diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json new file mode 100644 index 000000000000..255c4f5d876b --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json @@ -0,0 +1,1070 @@ +{ + "swagger": "2.0", + "info": { + "version": "2022-01-31-preview", + "title": "ManagedServiceIdentityClient", + "description": "The Managed Service Identity Client." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.ManagedIdentity/identities/default": { + "get": { + "operationId": "SystemAssignedIdentities_GetByScope", + "description": "Gets the systemAssignedIdentity available under the specified RP scope.", + "x-ms-examples": { + "MsiOperationsList": { + "$ref": "./examples/SystemAssignedIdentityGet.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The systemAssignedIdentity was retrieved and returned successfully.", + "schema": { + "$ref": "#/definitions/SystemAssignedIdentity" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.ManagedIdentity/operations": { + "get": { + "operationId": "Operations_List", + "description": "Lists available operations for the Microsoft.ManagedIdentity provider", + "x-ms-examples": { + "MsiOperationsList": { + "$ref": "./examples/MsiOperationsList.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The operation was successful. The response contains the list of available operations.", + "schema": { + "$ref": "#/definitions/OperationListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.ManagedIdentity/userAssignedIdentities": { + "get": { + "operationId": "UserAssignedIdentities_ListBySubscription", + "description": "Lists all the userAssignedIdentities available under the specified subscription.", + "x-ms-examples": { + "IdentityListBySubscription": { + "$ref": "./examples/IdentityListBySubscription.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The list of userAssignedIdentities was retrieved and returned successfully.", + "schema": { + "$ref": "#/definitions/UserAssignedIdentitiesListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities": { + "get": { + "operationId": "UserAssignedIdentities_ListByResourceGroup", + "description": "Lists all the userAssignedIdentities available under the specified ResourceGroup.", + "x-ms-examples": { + "IdentityListByResourceGroup": { + "$ref": "./examples/IdentityListByResourceGroup.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The list of userAssignedIdentities was retrieved and returned successfully.", + "schema": { + "$ref": "#/definitions/UserAssignedIdentitiesListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}/listAssociatedResources": { + "post": { + "operationId": "UserAssignedIdentities_ListAssociatedResources", + "description": "Lists the associated resources for this identity.", + "x-ms-examples": { + "IdentityListAssociatedResources": { + "$ref": "./examples/IdentityListAssociatedResources.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + }, + { + "$ref": "#/parameters/OrderbyParameter" + }, + { + "$ref": "#/parameters/TopQueryParameter" + }, + { + "$ref": "#/parameters/SkipQueryParameter" + }, + { + "$ref": "#/parameters/SkipTokenParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. List of resources associated with this identity.", + "schema": { + "$ref": "#/definitions/AssociatedResourcesListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}": { + "put": { + "operationId": "UserAssignedIdentities_CreateOrUpdate", + "description": "Create or update an identity in the specified subscription and resource group.", + "x-ms-examples": { + "IdentityCreate": { + "$ref": "./examples/IdentityCreate.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/Identity" + }, + "description": "Parameters to create or update the identity" + } + ], + "responses": { + "200": { + "description": "Updated identity", + "schema": { + "$ref": "#/definitions/Identity" + } + }, + "201": { + "description": "Created identity", + "schema": { + "$ref": "#/definitions/Identity" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "patch": { + "operationId": "UserAssignedIdentities_Update", + "description": "Update an identity in the specified subscription and resource group.", + "x-ms-examples": { + "IdentityUpdate": { + "$ref": "./examples/IdentityUpdate.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/IdentityUpdate" + }, + "description": "Parameters to update the identity" + } + ], + "responses": { + "200": { + "description": "Updated identity", + "schema": { + "$ref": "#/definitions/Identity" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "operationId": "UserAssignedIdentities_Get", + "description": "Gets the identity.", + "x-ms-examples": { + "IdentityGet": { + "$ref": "./examples/IdentityGet.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The requested identity.", + "schema": { + "$ref": "#/definitions/Identity" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "operationId": "UserAssignedIdentities_Delete", + "description": "Deletes the identity.", + "x-ms-examples": { + "IdentityDelete": { + "$ref": "./examples/IdentityDelete.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. Deleted Identity." + }, + "204": { + "description": "The specified identity does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}/federatedIdentityCredentials": { + "get": { + "operationId": "FederatedIdentityCredentials_List", + "description": "Lists all the federated identity credentials under the specified user assigned identity.", + "x-ms-examples": { + "FederatedIdentityCredentialList": { + "$ref": "./examples/FederatedIdentityCredentialList.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/TopQueryParameter" + }, + { + "$ref": "#/parameters/SkipTokenParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The list of federated identity credentials for the specified user assigned identity was retrieved and returned successfully.", + "schema": { + "$ref": "#/definitions/FederatedIdentityCredentialsListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}/federatedIdentityCredentials/{federatedIdentityCredentialResourceName}": { + "put": { + "operationId": "FederatedIdentityCredentials_CreateOrUpdate", + "description": "Create or update a federated identity credential under the specified user assigned identity.", + "x-ms-examples": { + "FederatedIdentityCredentialCreate": { + "$ref": "./examples/FederatedIdentityCredentialCreate.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/FederatedIdentityCredentialResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/FederatedIdentityCredential" + }, + "description": "Parameters to create or update the federated identity credential." + } + ], + "responses": { + "200": { + "description": "Updated federated identity credential.", + "schema": { + "$ref": "#/definitions/FederatedIdentityCredential" + } + }, + "201": { + "description": "Created federated identity credential.", + "schema": { + "$ref": "#/definitions/FederatedIdentityCredential" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "operationId": "FederatedIdentityCredentials_Get", + "description": "Gets the federated identity credential.", + "x-ms-examples": { + "FederatedIdentityCredentialGet": { + "$ref": "./examples/FederatedIdentityCredentialGet.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/FederatedIdentityCredentialResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The requested federated identity credential.", + "schema": { + "$ref": "#/definitions/FederatedIdentityCredential" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "operationId": "FederatedIdentityCredentials_Delete", + "description": "Deletes the federated identity credential.", + "x-ms-examples": { + "FederatedIdentityCredentialDelete": { + "$ref": "./examples/FederatedIdentityCredentialDelete.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/FederatedIdentityCredentialResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. Deleted federated identity credential." + }, + "204": { + "description": "The specified federated identity credential does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "Identity": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "readOnly": true, + "description": "The properties associated with the identity.", + "$ref": "#/definitions/UserAssignedIdentityProperties" + } + }, + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/TrackedResource" + } + ], + "description": "Describes an identity resource." + }, + "FederatedIdentityCredential": { + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "The properties associated with the federated identity credential.", + "$ref": "#/definitions/FederatedIdentityCredentialProperties" + } + }, + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Describes a federated identity credential." + }, + "IdentityUpdate": { + "properties": { + "location": { + "type": "string", + "x-ms-mutability": [ + "read", + "create" + ], + "description": "The geo-location where the resource lives" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "x-ms-mutability": [ + "read", + "create", + "update" + ], + "description": "Resource tags" + }, + "properties": { + "x-ms-client-flatten": true, + "readOnly": true, + "description": "The properties associated with the identity.", + "$ref": "#/definitions/UserAssignedIdentityProperties" + } + }, + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/Resource" + } + ], + "description": "Describes an identity resource." + }, + "SystemAssignedIdentity": { + "properties": { + "location": { + "type": "string", + "x-ms-mutability": [ + "read", + "create" + ], + "description": "The geo-location where the resource lives" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "x-ms-mutability": [ + "read", + "create", + "update" + ], + "description": "Resource tags" + }, + "properties": { + "x-ms-client-flatten": true, + "readOnly": true, + "description": "The properties associated with the identity.", + "$ref": "#/definitions/SystemAssignedIdentityProperties" + } + }, + "required": [ + "location" + ], + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Describes a system assigned identity resource." + }, + "SystemAssignedIdentityProperties": { + "description": "The properties associated with the system assigned identity.", + "type": "object", + "title": "System Assigned Identity properties.", + "properties": { + "tenantId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the tenant which the identity belongs to." + }, + "principalId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the service principal object associated with the created identity." + }, + "clientId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the app associated with the identity. This is a random generated UUID by MSI." + }, + "clientSecretUrl": { + "type": "string", + "readOnly": true, + "description": " The ManagedServiceIdentity DataPlane URL that can be queried to obtain the identity credentials." + } + } + }, + "UserAssignedIdentityProperties": { + "description": "The properties associated with the user assigned identity.", + "type": "object", + "title": "User Assigned Identity properties.", + "properties": { + "tenantId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the tenant which the identity belongs to." + }, + "principalId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the service principal object associated with the created identity." + }, + "clientId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the app associated with the identity. This is a random generated UUID by MSI." + } + } + }, + "AzureResource": { + "description": "Describes an Azure resource that is attached to an identity.", + "type": "object", + "title": "Azure Resource properties.", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The ID of this resource." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The name of this resource." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The type of this resource." + }, + "resourceGroup": { + "type": "string", + "readOnly": true, + "description": "The name of the resource group this resource belongs to." + }, + "subscriptionId": { + "type": "string", + "readOnly": true, + "description": "The ID of the subscription this resource belongs to." + }, + "subscriptionDisplayName": { + "type": "string", + "readOnly": true, + "description": "The name of the subscription this resource belongs to." + } + } + }, + "AssociatedResourcesListResult": { + "type": "object", + "properties": { + "totalCount": { + "type": "number", + "readOnly": true, + "description": "Total number of Azure resources assigned to the identity." + }, + "value": { + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/AzureResource" + }, + "description": "The collection of Azure resources returned by the resource action to get a list of assigned resources." + }, + "nextLink": { + "type": "string", + "readOnly": true, + "description": "The url to get the next page of results, if any." + } + }, + "description": "Azure resources returned by the resource action to get a list of assigned resources." + }, + "FederatedIdentityCredentialProperties": { + "description": "The properties associated with a federated identity credential.", + "type": "object", + "title": "Federated identity credential properties.", + "required": [ + "issuer", + "subject", + "audiences" + ], + "properties": { + "issuer": { + "type": "string", + "format": "uri", + "description": "The URL of the issuer to be trusted." + }, + "subject": { + "type": "string", + "description": "The identifier of the external identity." + }, + "audiences": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of audiences that can appear in the issued token." + } + } + }, + "FederatedIdentityCredentialsListResult": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/FederatedIdentityCredential" + }, + "description": "The collection of federated identity credentials returned by the listing operation." + }, + "nextLink": { + "type": "string", + "description": "The url to get the next page of results, if any." + } + }, + "description": "Values returned by the List operation for federated identity credentials." + }, + "UserAssignedIdentitiesListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Identity" + }, + "description": "The collection of userAssignedIdentities returned by the listing operation." + }, + "nextLink": { + "type": "string", + "description": "The url to get the next page of results, if any." + } + }, + "description": "Values returned by the List operation." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "description": "A list of additional details about the error.", + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the ManagedServiceIdentity service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + }, + "target": { + "type": "string", + "description": "The target of the particular error. For example, the name of the property in error." + }, + "details": { + "type": "array", + "items": { + "$ref": "#/definitions/CloudErrorBody" + }, + "description": "A list of additional details about the error." + } + }, + "description": "An error response from the ManagedServiceIdentity service." + }, + "Operation": { + "title": "Microsoft.ManagedIdentity Operation.", + "description": "Operation supported by the Microsoft.ManagedIdentity REST API.", + "type": "object", + "properties": { + "name": { + "title": "Operation Name.", + "description": "The name of the REST Operation. This is of the format {provider}/{resource}/{operation}.", + "type": "string" + }, + "display": { + "title": "Operation Display.", + "description": "The object that describes the operation.", + "$ref": "#/definitions/OperationDisplay" + } + } + }, + "OperationDisplay": { + "title": "Operation Display.", + "description": "The object that describes the operation.", + "properties": { + "provider": { + "title": "Resource Provider Name.", + "description": "Friendly name of the resource provider.", + "type": "string" + }, + "operation": { + "title": "Operation Type.", + "description": "The type of operation. For example: read, write, delete.", + "type": "string" + }, + "resource": { + "title": "Resource Type.", + "description": "The resource type on which the operation is performed.", + "type": "string" + }, + "description": { + "title": "Operation description", + "description": "A description of the operation.", + "type": "string" + } + } + }, + "OperationListResult": { + "title": "Operations List.", + "description": "A list of operations supported by Microsoft.ManagedIdentity Resource Provider.", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Operation" + }, + "title": "Operations List.", + "description": "A list of operations supported by Microsoft.ManagedIdentity Resource Provider." + }, + "nextLink": { + "type": "string", + "title": "Next Link", + "description": "The url to get the next page of results, if any." + } + } + } + }, + "parameters": { + "ScopeParameter": { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The resource provider scope of the resource. Parent resource being extended by Managed Identities.", + "x-ms-parameter-location": "method", + "x-ms-skip-url-encoding": true + }, + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "description": "The Id of the Subscription to which the identity belongs.", + "required": true, + "type": "string" + }, + "ResourceGroupNameParameter": { + "name": "resourceGroupName", + "in": "path", + "description": "The name of the Resource Group to which the identity belongs.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "ResourceNameParameter": { + "name": "resourceName", + "in": "path", + "description": "The name of the identity resource.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "description": "Version of API to invoke.", + "required": true, + "type": "string" + }, + "FilterParameter": { + "name": "$filter", + "in": "query", + "x-ms-parameter-location": "method", + "description": "OData filter expression to apply to the query.", + "required": false, + "type": "string" + }, + "OrderbyParameter": { + "name": "$orderby", + "in": "query", + "x-ms-parameter-location": "method", + "description": "OData orderBy expression to apply to the query.", + "required": false, + "type": "string" + }, + "TopQueryParameter": { + "name": "$top", + "in": "query", + "required": false, + "type": "integer", + "format": "int32", + "description": "Number of records to return.", + "minimum": 1, + "x-ms-parameter-location": "method" + }, + "SkipQueryParameter": { + "name": "$skip", + "in": "query", + "required": false, + "type": "integer", + "format": "int32", + "description": "Number of records to skip.", + "minimum": 1, + "x-ms-parameter-location": "method" + }, + "SkipTokenParameter": { + "in": "query", + "name": "$skiptoken", + "description": "A skip token is used to continue retrieving items after an operation returns a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skipToken parameter that specifies a starting point to use for subsequent calls.", + "type": "string", + "x-ms-parameter-location": "method" + }, + "FederatedIdentityCredentialResourceNameParameter": { + "name": "federatedIdentityCredentialResourceName", + "in": "path", + "description": "The name of the federated identity credential resource.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json new file mode 100644 index 000000000000..fb1d9f8ae99e --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "federatedIdentityCredentialResourceName": "ficResourceName", + "parameters": { + "properties": { + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "api://AzureADTokenExchange" + ] + } + } + }, + "responses": { + "201": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", + "name": "ficResourceName", + "properties": { + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "api://AzureADTokenExchange" + ] + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" + } + }, + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", + "name": "ficResourceName", + "properties": { + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "api://AzureADTokenExchange" + ] + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialDelete.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialDelete.json new file mode 100644 index 000000000000..358cebbb33a5 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialDelete.json @@ -0,0 +1,13 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "federatedIdentityCredentialResourceName": "ficResourceName" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json new file mode 100644 index 000000000000..60636c6eaff7 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "federatedIdentityCredentialResourceName": "ficResourceName" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", + "name": "ficResourceName", + "properties": { + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "api://AzureADTokenExchange" + ] + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json new file mode 100644 index 000000000000..a8b694c1332e --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "top": "20" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", + "name": "ficResourceName", + "properties": { + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "api://AzureADTokenExchange" + ] + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" + } + ], + "nextLink": "https://serviceRoot/subscriptions/subId/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/resourceName/federatedIdentityCredentials?api-version=2020-11-30-preview&$skipToken=X'12345'" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json new file mode 100644 index 000000000000..56a673263240 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "parameters": { + "location": "eastus", + "tags": { + "key1": "value1", + "key2": "value2" + } + } + }, + "responses": { + "201": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + }, + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json new file mode 100644 index 000000000000..40eaa1437815 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json @@ -0,0 +1,12 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json new file mode 100644 index 000000000000..19af708f553e --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json @@ -0,0 +1,27 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListAssociatedResources.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListAssociatedResources.json new file mode 100644 index 000000000000..c71328a641bf --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListAssociatedResources.json @@ -0,0 +1,38 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "1cscb752-d7c9-463f-9731-fd31edada74a", + "resourceGroupName": "testrg", + "resourceName": "testid", + "$filter": "contains(name, 'test')", + "$orderby": "name asc", + "$top": 10, + "$skip": 1 + }, + "responses": { + "200": { + "body": { + "totalCount": 4, + "value": [ + { + "id": "/subscriptions/1cscb752-d7c9-463f-9731-fd31edada74a/resourceGroups/testrg/providers/Microsoft.CognitiveServices/accounts/test1", + "name": "test1", + "type": "microsoft.cognitiveservices/accounts", + "resourceGroup": "testrg", + "subscriptionId": "1cscb752-d7c9-463f-9731-fd31edada74a", + "subscriptionDisplayName": "TestSubscription" + }, + { + "id": "/subscriptions/1cscb752-d7c9-463f-9731-fd31edada74a/resourceGroups/testrg/providers/Microsoft.CognitiveServices/accounts/test2", + "name": "test2", + "type": "microsoft.cognitiveservices/accounts", + "resourceGroup": "testrg", + "subscriptionId": "1cscb752-d7c9-463f-9731-fd31edada74a", + "subscriptionDisplayName": "TestSubscription" + } + ] + }, + "nextLink": "https://management.azure.com/subscriptions/1cscb752-d7c9-463f-9731-fd31edada74a/resourceGroups/testrg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testid?skiptoken=ew0KICAiJGlkIjogIjEiLA0KICAiTWF4Um93cyI6IDIsDQogICJSb3dzVG9Ta2lwIjogMiwNCiAgIkt1c3RvQ2x1c3RlclVybCI6ICJodHRwczovL2FybXRvcG9sb2d5Lmt1c3RvLndpbmRvd3MubmV0Ig0KfQ%253d%253d&api-version=2021-09-30" + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json new file mode 100644 index 000000000000..235adac8d92d --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json @@ -0,0 +1,31 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + ], + "nextLink": "https://serviceRoot/subscriptions/subId/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2022-01-31-preview&$skiptoken=X'12345'" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json new file mode 100644 index 000000000000..100de6426048 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + ], + "nextLink": "https://serviceRoot/subscriptions/subId/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2022-01-31-preview&$skiptoken=X'12345'" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json new file mode 100644 index 000000000000..75dedf142ca4 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "parameters": { + "location": "eastus", + "tags": { + "key1": "value1", + "key2": "value2" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json new file mode 100644 index 000000000000..3e95f2e4d12d --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json @@ -0,0 +1,41 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "display": { + "description": "Gets an existing user assigned identity", + "operation": "Get User Assigned Identity", + "resource": "User Assigned Identities", + "provider": "Managed Service Identity" + }, + "name": "Microsoft.ManagedIdentity/userAssignedIdentities/read" + }, + { + "display": { + "description": "Creates a new user assigned identity or updates the tags associated with an existing user assigned identity", + "operation": "Create/Update User Assigned Identity", + "resource": "User Assigned Identities", + "provider": "Managed Service Identity" + }, + "name": "Microsoft.ManagedIdentity/userAssignedIdentities/write" + }, + { + "display": { + "description": "Deletes an existing user assigned identity", + "operation": "Delete User Assigned Identity", + "resource": "User Assigned Identities", + "provider": "Managed Service Identity" + }, + "name": "Microsoft.ManagedIdentity/userAssignedIdentities/delete" + } + ], + "nextLink": "https://serviceRoot/providers/Microsoft.ManagedIdentity/operations?api-version=2022-01-31-preview&$skiptoken=X'12345'" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json new file mode 100644 index 000000000000..5398d943840f --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "scope": "scope" + }, + "responses": { + "200": { + "body": { + "id": "/scope", + "location": "cus", + "name": "resourceName", + "properties": { + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "clientSecretUrl": "https://serviceRoot/scope/credentials?tid=tenantId&oid=principalId&aid=clientId", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" + }, + "type": "ResourceProvider" + } + } + } +} diff --git a/specification/msi/resource-manager/readme.md b/specification/msi/resource-manager/readme.md index b8e1375bb49c..fd51ca5a6c85 100644 --- a/specification/msi/resource-manager/readme.md +++ b/specification/msi/resource-manager/readme.md @@ -26,7 +26,17 @@ These are the global settings for the Managed Service Identity API. ``` yaml openapi-type: arm -tag: package-preview-2021-09-30 +tag: package-preview-2022-01 +``` + + +### Tag: package-preview-2022-01 + +These settings apply only when `--tag=package-preview-2022-01` is specified on the command line. + +```yaml $(tag) == 'package-preview-2022-01' +input-file: + - Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json ``` @@ -65,7 +75,7 @@ directive: where: $.definitions.SystemAssignedIdentity reason: The identity type exposed under any scope is not a tracked resource since it is an extension. - suppress: RequiredReadOnlySystemData - reason: User-assigned and system-assigned identities do not support systemData. + reason: User-assigned and system-assigned identities do not support systemData. ``` ---