Security Center
API spec for Microsoft
COMMUNITYBEARER0 INSTALLS
OpenAPI Specificationv3.0
{
"swagger": "2.0",
"schemes": [
"https"
],
"host": "management.azure.com",
"info": {
"description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
"title": "Security Center",
"version": "2015-06-01-preview",
"x-apisguru-categories": [
"cloud"
],
"x-logo": {
"url": "https://api.apis.guru/v2/cache/logo/https_assets.onestore.ms_cdnfiles_onestorerolling-1606-01000_shell_v3_images_logo_microsoft.png"
},
"x-origin": [
{
"format": "swagger",
"url": "https://raw.githubusercontent.com/Azure/azure-rest-api-specs/master/specification/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/topologies.json",
"version": "2.0"
}
],
"x-providerName": "azure.com",
"x-serviceName": "security-topologies",
"x-tags": [
"Azure",
"Microsoft"
]
},
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"securityDefinitions": {
"azure_auth": {
"authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
"description": "Azure Active Directory OAuth2 Flow",
"flow": "implicit",
"scopes": {
"user_impersonation": "impersonate your user account"
},
"type": "oauth2"
}
},
"security": [
{
"azure_auth": [
"user_impersonation"
]
}
],
"parameters": {
"TopologyResourceName": {
"description": "Name of a topology resources collection.",
"in": "path",
"name": "topologyResourceName",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
}
},
"paths": {
"/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/topologies": {
"get": {
"description": "Gets a list that allows to build a topology view of a subscription and location.",
"operationId": "Topology_ListByHomeRegion",
"parameters": [
{
"description": "Azure subscription ID",
"in": "path",
"name": "subscriptionId",
"pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$",
"required": true,
"type": "string"
},
{
"description": "The location where ASC stores the data of the subscription. can be retrieved from Get locations",
"in": "path",
"name": "ascLocation",
"required": true,
"type": "string",
"x-ms-parameter-location": "client"
},
{
"description": "API version for the operation",
"in": "query",
"name": "api-version",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/TopologyList"
}
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"description": "Error response structure.",
"properties": {
"error": {
"description": "Error details.",
"properties": {
"code": {
"description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.",
"readOnly": true,
"type": "string"
},
"message": {
"description": "A message describing the error, intended to be suitable for display in a user interface.",
"readOnly": true,
"type": "string"
}
},
"type": "object",
"x-ms-external": true
}
},
"type": "object",
"x-ms-external": true
}
}
},
"tags": [
"Topology"
],
"x-ms-examples": {
"Get topology on a subscription from security data location": {
"parameters": {
"api-version": "2015-06-01-preview",
"ascLocation": "centralus",
"subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad"
},
"responses": {
"200": {
"body": {
"value": [
{
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/vnets",
"location": "westus",
"name": "vnets",
"properties": {
"calculatedDateTime": "2018-07-10T13:56:10.5755270Z",
"topologyResources": [
{
"children": [
{
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet"
}
],
"location": "westus",
"networkZones": "Internal",
"recommendationsExist": false,
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet",
"severity": "Healthy",
"topologyScore": 0
}
]
},
"type": "Microsoft.Security/locations/topologies"
},
{
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/subnets",
"location": "westus",
"name": "subnets",
"properties": {
"calculatedDateTime": "2018-07-10T13:56:10.5755270Z",
"topologyResources": [
{
"location": "westus",
"networkZones": "Internal",
"parents": [
{
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet"
}
],
"recommendationsExist": false,
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet",
"severity": "Healthy",
"topologyScore": 5
}
]
},
"type": "Microsoft.Security/locations/topologies"
}
]
}
}
}
}
},
"x-ms-pageable": {
"nextLinkName": "nextLink"
}
}
},
"/subscriptions/{subscriptionId}/providers/Microsoft.Security/topologies": {
"get": {
"description": "Gets a list that allows to build a topology view of a subscription.",
"operationId": "Topology_List",
"parameters": [
{
"description": "Azure subscription ID",
"in": "path",
"name": "subscriptionId",
"pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$",
"required": true,
"type": "string"
},
{
"description": "API version for the operation",
"in": "query",
"name": "api-version",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/TopologyList"
}
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"description": "Error response structure.",
"properties": {
"error": {
"description": "Error details.",
"properties": {
"code": {
"description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.",
"readOnly": true,
"type": "string"
},
"message": {
"description": "A message describing the error, intended to be suitable for display in a user interface.",
"readOnly": true,
"type": "string"
}
},
"type": "object",
"x-ms-external": true
}
},
"type": "object",
"x-ms-external": true
}
}
},
"tags": [
"Topology"
],
"x-ms-examples": {
"Get topology on a subscription": {
"parameters": {
"api-version": "2015-06-01-preview",
"subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad"
},
"responses": {
"200": {
"body": {
"value": [
{
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/vnets",
"location": "westus",
"name": "vnets",
"properties": {
"calculatedDateTime": "2018-07-10T13:56:10.5755270Z",
"topologyResources": [
{
"children": [
{
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet"
}
],
"location": "westus",
"networkZones": "Internal",
"recommendationsExist": false,
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet",
"severity": "Healthy",
"topologyScore": 0
}
]
},
"type": "Microsoft.Security/locations/topologies"
},
{
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/subnets",
"location": "westus",
"name": "subnets",
"properties": {
"calculatedDateTime": "2018-07-10T13:56:10.5755270Z",
"topologyResources": [
{
"location": "westus",
"networkZones": "Internal",
"parents": [
{
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet"
}
],
"recommendationsExist": false,
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet",
"severity": "Healthy",
"topologyScore": 5
}
]
},
"type": "Microsoft.Security/locations/topologies"
}
]
}
}
}
}
},
"x-ms-pageable": {
"nextLinkName": "nextLink"
}
}
},
"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/topologies/{topologyResourceName}": {
"get": {
"description": "Gets a specific topology component.",
"operationId": "Topology_Get",
"parameters": [
{
"description": "Azure subscription ID",
"in": "path",
"name": "subscriptionId",
"pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$",
"required": true,
"type": "string"
},
{
"description": "The name of the resource group within the user's subscription. The name is case insensitive.",
"in": "path",
"maxLength": 90,
"minLength": 1,
"name": "resourceGroupName",
"pattern": "^[-\\w\\._\\(\\)]+$",
"required": true,
"type": "string",
"x-ms-parameter-location": "method"
},
{
"description": "The location where ASC stores the data of the subscription. can be retrieved from Get locations",
"in": "path",
"name": "ascLocation",
"required": true,
"type": "string",
"x-ms-parameter-location": "client"
},
{
"$ref": "#/parameters/TopologyResourceName"
},
{
"description": "API version for the operation",
"in": "query",
"name": "api-version",
"required": true,
"type": "string"
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"$ref": "#/definitions/TopologyResource"
}
},
"default": {
"description": "Error response describing why the operation failed.",
"schema": {
"description": "Error response structure.",
"properties": {
"error": {
"description": "Error details.",
"properties": {
"code": {
"description": "An identifier for the error. Codes are invariant and are intended to be consumed programmatically.",
"readOnly": true,
"type": "string"
},
"message": {
"description": "A message describing the error, intended to be suitable for display in a user interface.",
"readOnly": true,
"type": "string"
}
},
"type": "object",
"x-ms-external": true
}
},
"type": "object",
"x-ms-external": true
}
}
},
"tags": [
"Topology"
],
"x-ms-examples": {
"Get topology": {
"parameters": {
"api-version": "2015-06-01-preview",
"ascLocation": "centralus",
"resourceGroupName": "myservers",
"subscriptionId": "3eeab341-f466-499c-a8be-85427e154bad",
"topologyResourceName": "vnets"
},
"responses": {
"200": {
"body": {
"id": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Security/locations/centralus/topologies/vnets",
"location": "westus",
"name": "vnets",
"properties": {
"calculatedDateTime": "2018-07-10T13:56:10.5755270Z",
"topologyResources": [
{
"children": [
{
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet/subnets/mysubnet"
}
],
"location": "westus",
"networkZones": "InternetFacing",
"recommendationsExist": false,
"resourceId": "/subscriptions/3eeab341-f466-499c-a8be-85427e154bad/resourceGroups/myservers/providers/Microsoft.Network/virtualNetworks/myvnet",
"severity": "Healthy",
"topologyScore": 0
}
]
},
"type": "Microsoft.Security/locations/topologies"
}
}
}
}
}
}
}
},
"definitions": {
"TopologyList": {
"properties": {
"nextLink": {
"description": "The URI to fetch the next page.",
"readOnly": true,
"type": "string"
},
"value": {
"items": {
"$ref": "#/definitions/TopologyResource"
},
"readOnly": true,
"type": "array"
}
},
"type": "object"
},
"TopologyResource": {
"allOf": [
{
"description": "Describes an Azure resource.",
"properties": {
"id": {
"description": "Resource Id",
"readOnly": true,
"type": "string"
},
"name": {
"description": "Resource name",
"readOnly": true,
"type": "string"
},
"type": {
"description": "Resource type",
"readOnly": true,
"type": "string"
}
},
"type": "object",
"x-ms-azure-resource": true
},
{
"description": "Describes an Azure resource with location",
"properties": {
"location": {
"description": "Location where the resource is stored",
"readOnly": true,
"type": "string"
}
},
"type": "object"
}
],
"properties": {
"properties": {
"$ref": "#/definitions/TopologyResourceProperties",
"readOnly": true,
"x-ms-client-flatten": true
}
},
"type": "object"
},
"TopologyResourceProperties": {
"properties": {
"calculatedDateTime": {
"description": "The UTC time on which the topology was calculated",
"format": "date-time",
"readOnly": true,
"type": "string"
},
"topologyResources": {
"description": "Azure resources which are part of this topology resource",
"items": {
"$ref": "#/definitions/TopologySingleResource"
},
"readOnly": true,
"type": "array"
}
},
"type": "object"
},
"TopologySingleResource": {
"properties": {
"children": {
"description": "Azure resources connected to this resource which are in lower level in the topology view",
"items": {
"$ref": "#/definitions/TopologySingleResourceChild"
},
"readOnly": true,
"type": "array"
},
"location": {
"description": "The location of this resource",
"readOnly": true,
"type": "string"
},
"networkZones": {
"description": "Indicates the resource connectivity level to the Internet (InternetFacing, Internal ,etc.)",
"readOnly": true,
"type": "string"
},
"parents": {
"description": "Azure resources connected to this resource which are in higher level in the topology view",
"items": {
"$ref": "#/definitions/TopologySingleResourceParent"
},
"readOnly": true,
"type": "array"
},
"recommendationsExist": {
"description": "Indicates if the resource has security recommendations",
"readOnly": true,
"type": "boolean"
},
"resourceId": {
"description": "Azure resource id",
"readOnly": true,
"type": "string"
},
"severity": {
"description": "The security severity of the resource",
"readOnly": true,
"type": "string"
},
"topologyScore": {
"description": "Score of the resource based on its security severity",
"readOnly": true,
"type": "integer"
}
},
"type": "object"
},
"TopologySingleResourceChild": {
"properties": {
"resourceId": {
"description": "Azure resource id which serves as child resource in topology view",
"readOnly": true,
"type": "string"
}
},
"type": "object"
},
"TopologySingleResourceParent": {
"properties": {
"resourceId": {
"description": "Azure resource id which serves as parent resource in topology view",
"readOnly": true,
"type": "string"
}
},
"type": "object"
}
}
}