From 491e00d17f24909ecf5e1030b3833bed51224e92 Mon Sep 17 00:00:00 2001 From: Dylan Martinez Date: Wed, 5 Jun 2024 15:03:47 -0700 Subject: [PATCH] Update `securityPostureReference` in VMScaleSet API (#28891) * update securityPostureRef properties in VMScaleSet spec * add securityPostureReference to UpdateVMProfile definition and fix min version * add prettier changes * remove unsupported 'major.*' from spec * add optional fields in security posture example * add required fields * correct minimum api version * add prettier fixes * remove extensionsSettings property * create new Update model for security posture reference & update * fix validation issue * Create sdk-suppressions.yaml * add azure-sdk-for-go suppression * Update sdk-suppressions.yaml --------- Co-authored-by: Dylan Martinez Co-authored-by: Yuchao Yan Co-authored-by: Alancere <804873052@qq.com> Co-authored-by: kazrael2119 <98569699+kazrael2119@users.noreply.github.com> --- ...t_Create_WithSecurityPostureReference.json | 18 ++++++-- .../2024-03-01/virtualMachineScaleSet.json | 42 ++++++++++++++++--- .../resource-manager/sdk-suppressions.yaml | 14 +++++++ 3 files changed, 66 insertions(+), 8 deletions(-) create mode 100644 specification/compute/resource-manager/sdk-suppressions.yaml diff --git a/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2024-03-01/examples/virtualMachineScaleSetExamples/VirtualMachineScaleSet_Create_WithSecurityPostureReference.json b/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2024-03-01/examples/virtualMachineScaleSetExamples/VirtualMachineScaleSet_Create_WithSecurityPostureReference.json index 516e1f660510..8c7a40646ad6 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2024-03-01/examples/virtualMachineScaleSetExamples/VirtualMachineScaleSet_Create_WithSecurityPostureReference.json +++ b/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2024-03-01/examples/virtualMachineScaleSetExamples/VirtualMachineScaleSet_Create_WithSecurityPostureReference.json @@ -15,7 +15,11 @@ "overprovision": true, "virtualMachineProfile": { "securityPostureReference": { - "id": "/CommunityGalleries/{communityGalleryName}/securityPostures/{securityPostureName}/versions/{major.minor.patch}|{major.*}|latest" + "id": "/CommunityGalleries/{communityGalleryName}/securityPostures/{securityPostureName}/versions/{major.minor.patch}|latest", + "excludeExtensions": [ + "{securityPostureVMExtensionName}" + ], + "isOverridable": true }, "storageProfile": { "imageReference": { @@ -81,7 +85,11 @@ "uniqueId": "d12ccb3d-ab15-4794-9836-c4196392e9f2", "virtualMachineProfile": { "securityPostureReference": { - "id": "/CommunityGalleries/{communityGalleryName}/securityPostures/{securityPostureName}/versions/{major.minor.patch}|{major.*}|latest" + "id": "/CommunityGalleries/{communityGalleryName}/securityPostures/{securityPostureName}/versions/{major.minor.patch}|latest", + "excludeExtensions": [ + "{securityPostureVMExtensionName}" + ], + "isOverridable": true }, "storageProfile": { "imageReference": { @@ -159,7 +167,11 @@ "uniqueId": "d12ccb3d-ab15-4794-9836-c4196392e9f2", "virtualMachineProfile": { "securityPostureReference": { - "id": "/CommunityGalleries/{communityGalleryName}/securityPostures/{securityPostureName}/versions/{major.minor.patch}|{major.*}|latest" + "id": "/CommunityGalleries/{communityGalleryName}/securityPostures/{securityPostureName}/versions/{major.minor.patch}|latest", + "excludeExtensions": [ + "{securityPostureVMExtensionName}" + ], + "isOverridable": true }, "storageProfile": { "imageReference": { diff --git a/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2024-03-01/virtualMachineScaleSet.json b/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2024-03-01/virtualMachineScaleSet.json index 579d93d9d08f..40974f0e3632 100644 --- a/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2024-03-01/virtualMachineScaleSet.json +++ b/specification/compute/resource-manager/Microsoft.Compute/ComputeRP/stable/2024-03-01/virtualMachineScaleSet.json @@ -5181,7 +5181,7 @@ }, "securityPostureReference": { "$ref": "#/definitions/SecurityPostureReference", - "description": "Specifies the security posture to be used for all virtual machines in the scale set. Minimum api-version: 2023-03-01" + "description": "Specifies the security posture to be used in the scale set. Minimum api-version: 2023-03-01" }, "timeCreated": { "readOnly": true, @@ -5206,6 +5206,10 @@ "$ref": "#/definitions/VirtualMachineScaleSetUpdateNetworkProfile", "description": "The virtual machine scale set network profile." }, + "securityPostureReference": { + "$ref": "#/definitions/SecurityPostureReferenceUpdate", + "description": "The virtual machine scale set security posture reference." + }, "securityProfile": { "$ref": "./computeRPCommon.json#/definitions/SecurityProfile", "description": "The virtual machine scale set Security profile" @@ -6336,17 +6340,45 @@ "properties": { "id": { "type": "string", - "description": "The security posture reference id in the form of /CommunityGalleries/{communityGalleryName}/securityPostures/{securityPostureName}/versions/{major.minor.patch}|{major.*}|latest" + "description": "The security posture reference id in the form of /CommunityGalleries/{communityGalleryName}/securityPostures/{securityPostureName}/versions/{major.minor.patch}|latest" }, "excludeExtensions": { "type": "array", "items": { - "$ref": "./virtualMachine.json#/definitions/VirtualMachineExtension" + "type": "string" }, - "description": "List of virtual machine extensions to exclude when applying the Security Posture." + "description": "The list of virtual machine extension names to exclude when applying the security posture." + }, + "isOverridable": { + "type": "boolean", + "description": "Whether the security posture can be overridden by the user." + } + }, + "description": "Specifies the security posture to be used in the scale set. Minimum api-version: 2023-03-01", + "required": [ + "id" + ] + }, + "SecurityPostureReferenceUpdate": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "The security posture reference id in the form of /CommunityGalleries/{communityGalleryName}/securityPostures/{securityPostureName}/versions/{major.minor.patch}|latest" + }, + "excludeExtensions": { + "type": "array", + "items": { + "type": "string" + }, + "description": "The list of virtual machine extension names to exclude when applying the security posture." + }, + "isOverridable": { + "type": "boolean", + "description": "Whether the security posture can be overridden by the user." } }, - "description": "Specifies the security posture to be used for all virtual machines in the scale set. Minimum api-version: 2023-03-01" + "description": "Specifies the security posture to be used in the scale set. Minimum api-version: 2023-03-01" } } } diff --git a/specification/compute/resource-manager/sdk-suppressions.yaml b/specification/compute/resource-manager/sdk-suppressions.yaml new file mode 100644 index 000000000000..4591cd0aac17 --- /dev/null +++ b/specification/compute/resource-manager/sdk-suppressions.yaml @@ -0,0 +1,14 @@ +suppressions: + azure-sdk-for-python: + - package: azure-mgmt-compute + breaking-changes: + - Parameter id of model SecurityPostureReference is now required + azure-sdk-for-go: + - package: sdk/resourcemanager/compute/armcompute + breaking-changes: + - Type of `SecurityPostureReference.ExcludeExtensions` has been changed from `[]*VirtualMachineExtension` to `[]*string` + azure-sdk-for-js: + - package: "@azure/arm-compute" + breaking-changes: + - Parameter id of interface SecurityPostureReference is now required + - Type of parameter excludeExtensions of interface SecurityPostureReference is changed from VirtualMachineExtension[] to string[] \ No newline at end of file