Skip to content

[OperationalInsights] Add new 2026-03-01 stable API for OperationalInsights RP#42662

Open
roizhv22 wants to merge 4 commits intomainfrom
roizhv22/OI20260301-v2
Open

[OperationalInsights] Add new 2026-03-01 stable API for OperationalInsights RP#42662
roizhv22 wants to merge 4 commits intomainfrom
roizhv22/OI20260301-v2

Conversation

@roizhv22
Copy link
Copy Markdown
Member

@roizhv22 roizhv22 commented Apr 26, 2026
edited
Loading

ARM (Control Plane) API Specification Update Pull Request

Tip

Overwhelmed by all this guidance? See the Getting help section at the bottom of this PR description.

PR review workflow diagram

Please understand this diagram before proceeding. It explains how to get your PR approved & merged.

spec_pr_review_workflow_diagram

Purpose of this PR

What's the purpose of this PR? Check the specific option that applies. This is mandatory!

  • New resource provider.
  • New API version for an existing resource provider. (If API spec is not defined in TypeSpec, the PR should have been created in adherence to OpenAPI specs PR creation guidance).
  • Update existing version for a new feature. (This is applicable only when you are revising a private preview API version.)
  • Update existing version to fix OpenAPI spec quality issues in S360.
  • Convert existing OpenAPI spec to TypeSpec spec (do not combine this with implementing changes for a new API version).
  • Other, please clarify:
    • edit this with your clarification

Due diligence checklist

To merge this PR, you must go through the following checklist and confirm you understood
and followed the instructions by checking all the boxes:

  • I confirm this PR is modifying Azure Resource Manager (ARM) related specifications, and not data plane related specifications.
  • I have reviewed following Resource Provider guidelines, including
    ARM resource provider contract and
    REST guidelines (estimated time: 4 hours).
    I understand this is required before I can proceed to the diagram Step 2, "ARM API changes review", for this PR.
  • A release plan has been created. If not, please create one as it will help guide you through the REST API and SDK creation process.

Additional information

Viewing API changes

New stable API version 2026-03-01 for OperationalInsights with two additions:

Added "protectionLevel" property to table properties. A string enum with values "General" (table data accessible through standard permissions) and "Protected" (table data isolated by default, requires explicit scoped authorization).

Added "dataAuthorizationMode" property to workspace features. A nullable boolean that enables data authorization mode for the workspace.

Suppressing failures

If one or multiple validation error/warning suppression(s) is detected in your PR, please follow the
suppressions guide to get approval.

Getting help

  • First, please carefully read through this PR description, from top to bottom. Please fill out the Purpose of this PR and Due diligence checklist.
  • If you don't have permissions to remove or add labels to the PR, request write access per aka.ms/azsdk/access#request-access-to-rest-api-or-sdk-repositories
  • To understand what you must do next to merge this PR, see the Next Steps to Merge comment. It will appear within few minutes of submitting this PR and will continue to be up-to-date with current PR state.
  • For guidance on fixing this PR CI check failures, see the hyperlinks provided in given failure
    and https://aka.ms/ci-fix.
  • For help with ARM review (PR workflow diagram Step 2), see https://aka.ms/azsdk/pr-arm-review.
  • If the PR CI checks appear to be stuck in queued state, please add a comment with contents /azp run.
    This should result in a new comment denoting a PR validation pipeline has started and the checks should be updated after few minutes.
  • If the help provided by the previous points is not enough, post to https://aka.ms/azsdk/support/specreview-channel and link to this PR.
  • For guidance on SDK breaking change review, refer to https://aka.ms/ci-fix.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 26, 2026
edited
Loading

Next Steps to Merge

Next steps that must be taken to merge this PR:
  • ❌ This PR targets either the main branch of the public specs repo or the RPSaaSMaster branch of the private specs repo. These branches are not intended for iterative development. Therefore, you must acknowledge you understand that after this PR is merged, the APIs are considered shipped to Azure customers. Any further attempts at in-place modifications to the APIs will be subject to Azure's versioning and breaking change policies. Additionally, for control plane APIs, you must acknowledge that you are following all the best practices documented by ARM at aka.ms/armapibestpractices. If you do intend to release the APIs to your customers by merging this PR, add the PublishToCustomers label to your PR in acknowledgement of the above. Otherwise, retarget this PR onto a feature branch, i.e. with prefix release- (see aka.ms/azsdk/api-versions#release--branches).
  • ❌ This PR is in purview of the ARM review (label: ARMReview). This PR must get ARMSignedOff label from an ARM reviewer.
    This PR has ARMChangesRequested label. Please address or respond to feedback from the ARM API reviewer.
    When you are ready to continue the ARM API review, please remove the ARMChangesRequested label.
    Automation should then add WaitForARMFeedback label.
    ❗If you don't have permissions to remove the label, request write access per aka.ms/azsdk/access#request-access-to-rest-api-or-sdk-repositories.
    For details of the ARM review, see aka.ms/azsdk/pr-arm-review


Comment generated by summarize-checks workflow run.

@roizhv22 roizhv22 added the DoNotMerge <valid label in PR review process> use to hold merge after approval label Apr 26, 2026
@github-actions github-actions Bot added ARMReview new-api-version resource-manager WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required brownfield Brownfield services will soon be required to convert to TypeSpec. See https://aka.ms/azsdk/typespec. labels Apr 26, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 26, 2026
edited
Loading

API Change Check

APIView identified API level changes in this PR and created the following API reviews

Language API Review for Package
Swagger Microsoft.OperationalInsights-OperationalInsights
Go sdk/resourcemanager/operationalinsights/armoperationalinsights
JavaScript @azure/arm-operationalinsights
Python azure-mgmt-loganalytics
Java com.azure.resourcemanager:azure-resourcemanager-loganalytics

Comment generated by After APIView workflow run.

sandipsh
sandipsh reviewed Apr 28, 2026
View reviewed changes
Comment thread ...-manager/Microsoft.OperationalInsights/OperationalInsights/stable/2026-03-01/Workspaces.json
"readOnly": true,
"description": "List of associations for the workspace. Indicates if the workspace is associated with any of the following experiences: MDC, Sentinel, SentinelGraph, etc."
},
"dataAuthorizationMode": {
Copy link
Copy Markdown
Contributor

@sandipsh sandipsh Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[NEW] 🟡 Warning [Section 8.1 - Enums over booleans]
dataAuthorizationMode is modeled as boolean, which limits forward compatibility if additional modes are introduced later.

Why this matters: adding a third state later becomes a breaking shape change for SDKs and policy logic.

Recommended fix: model this as an extensible string enum (for example Disabled/Enabled, with x-ms-enum.modelAsString: true) instead of boolean.

sandipsh
sandipsh reviewed Apr 28, 2026
View reviewed changes
Comment thread ...-manager/Microsoft.OperationalInsights/OperationalInsights/stable/2026-03-01/Workspaces.json
},
"dataAuthorizationMode": {
"type": "boolean",
"x-nullable": true,
Copy link
Copy Markdown
Contributor

@sandipsh sandipsh Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[NEW] 🟡 Warning [Section 6 - Null values]
This new response property is marked x-nullable: true.

Why this matters: ARM guidance prefers omitting missing values rather than returning explicit null for response fields.

Recommended fix: remove x-nullable: true and have the service omit the field when not set.

sandipsh
sandipsh reviewed Apr 28, 2026
View reviewed changes
Comment thread ...manager/Microsoft.OperationalInsights/OperationalInsights/stable/2026-03-01/SummaryLogs.json
"x-ms-enum": {
"name": "SummaryLogsIdentityType",
"modelAsString": false
}
Copy link
Copy Markdown
Contributor

@sandipsh sandipsh Apr 28, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[NEW] 🔴 Blocking [Section 7 - Enum extensibility]
SummaryLogsIdentityType uses x-ms-enum.modelAsString: false.

Why this matters: closed enums are brittle for SDKs and break forward compatibility when the service adds a new value.

Recommended fix: set x-ms-enum.modelAsString to true.

@sandipsh sandipsh added ARMChangesRequested and removed WaitForARMFeedback <valid label in PR review process> add this label when ARM review is required labels Apr 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sandipsh sandipsh sandipsh left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

ARMChangesRequested ARMReview BreakingChange-Go-Sdk BreakingChange-JavaScript-Sdk BreakingChange-Python-Sdk brownfield Brownfield services will soon be required to convert to TypeSpec. See https://aka.ms/azsdk/typespec. DoNotMerge <valid label in PR review process> use to hold merge after approval Monitor - Operational Insights new-api-version resource-manager

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@roizhv22 @sandipsh @orkandabi