From 9ddde98fa96804039b23ce226f036421fe389833 Mon Sep 17 00:00:00 2001 From: Yannick <6431099+natronq@users.noreply.github.com> Date: Fri, 8 Oct 2021 10:36:43 +0100 Subject: [PATCH 1/7] Adds base for updating Microsoft.ManagedIdentity from version stable/2018-11-30 to version 2022-01-31-preview --- .../2022-01-31-preview/ManagedIdentity.json | 655 ++++++++++++++++++ .../examples/IdentityCreate.json | 51 ++ .../examples/IdentityDelete.json | 12 + .../examples/IdentityGet.json | 27 + .../examples/IdentityListByResourceGroup.json | 31 + .../examples/IdentityListBySubscription.json | 30 + .../examples/IdentityUpdate.json | 34 + .../examples/MsiOperationsList.json | 41 ++ .../examples/SystemAssignedIdentityGet.json | 22 + 9 files changed, 903 insertions(+) create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json new file mode 100644 index 000000000000..16695c387b30 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json @@ -0,0 +1,655 @@ +{ + "swagger": "2.0", + "info": { + "version": "2018-11-30", + "title": "ManagedServiceIdentityClient", + "description": "The Managed Service Identity Client." + }, + "host": "management.azure.com", + "schemes": [ + "https" + ], + "produces": [ + "application/json" + ], + "consumes": [ + "application/json" + ], + "security": [ + { + "azure_auth": [ + "user_impersonation" + ] + } + ], + "securityDefinitions": { + "azure_auth": { + "type": "oauth2", + "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize", + "flow": "implicit", + "description": "Azure Active Directory OAuth2 Flow", + "scopes": { + "user_impersonation": "impersonate your user account" + } + } + }, + "paths": { + "/{scope}/providers/Microsoft.ManagedIdentity/identities/default": { + "get": { + "operationId": "SystemAssignedIdentities_GetByScope", + "description": "Gets the systemAssignedIdentity available under the specified RP scope.", + "x-ms-examples": { + "MsiOperationsList": { + "$ref": "./examples/SystemAssignedIdentityGet.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ScopeParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The systemAssignedIdentity was retrieved and returned successfully.", + "schema": { + "$ref": "#/definitions/SystemAssignedIdentity" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + }, + "/providers/Microsoft.ManagedIdentity/operations": { + "get": { + "operationId": "Operations_List", + "description": "Lists available operations for the Microsoft.ManagedIdentity provider", + "x-ms-examples": { + "MsiOperationsList": { + "$ref": "./examples/MsiOperationsList.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "The operation was successful. The response contains the list of available operations.", + "schema": { + "$ref": "#/definitions/OperationListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/providers/Microsoft.ManagedIdentity/userAssignedIdentities": { + "get": { + "operationId": "UserAssignedIdentities_ListBySubscription", + "description": "Lists all the userAssignedIdentities available under the specified subscription.", + "x-ms-examples": { + "IdentityListBySubscription": { + "$ref": "./examples/IdentityListBySubscription.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The list of userAssignedIdentities was retrieved and returned successfully.", + "schema": { + "$ref": "#/definitions/UserAssignedIdentitiesListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities": { + "get": { + "operationId": "UserAssignedIdentities_ListByResourceGroup", + "description": "Lists all the userAssignedIdentities available under the specified ResourceGroup.", + "x-ms-examples": { + "IdentityListByResourceGroup": { + "$ref": "./examples/IdentityListByResourceGroup.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The list of userAssignedIdentities was retrieved and returned successfully.", + "schema": { + "$ref": "#/definitions/UserAssignedIdentitiesListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}": { + "put": { + "operationId": "UserAssignedIdentities_CreateOrUpdate", + "description": "Create or update an identity in the specified subscription and resource group.", + "x-ms-examples": { + "IdentityCreate": { + "$ref": "./examples/IdentityCreate.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/Identity" + }, + "description": "Parameters to create or update the identity" + } + ], + "responses": { + "200": { + "description": "Updated identity", + "schema": { + "$ref": "#/definitions/Identity" + } + }, + "201": { + "description": "Created identity", + "schema": { + "$ref": "#/definitions/Identity" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "patch": { + "operationId": "UserAssignedIdentities_Update", + "description": "Update an identity in the specified subscription and resource group.", + "x-ms-examples": { + "IdentityUpdate": { + "$ref": "./examples/IdentityUpdate.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/IdentityUpdate" + }, + "description": "Parameters to update the identity" + } + ], + "responses": { + "200": { + "description": "Updated identity", + "schema": { + "$ref": "#/definitions/Identity" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "operationId": "UserAssignedIdentities_Get", + "description": "Gets the identity.", + "x-ms-examples": { + "IdentityGet": { + "$ref": "./examples/IdentityGet.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The requested identity.", + "schema": { + "$ref": "#/definitions/Identity" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "operationId": "UserAssignedIdentities_Delete", + "description": "Deletes the identity.", + "x-ms-examples": { + "IdentityDelete": { + "$ref": "./examples/IdentityDelete.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. Deleted Identity." + }, + "204": { + "description": "The specified identity does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } + } + }, + "definitions": { + "Identity": { + "properties": { + "properties": { + "x-ms-client-flatten": true, + "readOnly": true, + "description": "The properties associated with the identity.", + "$ref": "#/definitions/UserAssignedIdentityProperties" + } + }, + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/TrackedResource" + } + ], + "description": "Describes an identity resource." + }, + "IdentityUpdate": { + "properties": { + "location": { + "type": "string", + "x-ms-mutability": [ + "read", + "create" + ], + "description": "The geo-location where the resource lives" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "x-ms-mutability": [ + "read", + "create", + "update" + ], + "description": "Resource tags" + }, + "properties": { + "x-ms-client-flatten": true, + "readOnly": true, + "description": "The properties associated with the identity.", + "$ref": "#/definitions/UserAssignedIdentityProperties" + } + }, + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/Resource" + } + ], + "description": "Describes an identity resource." + }, + "SystemAssignedIdentity": { + "properties": { + "location": { + "type": "string", + "x-ms-mutability": [ + "read", + "create" + ], + "description": "The geo-location where the resource lives" + }, + "tags": { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "x-ms-mutability": [ + "read", + "create", + "update" + ], + "description": "Resource tags" + }, + "properties": { + "x-ms-client-flatten": true, + "readOnly": true, + "description": "The properties associated with the identity.", + "$ref": "#/definitions/SystemAssignedIdentityProperties" + } + }, + "required": [ + "location" + ], + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Describes a system assigned identity resource." + }, + "SystemAssignedIdentityProperties": { + "description": "The properties associated with the system assigned identity.", + "type": "object", + "title": "System Assigned Identity properties.", + "properties": { + "tenantId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the tenant which the identity belongs to." + }, + "principalId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the service principal object associated with the created identity." + }, + "clientId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the app associated with the identity. This is a random generated UUID by MSI." + }, + "clientSecretUrl": { + "type": "string", + "readOnly": true, + "description": " The ManagedServiceIdentity DataPlane URL that can be queried to obtain the identity credentials." + } + } + }, + "UserAssignedIdentityProperties": { + "description": "The properties associated with the user assigned identity.", + "type": "object", + "title": "User Assigned Identity properties.", + "properties": { + "tenantId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the tenant which the identity belongs to." + }, + "principalId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the service principal object associated with the created identity." + }, + "clientId": { + "type": "string", + "readOnly": true, + "format": "uuid", + "description": "The id of the app associated with the identity. This is a random generated UUID by MSI." + } + } + }, + "UserAssignedIdentitiesListResult": { + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Identity" + }, + "description": "The collection of userAssignedIdentities returned by the listing operation." + }, + "nextLink": { + "type": "string", + "description": "The url to get the next page of results, if any." + } + }, + "description": "Values returned by the List operation." + }, + "CloudError": { + "x-ms-external": true, + "properties": { + "error": { + "description": "A list of additional details about the error.", + "$ref": "#/definitions/CloudErrorBody" + } + }, + "description": "An error response from the ManagedServiceIdentity service." + }, + "CloudErrorBody": { + "x-ms-external": true, + "properties": { + "code": { + "type": "string", + "description": "An identifier for the error." + }, + "message": { + "type": "string", + "description": "A message describing the error, intended to be suitable for display in a user interface." + }, + "target": { + "type": "string", + "description": "The target of the particular error. For example, the name of the property in error." + }, + "details": { + "type": "array", + "items": { + "$ref": "#/definitions/CloudErrorBody" + }, + "description": "A list of additional details about the error." + } + }, + "description": "An error response from the ManagedServiceIdentity service." + }, + "Operation": { + "title": "Microsoft.ManagedIdentity Operation.", + "description": "Operation supported by the Microsoft.ManagedIdentity REST API.", + "type": "object", + "properties": { + "name": { + "title": "Operation Name.", + "description": "The name of the REST Operation. This is of the format {provider}/{resource}/{operation}.", + "type": "string" + }, + "display": { + "title": "Operation Display.", + "description": "The object that describes the operation.", + "$ref": "#/definitions/OperationDisplay" + } + } + }, + "OperationDisplay": { + "title": "Operation Display.", + "description": "The object that describes the operation.", + "properties": { + "provider": { + "title": "Resource Provider Name.", + "description": "Friendly name of the resource provider.", + "type": "string" + }, + "operation": { + "title": "Operation Type.", + "description": "The type of operation. For example: read, write, delete.", + "type": "string" + }, + "resource": { + "title": "Resource Type.", + "description": "The resource type on which the operation is performed.", + "type": "string" + }, + "description": { + "title": "Operation description", + "description": "A description of the operation.", + "type": "string" + } + } + }, + "OperationListResult": { + "title": "Operations List.", + "description": "A list of operations supported by Microsoft.ManagedIdentity Resource Provider.", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/Operation" + }, + "title": "Operations List.", + "description": "A list of operations supported by Microsoft.ManagedIdentity Resource Provider." + }, + "nextLink": { + "type": "string", + "title": "Next Link", + "description": "The url to get the next page of results, if any." + } + } + } + }, + "parameters": { + "ScopeParameter": { + "name": "scope", + "in": "path", + "required": true, + "type": "string", + "description": "The resource provider scope of the resource. Parent resource being extended by Managed Identities.", + "x-ms-parameter-location": "method", + "x-ms-skip-url-encoding": true + }, + "SubscriptionIdParameter": { + "name": "subscriptionId", + "in": "path", + "description": "The Id of the Subscription to which the identity belongs.", + "required": true, + "type": "string" + }, + "ResourceGroupNameParameter": { + "name": "resourceGroupName", + "in": "path", + "description": "The name of the Resource Group to which the identity belongs.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "ResourceNameParameter": { + "name": "resourceName", + "in": "path", + "description": "The name of the identity resource.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" + }, + "ApiVersionParameter": { + "name": "api-version", + "in": "query", + "description": "Version of API to invoke.", + "required": true, + "type": "string" + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json new file mode 100644 index 000000000000..d57e15052a87 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json @@ -0,0 +1,51 @@ +{ + "parameters": { + "api-version": "2018-11-30", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "parameters": { + "location": "eastus", + "tags": { + "key1": "value1", + "key2": "value2" + } + } + }, + "responses": { + "201": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "clientGUID", + "principalId": "identityObjectID", + "tenantId": "tenantGUID" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + }, + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "clientGUID", + "principalId": "identityObjectID", + "tenantId": "tenantGUID" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json new file mode 100644 index 000000000000..0a9700aa8938 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json @@ -0,0 +1,12 @@ +{ + "parameters": { + "api-version": "2018-11-30", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json new file mode 100644 index 000000000000..f8dca8517fe4 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json @@ -0,0 +1,27 @@ +{ + "parameters": { + "api-version": "2018-11-30", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "clientGUID", + "principalId": "identityObjectID", + "tenantId": "tenantGUID" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json new file mode 100644 index 000000000000..d33cf94d2b6c --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json @@ -0,0 +1,31 @@ +{ + "parameters": { + "api-version": "2018-11-30", + "subscriptionId": "subid", + "resourceGroupName": "rgName" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "clientGUID", + "principalId": "identityObjectID", + "tenantId": "tenantGUID" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + ], + "nextLink": "https://serviceRoot/subscriptions/subId/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2018-11-30&$skiptoken=X'12345'" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json new file mode 100644 index 000000000000..ba8d11b3673f --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "api-version": "2018-11-30", + "subscriptionId": "subid" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "clientGUID", + "principalId": "identityObjectID", + "tenantId": "tenantGUID" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + ], + "nextLink": "https://serviceRoot/subscriptions/subId/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2018-11-30&$skiptoken=X'12345'" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json new file mode 100644 index 000000000000..53d7be02e667 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json @@ -0,0 +1,34 @@ +{ + "parameters": { + "api-version": "2018-11-30", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "parameters": { + "location": "eastus", + "tags": { + "key1": "value1", + "key2": "value2" + } + } + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName", + "location": "eastus", + "name": "identityName", + "properties": { + "clientId": "clientGUID", + "principalId": "identityObjectID", + "tenantId": "tenantGUID" + }, + "tags": { + "key1": "value1", + "key2": "value2" + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json new file mode 100644 index 000000000000..994f8a6e7619 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json @@ -0,0 +1,41 @@ +{ + "parameters": { + "api-version": "2018-11-30" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "display": { + "description": "Gets an existing user assigned identity", + "operation": "Get User Assigned Identity", + "resource": "User Assigned Identities", + "provider": "Managed Service Identity" + }, + "name": "Microsoft.ManagedIdentity/userAssignedIdentities/read" + }, + { + "display": { + "description": "Creates a new user assigned identity or updates the tags associated with an existing user assigned identity", + "operation": "Create/Update User Assigned Identity", + "resource": "User Assigned Identities", + "provider": "Managed Service Identity" + }, + "name": "Microsoft.ManagedIdentity/userAssignedIdentities/write" + }, + { + "display": { + "description": "Deletes an existing user assigned identity", + "operation": "Delete User Assigned Identity", + "resource": "User Assigned Identities", + "provider": "Managed Service Identity" + }, + "name": "Microsoft.ManagedIdentity/userAssignedIdentities/delete" + } + ], + "nextLink": "https://serviceRoot/providers/Microsoft.ManagedIdentity/operations?api-version=2018-11-30&$skiptoken=X'12345'" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json new file mode 100644 index 000000000000..f3e08728885f --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json @@ -0,0 +1,22 @@ +{ + "parameters": { + "api-version": "2018-11-30", + "scope": "scope" + }, + "responses": { + "200": { + "body": { + "id": "/scope", + "location": "cus", + "name": "resourceName", + "properties": { + "clientId": "clientGUID", + "clientSecretUrl": "https://serviceRoot/scope/credentials?tid=tenantId&oid=principalId&aid=clientId", + "principalId": "identityObjectID", + "tenantId": "tenantGUID" + }, + "type": "ResourceProvider" + } + } + } +} From 15e898b1e38efb74fcd3b85dd8fae3531d5f30bc Mon Sep 17 00:00:00 2001 From: Yannick <6431099+natronq@users.noreply.github.com> Date: Fri, 8 Oct 2021 10:37:04 +0100 Subject: [PATCH 2/7] Updates readme --- specification/msi/resource-manager/readme.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/specification/msi/resource-manager/readme.md b/specification/msi/resource-manager/readme.md index b8e1375bb49c..573537c1f3ca 100644 --- a/specification/msi/resource-manager/readme.md +++ b/specification/msi/resource-manager/readme.md @@ -26,7 +26,17 @@ These are the global settings for the Managed Service Identity API. ``` yaml openapi-type: arm -tag: package-preview-2021-09-30 +tag: package-preview-2022-01 +``` + + +### Tag: package-preview-2022-01 + +These settings apply only when `--tag=package-preview-2022-01` is specified on the command line. + +```yaml $(tag) == 'package-preview-2022-01' +input-file: + - Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json ``` From e82e6a9f556b1c82ca8a53b2a9c99252aead6a48 Mon Sep 17 00:00:00 2001 From: Yannick <6431099+natronq@users.noreply.github.com> Date: Fri, 8 Oct 2021 10:37:09 +0100 Subject: [PATCH 3/7] Updates API version in new specs and examples --- .../preview/2022-01-31-preview/ManagedIdentity.json | 2 +- .../preview/2022-01-31-preview/examples/IdentityCreate.json | 2 +- .../preview/2022-01-31-preview/examples/IdentityDelete.json | 2 +- .../preview/2022-01-31-preview/examples/IdentityGet.json | 2 +- .../examples/IdentityListByResourceGroup.json | 4 ++-- .../examples/IdentityListBySubscription.json | 4 ++-- .../preview/2022-01-31-preview/examples/IdentityUpdate.json | 2 +- .../2022-01-31-preview/examples/MsiOperationsList.json | 4 ++-- .../examples/SystemAssignedIdentityGet.json | 2 +- 9 files changed, 12 insertions(+), 12 deletions(-) diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json index 16695c387b30..d792a1dd30bd 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json @@ -1,7 +1,7 @@ { "swagger": "2.0", "info": { - "version": "2018-11-30", + "version": "2022-01-31-preview", "title": "ManagedServiceIdentityClient", "description": "The Managed Service Identity Client." }, diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json index d57e15052a87..49ac7dc52aeb 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2018-11-30", + "api-version": "2022-01-31-preview", "subscriptionId": "subid", "resourceGroupName": "rgName", "resourceName": "resourceName", diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json index 0a9700aa8938..40eaa1437815 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityDelete.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2018-11-30", + "api-version": "2022-01-31-preview", "subscriptionId": "subid", "resourceGroupName": "rgName", "resourceName": "resourceName" diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json index f8dca8517fe4..d2b1377d273e 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2018-11-30", + "api-version": "2022-01-31-preview", "subscriptionId": "subid", "resourceGroupName": "rgName", "resourceName": "resourceName" diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json index d33cf94d2b6c..757609e6193a 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2018-11-30", + "api-version": "2022-01-31-preview", "subscriptionId": "subid", "resourceGroupName": "rgName" }, @@ -24,7 +24,7 @@ "type": "Microsoft.ManagedIdentity/userAssignedIdentities" } ], - "nextLink": "https://serviceRoot/subscriptions/subId/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2018-11-30&$skiptoken=X'12345'" + "nextLink": "https://serviceRoot/subscriptions/subId/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2022-01-31-preview&$skiptoken=X'12345'" } } } diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json index ba8d11b3673f..7f072c83aefc 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2018-11-30", + "api-version": "2022-01-31-preview", "subscriptionId": "subid" }, "responses": { @@ -23,7 +23,7 @@ "type": "Microsoft.ManagedIdentity/userAssignedIdentities" } ], - "nextLink": "https://serviceRoot/subscriptions/subId/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2018-11-30&$skiptoken=X'12345'" + "nextLink": "https://serviceRoot/subscriptions/subId/providers/Microsoft.ManagedIdentity/userAssignedIdentities?api-version=2022-01-31-preview&$skiptoken=X'12345'" } } } diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json index 53d7be02e667..97bc3f703bb3 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2018-11-30", + "api-version": "2022-01-31-preview", "subscriptionId": "subid", "resourceGroupName": "rgName", "resourceName": "resourceName", diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json index 994f8a6e7619..3e95f2e4d12d 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/MsiOperationsList.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2018-11-30" + "api-version": "2022-01-31-preview" }, "responses": { "200": { @@ -34,7 +34,7 @@ "name": "Microsoft.ManagedIdentity/userAssignedIdentities/delete" } ], - "nextLink": "https://serviceRoot/providers/Microsoft.ManagedIdentity/operations?api-version=2018-11-30&$skiptoken=X'12345'" + "nextLink": "https://serviceRoot/providers/Microsoft.ManagedIdentity/operations?api-version=2022-01-31-preview&$skiptoken=X'12345'" } } } diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json index f3e08728885f..032d4ccbe3ba 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json @@ -1,6 +1,6 @@ { "parameters": { - "api-version": "2018-11-30", + "api-version": "2022-01-31-preview", "scope": "scope" }, "responses": { From b5f2c8ddce17f80e7125e8126295ca9c97a66d28 Mon Sep 17 00:00:00 2001 From: Yannick Pobiega Date: Fri, 8 Oct 2021 10:42:13 +0100 Subject: [PATCH 4/7] Add associated resources preview API. See https://github.com/Azure/azure-rest-api-specs-pr/pull/4969 --- .../2022-01-31-preview/ManagedIdentity.json | 161 ++++++++++++++++++ .../IdentityListAssociatedResources.json | 38 +++++ specification/msi/resource-manager/readme.md | 2 +- 3 files changed, 200 insertions(+), 1 deletion(-) create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListAssociatedResources.json diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json index d792a1dd30bd..3ada61e425de 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json @@ -175,6 +175,63 @@ } } }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}/listAssociatedResources": { + "post": { + "operationId": "UserAssignedIdentities_ListAssociatedResources", + "description": "Lists the associated resources for this identity.", + "x-ms-examples": { + "IdentityListAssociatedResources": { + "$ref": "./examples/IdentityListAssociatedResources.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/FilterParameter" + }, + { + "$ref": "#/parameters/OrderbyParameter" + }, + { + "$ref": "#/parameters/TopQueryParameter" + }, + { + "$ref": "#/parameters/SkipQueryParameter" + }, + { + "$ref": "#/parameters/SkipTokenParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. List of resources associated with this identity.", + "schema": { + "$ref": "#/definitions/AssociatedResourcesListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}": { "put": { "operationId": "UserAssignedIdentities_CreateOrUpdate", @@ -497,6 +554,67 @@ } } }, + "AzureResource": { + "description": "Describes an Azure resource that is attached to an identity.", + "type": "object", + "title": "Azure Resource properties.", + "properties": { + "id": { + "type": "string", + "readOnly": true, + "description": "The ID of this resource." + }, + "name": { + "type": "string", + "readOnly": true, + "description": "The name of this resource." + }, + "type": { + "type": "string", + "readOnly": true, + "description": "The type of this resource." + }, + "resourceGroup": { + "type": "string", + "readOnly": true, + "description": "The name of the resource group this resource belongs to." + }, + "subscriptionId": { + "type": "string", + "readOnly": true, + "description": "The ID of the subscription this resource belongs to." + }, + "subscriptionDisplayName": { + "type": "string", + "readOnly": true, + "description": "The name of the subscription this resource belongs to." + } + } + }, + "AssociatedResourcesListResult": { + "type": "object", + "properties": { + "totalCount": { + "type": "number", + "readOnly": true, + "description": "Total number of Azure resources assigned to the identity." + }, + "value": { + "type": "array", + "readOnly": true, + "items": { + "$ref": "#/definitions/AzureResource" + }, + "description": "The collection of Azure resources returned by the resource action to get a list of assigned resources." + }, + "nextLink": { + "type": "string", + "readOnly": true, + "description": "The url to get the next page of results, if any." + } + }, + "description": "Azure resources returned by the resource action to get a list of assigned resources." + }, "UserAssignedIdentitiesListResult": { "properties": { "value": { @@ -650,6 +768,49 @@ "description": "Version of API to invoke.", "required": true, "type": "string" + }, + "FilterParameter": { + "name": "$filter", + "in": "query", + "x-ms-parameter-location": "method", + "description": "OData filter expression to apply to the query.", + "required": false, + "type": "string" + }, + "OrderbyParameter": { + "name": "$orderby", + "in": "query", + "x-ms-parameter-location": "method", + "description": "OData orderBy expression to apply to the query.", + "required": false, + "type": "string" + }, + "TopQueryParameter": { + "name": "$top", + "in": "query", + "required": false, + "type": "integer", + "format": "int32", + "description": "Number of records to return.", + "minimum": 1, + "x-ms-parameter-location": "method" + }, + "SkipQueryParameter": { + "name": "$skip", + "in": "query", + "required": false, + "type": "integer", + "format": "int32", + "description": "Number of records to skip.", + "minimum": 1, + "x-ms-parameter-location": "method" + }, + "SkipTokenParameter": { + "in": "query", + "name": "$skipToken", + "description": "A skip token is used to continue retrieving items after an operation returns a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skipToken parameter that specifies a starting point to use for subsequent calls.", + "type": "string", + "x-ms-parameter-location": "method" } } } diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListAssociatedResources.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListAssociatedResources.json new file mode 100644 index 000000000000..c71328a641bf --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListAssociatedResources.json @@ -0,0 +1,38 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "1cscb752-d7c9-463f-9731-fd31edada74a", + "resourceGroupName": "testrg", + "resourceName": "testid", + "$filter": "contains(name, 'test')", + "$orderby": "name asc", + "$top": 10, + "$skip": 1 + }, + "responses": { + "200": { + "body": { + "totalCount": 4, + "value": [ + { + "id": "/subscriptions/1cscb752-d7c9-463f-9731-fd31edada74a/resourceGroups/testrg/providers/Microsoft.CognitiveServices/accounts/test1", + "name": "test1", + "type": "microsoft.cognitiveservices/accounts", + "resourceGroup": "testrg", + "subscriptionId": "1cscb752-d7c9-463f-9731-fd31edada74a", + "subscriptionDisplayName": "TestSubscription" + }, + { + "id": "/subscriptions/1cscb752-d7c9-463f-9731-fd31edada74a/resourceGroups/testrg/providers/Microsoft.CognitiveServices/accounts/test2", + "name": "test2", + "type": "microsoft.cognitiveservices/accounts", + "resourceGroup": "testrg", + "subscriptionId": "1cscb752-d7c9-463f-9731-fd31edada74a", + "subscriptionDisplayName": "TestSubscription" + } + ] + }, + "nextLink": "https://management.azure.com/subscriptions/1cscb752-d7c9-463f-9731-fd31edada74a/resourceGroups/testrg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testid?skiptoken=ew0KICAiJGlkIjogIjEiLA0KICAiTWF4Um93cyI6IDIsDQogICJSb3dzVG9Ta2lwIjogMiwNCiAgIkt1c3RvQ2x1c3RlclVybCI6ICJodHRwczovL2FybXRvcG9sb2d5Lmt1c3RvLndpbmRvd3MubmV0Ig0KfQ%253d%253d&api-version=2021-09-30" + } + } +} diff --git a/specification/msi/resource-manager/readme.md b/specification/msi/resource-manager/readme.md index 573537c1f3ca..fd51ca5a6c85 100644 --- a/specification/msi/resource-manager/readme.md +++ b/specification/msi/resource-manager/readme.md @@ -75,7 +75,7 @@ directive: where: $.definitions.SystemAssignedIdentity reason: The identity type exposed under any scope is not a tracked resource since it is an extension. - suppress: RequiredReadOnlySystemData - reason: User-assigned and system-assigned identities do not support systemData. + reason: User-assigned and system-assigned identities do not support systemData. ``` --- From 3e05cc4acacb1b365e559e684dd0b5a501872338 Mon Sep 17 00:00:00 2001 From: Yannick Pobiega Date: Fri, 8 Oct 2021 14:59:44 +0100 Subject: [PATCH 5/7] Add federated identity credentials API --- .../2022-01-31-preview/ManagedIdentity.json | 254 ++++++++++++++++++ .../FederatedIdentityCredentialCreate.json | 48 ++++ .../FederatedIdentityCredentialDelete.json | 13 + .../FederatedIdentityCredentialGet.json | 25 ++ .../FederatedIdentityCredentialList.json | 30 +++ 5 files changed, 370 insertions(+) create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialDelete.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json create mode 100644 specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json index 3ada61e425de..95a984443588 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json @@ -405,6 +405,191 @@ } } } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}/federatedIdentityCredentials": { + "get": { + "operationId": "FederatedIdentityCredentials_List", + "description": "Lists all the federated identity credentials under the specified user assigned identity.", + "x-ms-examples": { + "FederatedIdentityCredentialList": { + "$ref": "./examples/FederatedIdentityCredentialList.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/TopQueryParameter" + }, + { + "$ref": "#/parameters/SkipTokenParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The list of federated identity credentials for the specified user assigned identity was retrieved and returned successfully.", + "schema": { + "$ref": "#/definitions/FederatedIdentityCredentialsListResult" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + }, + "x-ms-pageable": { + "nextLinkName": "nextLink" + } + } + }, + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}/federatedIdentityCredentials/{federatedIdentityCredentialResourceName}": { + "put": { + "operationId": "FederatedIdentityCredentials_CreateOrUpdate", + "description": "Create or update a federated identity credential under the specified user assigned identity.", + "x-ms-examples": { + "FederatedIdentityCredentialCreate": { + "$ref": "./examples/FederatedIdentityCredentialCreate.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/FederatedIdentityCredentialResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + }, + { + "name": "parameters", + "in": "body", + "required": true, + "schema": { + "$ref": "#/definitions/FederatedIdentityCredential" + }, + "description": "Parameters to create or update the federated identity credential." + } + ], + "responses": { + "200": { + "description": "Updated federated identity credential.", + "schema": { + "$ref": "#/definitions/FederatedIdentityCredential" + } + }, + "201": { + "description": "Created federated identity credential.", + "schema": { + "$ref": "#/definitions/FederatedIdentityCredential" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "get": { + "operationId": "FederatedIdentityCredentials_Get", + "description": "Gets the federated identity credential.", + "x-ms-examples": { + "FederatedIdentityCredentialGet": { + "$ref": "./examples/FederatedIdentityCredentialGet.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/FederatedIdentityCredentialResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. The requested federated identity credential.", + "schema": { + "$ref": "#/definitions/FederatedIdentityCredential" + } + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + }, + "delete": { + "operationId": "FederatedIdentityCredentials_Delete", + "description": "Deletes the federated identity credential.", + "x-ms-examples": { + "FederatedIdentityCredentialDelete": { + "$ref": "./examples/FederatedIdentityCredentialDelete.json" + } + }, + "parameters": [ + { + "$ref": "#/parameters/SubscriptionIdParameter" + }, + { + "$ref": "#/parameters/ResourceGroupNameParameter" + }, + { + "$ref": "#/parameters/ResourceNameParameter" + }, + { + "$ref": "#/parameters/FederatedIdentityCredentialResourceNameParameter" + }, + { + "$ref": "#/parameters/ApiVersionParameter" + } + ], + "responses": { + "200": { + "description": "OK. Deleted federated identity credential." + }, + "204": { + "description": "The specified federated identity credential does not exist." + }, + "default": { + "description": "Error response describing why the operation failed.", + "schema": { + "$ref": "#/definitions/CloudError" + } + } + } + } } }, "definitions": { @@ -424,6 +609,22 @@ ], "description": "Describes an identity resource." }, + "FederatedIdentityCredential": { + "type": "object", + "properties": { + "properties": { + "x-ms-client-flatten": true, + "description": "The properties associated with the federated identity credential.", + "$ref": "#/definitions/FederatedIdentityCredentialProperties" + } + }, + "allOf": [ + { + "$ref": "../../../../../common-types/resource-management/v1/types.json#/definitions/ProxyResource" + } + ], + "description": "Describes a federated identity credential." + }, "IdentityUpdate": { "properties": { "location": { @@ -615,6 +816,51 @@ }, "description": "Azure resources returned by the resource action to get a list of assigned resources." }, + "FederatedIdentityCredentialProperties": { + "description": "The properties associated with a federated identity credential.", + "type": "object", + "title": "Federated identity credential properties.", + "required": [ + "issuer", + "subject", + "audiences" + ], + "properties": { + "issuer": { + "type": "string", + "format": "uri", + "description": "The URL of the issuer to be trusted." + }, + "subject": { + "type": "string", + "description": "The identifier of the external identity." + }, + "audiences": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of audiences that can appear in the issued token." + } + } + }, + "FederatedIdentityCredentialsListResult": { + "type": "object", + "properties": { + "value": { + "type": "array", + "items": { + "$ref": "#/definitions/FederatedIdentityCredential" + }, + "description": "The collection of federated identity credentials returned by the listing operation." + }, + "nextLink": { + "type": "string", + "description": "The url to get the next page of results, if any." + } + }, + "description": "Values returned by the List operation for federated identity credentials." + }, "UserAssignedIdentitiesListResult": { "properties": { "value": { @@ -811,6 +1057,14 @@ "description": "A skip token is used to continue retrieving items after an operation returns a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skipToken parameter that specifies a starting point to use for subsequent calls.", "type": "string", "x-ms-parameter-location": "method" + }, + "FederatedIdentityCredentialResourceNameParameter": { + "name": "federatedIdentityCredentialResourceName", + "in": "path", + "description": "The name of the federated identity credential resource.", + "required": true, + "type": "string", + "x-ms-parameter-location": "method" } } } diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json new file mode 100644 index 000000000000..a8b56a5163b8 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json @@ -0,0 +1,48 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "federatedIdentityCredentialResourceName": "ficResourceName", + "parameters": { + "properties": { + "issuer": "https://kubernetes-oauth.azure.com", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "https://login.microsoftonline.com" + ] + } + } + }, + "responses": { + "201": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", + "name": "ficResourceName", + "properties": { + "issuer": "https://kubernetes-oauth.azure.com", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "https://login.microsoftonline.com" + ] + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" + } + }, + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", + "name": "ficResourceName", + "properties": { + "issuer": "https://kubernetes-oauth.azure.com", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "https://login.microsoftonline.com" + ] + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialDelete.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialDelete.json new file mode 100644 index 000000000000..358cebbb33a5 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialDelete.json @@ -0,0 +1,13 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "federatedIdentityCredentialResourceName": "ficResourceName" + }, + "responses": { + "200": {}, + "204": {} + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json new file mode 100644 index 000000000000..9d283b4619de --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json @@ -0,0 +1,25 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "federatedIdentityCredentialResourceName": "ficResourceName" + }, + "responses": { + "200": { + "body": { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", + "name": "ficResourceName", + "properties": { + "issuer": "https://kubernetes-oauth.azure.com", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "https://login.microsoftonline.com" + ] + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" + } + } + } +} diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json new file mode 100644 index 000000000000..285554437475 --- /dev/null +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json @@ -0,0 +1,30 @@ +{ + "parameters": { + "api-version": "2022-01-31-preview", + "subscriptionId": "subid", + "resourceGroupName": "rgName", + "resourceName": "resourceName", + "top": "20" + }, + "responses": { + "200": { + "body": { + "value": [ + { + "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", + "name": "ficResourceName", + "properties": { + "issuer": "https://kubernetes-oauth.azure.com", + "subject": "system:serviceaccount:ns:svcaccount", + "audiences": [ + "https://login.microsoftonline.com" + ] + }, + "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" + } + ], + "nextLink": "https://serviceRoot/subscriptions/subId/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/resourceName/federatedIdentityCredentials?api-version=2020-11-30-preview&$skipToken=X'12345'" + } + } + } +} From ceb1af2f525db046070dfac0ece6a5a25724618f Mon Sep 17 00:00:00 2001 From: Igor Solenov Date: Thu, 7 Apr 2022 13:52:44 +0100 Subject: [PATCH 6/7] Incorporating changes from 'msi-associated-resources-preview-api-2021-09-30' --- .../preview/2022-01-31-preview/ManagedIdentity.json | 2 +- .../2022-01-31-preview/examples/IdentityCreate.json | 12 ++++++------ .../2022-01-31-preview/examples/IdentityGet.json | 6 +++--- .../examples/IdentityListByResourceGroup.json | 6 +++--- .../examples/IdentityListBySubscription.json | 6 +++--- .../2022-01-31-preview/examples/IdentityUpdate.json | 6 +++--- .../examples/SystemAssignedIdentityGet.json | 6 +++--- 7 files changed, 22 insertions(+), 22 deletions(-) diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json index 95a984443588..255c4f5d876b 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/ManagedIdentity.json @@ -1053,7 +1053,7 @@ }, "SkipTokenParameter": { "in": "query", - "name": "$skipToken", + "name": "$skiptoken", "description": "A skip token is used to continue retrieving items after an operation returns a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skipToken parameter that specifies a starting point to use for subsequent calls.", "type": "string", "x-ms-parameter-location": "method" diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json index 49ac7dc52aeb..56a673263240 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityCreate.json @@ -19,9 +19,9 @@ "location": "eastus", "name": "identityName", "properties": { - "clientId": "clientGUID", - "principalId": "identityObjectID", - "tenantId": "tenantGUID" + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" }, "tags": { "key1": "value1", @@ -36,9 +36,9 @@ "location": "eastus", "name": "identityName", "properties": { - "clientId": "clientGUID", - "principalId": "identityObjectID", - "tenantId": "tenantGUID" + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" }, "tags": { "key1": "value1", diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json index d2b1377d273e..19af708f553e 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityGet.json @@ -12,9 +12,9 @@ "location": "eastus", "name": "identityName", "properties": { - "clientId": "clientGUID", - "principalId": "identityObjectID", - "tenantId": "tenantGUID" + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" }, "tags": { "key1": "value1", diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json index 757609e6193a..235adac8d92d 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListByResourceGroup.json @@ -13,9 +13,9 @@ "location": "eastus", "name": "identityName", "properties": { - "clientId": "clientGUID", - "principalId": "identityObjectID", - "tenantId": "tenantGUID" + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" }, "tags": { "key1": "value1", diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json index 7f072c83aefc..100de6426048 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityListBySubscription.json @@ -12,9 +12,9 @@ "location": "eastus", "name": "identityName", "properties": { - "clientId": "clientGUID", - "principalId": "identityObjectID", - "tenantId": "tenantGUID" + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" }, "tags": { "key1": "value1", diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json index 97bc3f703bb3..75dedf142ca4 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/IdentityUpdate.json @@ -19,9 +19,9 @@ "location": "eastus", "name": "identityName", "properties": { - "clientId": "clientGUID", - "principalId": "identityObjectID", - "tenantId": "tenantGUID" + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" }, "tags": { "key1": "value1", diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json index 032d4ccbe3ba..5398d943840f 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/SystemAssignedIdentityGet.json @@ -10,10 +10,10 @@ "location": "cus", "name": "resourceName", "properties": { - "clientId": "clientGUID", + "clientId": "4024ab25-56a8-4370-aea6-6389221caf29", "clientSecretUrl": "https://serviceRoot/scope/credentials?tid=tenantId&oid=principalId&aid=clientId", - "principalId": "identityObjectID", - "tenantId": "tenantGUID" + "principalId": "25cc773c-7f05-40fc-a104-32d2300754ad", + "tenantId": "b6c948ef-f6b5-4384-8354-da3a15eca969" }, "type": "ResourceProvider" } From e30340ef579e59a9a937aaec9a4caf0842cffa39 Mon Sep 17 00:00:00 2001 From: Igor Solenov Date: Tue, 26 Apr 2022 13:20:52 +0100 Subject: [PATCH 7/7] Examples default values are updated based on private preview feedback --- .../examples/FederatedIdentityCredentialCreate.json | 12 ++++++------ .../examples/FederatedIdentityCredentialGet.json | 4 ++-- .../examples/FederatedIdentityCredentialList.json | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json index a8b56a5163b8..fb1d9f8ae99e 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialCreate.json @@ -7,10 +7,10 @@ "federatedIdentityCredentialResourceName": "ficResourceName", "parameters": { "properties": { - "issuer": "https://kubernetes-oauth.azure.com", + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", "subject": "system:serviceaccount:ns:svcaccount", "audiences": [ - "https://login.microsoftonline.com" + "api://AzureADTokenExchange" ] } } @@ -21,10 +21,10 @@ "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", "name": "ficResourceName", "properties": { - "issuer": "https://kubernetes-oauth.azure.com", + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", "subject": "system:serviceaccount:ns:svcaccount", "audiences": [ - "https://login.microsoftonline.com" + "api://AzureADTokenExchange" ] }, "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" @@ -35,10 +35,10 @@ "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", "name": "ficResourceName", "properties": { - "issuer": "https://kubernetes-oauth.azure.com", + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", "subject": "system:serviceaccount:ns:svcaccount", "audiences": [ - "https://login.microsoftonline.com" + "api://AzureADTokenExchange" ] }, "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json index 9d283b4619de..60636c6eaff7 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialGet.json @@ -12,10 +12,10 @@ "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", "name": "ficResourceName", "properties": { - "issuer": "https://kubernetes-oauth.azure.com", + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", "subject": "system:serviceaccount:ns:svcaccount", "audiences": [ - "https://login.microsoftonline.com" + "api://AzureADTokenExchange" ] }, "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials" diff --git a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json index 285554437475..a8b694c1332e 100644 --- a/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json +++ b/specification/msi/resource-manager/Microsoft.ManagedIdentity/preview/2022-01-31-preview/examples/FederatedIdentityCredentialList.json @@ -14,10 +14,10 @@ "id": "/subscriptions/subid/resourcegroups/rgName/providers/Microsoft.ManagedIdentity/userAssignedIdentities/identityName/federatedIdentityCredentials/ficResourceName", "name": "ficResourceName", "properties": { - "issuer": "https://kubernetes-oauth.azure.com", + "issuer": "https://oidc.prod-aks.azure.com/IssuerGUID", "subject": "system:serviceaccount:ns:svcaccount", "audiences": [ - "https://login.microsoftonline.com" + "api://AzureADTokenExchange" ] }, "type": "Microsoft.ManagedIdentity/userAssignedIdentities/federatedIdentityCredentials"