40 lines (27 loc) · 816 Bytes

TenantLevelAPIsNotAllowed

Category

ARM Warning

Applies to

ARM OpenAPI(swagger) specs

Related ARM Guideline Code

RPC-Uri-V1-11

Description

This rule checks for th tenant level APIs.

How to fix the violation

Tenant level APIs require a review from the security RBAC team during manifest check-in. For details, refer to the Manifest security review process: https://eng.ms/docs/microsoft-security/identity/auth-authz/access-control-managed-identityacmi/policy-administration-service/pas-wiki/livesite/security/manifest

Good Examples

...
"/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Music/songs/{songName}" {
    "put" {}
  }
...

Bad Examples

...
"/providers/Microsoft.Music/songs/{songName}" {
    "put" {}
} 
...

⚡