Modify rule TenantLevelAPIsNotAllowed RPC-Uri-V1-11 from ARM error to warning

docs/rules.md

@@ -942,12 +942,6 @@ For more detail, pls refer to https://github.com/microsoft/api-guidelines/blob/v
 
 Please refer to [path-resource-type-name-camel-case.md](./path-resource-type-name-camel-case.md) for details.
 
-### Post201Response
-
-Using post for a create operation is discouraged.
-
-Please refer to [post201-response.md](./post201-response.md) for details.
-
 ### PostOperationIdContainsUrlVerb
 
 A POST operation's operationId should contain the verb indicated at the end of the corresponding url.
@@ -962,6 +956,12 @@ Long-running POST operations must have responses with 202 and default return cod
 
 Please refer to [post-response-codes.md](./post-response-codes.md) for details.
 
+### Post201Response
+
+Using post for a create operation is discouraged.
+
+Please refer to [post201-response.md](./post201-response.md) for details.
+
 ### PreviewVersionOverOneYear
 
 Per [Retirement-of-Previews](https://dev.azure.com/msazure/AzureWiki/_wiki/wikis/AzureWiki.wiki/37683/Retirement-of-Previews), service, feature, API, and SKU in preview for over one year need to move to GA or retire.
@@ -1244,12 +1244,6 @@ Please refer to [system-data-in-properties-bag.md](./system-data-in-properties-b
 
 Please refer to [tags-are-not-allowed-for-proxy-resources.md](./tags-are-not-allowed-for-proxy-resources.md) for details.
 
-### TenantLevelAPIsNotAllowed
-
-Tenant level APIs are strongly discouraged and subscription or resource group level APIs are preferred instead. The reason for this guidance is that tenant level APIs have a really broad scope and blast radius. We permit APIs to be at this broad scope under rare conditions. Some ARM feature sets also do not cover tenant level APIs such as the use of AFEC. Additionally, if you intend to bypass the standard RBAC constructs and make the APIs unauthorized, you will need an approval from the PAS team before the open API spec can be merged.
-
-Please refer to [tenant-level-apis-not-allowed.md](./tenant-level-apis-not-allowed.md) for details.
-
 ### TopLevelResourcesListByResourceGroup
 
 Per [ARM guidelines](https://github.com/Azure/azure-resource-manager-rpc/blob/master/v1.0/resource-api-reference.md), all the top-level resources must have a list by resource group operation which returns the collection of the resource.

packages/rulesets/CHANGELOG.md

@@ -1,5 +1,17 @@
 # Change Log - @microsoft.azure/openapi-validator-rulesets
 
+## 2.1.8
+
+### Patches
+
+- Removed rule TenantLevelAPIsNotAllowed RPC-Uri-V1-11 
+
+## 2.1.7
+
+### Patches
+
+- Updated autorest package.json to 2.2.4
+
 ## 2.1.6
 
 ### Patches

packages/rulesets/generated/spectral/az-arm.js

@@ -2965,28 +2965,6 @@ const tagsAreNotAllowedForProxyResources = (definition, _opts, ctx) => {
     return errors;
 };
 
-const tenantLevelAPIsNotAllowed = (pathItems, _opts, ctx) => {
-    if (pathItems === null || typeof pathItems !== "object") {
-        return [];
-    }
-    const path = ctx.path || [];
-    const apiPaths = Object.keys(pathItems);
-    if (apiPaths.length < 1) {
-        return [];
-    }
-    const errors = [];
-    for (const apiPath of apiPaths) {
-        if (pathItems[apiPath]["put"] && !apiPath.endsWith("/operations") && apiPath.startsWith("/providers")) {
-            errors.push({
-                message: `${apiPath} is a tenant level api. Tenant level APIs are strongly discouraged and subscription or resource group level APIs are preferred instead. If you cannot model your APIs at these levels, you will need to present your design and get an exception from PAS team.`,
-                path: [...path, apiPath],
-            });
-            break;
-        }
-    }
-    return errors;
-};
-
 const trackedExtensionResourcesAreNotAllowed = (apiPath, _opts, ctx) => {
     var _a, _b, _c;
     if (apiPath === null || typeof apiPath !== "string") {
@@ -3974,18 +3952,6 @@ const ruleset = {
                 function: noDuplicatePathsForScopeParameter,
             },
         },
-        TenantLevelAPIsNotAllowed: {
-            rpcGuidelineCode: "RPC-Uri-V1-11",
-            description: "Tenant level APIs are strongly discouraged and subscription or resource group level APIs are preferred instead. Design presentation and getting an exception from the PAS team is needed if APIs cannot be modelled at subscription or resource group level.",
-            message: "{{error}}",
-            severity: "error",
-            resolved: true,
-            formats: [oas2],
-            given: "$[paths,'x-ms-paths']",
-            then: {
-                function: tenantLevelAPIsNotAllowed,
-            },
-        },
         TrackedExtensionResourcesAreNotAllowed: {
             rpcGuidelineCode: "RPC-Uri-V1-12",
             description: "Extension resources are always considered to be proxy and must not be of the type tracked.",

packages/rulesets/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@microsoft.azure/openapi-validator-rulesets",
-  "version": "2.1.7",
+  "version": "2.1.8",
   "description": "Azure OpenAPI Validator",
   "main": "dist/index.js",
   "scripts": {

packages/rulesets/src/spectral/az-arm.ts

@@ -50,7 +50,6 @@ import { securityDefinitionsStructure } from "./functions/security-definitions-s
 import skuValidation from "./functions/sku-validation"
 import { systemDataInPropertiesBag } from "./functions/system-data-in-properties-bag"
 import { tagsAreNotAllowedForProxyResources } from "./functions/tags-are-not-allowed-for-proxy-resources"
-import { tenantLevelAPIsNotAllowed } from "./functions/tenant-level-apis-not-allowed"
 import { trackedExtensionResourcesAreNotAllowed } from "./functions/tracked-extension-resources-are-not-allowed"
 import trackedResourceTagsPropertyInRequest from "./functions/trackedresource-tags-property-in-request"
 import { validQueryParametersForPointOperations } from "./functions/valid-query-parameters-for-point-operations"
@@ -946,20 +945,6 @@ const ruleset: any = {
         function: noDuplicatePathsForScopeParameter,
       },
     },
-    // RPC Code: RPC-Uri-V1-11
-    TenantLevelAPIsNotAllowed: {
-      rpcGuidelineCode: "RPC-Uri-V1-11",
-      description:
-        "Tenant level APIs are strongly discouraged and subscription or resource group level APIs are preferred instead. Design presentation and getting an exception from the PAS team is needed if APIs cannot be modelled at subscription or resource group level.",
-      message: "{{error}}",
-      severity: "error",
-      resolved: true,
-      formats: [oas2],
-      given: "$[paths,'x-ms-paths']",
-      then: {
-        function: tenantLevelAPIsNotAllowed,
-      },
-    },
     // RPC Code: RPC-Uri-V1-12
     TrackedExtensionResourcesAreNotAllowed: {
       rpcGuidelineCode: "RPC-Uri-V1-12",