71 lines
2.0 KiB
JSON
71 lines
2.0 KiB
JSON
{
|
|
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
"$id": "https://tenantpilot.local/contracts/foundation-rbac-snapshot.schema.json",
|
|
"title": "Foundation RBAC Snapshot",
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["type", "sourceId", "payload", "metadata"],
|
|
"properties": {
|
|
"type": {
|
|
"type": "string",
|
|
"enum": ["intuneRoleDefinition", "intuneRoleAssignment"]
|
|
},
|
|
"policyId": {
|
|
"type": ["integer", "null"],
|
|
"description": "Synthetic tenant-scoped policy anchor used when immutable RBAC history is linked into the shared policy-version surfaces."
|
|
},
|
|
"policyVersionId": {
|
|
"type": ["integer", "null"],
|
|
"description": "Immutable policy version identifier for RBAC foundation snapshots when version linkage is present."
|
|
},
|
|
"sourceId": {
|
|
"type": "string",
|
|
"minLength": 1
|
|
},
|
|
"displayName": {
|
|
"type": ["string", "null"]
|
|
},
|
|
"payload": {
|
|
"type": "object",
|
|
"description": "Full immutable Graph payload captured for backup or version display."
|
|
},
|
|
"metadata": {
|
|
"type": "object",
|
|
"additionalProperties": true,
|
|
"required": ["kind", "graph"],
|
|
"properties": {
|
|
"kind": {
|
|
"type": "string",
|
|
"enum": ["intuneRoleDefinition", "intuneRoleAssignment"]
|
|
},
|
|
"displayName": {
|
|
"type": ["string", "null"]
|
|
},
|
|
"graph": {
|
|
"type": "object",
|
|
"additionalProperties": false,
|
|
"required": ["resource", "apiVersion"],
|
|
"properties": {
|
|
"resource": {
|
|
"type": "string",
|
|
"enum": [
|
|
"deviceManagement/roleDefinitions",
|
|
"deviceManagement/roleAssignments"
|
|
]
|
|
},
|
|
"apiVersion": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
},
|
|
"warnings": {
|
|
"type": "array",
|
|
"items": {
|
|
"type": "string"
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|