Skip to content

Commit

Permalink
Add ProtectionMode to Microsoft.Security applicationWhitelistings (#7243
Browse files Browse the repository at this point in the history 
)

* add ProtectionMode to GroupData (missing examples)

* add protection mode examples

* removing the required fields

* changing the additionalProperties to be of type string

* fix missing }

* change the ProtectionMode object

* add None to enforcement mode

* lowercase the collection types
  • Loading branch information
@erelh @anuchandy
erelh authored and anuchandy committed Sep 24, 2019
1 parent 374fbd9 commit bd9ec86
Show file tree
Hide file tree
Showing 4 changed files with 62 additions and 164 deletions.
31 changes: 29 additions & 2 deletions ...ource-manager/Microsoft.Security/preview/2015-06-01-preview/applicationWhitelistings.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,9 @@
"enforcementMode": {
"$ref": "#/definitions/EnforcementMode"
},
"protectionMode": {
"$ref": "#/definitions/ProtectionMode"
},
"configurationStatus": {
"$ref": "#/definitions/ConfigurationStatus"
},
Expand All @@ -236,8 +239,13 @@
"description": "The altered data of the recommended VM/server group policy",
"properties": {
"enforcementMode": {
"description": "The enforcement mode of the group. Can also be defined per collection type by using ProtectionMode",
"$ref": "#/definitions/EnforcementMode"
},
"protectionMode": {
"description": "The protection mode of the group per collection type. Can also be defined for all collection types by using EnforcementMode",
"$ref": "#/definitions/ProtectionMode"
},
"vmRecommendations": {
"$ref": "#/definitions/VmRecommendations"
},
Expand All @@ -259,12 +267,31 @@
},
"EnforcementMode": {
"type": "string",
"description": "The application control policy enforcement mode of the VM/server group",
"description": "The application control policy enforcement/protection mode of the VM/server group",
"enum": [
"Audit",
"Enforce"
"Enforce",
"None"
]
},
"ProtectionMode": {
"type": "object",
"description": "The protection mode of the collection/file types. Exe/Msi/Script are used for Windows, Executable is used for Linux.",
"properties": {
"exe": {
"$ref": "#/definitions/EnforcementMode"
},
"msi": {
"$ref": "#/definitions/EnforcementMode"
},
"script": {
"$ref": "#/definitions/EnforcementMode"
},
"executable": {
"$ref": "#/definitions/EnforcementMode"
}
}
},
"RecommendationStatus": {
"type": "string",
"description": "The recommendation status of the VM/server group or VM/server",
Expand Down
5 changes: 5 additions & 0 deletions ...1-preview/examples/ApplicationWhitelistings/GetApplicationWhitelistingsGroup_example.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,11 @@
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"exe": "Audit",
"msi": "Audit",
"script": "None"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
Expand Down
180 changes: 18 additions & 162 deletions ...ew/examples/ApplicationWhitelistings/GetApplicationWhitelistingsSubscription_example.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,11 @@
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"exe": "Audit",
"msi": "Audit",
"script": "None"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
Expand Down Expand Up @@ -124,6 +129,11 @@
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"exe": "Audit",
"msi": "None",
"script": "None"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
Expand Down Expand Up @@ -169,6 +179,11 @@
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"exe": "Audit",
"msi": "None",
"script": "None"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
Expand Down Expand Up @@ -313,123 +328,6 @@
"sourceSystem": "Azure_AppLocker"
}
},
{
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/centralus/applicationWhitelistings/GROUP2-RE",
"name": "GROUP2-RE",
"type": "Microsoft.Security/applicationWhitelistings",
"location": "centralus",
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"vmRecommendations": [
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/matanjittest/providers/microsoft.compute/virtualmachines/matansourcejit",
"recommendationAction": "Recommended"
},
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/erelh-dsc/providers/microsoft.compute/virtualmachines/erelh-14010",
"recommendationAction": "Recommended"
},
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16091",
"recommendationAction": "Recommended"
}
],
"pathRecommendations": [
{
"path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
"type": "PublisherSignature",
"publisherInfo": {
"publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
"productName": "*",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "Everyone",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
},
{
"path": "C:\\bla.exe",
"type": "File",
"common": true,
"action": "Add",
"usernames": [
{
"username": "Everyone",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
}
],
"configurationStatus": "Configured",
"issues": [],
"sourceSystem": "Azure_AppLocker"
}
},
{
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/BENJITGROUP13",
"name": "BENJITGROUP13",
"type": "Microsoft.Security/applicationWhitelistings",
"location": "westeurope",
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"vmRecommendations": [
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/bengr-jit-test/providers/microsoft.compute/virtualmachines/bengr-jit-test3",
"recommendationAction": "Recommended"
}
],
"pathRecommendations": [
{
"path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
"type": "PublisherSignature",
"publisherInfo": {
"publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
"productName": "*",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "Everyone",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
}
],
"configurationStatus": "Configured",
"issues": [],
"sourceSystem": "Azure_AppLocker"
}
},
{
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/GROUP1",
"name": "GROUP1",
Expand All @@ -438,6 +336,9 @@
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"executable": "Audit"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
Expand Down Expand Up @@ -1110,51 +1011,6 @@
],
"sourceSystem": "Azure_AuditD"
}
},
{
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/providers/Microsoft.Security/locations/westeurope/applicationWhitelistings/GROUP2",
"name": "GROUP2",
"type": "Microsoft.Security/applicationWhitelistings",
"location": "westeurope",
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"vmRecommendations": [
{
"configurationStatus": "Configured",
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/bengr-jit-test/providers/microsoft.compute/virtualmachines/bengr-jit-test1",
"recommendationAction": "Recommended"
}
],
"pathRecommendations": [
{
"path": "[Exe] O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US\\*\\*\\0.0.0.0",
"type": "PublisherSignature",
"publisherInfo": {
"publisherName": "O=MICROSOFT CORPORATION, L=REDMOND, S=WASHINGTON, C=US",
"productName": "*",
"binaryName": "*",
"version": "0.0.0.0"
},
"common": true,
"action": "Recommended",
"usernames": [
{
"username": "Everyone",
"recommendationAction": "Recommended"
}
],
"userSids": [
"S-1-1-0"
],
"fileType": "Exe",
"configurationStatus": "Configured"
}
],
"configurationStatus": "Configured",
"issues": [],
"sourceSystem": "Azure_AppLocker"
}
}
]
}
Expand Down
10 changes: 10 additions & 0 deletions ...-06-01-preview/examples/ApplicationWhitelistings/PutApplicationWhitelistings_example.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,11 @@
"name": "ERELGROUP1",
"properties": {
"enforcementMode": "Audit",
"protectionMode": {
"exe": "Audit",
"msi": "None",
"script": "None"
},
"vmRecommendations": [
{
"configurationStatus": "Configured",
Expand Down Expand Up @@ -112,6 +117,11 @@
"properties": {
"recommendationStatus": "Recommended",
"enforcementMode": "Audit",
"protectionMode": {
"exe": "Audit",
"msi": "None",
"script": "None"
},
"vmRecommendations": [
{
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154baf/resourcegroups/erelh-stable/providers/microsoft.compute/virtualmachines/erelh-16090",
Expand Down

0 comments on commit bd9ec86

Please sign in to comment.