openapi-directory/api/azure.com/security-assessmentMetadata.json

Building & bundling https://github.com/APIs-guru/openapi-directory for easy use from JS

{"openapi":"3.0.0","info":{"description":"API spec for Microsoft.Security (Azure Security Center) resource provider","title":"Security Center","version":"2020-01-01","x-apisguru-categories":["cloud"],"x-logo":{"url":"https://assets.onestore.ms/cdnfiles/onestorerolling-1606-01000/shell/v3/images/logo/microsoft.png"},"x-origin":[{"format":"swagger","url":"https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/specification/security/resource-manager/Microsoft.Security/stable/2020-01-01/assessmentMetadata.json","version":"2.0"}],"x-preferred":true,"x-providerName":"azure.com","x-serviceName":"security-assessmentMetadata","x-tags":["Azure","Microsoft"]},"security":[{"azure_auth":["user_impersonation"]}],"paths":{"/providers/Microsoft.Security/assessmentMetadata":{"get":{"description":"Get metadata information on all assessment types","operationId":"AssessmentsMetadata_List","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"List security assessment metadata":{"value":"2020-01-01"}}}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityAssessmentMetadataList"},"examples":{"List security assessment metadata":{"$ref":"#/components/examples/List_security_assessment_metadata"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Assessments Metadata"],"x-ms-pageable":{"nextLinkName":"nextLink"}}},"/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}":{"get":{"description":"Get metadata information on an assessment type","operationId":"AssessmentsMetadata_Get","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Get security assessment metadata":{"value":"2020-01-01"}}},{"$ref":"#/components/parameters/AssessmentsMetadataName"}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityAssessmentMetadata"},"examples":{"Get security assessment metadata":{"$ref":"#/components/examples/Get_security_assessment_metadata"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Assessments Metadata"]}},"/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata":{"get":{"description":"Get metadata information on all assessment types in a specific subscription","operationId":"AssessmentsMetadataSubscription_List","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"List security assessment metadata for subscription":{"value":"2020-01-01"}}},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"List security assessment metadata for subscription":{"value":"0980887d-03d6-408c-9566-532f3456804e"}}}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityAssessmentMetadataList"},"examples":{"List security assessment metadata for subscription":{"$ref":"#/components/examples/List_security_assessment_metadata_for_subscription"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Assessments Metadata"],"x-ms-pageable":{"nextLinkName":"nextLink"}}},"/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}":{"delete":{"description":"Delete metadata information on an assessment type in a specific subscription, will cause the deletion of all the assessments of that type in that subscription","operationId":"AssessmentsMetadataSubscription_Delete","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Delete a security assessment metadata for subscription":{"value":"2020-01-01"}}},{"$ref":"#/components/parameters/AssessmentsMetadataName"},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Delete a security assessment metadata for subscription":{"value":"0980887d-03d6-408c-9566-532f3456804e"}}}],"responses":{"200":{"description":"OK"},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Assessments Metadata"]},"get":{"description":"Get metadata information on an assessment type in a specific subscription","operationId":"AssessmentsMetadataSubscription_Get","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Get security assessment metadata for subscription":{"value":"2020-01-01"}}},{"$ref":"#/components/parameters/AssessmentsMetadataName"},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Get security assessment metadata for subscription":{"value":"0980887d-03d6-408c-9566-532f3456804e"}}}],"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityAssessmentMetadata"},"examples":{"Get security assessment metadata for subscription":{"$ref":"#/components/examples/Get_security_assessment_metadata_for_subscription"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Assessments Metadata"]},"put":{"description":"Create metadata information on an assessment type in a specific subscription","operationId":"AssessmentsMetadataSubscription_Create","parameters":[{"description":"API version for the operation","in":"query","name":"api-version","required":true,"schema":{"type":"string"},"examples":{"Create security assessment metadata for subscription":{"value":"2020-01-01"}}},{"$ref":"#/components/parameters/AssessmentsMetadataName"},{"description":"Azure subscription ID","in":"path","name":"subscriptionId","required":true,"schema":{"type":"string","pattern":"^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"},"examples":{"Create security assessment metadata for subscription":{"value":"0980887d-03d6-408c-9566-532f3456804e"}}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityAssessmentMetadata"}}},"description":"AssessmentMetadata object","required":true,"x-ms-parameter-location":"method"},"responses":{"200":{"description":"OK","content":{"application/json":{"schema":{"$ref":"#/components/schemas/SecurityAssessmentMetadata"},"examples":{"Create security assessment metadata for subscription":{"$ref":"#/components/examples/Create_security_assessment_metadata_for_subscription"}}}}},"default":{"description":"Error response describing why the operation failed.","content":{"application/json":{"schema":{"description":"Error response structure.","properties":{"error":{"description":"Error details.","properties":{"code":{"description":"An identifier for the error. Codes are invariant and are intended to be consumed programmatically.","readOnly":true,"type":"string"},"message":{"description":"A message describing the error, intended to be suitable for display in a user interface.","readOnly":true,"type":"string"}},"type":"object","x-ms-external":true}},"type":"object","x-ms-external":true}}}}},"tags":["Assessments Metadata"]}}},"servers":[{"url":"https://management.azure.com"}],"components":{"examples":{"List_security_assessment_metadata":{"value":{"value":[{"id":"/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b","name":"21300918-b2e3-0346-785f-c77ff57d243b","properties":{"assessmentType":"BuiltIn","category":["Compute"],"description":"Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.","displayName":"Install endpoint protection solution on virtual machine scale sets","implementationEffort":"Low","policyDefinitionId":"/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de","remediationDescription":"To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>","severity":"Medium","threats":["dataExfiltration","dataSpillage","maliciousInsider"],"userImpact":"Low"},"type":"Microsoft.Security/assessmentMetadata"},{"id":"/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe","name":"bc303248-3d14-44c2-96a0-55f5c326b5fe","properties":{"assessmentType":"CustomPolicy","category":["Networking"],"description":"Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.","displayName":"Close management ports on your virtual machines","implementationEffort":"Low","policyDefinitionId":"/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917","preview":true,"remediationDescription":"We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.<br>To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'","severity":"Medium","threats":["dataExfiltration","dataSpillage","maliciousInsider"],"userImpact":"High"},"type":"Microsoft.Security/assessmentMetadata"},{"id":"/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7","name":"ca039e75-a276-4175-aebc-bcd41e4b14b7","properties":{"assessmentType":"CustomerManaged","category":["Compute"],"description":"Assessment that my organization created to view our security assessment in Azure Security Center","displayName":"My organization security assessment","implementationEffort":"Low","remediationDescription":"Fix it with these remediation instructions","severity":"Medium","threats":[],"userImpact":"Low"},"type":"Microsoft.Security/assessmentMetadata"}]}},"Get_security_assessment_metadata":{"value":{"id":"/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b","name":"21300918-b2e3-0346-785f-c77ff57d243b","properties":{"assessmentType":"BuiltIn","category":["Compute"],"description":"Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.","displayName":"Install endpoint protection solution on virtual machine scale sets","implementationEffort":"Low","policyDefinitionId":"/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de","remediationDescription":"To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>","severity":"Medium","threats":["dataExfiltration","dataSpillage","maliciousInsider"],"userImpact":"Low"},"type":"Microsoft.Security/assessmentMetadata"}},"List_security_assessment_metadata_for_subscription":{"value":{"value":[{"id":"/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b","name":"21300918-b2e3-0346-785f-c77ff57d243b","properties":{"assessmentType":"BuiltIn","category":["Compute"],"description":"Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.","displayName":"Install endpoint protection solution on virtual machine scale sets","implementationEffort":"Low","policyDefinitionId":"/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de","remediationDescription":"To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>","severity":"Medium","threats":["dataExfiltration","dataSpillage","maliciousInsider"],"userImpact":"Low"},"type":"Microsoft.Security/assessmentMetadata"},{"id":"/providers/Microsoft.Security/assessmentMetadata/bc303248-3d14-44c2-96a0-55f5c326b5fe","name":"bc303248-3d14-44c2-96a0-55f5c326b5fe","properties":{"assessmentType":"CustomPolicy","category":["Networking"],"description":"Open remote management ports expose your VM to a high level of risk from internet-based attacks that attempt to brute force credentials to gain admin access to the machine.","displayName":"Close management ports on your virtual machines","implementationEffort":"Low","policyDefinitionId":"/providers/Microsoft.Authorization/policyDefinitions/22730e10-96f6-4aac-ad84-9383d35b5917","preview":true,"remediationDescription":"We recommend that you edit the inbound rules of the below virtual machines to restrict access to specific source ranges.<br>To restrict the access to your virtual machines: 1. Click on a VM from the list below 2. At the 'Networking' blade, click on each of the rules that allow management ports (e.g. RDP-3389, WINRM-5985, SSH-22) 3. Change the 'Action' property to 'Deny' 4. Click 'Save'","severity":"Medium","threats":["dataExfiltration","dataSpillage","maliciousInsider"],"userImpact":"High"},"type":"Microsoft.Security/assessmentMetadata"}]}},"Get_security_assessment_metadata_for_subscription":{"value":{"id":"/providers/Microsoft.Security/assessmentMetadata/21300918-b2e3-0346-785f-c77ff57d243b","name":"21300918-b2e3-0346-785f-c77ff57d243b","properties":{"assessmentType":"BuiltIn","category":["Compute"],"description":"Install an endpoint protection solution on your virtual machines scale sets, to protect them from threats and vulnerabilities.","displayName":"Install endpoint protection solution on virtual machine scale sets","implementationEffort":"Low","policyDefinitionId":"/providers/Microsoft.Authorization/policyDefinitions/26a828e1-e88f-464e-bbb3-c134a282b9de","remediationDescription":"To install an endpoint protection solution: 1.  <a href=\"https://docs.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-faq#how-do-i-turn-on-antimalware-in-my-virtual-machine-scale-set\">Follow the instructions in How do I turn on antimalware in my virtual machine scale set</a>","severity":"Medium","threats":["dataExfiltration","dataSpillage","maliciousInsider"],"userImpact":"Low"},"type":"Microsoft.Security/assessmentMetadata"}},"Create_security_assessment_metadata_for_subscription":{"value":{"id":"/providers/Microsoft.Security/assessmentMetadata/ca039e75-a276-4175-aebc-bcd41e4b14b7","name":"ca039e75-a276-4175-aebc-bcd41e4b14b7","properties":{"assessmentType":"CustomerManaged","category":["Compute"],"description":"Assessment that my organization created to view our security assessment in Azure Security Center","displayName":"My organization security assessment","implementationEffort":"Low","remediationDescription":"Fix it with these remediation instructions","severity":"Medium","threats":["dataExfiltration","dataSpillage","maliciousInsider"],"userImpact":"Low"},"type":"Microsoft.Security/assessmentMetadata"}}},"parameters":{"AssessmentsMetadataName":{"description":"The Assessment Key - Unique key for the assessment type","in":"path","name":"assessmentMetadataName","required":true,"x-ms-parameter-location":"method","schema":{"type":"string"},"examples":{"Get security assessment metadata":{"value":"21300918-b2e3-0346-785f-c77ff57d243b"},"Delete a security assessment metadata for subscription":{"value":"ca039e75-a276-4175-aebc-bcd41e4b14b7"},"Get security assessment metadata for subscription":{"value":"21300918-b2e3-0346-785f-c77ff57d243b"},"Create security assessment metadata for subscription":{"value":"ca039e75-a276-4175-aebc-bcd41e4b14b7"}}}},"securitySchemes":{"azure_auth":{"description":"Azure Active Directory OAuth2 Flow","type":"oauth2","flows":{"implicit":{"authorizationUrl":"https://login.microsoftonline.com/common/oauth2/authorize","scopes":{"user_impersonation":"impersonate your user account"}}}}},"schemas":{"SecurityAssessmentMetadata":{"allOf":[{"description":"Describes an Azure resource.","properties":{"id":{"description":"Resource Id","readOnly":true,"type":"string"},"name":{"description":"Resource name","readOnly":true,"type":"string"},"type":{"description":"Resource type","readOnly":true,"type":"string"}},"type":"object","x-ms-azure-resource":true}],"description":"Security assessment metadata","properties":{"properties":{"$ref":"#/components/schemas/SecurityAssessmentMetadataProperties"}},"type":"object"},"SecurityAssessmentMetadataList":{"description":"List of security assessment metadata","properties":{"nextLink":{"description":"The URI to fetch the next page.","readOnly":true,"type":"string"},"value":{"items":{"$ref":"#/components/schemas/SecurityAssessmentMetadata"},"readOnly":true,"type":"array"}},"type":"object"},"SecurityAssessmentMetadataPartnerData":{"description":"Describes the partner that created the assessment","properties":{"partnerName":{"description":"Name of the company of the partner","readOnly":true,"type":"string"},"productName":{"description":"Name of the product of the partner that created the assessment","type":"string"},"secret":{"description":"Secret to authenticate the partner and verify it created the assessment - write only","type":"string","x-ms-secret":true}},"type":"object"},"SecurityAssessmentMetadataProperties":{"description":"Describes properties of an assessment metadata.","properties":{"assessmentType":{"description":"BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition","enum":["BuiltIn","CustomPolicy","CustomerManaged","VerifiedPartner"],"type":"string","x-ms-enum":{"modelAsString":true,"name":"assessmentType","values":[{"description":"Azure Security Center managed assessments","value":"BuiltIn"},{"description":"User defined policies that are automatically ingested from Azure Policy to Azure Security Center","value":"CustomPolicy"},{"description":"User assessments pushed directly by the user or other third party to Azure Security Center","value":"CustomerManaged"},{"description":"An assessment that was created by a verified 3rd party if the user connected it to ASC","value":"VerifiedPartner"}]}},"category":{"items":{"description":"The category of resource that is at risk when the assessment is unhealthy","enum":["Compute","Networking","Data","IdentityAndAccess","IoT"],"type":"string","x-ms-enum":{"modelAsString":true,"name":"category","values":[{"value":"Compute"},{"value":"Networking"},{"value":"Data"},{"value":"IdentityAndAccess"},{"value":"IoT"}]}},"type":"array"},"description":{"description":"Human readable description of the assessment","type":"string"},"displayName":{"description":"User friendly display name of the assessment","type":"string"},"implementationEffort":{"description":"The implementation effort required to remediate this assessment","enum":["Low","Moderate","High"],"type":"string","x-ms-enum":{"modelAsString":true,"name":"implementationEffort","values":[{"value":"Low"},{"value":"Moderate"},{"value":"High"}]}},"partnerData":{"$ref":"#/components/schemas/SecurityAssessmentMetadataPartnerData"},"policyDefinitionId":{"description":"Azure resource ID of the policy definition that turns this assessment calculation on","readOnly":true,"type":"string"},"preview":{"description":"True if this assessment is in preview release status","type":"boolean"},"remediationDescription":{"description":"Human readable description of what you should do to mitigate this security issue","type":"string"},"severity":{"description":"The severity level of the assessment","enum":["Low","Medium","High"],"type":"string","x-ms-enum":{"modelAsString":true,"name":"severity","values":[{"value":"Low"},{"value":"Medium"},{"value":"High"}]}},"threats":{"items":{"description":"Threats impact of the assessment","enum":["accountBreach","dataExfiltration","dataSpillage","maliciousInsider","elevationOfPrivilege","threatResistance","missingCoverage","denialOfService"],"type":"string","x-ms-enum":{"modelAsString":true,"name":"threats","values":[{"value":"accountBreach"},{"value":"dataExfiltration"},{"value":"dataSpillage"},{"value":"maliciousInsider"},{"value":"elevationOfPrivilege"},{"value":"threatResistance"},{"value":"missingCoverage"},{"value":"denialOfService"}]}},"type":"array"},"userImpact":{"description":"The user impact of the assessment","enum":["Low","Moderate","High"],"type":"string","x-ms-enum":{"modelAsString":true,"name":"userImpact","values":[{"value":"Low"},{"value":"Moderate"},{"value":"High"}]}}},"required":["displayName","severity","assessmentType"],"type":"object"}}}}