diff --git a/idn/beta/paths/campaigns.yaml b/idn/beta/paths/campaigns.yaml index 2766a2e0..fddf70e1 100644 --- a/idn/beta/paths/campaigns.yaml +++ b/idn/beta/paths/campaigns.yaml @@ -110,6 +110,8 @@ post: $ref: '../schemas/campaign/examples/CreateCampaignSourceOwner.yaml' Role Composition: $ref: '../schemas/campaign/examples/CreateCampaignRoleComposition.yaml' + Machine Account Owner: + $ref: '../schemas/campaign/examples/CreateCampaignMachineAccount.yaml' responses: '200': description: This response indicates that the requested campaign was successfully created, and the API returns its representation. @@ -126,6 +128,8 @@ post: $ref: '../schemas/campaign/examples/FullCampaignSourceOwner.yaml' Role Composition: $ref: '../schemas/campaign/examples/FullCampaignRoleComposition.yaml' + Machine Account Owner: + $ref: '../schemas/campaign/examples/FullCampaignMachineAccount.yaml' '400': $ref: '../../v3/responses/400.yaml' '401': diff --git a/idn/beta/schemas/Campaign.yaml b/idn/beta/schemas/Campaign.yaml index 0a749d24..726a5c2d 100644 --- a/idn/beta/schemas/Campaign.yaml +++ b/idn/beta/schemas/Campaign.yaml @@ -189,6 +189,22 @@ allOf: example: Role Composition Description required: - remediatorRef + machineAccountCampaignInfo: + type: object + description: Must be set only if the campaign type is MACHINE_ACCOUNT. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: [ 0fbe863c063c4c88a35fd7f17e8a3df5 ] + reviewerType: + type: string + description: The reviewer's type. + enum: + - ACCOUNT_OWNER + example: ACCOUNT_OWNER sourcesWithOrphanEntitlements: type: array description: >- diff --git a/idn/beta/schemas/SlimCampaign.yaml b/idn/beta/schemas/SlimCampaign.yaml index d97a0fe4..92452b11 100644 --- a/idn/beta/schemas/SlimCampaign.yaml +++ b/idn/beta/schemas/SlimCampaign.yaml @@ -35,6 +35,7 @@ properties: - SOURCE_OWNER - SEARCH - ROLE_COMPOSITION + - MACHINE_ACCOUNT example: MANAGER emailNotificationEnabled: type: boolean diff --git a/idn/beta/schemas/campaign/examples/CreateCampaignMachineAccount.yaml b/idn/beta/schemas/campaign/examples/CreateCampaignMachineAccount.yaml new file mode 100644 index 00000000..2f6f6fc1 --- /dev/null +++ b/idn/beta/schemas/campaign/examples/CreateCampaignMachineAccount.yaml @@ -0,0 +1,15 @@ +value: + name: Machine Account Owner Campaign + description: A review done by a Machine Account's owner. + deadline: 2024-12-25T06:00:00.468Z + type: MACHINE_ACCOUNT + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + filter: + type: CAMPAIGN_FILTER + id: 0c46fb26c6b20967a55517ee90d15b93 + machineAccountCampaignInfo: + sourceIds: + - d988f117b7624a16ab0b64c439d5dbb8 + reviewerType: ACCOUNT_OWNER \ No newline at end of file diff --git a/idn/beta/schemas/campaign/examples/FullCampaignMachineAccount.yaml b/idn/beta/schemas/campaign/examples/FullCampaignMachineAccount.yaml new file mode 100644 index 00000000..0c93d5d1 --- /dev/null +++ b/idn/beta/schemas/campaign/examples/FullCampaignMachineAccount.yaml @@ -0,0 +1,27 @@ +value: + id: 3e9ff3d6555e4721b74695d5b578e847 + name: Machine Account Owner Campaign + description: A review done by a Machine Account's owner. + deadline: 2024-05-07T19:43:38.186Z + type: MACHINE_ACCOUNT + status: PENDING + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + created: 2024-04-23T19:43:38.355Z + modified: 2024-04-23T19:43:38.355Z + filter: null + sunsetCommentsRequired: true + mandatoryCommentRequirement: NO_DECISIONS + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: null + totalCertifications: 0 + completedCertifications: 0 + alerts: null + correlatedStatus: CORRELATED + sourcesWithOrphanEntitlements: [ ] + machineAccountCampaignInfo: + sourceIds: + - d988f117b7624a16ab0b64c439d5dbb8 + reviewerType: ACCOUNT_OWNER \ No newline at end of file diff --git a/idn/beta/schemas/campaign/examples/FullCampaignManager.yaml b/idn/beta/schemas/campaign/examples/FullCampaignManager.yaml index 05679b1e..671963ce 100644 --- a/idn/beta/schemas/campaign/examples/FullCampaignManager.yaml +++ b/idn/beta/schemas/campaign/examples/FullCampaignManager.yaml @@ -18,6 +18,7 @@ value: sourceOwnerCampaignInfo: null searchCampaignInfo: null roleCompositionCampaignInfo: null + machineAccountCampaignInfo: null alerts: null totalCertifications: 0 completedCertifications: 0 diff --git a/idn/beta/schemas/campaign/examples/FullCampaignRoleComposition.yaml b/idn/beta/schemas/campaign/examples/FullCampaignRoleComposition.yaml index 49cee71e..682e3532 100644 --- a/idn/beta/schemas/campaign/examples/FullCampaignRoleComposition.yaml +++ b/idn/beta/schemas/campaign/examples/FullCampaignRoleComposition.yaml @@ -32,5 +32,6 @@ value: totalCertifications: 0 completedCertifications: 0 sourcesWithOrphanEntitlements: null + machineAccountCampaignInfo: null mandatoryCommentRequirement: NO_DECISIONS \ No newline at end of file diff --git a/idn/beta/schemas/campaign/examples/FullCampaignSearch.yaml b/idn/beta/schemas/campaign/examples/FullCampaignSearch.yaml index 0c86b624..4f06c0fc 100644 --- a/idn/beta/schemas/campaign/examples/FullCampaignSearch.yaml +++ b/idn/beta/schemas/campaign/examples/FullCampaignSearch.yaml @@ -27,6 +27,7 @@ value: identityIds: null accessConstraints: [] roleCompositionCampaignInfo: null + machineAccountCampaignInfo: null alerts: null totalCertifications: 0 completedCertifications: 0 diff --git a/idn/beta/schemas/campaign/examples/FullCampaignSourceOwner.yaml b/idn/beta/schemas/campaign/examples/FullCampaignSourceOwner.yaml index c7abe7a5..bc95ac7f 100644 --- a/idn/beta/schemas/campaign/examples/FullCampaignSourceOwner.yaml +++ b/idn/beta/schemas/campaign/examples/FullCampaignSourceOwner.yaml @@ -20,6 +20,7 @@ value: - 612b31b1a0f04aaf83123bdb80e70db6 searchCampaignInfo: null roleCompositionCampaignInfo: null + machineAccountCampaignInfo: null alerts: null totalCertifications: 0 completedCertifications: 0 diff --git a/idn/v3/paths/campaigns.yaml b/idn/v3/paths/campaigns.yaml index 211cf6ca..dc8db591 100644 --- a/idn/v3/paths/campaigns.yaml +++ b/idn/v3/paths/campaigns.yaml @@ -110,6 +110,8 @@ post: $ref: '../schemas/campaign/examples/CreateCampaignSourceOwner.yaml' Role Composition: $ref: '../schemas/campaign/examples/CreateCampaignRoleComposition.yaml' + Machine Account: + $ref: '../schemas/campaign/examples/CreateCampaignMachineAccount.yaml' responses: '200': description: This response indicates that the requested campaign was successfully created, and the API returns its representation. @@ -126,6 +128,8 @@ post: $ref: '../schemas/campaign/examples/FullCampaignSourceOwner.yaml' Role Composition: $ref: '../schemas/campaign/examples/FullCampaignRoleComposition.yaml' + Machine Account Owner: + $ref: '../schemas/campaign/examples/FullCampaignMachineAccount.yaml' '400': $ref: '../responses/400.yaml' '401': diff --git a/idn/v3/schemas/Campaign.yaml b/idn/v3/schemas/Campaign.yaml index 0a749d24..726a5c2d 100644 --- a/idn/v3/schemas/Campaign.yaml +++ b/idn/v3/schemas/Campaign.yaml @@ -189,6 +189,22 @@ allOf: example: Role Composition Description required: - remediatorRef + machineAccountCampaignInfo: + type: object + description: Must be set only if the campaign type is MACHINE_ACCOUNT. + properties: + sourceIds: + type: array + description: The list of sources to be included in the campaign. + items: + type: string + example: [ 0fbe863c063c4c88a35fd7f17e8a3df5 ] + reviewerType: + type: string + description: The reviewer's type. + enum: + - ACCOUNT_OWNER + example: ACCOUNT_OWNER sourcesWithOrphanEntitlements: type: array description: >- diff --git a/idn/v3/schemas/SlimCampaign.yaml b/idn/v3/schemas/SlimCampaign.yaml index d97a0fe4..92452b11 100644 --- a/idn/v3/schemas/SlimCampaign.yaml +++ b/idn/v3/schemas/SlimCampaign.yaml @@ -35,6 +35,7 @@ properties: - SOURCE_OWNER - SEARCH - ROLE_COMPOSITION + - MACHINE_ACCOUNT example: MANAGER emailNotificationEnabled: type: boolean diff --git a/idn/v3/schemas/campaign/examples/CreateCampaignMachineAccount.yaml b/idn/v3/schemas/campaign/examples/CreateCampaignMachineAccount.yaml new file mode 100644 index 00000000..2f6f6fc1 --- /dev/null +++ b/idn/v3/schemas/campaign/examples/CreateCampaignMachineAccount.yaml @@ -0,0 +1,15 @@ +value: + name: Machine Account Owner Campaign + description: A review done by a Machine Account's owner. + deadline: 2024-12-25T06:00:00.468Z + type: MACHINE_ACCOUNT + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + filter: + type: CAMPAIGN_FILTER + id: 0c46fb26c6b20967a55517ee90d15b93 + machineAccountCampaignInfo: + sourceIds: + - d988f117b7624a16ab0b64c439d5dbb8 + reviewerType: ACCOUNT_OWNER \ No newline at end of file diff --git a/idn/v3/schemas/campaign/examples/FullCampaignMachineAccount.yaml b/idn/v3/schemas/campaign/examples/FullCampaignMachineAccount.yaml new file mode 100644 index 00000000..6fb1117c --- /dev/null +++ b/idn/v3/schemas/campaign/examples/FullCampaignMachineAccount.yaml @@ -0,0 +1,27 @@ +value: + id: 3e9ff3d6555e4721b74695d5b578e847 + name: Machine Account Owner Campaign + description: A review done by a machine account's owner. + deadline: 2024-05-07T19:43:38.186Z + type: MACHINE_ACCOUNT + status: PENDING + emailNotificationEnabled: false + autoRevokeAllowed: false + recommendationsEnabled: false + created: 2024-04-23T19:43:38.355Z + modified: 2024-04-23T19:43:38.355Z + filter: null + sunsetCommentsRequired: true + mandatoryCommentRequirement: NO_DECISIONS + sourceOwnerCampaignInfo: null + searchCampaignInfo: null + roleCompositionCampaignInfo: null + totalCertifications: 0 + completedCertifications: 0 + alerts: null + correlatedStatus: CORRELATED + sourcesWithOrphanEntitlements: [ ] + machineAccountCampaignInfo: + sourceIds: + - d988f117b7624a16ab0b64c439d5dbb8 + reviewerType: ACCOUNT_OWNER \ No newline at end of file diff --git a/idn/v3/schemas/campaign/examples/FullCampaignManager.yaml b/idn/v3/schemas/campaign/examples/FullCampaignManager.yaml index 05679b1e..671963ce 100644 --- a/idn/v3/schemas/campaign/examples/FullCampaignManager.yaml +++ b/idn/v3/schemas/campaign/examples/FullCampaignManager.yaml @@ -18,6 +18,7 @@ value: sourceOwnerCampaignInfo: null searchCampaignInfo: null roleCompositionCampaignInfo: null + machineAccountCampaignInfo: null alerts: null totalCertifications: 0 completedCertifications: 0 diff --git a/idn/v3/schemas/campaign/examples/FullCampaignRoleComposition.yaml b/idn/v3/schemas/campaign/examples/FullCampaignRoleComposition.yaml index 49cee71e..682e3532 100644 --- a/idn/v3/schemas/campaign/examples/FullCampaignRoleComposition.yaml +++ b/idn/v3/schemas/campaign/examples/FullCampaignRoleComposition.yaml @@ -32,5 +32,6 @@ value: totalCertifications: 0 completedCertifications: 0 sourcesWithOrphanEntitlements: null + machineAccountCampaignInfo: null mandatoryCommentRequirement: NO_DECISIONS \ No newline at end of file diff --git a/idn/v3/schemas/campaign/examples/FullCampaignSearch.yaml b/idn/v3/schemas/campaign/examples/FullCampaignSearch.yaml index 0c86b624..4f06c0fc 100644 --- a/idn/v3/schemas/campaign/examples/FullCampaignSearch.yaml +++ b/idn/v3/schemas/campaign/examples/FullCampaignSearch.yaml @@ -27,6 +27,7 @@ value: identityIds: null accessConstraints: [] roleCompositionCampaignInfo: null + machineAccountCampaignInfo: null alerts: null totalCertifications: 0 completedCertifications: 0 diff --git a/idn/v3/schemas/campaign/examples/FullCampaignSourceOwner.yaml b/idn/v3/schemas/campaign/examples/FullCampaignSourceOwner.yaml index c7abe7a5..bc95ac7f 100644 --- a/idn/v3/schemas/campaign/examples/FullCampaignSourceOwner.yaml +++ b/idn/v3/schemas/campaign/examples/FullCampaignSourceOwner.yaml @@ -20,6 +20,7 @@ value: - 612b31b1a0f04aaf83123bdb80e70db6 searchCampaignInfo: null roleCompositionCampaignInfo: null + machineAccountCampaignInfo: null alerts: null totalCertifications: 0 completedCertifications: 0 diff --git a/idn/v3/schemas/reviews/ReviewableEntitlement.yaml b/idn/v3/schemas/reviews/ReviewableEntitlement.yaml index d4e693d8..c7722bce 100644 --- a/idn/v3/schemas/reviews/ReviewableEntitlement.yaml +++ b/idn/v3/schemas/reviews/ReviewableEntitlement.yaml @@ -117,3 +117,34 @@ properties: example: '2020-05-20T18:57:16.987Z' activityInsights: $ref: '../ActivityInsights.yaml' + description: + nullable: true + type: string + description: Information about the account + example: Account for Read/write to the company database + governanceGroupId: + nullable: true + type: string + description: The id associated with the machine Account Governance Group + example: 2c9180857182305e0171993737eb29e6 + owner: + type: object + nullable: true + description: Information about the machine account owner + properties: + id: + nullable: true + type: string + description: The id associated with the machine account owner + example: 2c9180857182305e0171993737eb29e8 + type: + type: string + enum: + - IDENTITY + description: An enumeration of the types of Owner supported within the IdentityNow infrastructure. + example: IDENTITY + displayName: + nullable: true + type: string + description: The machine account owner's display name + example: Alison Ferguson