Guides

MICROSOFT.SECURITYDEVOPS

docs.microsoft.com
Azure documentation

AzureDevOpsConnectorStats_Get

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsConnector_CreateOrUpdate

enum_AutoDiscovery := [ "Disabled", "Enabled" ]

valid {
    input.Body.properties.authorization.code == STRING
    input.Body.properties.orgs[_].name == STRING
    input.Body.properties.orgs[_].autoDiscovery == enum_AutoDiscovery[_]
    input.Body.properties.orgs[_].projects[_].name == STRING
    input.Body.properties.orgs[_].projects[_].autoDiscovery == enum_AutoDiscovery[_]
    input.Body.properties.orgs[_].projects[_].repos[_] == STRING
    input.Body.tags.STRING == STRING
    input.Body.location == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsConnector_Delete

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsConnector_Get

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsConnector_ListByResourceGroup

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsConnector_ListBySubscription

valid {
    input.ReqMap.SubscriptionID == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
}

AzureDevOpsConnector_Update

enum_AutoDiscovery := [ "Disabled", "Enabled" ]

valid {
    input.Body.properties.authorization.code == STRING
    input.Body.properties.orgs[_].name == STRING
    input.Body.properties.orgs[_].autoDiscovery == enum_AutoDiscovery[_]
    input.Body.properties.orgs[_].projects[_].name == STRING
    input.Body.properties.orgs[_].projects[_].autoDiscovery == enum_AutoDiscovery[_]
    input.Body.properties.orgs[_].projects[_].repos[_] == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsOrg_CreateOrUpdate

enum_AutoDiscovery := [ "Disabled", "Enabled" ]

valid {
    input.Body.properties.autoDiscovery == enum_AutoDiscovery[_]
    input.Body.STRING == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsOrg_Get

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsOrg_List

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsOrg_Update

enum_AutoDiscovery := [ "Disabled", "Enabled" ]

valid {
    input.Body.properties.autoDiscovery == enum_AutoDiscovery[_]
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsProject_CreateOrUpdate

enum_AutoDiscovery := [ "Disabled", "Enabled" ]

valid {
    input.Body.properties.orgName == STRING
    input.Body.properties.projectId == STRING
    input.Body.properties.autoDiscovery == enum_AutoDiscovery[_]
    input.Body.STRING == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.ReqMap.azureDevOpsProjectName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsProject_Get

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.ReqMap.azureDevOpsProjectName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsProject_List

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsProject_Update

enum_AutoDiscovery := [ "Disabled", "Enabled" ]

valid {
    input.Body.properties.orgName == STRING
    input.Body.properties.projectId == STRING
    input.Body.properties.autoDiscovery == enum_AutoDiscovery[_]
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.ReqMap.azureDevOpsProjectName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsRepo_CreateOrUpdate

enum_ActionableRemediationState := [ "None", "Disabled", "Enabled" ]
enum_RuleCategory := [ "Code", "Artifacts", "Dependencies", "Secrets", "IaC", "Containers" ]

valid {
    input.Body.properties.actionableRemediation.state == enum_ActionableRemediationState[_]
    input.Body.properties.actionableRemediation.severityLevels[_] == STRING
    input.Body.properties.actionableRemediation.categories[_] == enum_RuleCategory[_]
    input.Body.properties.actionableRemediation.branchConfiguration.names[_] == STRING
    input.Body.STRING == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.ReqMap.azureDevOpsProjectName == STRING
    input.ReqMap.azureDevOpsRepoName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsRepo_Get

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.ReqMap.azureDevOpsProjectName == STRING
    input.ReqMap.azureDevOpsRepoName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsRepo_List

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.ReqMap.azureDevOpsProjectName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsRepo_ListByConnector

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

AzureDevOpsRepo_Update

enum_ActionableRemediationState := [ "None", "Disabled", "Enabled" ]
enum_RuleCategory := [ "Code", "Artifacts", "Dependencies", "Secrets", "IaC", "Containers" ]

valid {
    input.Body.properties.actionableRemediation.state == enum_ActionableRemediationState[_]
    input.Body.properties.actionableRemediation.severityLevels[_] == STRING
    input.Body.properties.actionableRemediation.categories[_] == enum_RuleCategory[_]
    input.Body.properties.actionableRemediation.branchConfiguration.names[_] == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.azureDevOpsConnectorName == STRING
    input.ReqMap.azureDevOpsOrgName == STRING
    input.ReqMap.azureDevOpsProjectName == STRING
    input.ReqMap.azureDevOpsRepoName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubConnectorStats_Get

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubConnector_CreateOrUpdate

valid {
    input.Body.properties.code == STRING
    input.Body.tags.STRING == STRING
    input.Body.location == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubConnector_Delete

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubConnector_Get

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubConnector_ListByResourceGroup

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubConnector_ListBySubscription

valid {
    input.ReqMap.SubscriptionID == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
}

GitHubConnector_Update

valid {
    input.Body.properties.code == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubOwner_CreateOrUpdate

valid {
    input.Body.properties.ownerUrl == STRING
    input.Body.STRING == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.ReqMap.gitHubOwnerName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubOwner_Get

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.ReqMap.gitHubOwnerName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubOwner_List

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubOwner_Update

valid {
    input.Body.properties.ownerUrl == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.ReqMap.gitHubOwnerName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubRepo_CreateOrUpdate

valid {
    input.Body.properties.accountId == INTEGER
    input.Body.properties.repoUrl == STRING
    input.Body.properties.ownerName == STRING
    input.Body.STRING == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.ReqMap.gitHubOwnerName == STRING
    input.ReqMap.gitHubRepoName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubRepo_Get

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.ReqMap.gitHubOwnerName == STRING
    input.ReqMap.gitHubRepoName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubRepo_List

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.ReqMap.gitHubOwnerName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubRepo_ListByConnector

valid {
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

GitHubRepo_Update

valid {
    input.Body.properties.accountId == INTEGER
    input.Body.properties.repoUrl == STRING
    input.Body.properties.ownerName == STRING
    input.ReqMap.SubscriptionID == STRING
    input.ReqMap.ResourceGroup == STRING
    input.ReqMap.gitHubConnectorName == STRING
    input.ReqMap.gitHubOwnerName == STRING
    input.ReqMap.gitHubRepoName == STRING
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
    input.ProviderMetadata.SubscriptionID == STRING
    input.ProviderMetadata.ResourceGroup == STRING
}

Operations_List

valid {
    input.Qs.api-version == STRING
    input.ProviderMetadata.Region == STRING
}