinedResources.querySubscriptions[_] == STRING
input.Body.properties.recommendationsConfiguration[_].recommendationType == enum_RecommendationConfigurationPropertiesRecommendationType[_]
input.Body.properties.recommendationsConfiguration[_].status == enum_RecommendationConfigurationPropertiesStatus[_]
input.Body.properties.unmaskedIpLoggingStatus == enum_IoTSecuritySolutionPropertiesUnmaskedIpLoggingStatus[_]
input.Body.properties.additionalWorkspaces[_].workspace == STRING
input.Body.properties.additionalWorkspaces[_].type == enum_AdditionalWorkspacesPropertiesType[_]
input.Body.properties.additionalWorkspaces[_].dataTypes[_] == enum_AdditionalWorkspacesPropertiesDataTypes[_]
input.Body.tags.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolution_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolution_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolution_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.Qs.$filter == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolution_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.Qs.$filter == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
IotSecuritySolution_Update
enum_RecommendationConfigurationPropertiesRecommendationType := [ "IoT_ACRAuthentication", "IoT_AgentSendsUnutilizedMessages", "IoT_Baseline", "IoT_EdgeHubMemOptimize", "IoT_EdgeLoggingOptions", "IoT_InconsistentModuleSettings", "IoT_InstallAgent", "IoT_IPFilter_DenyAll", "IoT_IPFilter_PermissiveRule", "IoT_OpenPorts", "IoT_PermissiveFirewallPolicy", "IoT_PermissiveInputFirewallRules", "IoT_PermissiveOutputFirewallRules", "IoT_PrivilegedDockerOptions", "IoT_SharedCredentials", "IoT_VulnerableTLSCipherSuite" ]
enum_RecommendationConfigurationPropertiesStatus := [ "Disabled", "Enabled" ]
valid {
input.Body.properties.userDefinedResources.query == STRING
input.Body.properties.userDefinedResources.querySubscriptions[_] == STRING
input.Body.properties.recommendationsConfiguration[_].recommendationType == enum_RecommendationConfigurationPropertiesRecommendationType[_]
input.Body.properties.recommendationsConfiguration[_].status == enum_RecommendationConfigurationPropertiesStatus[_]
input.Body.tags.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolutionsAnalyticsAggregatedAlert_Dismiss
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.ReqMap.aggregatedAlertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolutionsAnalyticsAggregatedAlert_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.ReqMap.aggregatedAlertName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolutionsAnalyticsAggregatedAlert_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.Qs.$top == INTEGER
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolutionsAnalyticsRecommendation_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.ReqMap.aggregatedRecommendationName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
IotSecuritySolutionsAnalyticsRecommendation_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.solutionName == STRING
input.Qs.api-version == STRING
input.Qs.$top == INTEGER
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
JitNetworkAccessPolicies_CreateOrUpdate
enum_JitNetworkAccessPortRuleProtocol := [ "TCP", "UDP", "*" ]
enum_JitNetworkAccessRequestPortStatus := [ "Revoked", "Initiated" ]
enum_JitNetworkAccessRequestPortStatusReason := [ "Expired", "UserRequested", "NewerRequestInitiated" ]
valid {
input.Body.properties.virtualMachines[_].id == STRING
input.Body.properties.virtualMachines[_].ports[_].number == INTEGER
input.Body.properties.virtualMachines[_].ports[_].protocol == enum_JitNetworkAccessPortRuleProtocol[_]
input.Body.properties.virtualMachines[_].ports[_].allowedSourceAddressPrefix == STRING
input.Body.properties.virtualMachines[_].ports[_].allowedSourceAddressPrefixes[_] == STRING
input.Body.properties.virtualMachines[_].ports[_].maxRequestAccessDuration == STRING
input.Body.properties.virtualMachines[_].publicIpAddress == STRING
input.Body.properties.requests[_].virtualMachines[_].id == STRING
input.Body.properties.requests[_].virtualMachines[_].ports[_].number == INTEGER
input.Body.properties.requests[_].virtualMachines[_].ports[_].allowedSourceAddressPrefix == STRING
input.Body.properties.requests[_].virtualMachines[_].ports[_].allowedSourceAddressPrefixes[_] == STRING
input.Body.properties.requests[_].virtualMachines[_].ports[_].endTimeUtc == STRING
input.Body.properties.requests[_].virtualMachines[_].ports[_].status == enum_JitNetworkAccessRequestPortStatus[_]
input.Body.properties.requests[_].virtualMachines[_].ports[_].statusReason == enum_JitNetworkAccessRequestPortStatusReason[_]
input.Body.properties.requests[_].virtualMachines[_].ports[_].mappedPort == INTEGER
input.Body.properties.requests[_].startTimeUtc == STRING
input.Body.properties.requests[_].requestor == STRING
input.Body.properties.requests[_].justification == STRING
input.Body.kind == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.jitNetworkAccessPolicyName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
JitNetworkAccessPolicies_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.jitNetworkAccessPolicyName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
JitNetworkAccessPolicies_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.jitNetworkAccessPolicyName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
JitNetworkAccessPolicies_Initiate
enum_JitNetworkAccessPolicyInitiateType := [ "initiate" ]
valid {
input.Body.virtualMachines[_].id == STRING
input.Body.virtualMachines[_].ports[_].number == INTEGER
input.Body.virtualMachines[_].ports[_].allowedSourceAddressPrefix == STRING
input.Body.virtualMachines[_].ports[_].endTimeUtc == STRING
input.Body.justification == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.jitNetworkAccessPolicyName == STRING
input.ReqMap.jitNetworkAccessPolicyInitiateType == enum_JitNetworkAccessPolicyInitiateType[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
JitNetworkAccessPolicies_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
JitNetworkAccessPolicies_ListByRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
JitNetworkAccessPolicies_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
JitNetworkAccessPolicies_ListByResourceGroupAndRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Locations_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Locations_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
MdeOnboardings_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
MdeOnboardings_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Operations_List
valid {
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Pricings_CreateOrUpdateResourceGroupPricing
enum_PricingPropertiesPricingTier := [ "Free", "Standard" ]
valid {
input.Body.properties.pricingTier == enum_PricingPropertiesPricingTier[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.pricingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Pricings_Delete
valid {
input.ReqMap.scopeId == STRING
input.ReqMap.pricingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Pricings_Get
valid {
input.ReqMap.scopeId == STRING
input.ReqMap.pricingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Pricings_GetResourceGroupPricing
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.pricingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Pricings_List
valid {
input.ReqMap.scopeId == STRING
input.Qs.api-version == STRING
input.Qs.$filter == STRING
input.ProviderMetadata.Region == STRING
}
Pricings_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Pricings_Update
enum_ExtensionIsEnabled := [ "True", "False" ]
enum_PricingPropertiesEnforce := [ "False", "True" ]
enum_PricingPropertiesPricingTier := [ "Free", "Standard" ]
valid {
input.Body.properties.pricingTier == enum_PricingPropertiesPricingTier[_]
input.Body.properties.subPlan == STRING
input.Body.properties.enforce == enum_PricingPropertiesEnforce[_]
input.Body.properties.extensions[_].name == STRING
input.Body.properties.extensions[_].isEnabled == enum_ExtensionIsEnabled[_]
input.Body.properties.extensions[_].additionalExtensionProperties.STRING == STRING
input.ReqMap.scopeId == STRING
input.ReqMap.pricingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
RegulatoryComplianceAssessments_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.regulatoryComplianceStandardName == STRING
input.ReqMap.regulatoryComplianceControlName == STRING
input.ReqMap.regulatoryComplianceAssessmentName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
RegulatoryComplianceAssessments_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.regulatoryComplianceStandardName == STRING
input.ReqMap.regulatoryComplianceControlName == STRING
input.Qs.api-version == STRING
input.Qs.$filter == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
RegulatoryComplianceControls_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.regulatoryComplianceStandardName == STRING
input.ReqMap.regulatoryComplianceControlName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
RegulatoryComplianceControls_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.regulatoryComplianceStandardName == STRING
input.Qs.api-version == STRING
input.Qs.$filter == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
RegulatoryComplianceStandards_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.regulatoryComplianceStandardName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
RegulatoryComplianceStandards_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.Qs.$filter == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecureScoreControlDefinitions_List
valid {
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SecureScoreControlDefinitions_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecureScoreControls_List
enum_ExpandControlsDefinition := [ "definition" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.Qs.$expand == enum_ExpandControlsDefinition[_]
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecureScoreControls_ListBySecureScore
enum_ExpandControlsDefinition := [ "definition" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.secureScoreName == STRING
input.Qs.api-version == STRING
input.Qs.$expand == enum_ExpandControlsDefinition[_]
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecureScores_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.secureScoreName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecureScores_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityConnectorApplication_CreateOrUpdate
enum_ApplicationPropertiesSourceResourceType := [ "Assessments" ]
valid {
input.Body.properties.displayName == STRING
input.Body.properties.description == STRING
input.Body.properties.sourceResourceType == enum_ApplicationPropertiesSourceResourceType[_]
input.Body.properties.conditionSets[_].STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.applicationId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecurityConnectorApplication_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.applicationId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecurityConnectorApplication_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.ReqMap.applicationId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecurityConnectorApplications_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecurityConnectors_CreateOrUpdate
enum_EnvironmentDataEnvironmentType := [ "AwsAccount", "GcpProject", "GithubScope", "AzureDevOpsScope", "GitlabScope" ]
enum_SecurityConnectorPropertiesEnvironmentName := [ "Azure", "AWS", "GCP", "Github", "AzureDevOps", "GitLab" ]
enum_cloudOfferingOfferingType := [ "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws", "DefenderForDatabasesAws", "CspmMonitorGcp", "CspmMonitorGithub", "CspmMonitorAzureDevOps", "DefenderForServersGcp", "DefenderForContainersGcp", "DefenderForDatabasesGcp", "DefenderCspmAws", "DefenderCspmGcp", "CspmMonitorGitLab" ]
valid {
input.Body.properties.hierarchyIdentifier == STRING
input.Body.properties.environmentName == enum_SecurityConnectorPropertiesEnvironmentName[_]
input.Body.properties.offerings[_].offeringType == enum_cloudOfferingOfferingType[_]
input.Body.properties.environmentData.environmentType == enum_EnvironmentDataEnvironmentType[_]
input.Body.STRING == STRING
input.Body.location == STRING
input.Body.kind == STRING
input.Body.etag == STRING
input.Body.tags.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecurityConnectors_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecurityConnectors_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecurityConnectors_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityConnectors_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecurityConnectors_Update
enum_EnvironmentDataEnvironmentType := [ "AwsAccount", "GcpProject", "GithubScope", "AzureDevOpsScope", "GitlabScope" ]
enum_SecurityConnectorPropertiesEnvironmentName := [ "Azure", "AWS", "GCP", "Github", "AzureDevOps", "GitLab" ]
enum_cloudOfferingOfferingType := [ "CspmMonitorAws", "DefenderForContainersAws", "DefenderForServersAws", "DefenderForDatabasesAws", "CspmMonitorGcp", "CspmMonitorGithub", "CspmMonitorAzureDevOps", "DefenderForServersGcp", "DefenderForContainersGcp", "DefenderForDatabasesGcp", "DefenderCspmAws", "DefenderCspmGcp", "CspmMonitorGitLab" ]
valid {
input.Body.properties.hierarchyIdentifier == STRING
input.Body.properties.environmentName == enum_SecurityConnectorPropertiesEnvironmentName[_]
input.Body.properties.offerings[_].offeringType == enum_cloudOfferingOfferingType[_]
input.Body.properties.environmentData.environmentType == enum_EnvironmentDataEnvironmentType[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.securityConnectorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecurityContacts_Create
enum_NotificationsSourceSourceType := [ "Alert", "AttackPath" ]
enum_SecurityContactName := [ "default" ]
enum_SecurityContactPropertiesNotificationsByRoleState := [ "On", "Off" ]
enum_SecurityContactRole := [ "AccountAdmin", "ServiceAdmin", "Owner", "Contributor" ]
valid {
input.Body.properties.emails == STRING
input.Body.properties.phone == STRING
input.Body.properties.isEnabled == BOOLEAN
input.Body.properties.notificationsSources[_].sourceType == enum_NotificationsSourceSourceType[_]
input.Body.properties.notificationsByRole.state == enum_SecurityContactPropertiesNotificationsByRoleState[_]
input.Body.properties.notificationsByRole.roles[_] == enum_SecurityContactRole[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.securityContactName == enum_SecurityContactName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityContacts_Delete
enum_SecurityContactName := [ "default" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.securityContactName == enum_SecurityContactName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityContacts_Get
enum_SecurityContactName := [ "default" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.securityContactName == enum_SecurityContactName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityContacts_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityContacts_Update
enum_SecurityContactPropertiesAlertNotifications := [ "On", "Off" ]
enum_SecurityContactPropertiesAlertsToAdmins := [ "On", "Off" ]
valid {
input.Body.properties.email == STRING
input.Body.properties.phone == STRING
input.Body.properties.alertNotifications == enum_SecurityContactPropertiesAlertNotifications[_]
input.Body.properties.alertsToAdmins == enum_SecurityContactPropertiesAlertsToAdmins[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.securityContactName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityOperators_CreateOrUpdate
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.pricingName == STRING
input.ReqMap.securityOperatorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityOperators_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.pricingName == STRING
input.ReqMap.securityOperatorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityOperators_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.pricingName == STRING
input.ReqMap.securityOperatorName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecurityOperators_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.pricingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecuritySolutionsReferenceData_ListByHomeRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SecuritySolutions_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.securitySolutionName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SecuritySolutions_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SensitivitySettings_CreateOrUpdate
valid {
input.Body.sensitiveInfoTypesIds[_] == STRING
input.Body.sensitivityThresholdLabelOrder == NUMBER
input.Body.sensitivityThresholdLabelId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SensitivitySettings_Get
valid {
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SensitivitySettings_List
valid {
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
ServerVulnerabilityAssessment_CreateOrUpdate
enum_ServerVulnerabilityAssessmentParameter := [ "default" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.resourceNamespace == STRING
input.ReqMap.resourceType == STRING
input.ReqMap.resourceName == STRING
input.ReqMap.serverVulnerabilityAssessment == enum_ServerVulnerabilityAssessmentParameter[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
ServerVulnerabilityAssessment_Delete
enum_ServerVulnerabilityAssessmentParameter := [ "default" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.resourceNamespace == STRING
input.ReqMap.resourceType == STRING
input.ReqMap.resourceName == STRING
input.ReqMap.serverVulnerabilityAssessment == enum_ServerVulnerabilityAssessmentParameter[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
ServerVulnerabilityAssessment_Get
enum_ServerVulnerabilityAssessmentParameter := [ "default" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.resourceNamespace == STRING
input.ReqMap.resourceType == STRING
input.ReqMap.resourceName == STRING
input.ReqMap.serverVulnerabilityAssessment == enum_ServerVulnerabilityAssessmentParameter[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
ServerVulnerabilityAssessment_ListByExtendedResource
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.resourceNamespace == STRING
input.ReqMap.resourceType == STRING
input.ReqMap.resourceName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
ServerVulnerabilityAssessmentsSettings_CreateOrUpdate
enum_ServerVulnerabilityAssessmentsSettingKind := [ "AzureServersSetting" ]
enum_SettingKind := [ "azureServersSetting" ]
valid {
input.Body.kind == enum_ServerVulnerabilityAssessmentsSettingKind[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.settingKind == enum_SettingKind[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
ServerVulnerabilityAssessmentsSettings_Delete
enum_SettingKind := [ "azureServersSetting" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.settingKind == enum_SettingKind[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
ServerVulnerabilityAssessmentsSettings_Get
enum_SettingKind := [ "azureServersSetting" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.settingKind == enum_SettingKind[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
ServerVulnerabilityAssessmentsSettings_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Settings_Get
enum_SettingName := [ "MCAS", "WDATP", "WDATP_EXCLUDE_LINUX_PUBLIC_PREVIEW", "WDATP_UNIFIED_SOLUTION", "Sentinel" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.settingName == enum_SettingName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Settings_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Settings_Update
enum_SettingKind := [ "DataExportSettings", "AlertSuppressionSetting", "AlertSyncSettings" ]
enum_SettingName := [ "MCAS", "WDATP", "WDATP_EXCLUDE_LINUX_PUBLIC_PREVIEW", "WDATP_UNIFIED_SOLUTION", "Sentinel" ]
valid {
input.Body.kind == enum_SettingKind[_]
input.ReqMap.SubscriptionID == STRING
input.ReqMap.settingName == enum_SettingName[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SoftwareInventories_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.resourceNamespace == STRING
input.ReqMap.resourceType == STRING
input.ReqMap.resourceName == STRING
input.ReqMap.softwareName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SoftwareInventories_ListByExtendedResource
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.resourceNamespace == STRING
input.ReqMap.resourceType == STRING
input.ReqMap.resourceName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
SoftwareInventories_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SqlVulnerabilityAssessmentBaselineRules_Add
valid {
input.Body.latestScan == BOOLEAN
input.Body.results.STRING[_][_] == STRING
input.ReqMap.resourceId == STRING
input.Qs.workspaceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SqlVulnerabilityAssessmentBaselineRules_CreateOrUpdate
valid {
input.Body.latestScan == BOOLEAN
input.Body.results[_][_] == STRING
input.ReqMap.ruleId == STRING
input.ReqMap.resourceId == STRING
input.Qs.workspaceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SqlVulnerabilityAssessmentBaselineRules_Delete
valid {
input.ReqMap.ruleId == STRING
input.ReqMap.resourceId == STRING
input.Qs.workspaceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SqlVulnerabilityAssessmentBaselineRules_Get
valid {
input.ReqMap.ruleId == STRING
input.ReqMap.resourceId == STRING
input.Qs.workspaceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SqlVulnerabilityAssessmentBaselineRules_List
valid {
input.ReqMap.resourceId == STRING
input.Qs.workspaceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SqlVulnerabilityAssessmentScanResults_Get
valid {
input.ReqMap.scanId == STRING
input.ReqMap.scanResultId == STRING
input.ReqMap.resourceId == STRING
input.Qs.workspaceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SqlVulnerabilityAssessmentScanResults_List
valid {
input.ReqMap.scanId == STRING
input.ReqMap.resourceId == STRING
input.Qs.workspaceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SqlVulnerabilityAssessmentScans_Get
valid {
input.ReqMap.scanId == STRING
input.ReqMap.resourceId == STRING
input.Qs.workspaceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SqlVulnerabilityAssessmentScans_List
valid {
input.ReqMap.resourceId == STRING
input.Qs.workspaceId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Standards_CreateOrUpdate
enum_StandardSupportedClouds := [ "AWS", "GCP" ]
valid {
input.Body.properties.displayName == STRING
input.Body.properties.description == STRING
input.Body.properties.category == STRING
input.Body.properties.components[_].key == STRING
input.Body.properties.supportedClouds[_] == enum_StandardSupportedClouds[_]
input.Body.STRING == STRING
input.Body.location == STRING
input.Body.kind == STRING
input.Body.etag == STRING
input.Body.tags.STRING == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.standardId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Standards_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.standardId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Standards_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.standardId == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Standards_List
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Standards_ListBySubscription
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
SubAssessments_Get
valid {
input.ReqMap.scope == STRING
input.ReqMap.assessmentName == STRING
input.ReqMap.subAssessmentName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SubAssessments_List
valid {
input.ReqMap.scope == STRING
input.ReqMap.assessmentName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
SubAssessments_ListAll
valid {
input.ReqMap.scope == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
}
Tasks_GetResourceGroupLevelTask
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.taskName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Tasks_GetSubscriptionLevelTask
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.taskName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Tasks_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.Qs.$filter == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Tasks_ListByHomeRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.Qs.$filter == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Tasks_ListByResourceGroup
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.Qs.$filter == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Tasks_UpdateResourceGroupLevelTaskState
enum_TaskUpdateActionType := [ "Activate", "Dismiss", "Start", "Resolve", "Close" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.taskName == STRING
input.ReqMap.taskUpdateActionType == enum_TaskUpdateActionType[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Tasks_UpdateSubscriptionLevelTaskState
enum_TaskUpdateActionType := [ "Activate", "Dismiss", "Start", "Resolve", "Close" ]
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.taskName == STRING
input.ReqMap.taskUpdateActionType == enum_TaskUpdateActionType[_]
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Topology_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ResourceGroup == STRING
input.ReqMap.ascLocation == STRING
input.ReqMap.topologyResourceName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
input.ProviderMetadata.ResourceGroup == STRING
}
Topology_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Topology_ListByHomeRegion
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.ascLocation == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
WorkspaceSettings_Create
valid {
input.Body.properties.workspaceId == STRING
input.Body.properties.scope == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.workspaceSettingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
WorkspaceSettings_Delete
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.workspaceSettingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
WorkspaceSettings_Get
valid {
input.ReqMap.SubscriptionID == STRING
input.ReqMap.workspaceSettingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
WorkspaceSettings_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
WorkspaceSettings_Update
valid {
input.Body.properties.workspaceId == STRING
input.Body.properties.scope == STRING
input.ReqMap.SubscriptionID == STRING
input.ReqMap.workspaceSettingName == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
securitySolutionsReferenceData_List
valid {
input.ReqMap.SubscriptionID == STRING
input.Qs.api-version == STRING
input.ProviderMetadata.Region == STRING
input.ProviderMetadata.SubscriptionID == STRING
}
Updated 7 months ago