diff --git a/internal/pkg/expanders/swagger-armspecs.generated.go b/internal/pkg/expanders/swagger-armspecs.generated.go
index d5c394c2e..ff91e3214 100644
--- a/internal/pkg/expanders/swagger-armspecs.generated.go
+++ b/internal/pkg/expanders/swagger-armspecs.generated.go
@@ -1823,6 +1823,17 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 												}},
 										}},
 								}},
+						},
+						{
+							Display:  "apiCollections",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections", "2023-11-15"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{apiId}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}", "2023-11-15"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}", "2023-11-15"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}", "2023-11-15"),
+								}},
 						}},
 					SubResources: []swagger.ResourceType{
 						{
@@ -5582,187 +5593,187 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 		},
 		{
 			Display:  "operations",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.ContainerRegistry/operations", "2023-11-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.ContainerRegistry/operations", "2024-11-01-preview"),
 		},
 		{
 			Display:  "registries",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.ContainerRegistry/registries", "2023-11-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.ContainerRegistry/registries", "2024-11-01-preview"),
 		},
 		{
 			Display:  "registries",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries", "2023-11-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries", "2024-11-01-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{registryName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}", "2023-11-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}", "2023-11-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}", "2023-11-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}", "2023-11-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}", "2024-11-01-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}", "2024-11-01-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}", "2024-11-01-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}", "2024-11-01-preview"),
 					Children: []swagger.ResourceType{
 						{
 							Display:  "cacheRules",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{cacheRuleName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules/{cacheRuleName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules/{cacheRuleName}", "2023-11-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules/{cacheRuleName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules/{cacheRuleName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules/{cacheRuleName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules/{cacheRuleName}", "2024-11-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules/{cacheRuleName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/cacheRules/{cacheRuleName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "connectedRegistries",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{connectedRegistryName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries/{connectedRegistryName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries/{connectedRegistryName}", "2023-11-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries/{connectedRegistryName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries/{connectedRegistryName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries/{connectedRegistryName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries/{connectedRegistryName}", "2024-11-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries/{connectedRegistryName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/connectedRegistries/{connectedRegistryName}", "2024-11-01-preview"),
 									Children:       []swagger.ResourceType{},
 								}},
 						},
 						{
 							Display:  "credentialSets",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{credentialSetName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets/{credentialSetName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets/{credentialSetName}", "2023-11-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets/{credentialSetName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets/{credentialSetName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets/{credentialSetName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets/{credentialSetName}", "2024-11-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets/{credentialSetName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/credentialSets/{credentialSetName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "exportPipelines",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/exportPipelines", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/exportPipelines", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{exportPipelineName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/exportPipelines/{exportPipelineName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/exportPipelines/{exportPipelineName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/exportPipelines/{exportPipelineName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/exportPipelines/{exportPipelineName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/exportPipelines/{exportPipelineName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/exportPipelines/{exportPipelineName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "importPipelines",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/importPipelines", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/importPipelines", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{importPipelineName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/importPipelines/{importPipelineName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/importPipelines/{importPipelineName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/importPipelines/{importPipelineName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/importPipelines/{importPipelineName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/importPipelines/{importPipelineName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/importPipelines/{importPipelineName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "listUsages",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/listUsages", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/listUsages", "2024-11-01-preview"),
 						},
 						{
 							Display:  "pipelineRuns",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/pipelineRuns", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/pipelineRuns", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{pipelineRunName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/pipelineRuns/{pipelineRunName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/pipelineRuns/{pipelineRunName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/pipelineRuns/{pipelineRunName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/pipelineRuns/{pipelineRunName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/pipelineRuns/{pipelineRunName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/pipelineRuns/{pipelineRunName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "privateEndpointConnections",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateEndpointConnections", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateEndpointConnections", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{privateEndpointConnectionName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateEndpointConnections/{privateEndpointConnectionName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateEndpointConnections/{privateEndpointConnectionName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateEndpointConnections/{privateEndpointConnectionName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateEndpointConnections/{privateEndpointConnectionName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateEndpointConnections/{privateEndpointConnectionName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateEndpointConnections/{privateEndpointConnectionName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "privateLinkResources",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateLinkResources", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateLinkResources", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:  "{groupName}",
-									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateLinkResources/{groupName}", "2023-11-01-preview"),
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/privateLinkResources/{groupName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "replications",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{replicationName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications/{replicationName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications/{replicationName}", "2023-11-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications/{replicationName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications/{replicationName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications/{replicationName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications/{replicationName}", "2024-11-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications/{replicationName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/replications/{replicationName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "scopeMaps",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{scopeMapName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps/{scopeMapName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps/{scopeMapName}", "2023-11-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps/{scopeMapName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps/{scopeMapName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps/{scopeMapName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps/{scopeMapName}", "2024-11-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps/{scopeMapName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/scopeMaps/{scopeMapName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "tokens",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{tokenName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens/{tokenName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens/{tokenName}", "2023-11-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens/{tokenName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens/{tokenName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens/{tokenName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens/{tokenName}", "2024-11-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens/{tokenName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/tokens/{tokenName}", "2024-11-01-preview"),
 								}},
 						},
 						{
 							Display:  "webhooks",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{webhookName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks/{webhookName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks/{webhookName}", "2023-11-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks/{webhookName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks/{webhookName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks/{webhookName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks/{webhookName}", "2024-11-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks/{webhookName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/webhooks/{webhookName}", "2024-11-01-preview"),
 									Children:       []swagger.ResourceType{},
 								}},
 						}},
 					SubResources: []swagger.ResourceType{
 						{
 							Display:  "archives",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives", "2023-11-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives", "2024-11-01-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{archiveName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}", "2023-11-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}", "2023-11-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}", "2023-11-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}", "2023-11-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}", "2024-11-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}", "2024-11-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}", "2024-11-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}", "2024-11-01-preview"),
 									Children: []swagger.ResourceType{
 										{
 											Display:  "versions",
-											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}/versions", "2023-11-01-preview"),
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}/versions", "2024-11-01-preview"),
 											SubResources: []swagger.ResourceType{
 												{
 													Display:        "{archiveVersionName}",
-													Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}/versions/{archiveVersionName}", "2023-11-01-preview"),
-													DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}/versions/{archiveVersionName}", "2023-11-01-preview"),
-													PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}/versions/{archiveVersionName}", "2023-11-01-preview"),
+													Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}/versions/{archiveVersionName}", "2024-11-01-preview"),
+													DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}/versions/{archiveVersionName}", "2024-11-01-preview"),
+													PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ContainerRegistry/registries/{registryName}/packages/{packageType}/archives/{archiveName}/versions/{archiveVersionName}", "2024-11-01-preview"),
 												}},
 										}},
 								}},
@@ -8812,236 +8823,236 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 		},
 		{
 			Display:  "operations",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/operations", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/operations", "2024-12-15-preview"),
 		},
 		{
 			Display:  "topicTypes",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/topicTypes", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/topicTypes", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:  "{topicTypeName}",
-					Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/topicTypes/{topicTypeName}", "2024-06-01-preview"),
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/topicTypes/{topicTypeName}", "2024-12-15-preview"),
 					Children: []swagger.ResourceType{
 						{
 							Display:  "eventTypes",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/topicTypes/{topicTypeName}/eventTypes", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/topicTypes/{topicTypeName}/eventTypes", "2024-12-15-preview"),
 						}},
 				}},
 		},
 		{
 			Display:  "verifiedPartners",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/verifiedPartners", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/verifiedPartners", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:  "{verifiedPartnerName}",
-					Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/verifiedPartners/{verifiedPartnerName}", "2024-06-01-preview"),
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.EventGrid/verifiedPartners/{verifiedPartnerName}", "2024-12-15-preview"),
 				}},
 		},
 		{
 			Display:  "domains",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/domains", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/domains", "2024-12-15-preview"),
 		},
 		{
 			Display:  "eventSubscriptions",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/eventSubscriptions", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/eventSubscriptions", "2024-12-15-preview"),
 		},
 		{
 			Display:  "eventSubscriptions",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/locations/{location}/eventSubscriptions", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/locations/{location}/eventSubscriptions", "2024-12-15-preview"),
 		},
 		{
 			Display:  "eventSubscriptions",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/locations/{location}/topicTypes/{topicTypeName}/eventSubscriptions", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/locations/{location}/topicTypes/{topicTypeName}/eventSubscriptions", "2024-12-15-preview"),
 		},
 		{
 			Display:  "namespaces",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/namespaces", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/namespaces", "2024-12-15-preview"),
 		},
 		{
 			Display:  "partnerConfigurations",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerConfigurations", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerConfigurations", "2024-12-15-preview"),
 		},
 		{
 			Display:  "partnerDestinations",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerDestinations", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerDestinations", "2024-12-15-preview"),
 		},
 		{
 			Display:  "partnerNamespaces",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerNamespaces", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerNamespaces", "2024-12-15-preview"),
 		},
 		{
 			Display:  "partnerRegistrations",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerRegistrations", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerRegistrations", "2024-12-15-preview"),
 		},
 		{
 			Display:  "partnerTopics",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerTopics", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/partnerTopics", "2024-12-15-preview"),
 		},
 		{
 			Display:  "systemTopics",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/systemTopics", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/systemTopics", "2024-12-15-preview"),
 		},
 		{
 			Display:  "eventSubscriptions",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/topicTypes/{topicTypeName}/eventSubscriptions", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/topicTypes/{topicTypeName}/eventSubscriptions", "2024-12-15-preview"),
 		},
 		{
 			Display:  "topics",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/topics", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.EventGrid/topics", "2024-12-15-preview"),
 		},
 		{
 			Display:  "domains",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{domainName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}", "2024-06-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}", "2024-12-15-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}", "2024-12-15-preview"),
 					Children: []swagger.ResourceType{
 						{
 							Display:  "eventSubscriptions",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{eventSubscriptionName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
 									Children:       []swagger.ResourceType{},
 								}},
 						},
 						{
 							Display:  "topics",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{domainTopicName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{domainTopicName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{domainTopicName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{domainTopicName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{domainTopicName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{domainTopicName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{domainTopicName}", "2024-12-15-preview"),
 								},
 								{
 									Display:  "eventSubscriptions",
-									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions", "2024-06-01-preview"),
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions", "2024-12-15-preview"),
 									SubResources: []swagger.ResourceType{
 										{
 											Display:        "{eventSubscriptionName}",
-											Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-											DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-											PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-											PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
+											Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+											DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+											PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+											PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
 											Children:       []swagger.ResourceType{},
 										}},
 								},
 								{
 									Display:  "eventSubscriptions",
-									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/providers/Microsoft.EventGrid/eventSubscriptions", "2024-06-01-preview"),
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/domains/{domainName}/topics/{topicName}/providers/Microsoft.EventGrid/eventSubscriptions", "2024-12-15-preview"),
 								}},
 						}},
 				}},
 		},
 		{
 			Display:  "eventSubscriptions",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/eventSubscriptions", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/eventSubscriptions", "2024-12-15-preview"),
 		},
 		{
 			Display:  "eventSubscriptions",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/locations/{location}/eventSubscriptions", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/locations/{location}/eventSubscriptions", "2024-12-15-preview"),
 		},
 		{
 			Display:  "eventSubscriptions",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/locations/{location}/topicTypes/{topicTypeName}/eventSubscriptions", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/locations/{location}/topicTypes/{topicTypeName}/eventSubscriptions", "2024-12-15-preview"),
 		},
 		{
 			Display:  "namespaces",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{namespaceName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}", "2024-06-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}", "2024-12-15-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}", "2024-12-15-preview"),
 					Children: []swagger.ResourceType{
 						{
 							Display:  "caCertificates",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/caCertificates", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/caCertificates", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{caCertificateName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/caCertificates/{caCertificateName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/caCertificates/{caCertificateName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/caCertificates/{caCertificateName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/caCertificates/{caCertificateName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/caCertificates/{caCertificateName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/caCertificates/{caCertificateName}", "2024-12-15-preview"),
 								}},
 						},
 						{
 							Display:  "clientGroups",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clientGroups", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clientGroups", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{clientGroupName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clientGroups/{clientGroupName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clientGroups/{clientGroupName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clientGroups/{clientGroupName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clientGroups/{clientGroupName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clientGroups/{clientGroupName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clientGroups/{clientGroupName}", "2024-12-15-preview"),
 								}},
 						},
 						{
 							Display:  "clients",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clients", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clients", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{clientName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clients/{clientName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clients/{clientName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clients/{clientName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clients/{clientName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clients/{clientName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/clients/{clientName}", "2024-12-15-preview"),
 								}},
 						},
 						{
 							Display:  "permissionBindings",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/permissionBindings", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/permissionBindings", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{permissionBindingName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/permissionBindings/{permissionBindingName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/permissionBindings/{permissionBindingName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/permissionBindings/{permissionBindingName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/permissionBindings/{permissionBindingName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/permissionBindings/{permissionBindingName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/permissionBindings/{permissionBindingName}", "2024-12-15-preview"),
 								}},
 						},
 						{
 							Display:  "topicSpaces",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topicSpaces", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topicSpaces", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{topicSpaceName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topicSpaces/{topicSpaceName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topicSpaces/{topicSpaceName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topicSpaces/{topicSpaceName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topicSpaces/{topicSpaceName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topicSpaces/{topicSpaceName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topicSpaces/{topicSpaceName}", "2024-12-15-preview"),
 								}},
 						},
 						{
 							Display:  "topics",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{topicName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}", "2024-06-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}", "2024-12-15-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}", "2024-12-15-preview"),
 									Children: []swagger.ResourceType{
 										{
 											Display:  "eventSubscriptions",
-											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions", "2024-06-01-preview"),
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions", "2024-12-15-preview"),
 											SubResources: []swagger.ResourceType{
 												{
 													Display:        "{eventSubscriptionName}",
-													Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-													DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-													PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-													PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
+													Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+													DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+													PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+													PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/namespaces/{namespaceName}/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
 													Children:       []swagger.ResourceType{},
 												}},
 										}},
@@ -9051,51 +9062,51 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 		},
 		{
 			Display:  "partnerConfigurations",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations", "2024-12-15-preview"),
 			Children: []swagger.ResourceType{
 				{
 					Display:        "default",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations/default", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations/default", "2024-06-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations/default", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations/default", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations/default", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations/default", "2024-12-15-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations/default", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerConfigurations/default", "2024-12-15-preview"),
 					Children:       []swagger.ResourceType{},
 				}},
 		},
 		{
 			Display:  "partnerDestinations",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{partnerDestinationName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations/{partnerDestinationName}", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations/{partnerDestinationName}", "2024-06-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations/{partnerDestinationName}", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations/{partnerDestinationName}", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations/{partnerDestinationName}", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations/{partnerDestinationName}", "2024-12-15-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations/{partnerDestinationName}", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerDestinations/{partnerDestinationName}", "2024-12-15-preview"),
 					Children:       []swagger.ResourceType{},
 				}},
 		},
 		{
 			Display:  "partnerNamespaces",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{partnerNamespaceName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}", "2024-06-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}", "2024-12-15-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}", "2024-12-15-preview"),
 					Children: []swagger.ResourceType{
 						{
 							Display:  "channels",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{channelName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels/{channelName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels/{channelName}", "2024-06-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels/{channelName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels/{channelName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels/{channelName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels/{channelName}", "2024-12-15-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels/{channelName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerNamespaces/{partnerNamespaceName}/channels/{channelName}", "2024-12-15-preview"),
 									Children:       []swagger.ResourceType{},
 								}},
 						}},
@@ -9103,37 +9114,37 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 		},
 		{
 			Display:  "partnerRegistrations",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{partnerRegistrationName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations/{partnerRegistrationName}", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations/{partnerRegistrationName}", "2024-06-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations/{partnerRegistrationName}", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations/{partnerRegistrationName}", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations/{partnerRegistrationName}", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations/{partnerRegistrationName}", "2024-12-15-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations/{partnerRegistrationName}", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerRegistrations/{partnerRegistrationName}", "2024-12-15-preview"),
 				}},
 		},
 		{
 			Display:  "partnerTopics",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{partnerTopicName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}", "2024-06-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}", "2024-12-15-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}", "2024-12-15-preview"),
 					Children: []swagger.ResourceType{
 						{
 							Display:  "eventSubscriptions",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{eventSubscriptionName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/partnerTopics/{partnerTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
 									Children:       []swagger.ResourceType{},
 								}},
 						}},
@@ -9141,25 +9152,25 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 		},
 		{
 			Display:  "systemTopics",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{systemTopicName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}", "2024-06-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}", "2024-12-15-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}", "2024-12-15-preview"),
 					Children: []swagger.ResourceType{
 						{
 							Display:  "eventSubscriptions",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{eventSubscriptionName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/systemTopics/{systemTopicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
 									Children:       []swagger.ResourceType{},
 								}},
 						}},
@@ -9167,29 +9178,29 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 		},
 		{
 			Display:  "eventSubscriptions",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topicTypes/{topicTypeName}/eventSubscriptions", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topicTypes/{topicTypeName}/eventSubscriptions", "2024-12-15-preview"),
 		},
 		{
 			Display:  "topics",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{topicName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}", "2024-06-01-preview"),
-					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}", "2024-12-15-preview"),
+					PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}", "2024-12-15-preview"),
 					Children: []swagger.ResourceType{
 						{
 							Display:  "eventSubscriptions",
-							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions", "2024-06-01-preview"),
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions", "2024-12-15-preview"),
 							SubResources: []swagger.ResourceType{
 								{
 									Display:        "{eventSubscriptionName}",
-									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/topics/{topicName}/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
 									Children:       []swagger.ResourceType{},
 								}},
 						}},
@@ -9197,53 +9208,53 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 		},
 		{
 			Display:  "privateEndpointConnections",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateEndpointConnections", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateEndpointConnections", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:        "{privateEndpointConnectionName}",
-					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateEndpointConnections/{privateEndpointConnectionName}", "2024-06-01-preview"),
-					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateEndpointConnections/{privateEndpointConnectionName}", "2024-06-01-preview"),
-					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateEndpointConnections/{privateEndpointConnectionName}", "2024-06-01-preview"),
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateEndpointConnections/{privateEndpointConnectionName}", "2024-12-15-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateEndpointConnections/{privateEndpointConnectionName}", "2024-12-15-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateEndpointConnections/{privateEndpointConnectionName}", "2024-12-15-preview"),
 				}},
 		},
 		{
 			Display:  "privateLinkResources",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateLinkResources", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateLinkResources", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:  "{privateLinkResourceName}",
-					Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateLinkResources/{privateLinkResourceName}", "2024-06-01-preview"),
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{parentType}/{parentName}/privateLinkResources/{privateLinkResourceName}", "2024-12-15-preview"),
 				}},
 		},
 		{
 			Display:  "networkSecurityPerimeterConfigurations",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{resourceType}/{resourceName}/networkSecurityPerimeterConfigurations", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{resourceType}/{resourceName}/networkSecurityPerimeterConfigurations", "2024-12-15-preview"),
 			SubResources: []swagger.ResourceType{
 				{
 					Display:  "{perimeterGuid}.{associationName}",
-					Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{resourceType}/{resourceName}/networkSecurityPerimeterConfigurations/{perimeterGuid}.{associationName}", "2024-06-01-preview"),
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.EventGrid/{resourceType}/{resourceName}/networkSecurityPerimeterConfigurations/{perimeterGuid}.{associationName}", "2024-12-15-preview"),
 					Children: []swagger.ResourceType{},
 				}},
 		},
 		{
 			Display:  "eventSubscriptions",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{providerNamespace}/{resourceTypeName}/{resourceName}/providers/Microsoft.EventGrid/eventSubscriptions", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{providerNamespace}/{resourceTypeName}/{resourceName}/providers/Microsoft.EventGrid/eventSubscriptions", "2024-12-15-preview"),
 		},
 		{
 			Display:  "eventTypes",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{providerNamespace}/{resourceTypeName}/{resourceName}/providers/Microsoft.EventGrid/eventTypes", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{providerNamespace}/{resourceTypeName}/{resourceName}/providers/Microsoft.EventGrid/eventTypes", "2024-12-15-preview"),
 		},
 		{
 			Display:        "{eventSubscriptionName}",
-			Endpoint:       endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-			DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-			PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
-			PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/eventSubscriptions/{eventSubscriptionName}", "2024-06-01-preview"),
+			Endpoint:       endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+			DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+			PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
+			PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/eventSubscriptions/{eventSubscriptionName}", "2024-12-15-preview"),
 			Children:       []swagger.ResourceType{},
 		},
 		{
 			Display:  "default",
-			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/extensionTopics/default", "2024-06-01-preview"),
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.EventGrid/extensionTopics/default", "2024-12-15-preview"),
 		},
 		{
 			Display:  "operations",
@@ -16936,6 +16947,283 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 							Display:  "searchServices",
 							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Search/searchServices", "2023-11-01"),
 						},
+						{
+							Display:  "alerts",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/alerts", "2022-01-01"),
+						},
+						{
+							Display:  "alertsSuppressionRules",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/alertsSuppressionRules", "2019-01-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{alertsSuppressionRuleName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/alertsSuppressionRules/{alertsSuppressionRuleName}", "2019-01-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/alertsSuppressionRules/{alertsSuppressionRuleName}", "2019-01-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/alertsSuppressionRules/{alertsSuppressionRuleName}", "2019-01-01-preview"),
+								}},
+						},
+						{
+							Display:  "allowedConnections",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/allowedConnections", "2020-01-01"),
+						},
+						{
+							Display:  "apiCollections",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/apiCollections", "2023-11-15"),
+						},
+						{
+							Display:  "applications",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/applications", "2022-07-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{applicationId}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/applications/{applicationId}", "2022-07-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/applications/{applicationId}", "2022-07-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/applications/{applicationId}", "2022-07-01-preview"),
+								}},
+						},
+						{
+							Display:  "assessmentMetadata",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata", "2021-06-01"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{assessmentMetadataName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}", "2021-06-01"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}", "2021-06-01"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}", "2021-06-01"),
+								}},
+						},
+						{
+							Display:  "autoProvisioningSettings",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings", "2017-08-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:     "{settingName}",
+									Endpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings/{settingName}", "2017-08-01-preview"),
+									PutEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings/{settingName}", "2017-08-01-preview"),
+								}},
+						},
+						{
+							Display:  "automations",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/automations", "2023-12-01-preview"),
+						},
+						{
+							Display:  "connectors",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/connectors", "2020-01-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{connectorName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/connectors/{connectorName}", "2020-01-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/connectors/{connectorName}", "2020-01-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/connectors/{connectorName}", "2020-01-01-preview"),
+								}},
+						},
+						{
+							Display:  "customAssessmentAutomations",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/customAssessmentAutomations", "2021-07-01-preview"),
+						},
+						{
+							Display:  "customEntityStoreAssignments",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/customEntityStoreAssignments", "2021-07-01-preview"),
+						},
+						{
+							Display:  "discoveredSecuritySolutions",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/discoveredSecuritySolutions", "2020-01-01"),
+						},
+						{
+							Display:  "externalSecuritySolutions",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/externalSecuritySolutions", "2020-01-01"),
+						},
+						{
+							Display:  "iotSecuritySolutions",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotSecuritySolutions", "2019-08-01"),
+						},
+						{
+							Display:  "jitNetworkAccessPolicies",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/jitNetworkAccessPolicies", "2020-01-01"),
+						},
+						{
+							Display:  "locations",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations", "2015-06-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:  "{ascLocation}",
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}", "2015-06-01-preview"),
+									Children: []swagger.ResourceType{
+										{
+											Display:  "ExternalSecuritySolutions",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/ExternalSecuritySolutions", "2020-01-01"),
+										},
+										{
+											Display:  "alerts",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts", "2022-01-01"),
+											Children: []swagger.ResourceType{},
+											SubResources: []swagger.ResourceType{
+												{
+													Display:  "{alertName}",
+													Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}", "2022-01-01"),
+													Children: []swagger.ResourceType{},
+												}},
+										},
+										{
+											Display:  "allowedConnections",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/allowedConnections", "2020-01-01"),
+										},
+										{
+											Display:  "discoveredSecuritySolutions",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/discoveredSecuritySolutions", "2020-01-01"),
+										},
+										{
+											Display:  "jitNetworkAccessPolicies",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies", "2020-01-01"),
+										},
+										{
+											Display:  "securitySolutionsReferenceData",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/securitySolutionsReferenceData", "2020-01-01"),
+										},
+										{
+											Display:  "tasks",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/tasks", "2015-06-01-preview"),
+											SubResources: []swagger.ResourceType{
+												{
+													Display:      "{taskName}",
+													Endpoint:     endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}", "2015-06-01-preview"),
+													SubResources: []swagger.ResourceType{},
+												}},
+										},
+										{
+											Display:  "topologies",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/topologies", "2020-01-01"),
+										}},
+								}},
+						},
+						{
+							Display:  "mdeOnboardings",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/mdeOnboardings", "2021-10-01-preview"),
+							Children: []swagger.ResourceType{
+								{
+									Display:  "default",
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/mdeOnboardings/default", "2021-10-01-preview"),
+								}},
+						},
+						{
+							Display:  "regulatoryComplianceStandards",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards", "2019-01-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:  "{regulatoryComplianceStandardName}",
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}", "2019-01-01-preview"),
+									Children: []swagger.ResourceType{
+										{
+											Display:  "regulatoryComplianceControls",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls", "2019-01-01-preview"),
+											SubResources: []swagger.ResourceType{
+												{
+													Display:  "{regulatoryComplianceControlName}",
+													Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls/{regulatoryComplianceControlName}", "2019-01-01-preview"),
+													Children: []swagger.ResourceType{
+														{
+															Display:  "regulatoryComplianceAssessments",
+															Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls/{regulatoryComplianceControlName}/regulatoryComplianceAssessments", "2019-01-01-preview"),
+															SubResources: []swagger.ResourceType{
+																{
+																	Display:  "{regulatoryComplianceAssessmentName}",
+																	Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls/{regulatoryComplianceControlName}/regulatoryComplianceAssessments/{regulatoryComplianceAssessmentName}", "2019-01-01-preview"),
+																}},
+														}},
+												}},
+										}},
+								}},
+						},
+						{
+							Display:  "secureScoreControlDefinitions",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScoreControlDefinitions", "2020-01-01"),
+						},
+						{
+							Display:  "secureScoreControls",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScoreControls", "2020-01-01"),
+						},
+						{
+							Display:  "secureScores",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScores", "2020-01-01"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:  "{secureScoreName}",
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScores/{secureScoreName}", "2020-01-01"),
+									Children: []swagger.ResourceType{
+										{
+											Display:  "secureScoreControls",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScores/{secureScoreName}/secureScoreControls", "2020-01-01"),
+										}},
+								}},
+						},
+						{
+							Display:  "securityConnectors",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityConnectors", "2024-08-01-preview"),
+						},
+						{
+							Display:  "securityContacts",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts", "2023-12-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{securityContactName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts/{securityContactName}", "2023-12-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts/{securityContactName}", "2023-12-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts/{securityContactName}", "2023-12-01-preview"),
+								}},
+						},
+						{
+							Display:  "securitySolutions",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/securitySolutions", "2020-01-01"),
+						},
+						{
+							Display:  "securitySolutionsReferenceData",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/securitySolutionsReferenceData", "2020-01-01"),
+						},
+						{
+							Display:  "serverVulnerabilityAssessmentsSettings",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/serverVulnerabilityAssessmentsSettings", "2023-05-01"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{settingKind}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/serverVulnerabilityAssessmentsSettings/{settingKind}", "2023-05-01"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/serverVulnerabilityAssessmentsSettings/{settingKind}", "2023-05-01"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/serverVulnerabilityAssessmentsSettings/{settingKind}", "2023-05-01"),
+								}},
+						},
+						{
+							Display:  "settings",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings", "2022-05-01"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:     "{settingName}",
+									Endpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings/{settingName}", "2022-05-01"),
+									PutEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings/{settingName}", "2022-05-01"),
+								}},
+						},
+						{
+							Display:  "softwareInventories",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/softwareInventories", "2021-05-01-preview"),
+						},
+						{
+							Display:  "tasks",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/tasks", "2015-06-01-preview"),
+						},
+						{
+							Display:  "topologies",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/topologies", "2020-01-01"),
+						},
+						{
+							Display:  "workspaceSettings",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings", "2017-08-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{workspaceSettingName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings/{workspaceSettingName}", "2017-08-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings/{workspaceSettingName}", "2017-08-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings/{workspaceSettingName}", "2017-08-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings/{workspaceSettingName}", "2017-08-01-preview"),
+								}},
+						},
 						{
 							Display:  "privateLinkServicesForEDMUpload",
 							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.SecurityAndCompliance/privateLinkServicesForEDMUpload", "2021-03-08"),
@@ -17366,6 +17654,314 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 									SubResources: []swagger.ResourceType{},
 								}},
 						},
+						{
+							Display:  "securityOperators",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/pricings/{pricingName}/securityOperators", "2023-01-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{securityOperatorName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/pricings/{pricingName}/securityOperators/{securityOperatorName}", "2023-01-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/pricings/{pricingName}/securityOperators/{securityOperatorName}", "2023-01-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.Security/pricings/{pricingName}/securityOperators/{securityOperatorName}", "2023-01-01-preview"),
+								}},
+						},
+						{
+							Display:  "alerts",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/alerts", "2022-01-01"),
+						},
+						{
+							Display:  "apiCollections",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/apiCollections", "2023-11-15"),
+						},
+						{
+							Display:  "automations",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations", "2023-12-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{automationName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}", "2023-12-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}", "2023-12-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}", "2023-12-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}", "2023-12-01-preview"),
+									Children:       []swagger.ResourceType{},
+								}},
+						},
+						{
+							Display:  "iotSecuritySolutions",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions", "2019-08-01"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{solutionName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}", "2019-08-01"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}", "2019-08-01"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}", "2019-08-01"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}", "2019-08-01"),
+									Children: []swagger.ResourceType{
+										{
+											Display:  "analyticsModels",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels", "2019-08-01"),
+											Children: []swagger.ResourceType{
+												{
+													Display:  "default",
+													Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default", "2019-08-01"),
+													Children: []swagger.ResourceType{
+														{
+															Display:  "aggregatedAlerts",
+															Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts", "2019-08-01"),
+															SubResources: []swagger.ResourceType{
+																{
+																	Display:  "{aggregatedAlertName}",
+																	Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts/{aggregatedAlertName}", "2019-08-01"),
+																	Children: []swagger.ResourceType{},
+																}},
+														},
+														{
+															Display:  "aggregatedRecommendations",
+															Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedRecommendations", "2019-08-01"),
+															SubResources: []swagger.ResourceType{
+																{
+																	Display:  "{aggregatedRecommendationName}",
+																	Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedRecommendations/{aggregatedRecommendationName}", "2019-08-01"),
+																}},
+														}},
+												}},
+										}},
+								}},
+						},
+						{
+							Display:  "jitNetworkAccessPolicies",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/jitNetworkAccessPolicies", "2020-01-01"),
+						},
+						{
+							Display:  "{externalSecuritySolutionsName}",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/ExternalSecuritySolutions/{externalSecuritySolutionsName}", "2020-01-01"),
+						},
+						{
+							Display:  "alerts",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts", "2022-01-01"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:  "{alertName}",
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}", "2022-01-01"),
+									Children: []swagger.ResourceType{},
+								}},
+						},
+						{
+							Display:  "{connectionType}",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/allowedConnections/{connectionType}", "2020-01-01"),
+						},
+						{
+							Display:  "{discoveredSecuritySolutionName}",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/discoveredSecuritySolutions/{discoveredSecuritySolutionName}", "2020-01-01"),
+						},
+						{
+							Display:  "jitNetworkAccessPolicies",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies", "2020-01-01"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{jitNetworkAccessPolicyName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}", "2020-01-01"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}", "2020-01-01"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}", "2020-01-01"),
+									SubResources:   []swagger.ResourceType{},
+								}},
+						},
+						{
+							Display:  "{securitySolutionName}",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/securitySolutions/{securitySolutionName}", "2020-01-01"),
+						},
+						{
+							Display:  "tasks",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/tasks", "2015-06-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:      "{taskName}",
+									Endpoint:     endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}", "2015-06-01-preview"),
+									SubResources: []swagger.ResourceType{},
+								}},
+						},
+						{
+							Display:  "{topologyResourceName}",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/topologies/{topologyResourceName}", "2020-01-01"),
+						},
+						{
+							Display:  "securityConnectors",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors", "2024-08-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{securityConnectorName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}", "2024-08-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}", "2024-08-01-preview"),
+									PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}", "2024-08-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}", "2024-08-01-preview"),
+									Children: []swagger.ResourceType{
+										{
+											Display:  "devops",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops", "2024-05-15-preview"),
+											Children: []swagger.ResourceType{
+												{
+													Display:        "default",
+													Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default", "2024-05-15-preview"),
+													DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default", "2024-05-15-preview"),
+													PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default", "2024-05-15-preview"),
+													PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default", "2024-05-15-preview"),
+													Children: []swagger.ResourceType{
+														{
+															Display:  "azureDevOpsOrgs",
+															Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs", "2024-05-15-preview"),
+															SubResources: []swagger.ResourceType{
+																{
+																	Display:       "{orgName}",
+																	Endpoint:      endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}", "2024-05-15-preview"),
+																	PatchEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}", "2024-05-15-preview"),
+																	PutEndpoint:   endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}", "2024-05-15-preview"),
+																	Children: []swagger.ResourceType{
+																		{
+																			Display:  "projects",
+																			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects", "2024-05-15-preview"),
+																			SubResources: []swagger.ResourceType{
+																				{
+																					Display:       "{projectName}",
+																					Endpoint:      endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}", "2024-05-15-preview"),
+																					PatchEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}", "2024-05-15-preview"),
+																					PutEndpoint:   endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}", "2024-05-15-preview"),
+																					Children: []swagger.ResourceType{
+																						{
+																							Display:  "repos",
+																							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}/repos", "2024-05-15-preview"),
+																							SubResources: []swagger.ResourceType{
+																								{
+																									Display:       "{repoName}",
+																									Endpoint:      endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}/repos/{repoName}", "2024-05-15-preview"),
+																									PatchEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}/repos/{repoName}", "2024-05-15-preview"),
+																									PutEndpoint:   endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}/repos/{repoName}", "2024-05-15-preview"),
+																								}},
+																						}},
+																				}},
+																		}},
+																}},
+														},
+														{
+															Display:  "gitHubOwners",
+															Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitHubOwners", "2024-05-15-preview"),
+															SubResources: []swagger.ResourceType{
+																{
+																	Display:  "{ownerName}",
+																	Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitHubOwners/{ownerName}", "2024-05-15-preview"),
+																	Children: []swagger.ResourceType{
+																		{
+																			Display:  "repos",
+																			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitHubOwners/{ownerName}/repos", "2024-05-15-preview"),
+																			SubResources: []swagger.ResourceType{
+																				{
+																					Display:  "{repoName}",
+																					Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitHubOwners/{ownerName}/repos/{repoName}", "2024-05-15-preview"),
+																				}},
+																		}},
+																}},
+														},
+														{
+															Display:  "gitLabGroups",
+															Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitLabGroups", "2024-05-15-preview"),
+															SubResources: []swagger.ResourceType{
+																{
+																	Display:  "{groupFQName}",
+																	Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitLabGroups/{groupFQName}", "2024-05-15-preview"),
+																	Children: []swagger.ResourceType{
+																		{
+																			Display:  "projects",
+																			Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitLabGroups/{groupFQName}/projects", "2024-05-15-preview"),
+																			SubResources: []swagger.ResourceType{
+																				{
+																					Display:  "{projectName}",
+																					Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitLabGroups/{groupFQName}/projects/{projectName}", "2024-05-15-preview"),
+																				}},
+																		}},
+																}},
+														},
+														{
+															Display:  "policies",
+															Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policies", "2024-05-15-preview"),
+															SubResources: []swagger.ResourceType{
+																{
+																	Display:  "{policyName}",
+																	Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policies/{policyName}", "2024-05-15-preview"),
+																}},
+														},
+														{
+															Display:  "policyAssignments",
+															Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policyAssignments", "2024-05-15-preview"),
+															SubResources: []swagger.ResourceType{
+																{
+																	Display:        "{policyAssignmentId}",
+																	Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policyAssignments/{policyAssignmentId}", "2024-05-15-preview"),
+																	DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policyAssignments/{policyAssignmentId}", "2024-05-15-preview"),
+																	PatchEndpoint:  endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policyAssignments/{policyAssignmentId}", "2024-05-15-preview"),
+																	PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policyAssignments/{policyAssignmentId}", "2024-05-15-preview"),
+																}},
+														}},
+													SubResources: []swagger.ResourceType{
+														{
+															Display:  "{operationResultId}",
+															Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/operationResults/{operationResultId}", "2024-05-15-preview"),
+														}},
+												}},
+										},
+										{
+											Display:  "applications",
+											Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/providers/Microsoft.Security/applications", "2022-07-01-preview"),
+											SubResources: []swagger.ResourceType{
+												{
+													Display:        "{applicationId}",
+													Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/providers/Microsoft.Security/applications/{applicationId}", "2022-07-01-preview"),
+													DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/providers/Microsoft.Security/applications/{applicationId}", "2022-07-01-preview"),
+													PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/providers/Microsoft.Security/applications/{applicationId}", "2022-07-01-preview"),
+												}},
+										}},
+								}},
+						},
+						{
+							Display:  "serverVulnerabilityAssessments",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/serverVulnerabilityAssessments", "2020-01-01"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{serverVulnerabilityAssessment}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/serverVulnerabilityAssessments/{serverVulnerabilityAssessment}", "2020-01-01"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/serverVulnerabilityAssessments/{serverVulnerabilityAssessment}", "2020-01-01"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/serverVulnerabilityAssessments/{serverVulnerabilityAssessment}", "2020-01-01"),
+								}},
+						},
+						{
+							Display:  "softwareInventories",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/softwareInventories", "2021-05-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:  "{softwareName}",
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/softwareInventories/{softwareName}", "2021-05-01-preview"),
+								}},
+						},
+						{
+							Display:  "customAssessmentAutomations",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations", "2021-07-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{customAssessmentAutomationName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}", "2021-07-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}", "2021-07-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}", "2021-07-01-preview"),
+								}},
+						},
+						{
+							Display:  "customEntityStoreAssignments",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments", "2021-07-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:        "{customEntityStoreAssignmentName}",
+									Endpoint:       endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}", "2021-07-01-preview"),
+									DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}", "2021-07-01-preview"),
+									PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}", "2021-07-01-preview"),
+								}},
+						},
 						{
 							Display:  "{operationResultId}",
 							Endpoint: endpoints.MustGetEndpointInfoFromURL("/subscriptions/{subscriptionId}/providers/Microsoft.SecurityAndCompliance/locations/{locationName}/operationresults/{operationResultId}", "2021-03-08"),
@@ -23273,12 +23869,160 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 			Display:  "operations",
 			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.Search/operations", "2023-11-01"),
 		},
+		{
+			Display:  "assessmentMetadata",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.Security/assessmentMetadata", "2021-06-01"),
+			SubResources: []swagger.ResourceType{
+				{
+					Display:  "{assessmentMetadataName}",
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}", "2021-06-01"),
+				}},
+		},
+		{
+			Display:  "operations",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.Security/operations", "2024-10-01-preview"),
+		},
+		{
+			Display:  "secureScoreControlDefinitions",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.Security/secureScoreControlDefinitions", "2020-01-01"),
+		},
+		{
+			Display:  "sensitivitySettings",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.Security/sensitivitySettings", "2023-02-15-preview"),
+			Children: []swagger.ResourceType{
+				{
+					Display:     "current",
+					Endpoint:    endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.Security/sensitivitySettings/current", "2023-02-15-preview"),
+					PutEndpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.Security/sensitivitySettings/current", "2023-02-15-preview"),
+				}},
+		},
+		{
+			Display:     "{settingName}",
+			Endpoint:    endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/advancedThreatProtectionSettings/{settingName}", "2019-01-01"),
+			PutEndpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/advancedThreatProtectionSettings/{settingName}", "2019-01-01"),
+		},
+		{
+			Display:        "{assessmentName}",
+			Endpoint:       endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}", "2021-06-01"),
+			DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}", "2021-06-01"),
+			PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}", "2021-06-01"),
+		},
+		{
+			Display:  "{complianceResultName}",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/complianceResults/{complianceResultName}", "2017-08-01"),
+		},
+		{
+			Display:     "{settingName}",
+			Endpoint:    endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/defenderForStorageSettings/{settingName}", "2024-10-01-preview"),
+			PutEndpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/defenderForStorageSettings/{settingName}", "2024-10-01-preview"),
+			Children:    []swagger.ResourceType{},
+			SubResources: []swagger.ResourceType{
+				{
+					Display:  "{scanId}",
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/defenderForStorageSettings/{settingName}/malwareScans/{scanId}", "2024-10-01-preview"),
+					Children: []swagger.ResourceType{},
+				}},
+		},
+		{
+			Display:  "deviceSecurityGroups",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups", "2019-08-01"),
+			SubResources: []swagger.ResourceType{
+				{
+					Display:        "{deviceSecurityGroupName}",
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}", "2019-08-01"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}", "2019-08-01"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}", "2019-08-01"),
+				}},
+		},
+		{
+			Display:  "{healthReportName}",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/healthReports/{healthReportName}", "2023-05-01-preview"),
+		},
+		{
+			Display:  "baselineRules",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/baselineRules", "2023-02-01-preview"),
+			SubResources: []swagger.ResourceType{
+				{
+					Display:        "{ruleId}",
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/baselineRules/{ruleId}", "2023-02-01-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/baselineRules/{ruleId}", "2023-02-01-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/baselineRules/{ruleId}", "2023-02-01-preview"),
+				}},
+		},
+		{
+			Display:  "scans",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans", "2023-02-01-preview"),
+			SubResources: []swagger.ResourceType{
+				{
+					Display:  "{scanId}",
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/{scanId}", "2023-02-01-preview"),
+					Children: []swagger.ResourceType{
+						{
+							Display:  "scanResults",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/{scanId}/scanResults", "2023-02-01-preview"),
+							SubResources: []swagger.ResourceType{
+								{
+									Display:  "{scanResultId}",
+									Endpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/{scanId}/scanResults/{scanResultId}", "2023-02-01-preview"),
+								}},
+						}},
+				}},
+		},
 		{
 			Display:        "{standardAssignmentName}",
 			Endpoint:       endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/standardAssignments/{standardAssignmentName}", "2024-08-01"),
 			DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/standardAssignments/{standardAssignmentName}", "2024-08-01"),
 			PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{resourceId}/providers/Microsoft.Security/standardAssignments/{standardAssignmentName}", "2024-08-01"),
 		},
+		{
+			Display:  "pricings",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scopeId}/providers/Microsoft.Security/pricings", "2024-01-01"),
+			SubResources: []swagger.ResourceType{
+				{
+					Display:        "{pricingName}",
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/{scopeId}/providers/Microsoft.Security/pricings/{pricingName}", "2024-01-01"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/{scopeId}/providers/Microsoft.Security/pricings/{pricingName}", "2024-01-01"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{scopeId}/providers/Microsoft.Security/pricings/{pricingName}", "2024-01-01"),
+				}},
+		},
+		{
+			Display:  "assessments",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/assessments", "2021-06-01"),
+			SubResources: []swagger.ResourceType{
+				{
+					Display:  "governanceAssignments",
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/governanceAssignments", "2022-01-01-preview"),
+					SubResources: []swagger.ResourceType{
+						{
+							Display:        "{assignmentKey}",
+							Endpoint:       endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/governanceAssignments/{assignmentKey}", "2022-01-01-preview"),
+							DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/governanceAssignments/{assignmentKey}", "2022-01-01-preview"),
+							PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/governanceAssignments/{assignmentKey}", "2022-01-01-preview"),
+						}},
+				},
+				{
+					Display:  "subAssessments",
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/subAssessments", "2019-01-01-preview"),
+					SubResources: []swagger.ResourceType{
+						{
+							Display:  "{subAssessmentName}",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/subAssessments/{subAssessmentName}", "2019-01-01-preview"),
+						}},
+				}},
+		},
+		{
+			Display:  "complianceResults",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/complianceResults", "2017-08-01"),
+		},
+		{
+			Display:  "compliances",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/compliances", "2017-08-01-preview"),
+			SubResources: []swagger.ResourceType{
+				{
+					Display:  "{complianceName}",
+					Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/compliances/{complianceName}", "2017-08-01-preview"),
+				}},
+		},
 		{
 			Display:  "customRecommendations",
 			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/customRecommendations", "2024-08-01"),
@@ -23290,6 +24034,37 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/customRecommendations/{customRecommendationName}", "2024-08-01"),
 				}},
 		},
+		{
+			Display:  "governanceRules",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/governanceRules", "2022-01-01-preview"),
+			SubResources: []swagger.ResourceType{
+				{
+					Display:        "{ruleId}",
+					Endpoint:       endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}", "2022-01-01-preview"),
+					DeleteEndpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}", "2022-01-01-preview"),
+					PutEndpoint:    endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}", "2022-01-01-preview"),
+					Children:       []swagger.ResourceType{},
+					SubResources: []swagger.ResourceType{
+						{
+							Display:  "{operationId}",
+							Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}/operationResults/{operationId}", "2022-01-01-preview"),
+						}},
+				}},
+		},
+		{
+			Display:  "healthReports",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/healthReports", "2023-05-01-preview"),
+		},
+		{
+			Display:  "informationProtectionPolicies",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/informationProtectionPolicies", "2017-08-01-preview"),
+			SubResources: []swagger.ResourceType{
+				{
+					Display:     "{informationProtectionPolicyName}",
+					Endpoint:    endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/informationProtectionPolicies/{informationProtectionPolicyName}", "2017-08-01-preview"),
+					PutEndpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/informationProtectionPolicies/{informationProtectionPolicyName}", "2017-08-01-preview"),
+				}},
+		},
 		{
 			Display:  "securityStandards",
 			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/securityStandards", "2024-08-01"),
@@ -23305,6 +24080,10 @@ func (e *SwaggerAPISetARMResources) loadResourceTypes() []swagger.ResourceType {
 			Display:  "standardAssignments",
 			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/standardAssignments", "2024-08-01"),
 		},
+		{
+			Display:  "subAssessments",
+			Endpoint: endpoints.MustGetEndpointInfoFromURL("/{scope}/providers/Microsoft.Security/subAssessments", "2019-01-01-preview"),
+		},
 		{
 			Display:  "operations",
 			Endpoint: endpoints.MustGetEndpointInfoFromURL("/providers/Microsoft.SecurityAndCompliance/operations", "2021-03-08"),
diff --git a/swagger-specs/appconfiguration/data-plane/Microsoft.AppConfiguration/stable/2023-11-01/appconfiguration.json b/swagger-specs/appconfiguration/data-plane/Microsoft.AppConfiguration/stable/2023-11-01/appconfiguration.json
index 387cd3436..f92959401 100644
--- a/swagger-specs/appconfiguration/data-plane/Microsoft.AppConfiguration/stable/2023-11-01/appconfiguration.json
+++ b/swagger-specs/appconfiguration/data-plane/Microsoft.AppConfiguration/stable/2023-11-01/appconfiguration.json
@@ -731,10 +731,10 @@
                 "type": "string",
                 "description": "Used to guarantee real-time consistency between requests."
               },
-              "x-ms-client-request-id": {
+              "x-ms-request-id": {
                 "type": "string",
                 "format": "uuid",
-                "description": "An opaque, globally-unique, client-generated string identifier for the request."
+                "description": "An opaque, globally-unique, server-generated string identifier for the request."
               }
             }
           },
@@ -2257,10 +2257,10 @@
                 "type": "string",
                 "description": "Used to guarantee real-time consistency between requests."
               },
-              "x-ms-client-request-id": {
+              "x-ms-request-id": {
                 "type": "string",
                 "format": "uuid",
-                "description": "An opaque, globally-unique, client-generated string identifier for the request."
+                "description": "An opaque, globally-unique, server-generated string identifier for the request."
               }
             }
           },
diff --git a/swagger-specs/containerregistry/resource-manager/Microsoft.ContainerRegistry/preview/2023-11-01-preview/containerregistry.json b/swagger-specs/containerregistry/resource-manager/Microsoft.ContainerRegistry/preview/2024-11-01-preview/containerregistry.json
similarity index 99%
rename from swagger-specs/containerregistry/resource-manager/Microsoft.ContainerRegistry/preview/2023-11-01-preview/containerregistry.json
rename to swagger-specs/containerregistry/resource-manager/Microsoft.ContainerRegistry/preview/2024-11-01-preview/containerregistry.json
index 57aea4489..3e02800da 100644
--- a/swagger-specs/containerregistry/resource-manager/Microsoft.ContainerRegistry/preview/2023-11-01-preview/containerregistry.json
+++ b/swagger-specs/containerregistry/resource-manager/Microsoft.ContainerRegistry/preview/2024-11-01-preview/containerregistry.json
@@ -1,7 +1,7 @@
 {
   "swagger": "2.0",
   "info": {
-    "version": "2023-11-01-preview",
+    "version": "2024-11-01-preview",
     "title": "ContainerRegistryManagementClient"
   },
   "host": "management.azure.com",
@@ -2520,6 +2520,9 @@
           },
           "RegistryCreateZoneRedundant": {
             "$ref": "./examples/RegistryCreateZoneRedundant.json"
+          },
+          "RegistryCreateDomainNameLabelScope": {
+            "$ref": "./examples/RegistryCreateDomainNameLabelScope.json"
           }
         },
         "x-ms-long-running-operation": true,
@@ -4484,6 +4487,9 @@
           "items": {
             "type": "string"
           }
+        },
+        "garbageCollection": {
+          "$ref": "#/definitions/GarbageCollectionProperties"
         }
       }
     },
@@ -4692,6 +4698,20 @@
         }
       }
     },
+    "GarbageCollectionProperties": {
+      "description": "The garbage collection properties of the connected registry.",
+      "type": "object",
+      "properties": {
+        "enabled": {
+          "description": "Indicates whether garbage collection is enabled for the connected registry.",
+          "type": "boolean"
+        },
+        "schedule": {
+          "description": "The cron expression indicating the schedule that the connected registry will run garbage collection.",
+          "type": "string"
+        }
+      }
+    },
     "ConnectedRegistryUpdateParameters": {
       "description": "The parameters for updating a connected registry.",
       "type": "object",
@@ -4728,6 +4748,9 @@
           "items": {
             "type": "string"
           }
+        },
+        "garbageCollection": {
+          "$ref": "#/definitions/GarbageCollectionProperties"
         }
       }
     },
@@ -5642,6 +5665,28 @@
             "name": "ContainerRegistryResourceType",
             "modelAsString": false
           }
+        },
+        "resourceGroupName": {
+          "description": "The resource group name of the container registry.",
+          "maxLength": 90,
+          "minLength": 1,
+          "type": "string"
+        },
+        "autoGeneratedDomainNameLabelScope": {
+          "description": "The auto generated domain name label of the container registry. This value defaults to \"Unsecure\".",
+          "default": "Unsecure",
+          "enum": [
+            "Unsecure",
+            "TenantReuse",
+            "SubscriptionReuse",
+            "ResourceGroupReuse",
+            "NoReuse"
+          ],
+          "type": "string",
+          "x-ms-enum": {
+            "name": "AutoGeneratedDomainNameLabelScope",
+            "modelAsString": true
+          }
         }
       }
     },
@@ -5649,6 +5694,10 @@
       "description": "The result of a request to check the availability of a container registry name.",
       "type": "object",
       "properties": {
+        "availableLoginServerName": {
+          "description": "The complete login server name with domain name label (DNL) hash, if available",
+          "type": "string"
+        },
         "nameAvailable": {
           "description": "The value that indicates whether the name is available.",
           "type": "boolean"
@@ -6204,6 +6253,22 @@
             "name": "MetadataSearch",
             "modelAsString": true
           }
+        },
+        "autoGeneratedDomainNameLabelScope": {
+          "description": "Determines the domain name label reuse scope.",
+          "default": "Unsecure",
+          "enum": [
+            "Unsecure",
+            "TenantReuse",
+            "SubscriptionReuse",
+            "ResourceGroupReuse",
+            "NoReuse"
+          ],
+          "type": "string",
+          "x-ms-enum": {
+            "name": "AutoGeneratedDomainNameLabelScope",
+            "modelAsString": true
+          }
         }
       }
     },
diff --git a/swagger-specs/containerregistry/resource-manager/api-set.json b/swagger-specs/containerregistry/resource-manager/api-set.json
index f416d6053..b358d7e4a 100644
--- a/swagger-specs/containerregistry/resource-manager/api-set.json
+++ b/swagger-specs/containerregistry/resource-manager/api-set.json
@@ -1 +1 @@
-{"addition_input_file_paths": [], "input_files": ["Microsoft.ContainerRegistry/preview/2023-11-01-preview/containerregistry.json"], "name": "package-2023-11-preview-only"}
\ No newline at end of file
+{"addition_input_file_paths": [], "input_files": ["Microsoft.ContainerRegistry/preview/2024-11-01-preview/containerregistry.json"], "name": "package-2024-11-preview-only"}
\ No newline at end of file
diff --git a/swagger-specs/eventgrid/data-plane/Microsoft.EventGrid/stable/2018-01-01/GeneratedSystemEvents.json b/swagger-specs/eventgrid/data-plane/Microsoft.EventGrid/stable/2018-01-01/GeneratedSystemEvents.json
index a03e7f247..b56665d45 100644
--- a/swagger-specs/eventgrid/data-plane/Microsoft.EventGrid/stable/2018-01-01/GeneratedSystemEvents.json
+++ b/swagger-specs/eventgrid/data-plane/Microsoft.EventGrid/stable/2018-01-01/GeneratedSystemEvents.json
@@ -3678,7 +3678,10 @@
           "format": "date-time",
           "description": "The time at which the stage happened."
         }
-      }
+      },
+      "required": [
+        "serialNumber"
+      ]
     },
     "DataBoxCopyStartedEventData": {
       "type": "object",
@@ -3697,7 +3700,10 @@
           "format": "date-time",
           "description": "The time at which the stage happened."
         }
-      }
+      },
+      "required": [
+        "serialNumber"
+      ]
     },
     "DataBoxOrderCompletedEventData": {
       "type": "object",
@@ -3716,7 +3722,10 @@
           "format": "date-time",
           "description": "The time at which the stage happened."
         }
-      }
+      },
+      "required": [
+        "serialNumber"
+      ]
     },
     "DataBoxStageName": {
       "type": "string",
@@ -3756,7 +3765,10 @@
           "type": "string",
           "description": "Sequence number is string representation of a hexadecimal number. string compare can be used to identify the larger number because both in ASCII and HEX numbers come after alphabets. If you are converting the string to hex, then the number is a 256 bit number."
         }
-      }
+      },
+      "required": [
+        "sequenceNumber"
+      ]
     },
     "DeviceConnectionStateEventProperties": {
       "type": "object",
@@ -3780,6 +3792,8 @@
         }
       },
       "required": [
+        "deviceId",
+        "hubName",
         "deviceConnectionStateEventInfo"
       ]
     },
@@ -3801,6 +3815,8 @@
         }
       },
       "required": [
+        "deviceId",
+        "hubName",
         "twin"
       ]
     },
@@ -3886,7 +3902,14 @@
         }
       },
       "required": [
+        "authenticationType",
+        "connectionState",
+        "deviceId",
+        "etag",
+        "lastActivityTime",
         "properties",
+        "status",
+        "statusUpdateTime",
         "x509Thumbprint"
       ]
     },
@@ -3920,7 +3943,11 @@
           "type": "string",
           "description": "Secondary thumbprint for the x509 certificate."
         }
-      }
+      },
+      "required": [
+        "primaryThumbprint",
+        "secondaryThumbprint"
+      ]
     },
     "DeviceTwinMetadata": {
       "type": "object",
@@ -3931,7 +3958,10 @@
           "description": "The ISO8601 timestamp of the last time the properties were updated.",
           "x-ms-client-name": "$lastUpdated"
         }
-      }
+      },
+      "required": [
+        "lastUpdated"
+      ]
     },
     "DeviceTwinProperties": {
       "type": "object",
@@ -4091,7 +4121,12 @@
           "type": "string",
           "description": "Name of the Event Grid namespace where the MQTT client was created or updated."
         }
-      }
+      },
+      "required": [
+        "clientAuthenticationName",
+        "clientName",
+        "namespaceName"
+      ]
     },
     "EventGridMQTTClientSessionConnectedEventData": {
       "type": "object",
@@ -4107,6 +4142,9 @@
           "description": "A number that helps indicate order of MQTT client session connected or\ndisconnected events. Latest event will have a sequence number that is higher\nthan the previous event."
         }
       },
+      "required": [
+        "clientSessionName"
+      ],
       "allOf": [
         {
           "$ref": "#/definitions/EventGridMQTTClientEventData"
@@ -4131,6 +4169,9 @@
           "description": "Reason for the disconnection of the MQTT client's session. The value could be\none of the values in the disconnection reasons table."
         }
       },
+      "required": [
+        "clientSessionName"
+      ],
       "allOf": [
         {
           "$ref": "#/definitions/EventGridMQTTClientEventData"
@@ -4239,7 +4280,14 @@
           "format": "int64",
           "description": "Sequence number of the DICOM Service within Azure Health Data Services. It is unique for every image creation and deletion within the service."
         }
-      }
+      },
+      "required": [
+        "partitionName",
+        "imageStudyInstanceUid",
+        "imageSeriesInstanceUid",
+        "imageSopInstanceUid",
+        "serviceHostName"
+      ]
     },
     "HealthcareDicomImageDeletedEventData": {
       "type": "object",
@@ -4270,7 +4318,14 @@
           "format": "int64",
           "description": "Sequence number of the DICOM Service within Azure Health Data Services. It is unique for every image creation and deletion within the service."
         }
-      }
+      },
+      "required": [
+        "partitionName",
+        "imageStudyInstanceUid",
+        "imageSeriesInstanceUid",
+        "imageSopInstanceUid",
+        "serviceHostName"
+      ]
     },
     "HealthcareDicomImageUpdatedEventData": {
       "type": "object",
@@ -4301,7 +4356,14 @@
           "format": "int64",
           "description": "Sequence number of the DICOM Service within Azure Health Data Services. It is unique for every image creation, updation and deletion within the service."
         }
-      }
+      },
+      "required": [
+        "partitionName",
+        "imageStudyInstanceUid",
+        "imageSeriesInstanceUid",
+        "imageSopInstanceUid",
+        "serviceHostName"
+      ]
     },
     "HealthcareFhirResourceCreatedEventData": {
       "type": "object",
@@ -4328,7 +4390,11 @@
           "description": "VersionId of HL7 FHIR resource. It changes when the resource is created, updated, or deleted(soft-deletion).",
           "x-ms-client-name": "FhirResourceVersionId"
         }
-      }
+      },
+      "required": [
+        "resourceFhirAccount",
+        "resourceFhirId"
+      ]
     },
     "HealthcareFhirResourceDeletedEventData": {
       "type": "object",
@@ -4355,7 +4421,11 @@
           "description": "VersionId of HL7 FHIR resource. It changes when the resource is created, updated, or deleted(soft-deletion).",
           "x-ms-client-name": "FhirResourceVersionId"
         }
-      }
+      },
+      "required": [
+        "resourceFhirAccount",
+        "resourceFhirId"
+      ]
     },
     "HealthcareFhirResourceType": {
       "type": "string",
@@ -5360,7 +5430,11 @@
           "description": "VersionId of HL7 FHIR resource. It changes when the resource is created, updated, or deleted(soft-deletion).",
           "x-ms-client-name": "FhirResourceVersionId"
         }
-      }
+      },
+      "required": [
+        "resourceFhirAccount",
+        "resourceFhirId"
+      ]
     },
     "IotHubDeviceConnectedEventData": {
       "type": "object",
@@ -5441,7 +5515,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "KeyVaultCertificateExpiredEventData": {
       "type": "object",
@@ -5477,7 +5558,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "KeyVaultCertificateNearExpiryEventData": {
       "type": "object",
@@ -5513,7 +5601,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "KeyVaultCertificateNewVersionCreatedEventData": {
       "type": "object",
@@ -5549,7 +5644,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "KeyVaultKeyExpiredEventData": {
       "type": "object",
@@ -5585,7 +5687,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "KeyVaultKeyNearExpiryEventData": {
       "type": "object",
@@ -5621,7 +5730,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "KeyVaultKeyNewVersionCreatedEventData": {
       "type": "object",
@@ -5657,7 +5773,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "KeyVaultSecretExpiredEventData": {
       "type": "object",
@@ -5693,7 +5816,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "KeyVaultSecretNearExpiryEventData": {
       "type": "object",
@@ -5729,7 +5859,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "KeyVaultSecretNewVersionCreatedEventData": {
       "type": "object",
@@ -5765,7 +5902,14 @@
           "format": "float",
           "description": "The expiration date of the object that triggered this event"
         }
-      }
+      },
+      "required": [
+        "Id",
+        "VaultName",
+        "ObjectType",
+        "ObjectName",
+        "Version"
+      ]
     },
     "MachineLearningServicesDatasetDriftDetectedEventData": {
       "type": "object",
@@ -6039,909 +6183,105 @@
         }
       ]
     },
-    "MediaJobCanceledEventData": {
+    "MicrosoftTeamsAppIdentifierModel": {
       "type": "object",
-      "description": "Job canceled event data. Schema of the data property of an EventGridEvent for a\nMicrosoft.Media.JobCanceled event.",
+      "description": "A Microsoft Teams application.",
       "properties": {
-        "outputs": {
-          "type": "array",
-          "description": "Gets the Job outputs.",
-          "items": {
-            "$ref": "#/definitions/MediaJobOutput"
-          },
-          "x-ms-identifiers": []
+        "appId": {
+          "type": "string",
+          "description": "The Id of the Microsoft Teams application"
+        },
+        "cloud": {
+          "$ref": "#/definitions/CommunicationCloudEnvironmentModel",
+          "description": "The cloud that the Microsoft Teams application belongs to. By default 'public' if missing."
         }
       },
       "required": [
-        "outputs"
-      ],
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobStateChangeEventData"
-        }
-      ]
-    },
-    "MediaJobCancelingEventData": {
-      "type": "object",
-      "description": "Job canceling event data. Schema of the data property of an EventGridEvent for\na Microsoft.Media.JobCanceling event.",
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobStateChangeEventData"
-        }
+        "appId"
       ]
     },
-    "MediaJobError": {
+    "MicrosoftTeamsUserIdentifierModel": {
       "type": "object",
-      "description": "Details of JobOutput errors.",
+      "description": "A Microsoft Teams user.",
       "properties": {
-        "code": {
-          "$ref": "#/definitions/MediaJobErrorCode",
-          "description": "Error code describing the error."
-        },
-        "message": {
+        "userId": {
           "type": "string",
-          "description": "A human-readable language-dependent representation of the error."
-        },
-        "category": {
-          "$ref": "#/definitions/MediaJobErrorCategory",
-          "description": "Helps with categorization of errors."
+          "description": "The Id of the Microsoft Teams user. If not anonymous, this is the AAD object Id of the user."
         },
-        "retry": {
-          "$ref": "#/definitions/MediaJobRetry",
-          "description": "Indicates that it may be possible to retry the Job. If retry is unsuccessful, please contact Azure support via Azure Portal."
+        "isAnonymous": {
+          "type": "boolean",
+          "description": "True if the Microsoft Teams user is anonymous. By default false if missing."
         },
-        "details": {
-          "type": "array",
-          "description": "An array of details about specific errors that led to this reported error.",
-          "items": {
-            "$ref": "#/definitions/MediaJobErrorDetail"
-          },
-          "x-ms-identifiers": []
+        "cloud": {
+          "$ref": "#/definitions/CommunicationCloudEnvironmentModel",
+          "description": "The cloud that the Microsoft Teams user belongs to. By default 'public' if missing."
         }
       },
       "required": [
-        "details"
+        "userId"
       ]
     },
-    "MediaJobErrorCategory": {
-      "type": "string",
-      "description": "Error categories for Media Job Errors.",
-      "enum": [
-        "Service",
-        "Download",
-        "Upload",
-        "Configuration",
-        "Content",
-        "Account"
-      ],
-      "x-ms-enum": {
-        "name": "MediaJobErrorCategory",
-        "modelAsString": true,
-        "values": [
-          {
-            "name": "Service",
-            "value": "Service",
-            "description": "The error is service related."
-          },
-          {
-            "name": "Download",
-            "value": "Download",
-            "description": "The error is download related."
-          },
-          {
-            "name": "Upload",
-            "value": "Upload",
-            "description": "The error is upload related."
-          },
-          {
-            "name": "Configuration",
-            "value": "Configuration",
-            "description": "The error is configuration related."
-          },
-          {
-            "name": "Content",
-            "value": "Content",
-            "description": "The error is related to data in the input files."
-          },
-          {
-            "name": "Account",
-            "value": "Account",
-            "description": "The error is related to account information."
-          }
-        ]
-      }
-    },
-    "MediaJobErrorCode": {
-      "type": "string",
-      "description": "Media Job Error Codes.",
-      "enum": [
-        "ServiceError",
-        "ServiceTransientError",
-        "DownloadNotAccessible",
-        "DownloadTransientError",
-        "UploadNotAccessible",
-        "UploadTransientError",
-        "ConfigurationUnsupported",
-        "ContentMalformed",
-        "ContentUnsupported",
-        "IdentityUnsupported"
-      ],
-      "x-ms-enum": {
-        "name": "MediaJobErrorCode",
-        "modelAsString": true,
-        "values": [
-          {
-            "name": "ServiceError",
-            "value": "ServiceError",
-            "description": "Fatal service error, please contact support."
-          },
-          {
-            "name": "ServiceTransientError",
-            "value": "ServiceTransientError",
-            "description": "Transient error, please retry, if retry is unsuccessful, please contact support."
-          },
-          {
-            "name": "DownloadNotAccessible",
-            "value": "DownloadNotAccessible",
-            "description": "While trying to download the input files, the files were not accessible, please check the availability of the source."
-          },
-          {
-            "name": "DownloadTransientError",
-            "value": "DownloadTransientError",
-            "description": "While trying to download the input files, there was an issue during transfer (storage service, network errors), see details and check your source."
-          },
-          {
-            "name": "UploadNotAccessible",
-            "value": "UploadNotAccessible",
-            "description": "While trying to upload the output files, the destination was not reachable, please check the availability of the destination."
-          },
-          {
-            "name": "UploadTransientError",
-            "value": "UploadTransientError",
-            "description": "While trying to upload the output files, there was an issue during transfer (storage service, network errors), see details and check your destination."
-          },
-          {
-            "name": "ConfigurationUnsupported",
-            "value": "ConfigurationUnsupported",
-            "description": "There was a problem with the combination of input files and the configuration settings applied, fix the configuration settings and retry with the same input, or change input to match the configuration."
-          },
-          {
-            "name": "ContentMalformed",
-            "value": "ContentMalformed",
-            "description": "There was a problem with the input content (for example: zero byte files, or corrupt/non-decodable files), check the input files."
-          },
-          {
-            "name": "ContentUnsupported",
-            "value": "ContentUnsupported",
-            "description": "There was a problem with the format of the input (not valid media file, or an unsupported file/codec), check the validity of the input files."
-          },
-          {
-            "name": "IdentityUnsupported",
-            "value": "IdentityUnsupported",
-            "description": "There is an error verifying to the account identity. Check and fix the identity configurations and retry. If unsuccessful, please contact support."
-          }
-        ]
-      }
-    },
-    "MediaJobErrorDetail": {
+    "PhoneNumberIdentifierModel": {
       "type": "object",
-      "description": "Details of JobOutput errors.",
+      "description": "A phone number.",
       "properties": {
-        "code": {
-          "type": "string",
-          "description": "Code describing the error detail."
-        },
-        "message": {
+        "value": {
           "type": "string",
-          "description": "A human-readable representation of the error."
-        }
-      }
-    },
-    "MediaJobErroredEventData": {
-      "type": "object",
-      "description": "Job error state event data. Schema of the data property of an EventGridEvent\nfor a Microsoft.Media.JobErrored event.",
-      "properties": {
-        "outputs": {
-          "type": "array",
-          "description": "Gets the Job outputs.",
-          "items": {
-            "$ref": "#/definitions/MediaJobOutput"
-          },
-          "x-ms-identifiers": []
+          "description": "The phone number in E.164 format."
         }
       },
       "required": [
-        "outputs"
-      ],
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobStateChangeEventData"
-        }
+        "value"
       ]
     },
-    "MediaJobFinishedEventData": {
+    "PolicyInsightsPolicyStateChangedEventData": {
       "type": "object",
-      "description": "Job finished event data. Schema of the data property of an EventGridEvent for a\nMicrosoft.Media.JobFinished event.",
+      "description": "Schema of the Data property of an EventGridEvent for a Microsoft.PolicyInsights.PolicyStateChanged event.",
       "properties": {
-        "outputs": {
-          "type": "array",
-          "description": "Gets the Job outputs.",
-          "items": {
-            "$ref": "#/definitions/MediaJobOutput"
-          },
-          "x-ms-identifiers": []
+        "timestamp": {
+          "type": "string",
+          "format": "date-time",
+          "description": "The time that the resource was scanned by Azure Policy in the Universal ISO 8601 DateTime format yyyy-MM-ddTHH:mm:ss.fffffffZ."
+        },
+        "policyAssignmentId": {
+          "type": "string",
+          "description": "The resource ID of the policy assignment."
+        },
+        "policyDefinitionId": {
+          "type": "string",
+          "description": "The resource ID of the policy definition."
+        },
+        "policyDefinitionReferenceId": {
+          "type": "string",
+          "description": "The reference ID for the policy definition inside the initiative definition, if the policy assignment is for an initiative. May be empty."
+        },
+        "complianceState": {
+          "type": "string",
+          "description": "The compliance state of the resource with respect to the policy assignment."
+        },
+        "subscriptionId": {
+          "type": "string",
+          "description": "The subscription ID of the resource."
+        },
+        "complianceReasonCode": {
+          "type": "string",
+          "description": "The compliance reason code. May be empty."
         }
       },
       "required": [
-        "outputs"
-      ],
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobStateChangeEventData"
-        }
+        "policyAssignmentId",
+        "policyDefinitionId",
+        "policyDefinitionReferenceId",
+        "complianceState",
+        "subscriptionId",
+        "complianceReasonCode"
       ]
     },
-    "MediaJobOutput": {
+    "PolicyInsightsPolicyStateCreatedEventData": {
       "type": "object",
-      "description": "The event data for a Job output.",
+      "description": "Schema of the Data property of an EventGridEvent for a Microsoft.PolicyInsights.PolicyStateCreated event.",
       "properties": {
-        "@odata.type": {
-          "type": "string",
-          "description": "The discriminator for derived types."
-        },
-        "error": {
-          "$ref": "#/definitions/MediaJobError",
-          "description": "Gets the Job output error."
-        },
-        "label": {
-          "type": "string",
-          "description": "Gets the Job output label."
-        },
-        "progress": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets the Job output progress."
-        },
-        "state": {
-          "$ref": "#/definitions/MediaJobState",
-          "description": "Gets the Job output state."
-        }
-      },
-      "discriminator": "@odata.type",
-      "required": [
-        "@odata.type",
-        "error",
-        "progress"
-      ]
-    },
-    "MediaJobOutputAsset": {
-      "type": "object",
-      "description": "The event data for a Job output asset.",
-      "properties": {
-        "assetName": {
-          "type": "string",
-          "description": "Gets the Job output asset name."
-        }
-      },
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobOutput"
-        }
-      ],
-      "x-ms-discriminator-value": "#Microsoft.Media.JobOutputAsset"
-    },
-    "MediaJobOutputCanceledEventData": {
-      "type": "object",
-      "description": "Job output canceled event data. Schema of the data property of an\nEventGridEvent for a Microsoft.Media.JobOutputCanceled event.",
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobOutputStateChangeEventData"
-        }
-      ]
-    },
-    "MediaJobOutputCancelingEventData": {
-      "type": "object",
-      "description": "Job output canceling event data. Schema of the data property of an\nEventGridEvent for a Microsoft.Media.JobOutputCanceling event.",
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobOutputStateChangeEventData"
-        }
-      ]
-    },
-    "MediaJobOutputErroredEventData": {
-      "type": "object",
-      "description": "Job output error event data. Schema of the data property of an EventGridEvent\nfor a Microsoft.Media.JobOutputErrored event.",
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobOutputStateChangeEventData"
-        }
-      ]
-    },
-    "MediaJobOutputFinishedEventData": {
-      "type": "object",
-      "description": "Job output finished event data. Schema of the data property of an\nEventGridEvent for a Microsoft.Media.JobOutputFinished event.",
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobOutputStateChangeEventData"
-        }
-      ]
-    },
-    "MediaJobOutputProcessingEventData": {
-      "type": "object",
-      "description": "Job output processing event data. Schema of the data property of an\nEventGridEvent for a Microsoft.Media.JobOutputProcessing event.",
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobOutputStateChangeEventData"
-        }
-      ]
-    },
-    "MediaJobOutputProgressEventData": {
-      "type": "object",
-      "description": "Job Output Progress Event Data. Schema of the Data property of an\n  EventGridEvent for a Microsoft.Media.JobOutputProgress event.",
-      "properties": {
-        "label": {
-          "type": "string",
-          "description": "Gets the Job output label."
-        },
-        "progress": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets the Job output progress."
-        },
-        "jobCorrelationData": {
-          "type": "object",
-          "description": "Gets the Job correlation data.",
-          "additionalProperties": {
-            "type": "string"
-          }
-        }
-      },
-      "required": [
-        "jobCorrelationData"
-      ]
-    },
-    "MediaJobOutputScheduledEventData": {
-      "type": "object",
-      "description": "Job output scheduled event data. Schema of the data property of an\nEventGridEvent for a Microsoft.Media.JobOutputScheduled event.",
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobOutputStateChangeEventData"
-        }
-      ]
-    },
-    "MediaJobOutputStateChangeEventData": {
-      "type": "object",
-      "description": "Schema of the Data property of an EventGridEvent for a\n  Microsoft.Media.JobOutputStateChange event.",
-      "properties": {
-        "previousState": {
-          "$ref": "#/definitions/MediaJobState",
-          "description": "The previous state of the Job."
-        },
-        "output": {
-          "$ref": "#/definitions/MediaJobOutput",
-          "description": "Gets the output."
-        },
-        "jobCorrelationData": {
-          "type": "object",
-          "description": "Gets the Job correlation data.",
-          "additionalProperties": {
-            "type": "string"
-          }
-        }
-      },
-      "required": [
-        "output",
-        "jobCorrelationData"
-      ]
-    },
-    "MediaJobProcessingEventData": {
-      "type": "object",
-      "description": "Job processing event data. Schema of the data property of an EventGridEvent for\na Microsoft.Media.JobProcessing event.",
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobStateChangeEventData"
-        }
-      ]
-    },
-    "MediaJobRetry": {
-      "type": "string",
-      "description": "Media Job Retry Options.",
-      "enum": [
-        "DoNotRetry",
-        "MayRetry"
-      ],
-      "x-ms-enum": {
-        "name": "MediaJobRetry",
-        "modelAsString": true,
-        "values": [
-          {
-            "name": "DoNotRetry",
-            "value": "DoNotRetry",
-            "description": "Issue needs to be investigated and then the job resubmitted with corrections or retried once the underlying issue has been corrected."
-          },
-          {
-            "name": "MayRetry",
-            "value": "MayRetry",
-            "description": "Issue may be resolved after waiting for a period of time and resubmitting the same Job."
-          }
-        ]
-      }
-    },
-    "MediaJobScheduledEventData": {
-      "type": "object",
-      "description": "Job scheduled event data. Schema of the data property of an EventGridEvent for\na Microsoft.Media.JobScheduled event.",
-      "allOf": [
-        {
-          "$ref": "#/definitions/MediaJobStateChangeEventData"
-        }
-      ]
-    },
-    "MediaJobState": {
-      "type": "string",
-      "description": "State of a Media Job.",
-      "enum": [
-        "Canceled",
-        "Canceling",
-        "Error",
-        "Finished",
-        "Processing",
-        "Queued",
-        "Scheduled"
-      ],
-      "x-ms-enum": {
-        "name": "MediaJobState",
-        "modelAsString": true,
-        "values": [
-          {
-            "name": "Canceled",
-            "value": "Canceled",
-            "description": "The job was canceled. This is a final state for the job."
-          },
-          {
-            "name": "Canceling",
-            "value": "Canceling",
-            "description": "The job is in the process of being canceled. This is a transient state for the job."
-          },
-          {
-            "name": "Error",
-            "value": "Error",
-            "description": "The job has encountered an error. This is a final state for the job."
-          },
-          {
-            "name": "Finished",
-            "value": "Finished",
-            "description": "The job is finished. This is a final state for the job."
-          },
-          {
-            "name": "Processing",
-            "value": "Processing",
-            "description": "The job is processing. This is a transient state for the job."
-          },
-          {
-            "name": "Queued",
-            "value": "Queued",
-            "description": "The job is in a queued state, waiting for resources to become available. This is a transient state."
-          },
-          {
-            "name": "Scheduled",
-            "value": "Scheduled",
-            "description": "The job is being scheduled to run on an available resource. This is a transient state, between queued and processing states."
-          }
-        ]
-      }
-    },
-    "MediaJobStateChangeEventData": {
-      "type": "object",
-      "description": "Schema of the Data property of an EventGridEvent for a\n  Microsoft.Media.JobStateChange event.",
-      "properties": {
-        "previousState": {
-          "$ref": "#/definitions/MediaJobState",
-          "description": "The previous state of the Job."
-        },
-        "state": {
-          "$ref": "#/definitions/MediaJobState",
-          "description": "The new state of the Job."
-        },
-        "correlationData": {
-          "type": "object",
-          "description": "Gets the Job correlation data.",
-          "additionalProperties": {
-            "type": "string"
-          }
-        }
-      },
-      "required": [
-        "correlationData"
-      ]
-    },
-    "MediaLiveEventChannelArchiveHeartbeatEventData": {
-      "type": "object",
-      "description": "Channel Archive heartbeat event data. Schema of the data property of an EventGridEvent for a Microsoft.Media.LiveEventChannelArchiveHeartbeat event.",
-      "properties": {
-        "channelLatencyMs": {
-          "type": "string",
-          "description": "Gets the channel latency in ms."
-        },
-        "latencyResultCode": {
-          "type": "string",
-          "description": "Gets the latency result code."
-        }
-      },
-      "required": [
-        "channelLatencyMs",
-        "latencyResultCode"
-      ]
-    },
-    "MediaLiveEventConnectionRejectedEventData": {
-      "type": "object",
-      "description": "Encoder connection rejected event data. Schema of the data property of an EventGridEvent for a Microsoft.Media.LiveEventConnectionRejected event.",
-      "properties": {
-        "ingestUrl": {
-          "type": "string",
-          "description": "Gets the ingest URL provided by the live event."
-        },
-        "streamId": {
-          "type": "string",
-          "description": "Gets the stream Id."
-        },
-        "encoderIp": {
-          "type": "string",
-          "description": "Gets the remote IP."
-        },
-        "encoderPort": {
-          "type": "string",
-          "description": "Gets the remote port."
-        },
-        "resultCode": {
-          "type": "string",
-          "description": "Gets the result code."
-        }
-      }
-    },
-    "MediaLiveEventEncoderConnectedEventData": {
-      "type": "object",
-      "description": "Encoder connect event data. Schema of the data property of an EventGridEvent for a Microsoft.Media.LiveEventEncoderConnected event.",
-      "properties": {
-        "ingestUrl": {
-          "type": "string",
-          "description": "Gets the ingest URL provided by the live event."
-        },
-        "streamId": {
-          "type": "string",
-          "description": "Gets the stream Id."
-        },
-        "encoderIp": {
-          "type": "string",
-          "description": "Gets the remote IP."
-        },
-        "encoderPort": {
-          "type": "string",
-          "description": "Gets the remote port."
-        }
-      }
-    },
-    "MediaLiveEventEncoderDisconnectedEventData": {
-      "type": "object",
-      "description": "Encoder disconnected event data. Schema of the Data property of an EventGridEvent for a Microsoft.Media.LiveEventEncoderDisconnected event.",
-      "properties": {
-        "ingestUrl": {
-          "type": "string",
-          "description": "Gets the ingest URL provided by the live event."
-        },
-        "streamId": {
-          "type": "string",
-          "description": "Gets the stream Id."
-        },
-        "encoderIp": {
-          "type": "string",
-          "description": "Gets the remote IP."
-        },
-        "encoderPort": {
-          "type": "string",
-          "description": "Gets the remote port."
-        },
-        "resultCode": {
-          "type": "string",
-          "description": "Gets the result code."
-        }
-      }
-    },
-    "MediaLiveEventIncomingDataChunkDroppedEventData": {
-      "type": "object",
-      "description": "Ingest fragment dropped event data. Schema of the data property of an EventGridEvent for a Microsoft.Media.LiveEventIncomingDataChunkDropped event.",
-      "properties": {
-        "timestamp": {
-          "type": "string",
-          "description": "Gets the timestamp of the data chunk dropped."
-        },
-        "trackType": {
-          "type": "string",
-          "description": "Gets the type of the track (Audio / Video)."
-        },
-        "bitrate": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets the bitrate of the track."
-        },
-        "timescale": {
-          "type": "string",
-          "description": "Gets the timescale of the Timestamp."
-        },
-        "resultCode": {
-          "type": "string",
-          "description": "Gets the result code for fragment drop operation."
-        },
-        "trackName": {
-          "type": "string",
-          "description": "Gets the name of the track for which fragment is dropped."
-        }
-      }
-    },
-    "MediaLiveEventIncomingStreamReceivedEventData": {
-      "type": "object",
-      "description": "Encoder connect event data. Schema of the data property of an EventGridEvent for a Microsoft.Media.LiveEventIncomingStreamReceived event.",
-      "properties": {
-        "ingestUrl": {
-          "type": "string",
-          "description": "Gets the ingest URL provided by the live event."
-        },
-        "trackType": {
-          "type": "string",
-          "description": "Gets the type of the track (Audio / Video)."
-        },
-        "trackName": {
-          "type": "string",
-          "description": "Gets the track name."
-        },
-        "bitrate": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets the bitrate of the track."
-        },
-        "encoderIp": {
-          "type": "string",
-          "description": "Gets the remote IP."
-        },
-        "encoderPort": {
-          "type": "string",
-          "description": "Gets the remote port."
-        },
-        "timestamp": {
-          "type": "string",
-          "description": "Gets the first timestamp of the data chunk received."
-        },
-        "duration": {
-          "type": "string",
-          "description": "Gets the duration of the first data chunk."
-        },
-        "timescale": {
-          "type": "string",
-          "description": "Gets the timescale in which timestamp is represented."
-        }
-      }
-    },
-    "MediaLiveEventIncomingStreamsOutOfSyncEventData": {
-      "type": "object",
-      "description": "Incoming streams out of sync event data. Schema of the data property of an EventGridEvent for a Microsoft.Media.LiveEventIncomingStreamsOutOfSync event.",
-      "properties": {
-        "minLastTimestamp": {
-          "type": "string",
-          "description": "Gets the minimum last timestamp received."
-        },
-        "typeOfStreamWithMinLastTimestamp": {
-          "type": "string",
-          "description": "Gets the type of stream with minimum last timestamp."
-        },
-        "maxLastTimestamp": {
-          "type": "string",
-          "description": "Gets the maximum timestamp among all the tracks (audio or video)."
-        },
-        "typeOfStreamWithMaxLastTimestamp": {
-          "type": "string",
-          "description": "Gets the type of stream with maximum last timestamp."
-        },
-        "timescaleOfMinLastTimestamp": {
-          "type": "string",
-          "description": "Gets the timescale in which \\\"MinLastTimestamp\\\" is represented."
-        },
-        "timescaleOfMaxLastTimestamp": {
-          "type": "string",
-          "description": "Gets the timescale in which \\\"MaxLastTimestamp\\\" is represented."
-        }
-      }
-    },
-    "MediaLiveEventIncomingVideoStreamsOutOfSyncEventData": {
-      "type": "object",
-      "description": "Incoming video stream out of sync event data. Schema of the data property of an EventGridEvent for a Microsoft.Media.LiveEventIncomingVideoStreamsOutOfSync event.",
-      "properties": {
-        "firstTimestamp": {
-          "type": "string",
-          "description": "Gets the first timestamp received for one of the quality levels."
-        },
-        "firstDuration": {
-          "type": "string",
-          "description": "Gets the duration of the data chunk with first timestamp."
-        },
-        "secondTimestamp": {
-          "type": "string",
-          "description": "Gets the timestamp received for some other quality levels."
-        },
-        "secondDuration": {
-          "type": "string",
-          "description": "Gets the duration of the data chunk with second timestamp."
-        },
-        "timescale": {
-          "type": "string",
-          "description": "Gets the timescale in which both the timestamps and durations are represented."
-        }
-      }
-    },
-    "MediaLiveEventIngestHeartbeatEventData": {
-      "type": "object",
-      "description": "Ingest heartbeat event data. Schema of the data property of an EventGridEvent for a Microsoft.Media.LiveEventIngestHeartbeat event.",
-      "properties": {
-        "trackType": {
-          "type": "string",
-          "description": "Gets the type of the track (Audio / Video)."
-        },
-        "trackName": {
-          "type": "string",
-          "description": "Gets the track name."
-        },
-        "transcriptionLanguage": {
-          "type": "string",
-          "description": "Gets the Live Transcription language."
-        },
-        "transcriptionState": {
-          "type": "string",
-          "description": "Gets the Live Transcription state."
-        },
-        "bitrate": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets the bitrate of the track."
-        },
-        "incomingBitrate": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets the incoming bitrate."
-        },
-        "ingestDriftValue": {
-          "type": "string",
-          "description": "Gets the track ingest drift value."
-        },
-        "lastFragmentArrivalTime": {
-          "type": "string",
-          "description": "Gets the arrival UTC time of the last fragment."
-        },
-        "lastTimestamp": {
-          "type": "string",
-          "description": "Gets the last timestamp."
-        },
-        "timescale": {
-          "type": "string",
-          "description": "Gets the timescale of the last timestamp."
-        },
-        "overlapCount": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets the fragment Overlap count."
-        },
-        "discontinuityCount": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets the fragment Discontinuity count."
-        },
-        "nonincreasingCount": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets Non increasing count."
-        },
-        "unexpectedBitrate": {
-          "type": "boolean",
-          "description": "Gets a value indicating whether unexpected bitrate is present or not."
-        },
-        "state": {
-          "type": "string",
-          "description": "Gets the state of the live event."
-        },
-        "healthy": {
-          "type": "boolean",
-          "description": "Gets a value indicating whether preview is healthy or not."
-        }
-      }
-    },
-    "MediaLiveEventTrackDiscontinuityDetectedEventData": {
-      "type": "object",
-      "description": "Ingest track discontinuity detected event data. Schema of the data property of an EventGridEvent for a Microsoft.Media.LiveEventTrackDiscontinuityDetected event.",
-      "properties": {
-        "trackType": {
-          "type": "string",
-          "description": "Gets the type of the track (Audio / Video)."
-        },
-        "trackName": {
-          "type": "string",
-          "description": "Gets the track name."
-        },
-        "bitrate": {
-          "type": "integer",
-          "format": "int64",
-          "description": "Gets the bitrate."
-        },
-        "previousTimestamp": {
-          "type": "string",
-          "description": "Gets the timestamp of the previous fragment."
-        },
-        "newTimestamp": {
-          "type": "string",
-          "description": "Gets the timestamp of the current fragment."
-        },
-        "timescale": {
-          "type": "string",
-          "description": "Gets the timescale in which both timestamps and discontinuity gap are represented."
-        },
-        "discontinuityGap": {
-          "type": "string",
-          "description": "Gets the discontinuity gap between PreviousTimestamp and NewTimestamp."
-        }
-      }
-    },
-    "MicrosoftTeamsAppIdentifierModel": {
-      "type": "object",
-      "description": "A Microsoft Teams application.",
-      "properties": {
-        "appId": {
-          "type": "string",
-          "description": "The Id of the Microsoft Teams application"
-        },
-        "cloud": {
-          "$ref": "#/definitions/CommunicationCloudEnvironmentModel",
-          "description": "The cloud that the Microsoft Teams application belongs to. By default 'public' if missing."
-        }
-      },
-      "required": [
-        "appId"
-      ]
-    },
-    "MicrosoftTeamsUserIdentifierModel": {
-      "type": "object",
-      "description": "A Microsoft Teams user.",
-      "properties": {
-        "userId": {
-          "type": "string",
-          "description": "The Id of the Microsoft Teams user. If not anonymous, this is the AAD object Id of the user."
-        },
-        "isAnonymous": {
-          "type": "boolean",
-          "description": "True if the Microsoft Teams user is anonymous. By default false if missing."
-        },
-        "cloud": {
-          "$ref": "#/definitions/CommunicationCloudEnvironmentModel",
-          "description": "The cloud that the Microsoft Teams user belongs to. By default 'public' if missing."
-        }
-      },
-      "required": [
-        "userId"
-      ]
-    },
-    "PhoneNumberIdentifierModel": {
-      "type": "object",
-      "description": "A phone number.",
-      "properties": {
-        "value": {
-          "type": "string",
-          "description": "The phone number in E.164 format."
-        }
-      },
-      "required": [
-        "value"
-      ]
-    },
-    "PolicyInsightsPolicyStateChangedEventData": {
-      "type": "object",
-      "description": "Schema of the Data property of an EventGridEvent for a Microsoft.PolicyInsights.PolicyStateChanged event.",
-      "properties": {
-        "timestamp": {
+        "timestamp": {
           "type": "string",
           "format": "date-time",
           "description": "The time that the resource was scanned by Azure Policy in the Universal ISO 8601 DateTime format yyyy-MM-ddTHH:mm:ss.fffffffZ."
@@ -6970,42 +6310,15 @@
           "type": "string",
           "description": "The compliance reason code. May be empty."
         }
-      }
-    },
-    "PolicyInsightsPolicyStateCreatedEventData": {
-      "type": "object",
-      "description": "Schema of the Data property of an EventGridEvent for a Microsoft.PolicyInsights.PolicyStateCreated event.",
-      "properties": {
-        "timestamp": {
-          "type": "string",
-          "format": "date-time",
-          "description": "The time that the resource was scanned by Azure Policy in the Universal ISO 8601 DateTime format yyyy-MM-ddTHH:mm:ss.fffffffZ."
-        },
-        "policyAssignmentId": {
-          "type": "string",
-          "description": "The resource ID of the policy assignment."
-        },
-        "policyDefinitionId": {
-          "type": "string",
-          "description": "The resource ID of the policy definition."
-        },
-        "policyDefinitionReferenceId": {
-          "type": "string",
-          "description": "The reference ID for the policy definition inside the initiative definition, if the policy assignment is for an initiative. May be empty."
-        },
-        "complianceState": {
-          "type": "string",
-          "description": "The compliance state of the resource with respect to the policy assignment."
-        },
-        "subscriptionId": {
-          "type": "string",
-          "description": "The subscription ID of the resource."
-        },
-        "complianceReasonCode": {
-          "type": "string",
-          "description": "The compliance reason code. May be empty."
-        }
-      }
+      },
+      "required": [
+        "policyAssignmentId",
+        "policyDefinitionId",
+        "policyDefinitionReferenceId",
+        "complianceState",
+        "subscriptionId",
+        "complianceReasonCode"
+      ]
     },
     "PolicyInsightsPolicyStateDeletedEventData": {
       "type": "object",
@@ -7040,7 +6353,15 @@
           "type": "string",
           "description": "The compliance reason code. May be empty."
         }
-      }
+      },
+      "required": [
+        "policyAssignmentId",
+        "policyDefinitionId",
+        "policyDefinitionReferenceId",
+        "complianceState",
+        "subscriptionId",
+        "complianceReasonCode"
+      ]
     },
     "RedisExportRDBCompletedEventData": {
       "type": "object",
@@ -7860,17 +7181,28 @@
         },
         "queueName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus queue. If the entity type is of type 'subscriber', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus queue. If the entity type is of type 'subscriber', then this value will be null.",
+          "x-nullable": true
         },
         "topicName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus topic. If the entity type is of type 'queue', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus topic. If the entity type is of type 'queue', then this value will be null.",
+          "x-nullable": true
         },
         "subscriptionName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus topic's subscription. If the entity type is of type 'queue', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus topic's subscription. If the entity type is of type 'queue', then this value will be null.",
+          "x-nullable": true
         }
-      }
+      },
+      "required": [
+        "namespaceName",
+        "requestUri",
+        "entityType",
+        "queueName",
+        "topicName",
+        "subscriptionName"
+      ]
     },
     "ServiceBusActiveMessagesAvailableWithNoListenersEventData": {
       "type": "object",
@@ -7890,17 +7222,28 @@
         },
         "queueName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus queue. If the entity type is of type 'subscriber', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus queue. If the entity type is of type 'subscriber', then this value will be null.",
+          "x-nullable": true
         },
         "topicName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus topic. If the entity type is of type 'queue', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus topic. If the entity type is of type 'queue', then this value will be null.",
+          "x-nullable": true
         },
         "subscriptionName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus topic's subscription. If the entity type is of type 'queue', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus topic's subscription. If the entity type is of type 'queue', then this value will be null.",
+          "x-nullable": true
         }
-      }
+      },
+      "required": [
+        "namespaceName",
+        "requestUri",
+        "entityType",
+        "queueName",
+        "topicName",
+        "subscriptionName"
+      ]
     },
     "ServiceBusDeadletterMessagesAvailablePeriodicNotificationsEventData": {
       "type": "object",
@@ -7920,17 +7263,28 @@
         },
         "queueName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus queue. If the entity type is of type 'subscriber', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus queue. If the entity type is of type 'subscriber', then this value will be null.",
+          "x-nullable": true
         },
         "topicName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus topic. If the entity type is of type 'queue', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus topic. If the entity type is of type 'queue', then this value will be null.",
+          "x-nullable": true
         },
         "subscriptionName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus topic's subscription. If the entity type is of type 'queue', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus topic's subscription. If the entity type is of type 'queue', then this value will be null.",
+          "x-nullable": true
         }
-      }
+      },
+      "required": [
+        "namespaceName",
+        "requestUri",
+        "entityType",
+        "queueName",
+        "topicName",
+        "subscriptionName"
+      ]
     },
     "ServiceBusDeadletterMessagesAvailableWithNoListenersEventData": {
       "type": "object",
@@ -7950,17 +7304,28 @@
         },
         "queueName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus queue. If the entity type is of type 'subscriber', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus queue. If the entity type is of type 'subscriber', then this value will be null.",
+          "x-nullable": true
         },
         "topicName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus topic. If the entity type is of type 'queue', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus topic. If the entity type is of type 'queue', then this value will be null.",
+          "x-nullable": true
         },
         "subscriptionName": {
           "type": "string",
-          "description": "The name of the Microsoft.ServiceBus topic's subscription. If the entity type is of type 'queue', then this value will be null."
+          "description": "The name of the Microsoft.ServiceBus topic's subscription. If the entity type is of type 'queue', then this value will be null.",
+          "x-nullable": true
         }
-      }
+      },
+      "required": [
+        "namespaceName",
+        "requestUri",
+        "entityType",
+        "queueName",
+        "topicName",
+        "subscriptionName"
+      ]
     },
     "SignalRServiceClientConnectionConnectedEventData": {
       "type": "object",
@@ -8761,7 +8126,10 @@
           "type": "string",
           "description": "The Azure resource ID of the deleted event subscription."
         }
-      }
+      },
+      "required": [
+        "eventSubscriptionId"
+      ]
     },
     "SubscriptionValidationEventData": {
       "type": "object",
@@ -8775,7 +8143,11 @@
           "type": "string",
           "description": "The validation URL sent by Azure Event Grid (available starting version 2018-05-01-preview).\nTo complete the validation handshake, the subscriber must either respond with the validationCode as part of the validation response,\nor perform a GET request on the validationUrl (available starting version 2018-05-01-preview)."
         }
-      }
+      },
+      "required": [
+        "validationCode",
+        "validationUrl"
+      ]
     },
     "SubscriptionValidationResponse": {
       "type": "object",
@@ -8785,7 +8157,10 @@
           "type": "string",
           "description": "The validation response sent by the subscriber to Azure Event Grid to complete the validation of an event subscription."
         }
-      }
+      },
+      "required": [
+        "validationResponse"
+      ]
     },
     "WebAppServicePlanUpdatedEventData": {
       "type": "object",
diff --git a/swagger-specs/eventgrid/resource-manager/Microsoft.EventGrid/preview/2024-06-01-preview/EventGrid.json b/swagger-specs/eventgrid/resource-manager/Microsoft.EventGrid/preview/2024-12-15-preview/EventGrid.json
similarity index 99%
rename from swagger-specs/eventgrid/resource-manager/Microsoft.EventGrid/preview/2024-06-01-preview/EventGrid.json
rename to swagger-specs/eventgrid/resource-manager/Microsoft.EventGrid/preview/2024-12-15-preview/EventGrid.json
index 25778df63..faae4b124 100644
--- a/swagger-specs/eventgrid/resource-manager/Microsoft.EventGrid/preview/2024-06-01-preview/EventGrid.json
+++ b/swagger-specs/eventgrid/resource-manager/Microsoft.EventGrid/preview/2024-12-15-preview/EventGrid.json
@@ -1,7 +1,7 @@
 {
   "swagger": "2.0",
   "info": {
-    "version": "2024-06-01-preview",
+    "version": "2024-12-15-preview",
     "title": "EventGridManagementClient",
     "description": "Azure EventGrid Management Client"
   },
@@ -11781,7 +11781,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to the CaCertificate resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -12117,7 +12117,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Channel resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -12266,7 +12266,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to the ClientGroup resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -12388,7 +12388,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to the Client resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -12881,7 +12881,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to the Event Grid Domain resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -13067,7 +13067,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Domain Topic resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -13238,6 +13238,13 @@
           "format": "date-time",
           "description": "Expiration time of the event subscription.",
           "type": "string"
+        },
+        "tags": {
+          "description": "Tags relating to Event Subscription resource.",
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
         }
       }
     },
@@ -13346,6 +13353,10 @@
         "userAssignedIdentity": {
           "description": "The user identity associated with the resource.",
           "type": "string"
+        },
+        "federatedIdentityCredentialInfo": {
+          "$ref": "#/definitions/FederatedIdentityCredentialInfo",
+          "description": "The details of the Federated Identity Credential (FIC) used with the resource delivery."
         }
       }
     },
@@ -13754,7 +13765,7 @@
       "x-ms-discriminator-value": "IsNotNull"
     },
     "Filter": {
-      "description": "This is the base type that represents a filter. To configure a filter, do not directly instantiate an object of this class. Instead, instantiate\r\nan object of a derived class such as BoolEqualsFilter, NumberInFilter, StringEqualsFilter etc depending on the type of the key based on\r\nwhich you want to filter.",
+      "description": "This is the base type that represents a filter. To configure a filter, do not directly instantiate an object of this class. Instead, instantiate\r\nan object of a derived class such as BoolEqualsFilter, NumberInFilter etc depending on the type of the key based on\r\nwhich you want to filter.",
       "type": "object",
       "properties": {
         "operatorType": {
@@ -13812,7 +13823,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Event Subscription resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -13855,6 +13866,13 @@
           "format": "date-time",
           "description": "Expiration time of the event subscription.",
           "type": "string"
+        },
+        "tags": {
+          "description": "Tags relating to Event Subscription resource.",
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          }
         }
       }
     },
@@ -14926,7 +14944,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Event Subscription resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -15055,7 +15073,7 @@
           "description": "Topic spaces configuration information for the namespace resource"
         },
         "isZoneRedundant": {
-          "description": "This is an optional property and it allows the user to specify if the namespace resource supports zone-redundancy capability or not. If this\r\nproperty is not specified explicitly by the user, its default value depends on the following conditions:\r\n    a. For Availability Zones enabled regions - The default property value would be true.\r\n    b. For non-Availability Zones enabled regions - The default property value would be false.\r\nOnce specified, this property cannot be updated.",
+          "description": "This is an optional property and it allows the user to specify if the namespace resource supports zone-redundancy capability or not. If this\r\nproperty is not specified explicitly by the user, its default value depends on the following conditions:\r\n  a. For Availability Zones enabled regions - The default property value would be true.\r\n  b. For non-Availability Zones enabled regions - The default property value would be false.\r\nOnce specified, this property cannot be updated.",
           "type": "boolean"
         },
         "publicNetworkAccess": {
@@ -15408,7 +15426,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to the namespace resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -15644,7 +15662,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to namespace topic resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -15832,7 +15850,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to partner configuration resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         },
@@ -15969,7 +15987,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Partner Destination resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -16114,7 +16132,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Partner Namespace resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -16271,7 +16289,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Partner Registration resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -16386,7 +16404,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Partner Topic resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         },
@@ -16803,7 +16821,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to the PermissionBinding resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -16958,7 +16976,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to System Topic resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         },
@@ -17172,7 +17190,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Topic resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -17335,7 +17353,7 @@
           "type": "string"
         },
         "schemaUrl": {
-          "description": "Url of the schema for this event type.",
+          "description": "URL of the schema for this event type.",
           "type": "string"
         },
         "isInDefaultSet": {
@@ -17390,7 +17408,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Extension Topic resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -17405,7 +17423,7 @@
           "type": "string"
         },
         "topicTemplates": {
-          "description": "The topic filters in the topic space.\r\nExample: \"topicTemplates\": [ \r\n              \"devices/foo/bar\",\r\n              \"devices/topic1/+\",\r\n              \"devices/${principal.name}/${principal.attributes.keyName}\" ].",
+          "description": "The topic filters in the topic space.\r\nExample: \"topicTemplates\": [ \r\n        \"devices/foo/bar\",\r\n        \"devices/topic1/+\",\r\n        \"devices/${principal.name}/${principal.attributes.keyName}\" ].",
           "type": "array",
           "items": {
             "type": "string"
@@ -17447,7 +17465,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to the TopicSpace resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -17673,7 +17691,7 @@
         },
         "systemData": {
           "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/systemData",
-          "description": "The system metadata relating to Verified Partner resource.",
+          "description": "The system metadata relating to the Event Grid resource.",
           "type": "object",
           "readOnly": true
         }
@@ -17752,12 +17770,52 @@
           "type": "string"
         },
         "issuerCertificates": {
-          "description": "Information about the certificate that is used for token validation. We currently support maximum 2 certificates.",
+          "description": "Information about the certificates that are used for token validation. We currently support maximum 2 certificates.",
           "type": "array",
           "items": {
             "$ref": "#/definitions/IssuerCertificateInfo"
           },
           "x-ms-identifiers": []
+        },
+        "encodedIssuerCertificates": {
+          "description": "Information about the encoded public certificates that are used for custom authentication.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/EncodedIssuerCertificateInfo"
+          },
+          "x-ms-identifiers": []
+        }
+      }
+    },
+    "EncodedIssuerCertificateInfo": {
+      "description": "Information about the public certificate that is used for custom authentication.",
+      "required": [
+        "encodedCertificate",
+        "kid"
+      ],
+      "type": "object",
+      "properties": {
+        "kid": {
+          "description": "Identifier for the certificate.",
+          "type": "string"
+        },
+        "encodedCertificate": {
+          "description": "Certificate in pem format.",
+          "type": "string"
+        }
+      }
+    },
+    "FederatedIdentityCredentialInfo": {
+      "description": "The details of the Federated Identity Credential (FIC) used with the resource.",
+      "required": [
+        "federatedClientId"
+      ],
+      "type": "object",
+      "properties": {
+        "federatedClientId": {
+          "format": "uuid",
+          "description": "The Multi-Tenant AAD Application where the Federated Identity Credential (FIC) is associated with.",
+          "type": "string"
         }
       }
     },
diff --git a/swagger-specs/eventgrid/resource-manager/api-set.json b/swagger-specs/eventgrid/resource-manager/api-set.json
index a99543c22..35feca7c5 100644
--- a/swagger-specs/eventgrid/resource-manager/api-set.json
+++ b/swagger-specs/eventgrid/resource-manager/api-set.json
@@ -1 +1 @@
-{"addition_input_file_paths": [], "input_files": ["Microsoft.EventGrid/preview/2024-06-01-preview/EventGrid.json"], "name": "package-2024-06-preview"}
\ No newline at end of file
+{"addition_input_file_paths": [], "input_files": ["Microsoft.EventGrid/preview/2024-12-15-preview/EventGrid.json"], "name": "package-2024-12-preview"}
\ No newline at end of file
diff --git a/swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/api-set.json b/swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/api-set.json
index 72b3f97e0..71df61d2d 100644
--- a/swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/api-set.json
+++ b/swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/api-set.json
@@ -1 +1 @@
-{"addition_input_file_paths": [], "input_files": ["preview/2024-07-12-preview/HealthDataAIServices.DeidServices.json"], "name": "package-2024-07-12-preview"}
\ No newline at end of file
+{"addition_input_file_paths": [], "input_files": ["stable/2024-11-15/HealthDataAIServices.DeidServices.json"], "name": "package-2024-11-15"}
\ No newline at end of file
diff --git a/swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/preview/2024-07-12-preview/HealthDataAIServices.DeidServices.json b/swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/stable/2024-11-15/HealthDataAIServices.DeidServices.json
similarity index 90%
rename from swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/preview/2024-07-12-preview/HealthDataAIServices.DeidServices.json
rename to swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/stable/2024-11-15/HealthDataAIServices.DeidServices.json
index d1beef623..358c82dea 100644
--- a/swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/preview/2024-07-12-preview/HealthDataAIServices.DeidServices.json
+++ b/swagger-specs/healthdataaiservices/data-plane/HealthDataAIServices.DeidServices/stable/2024-11-15/HealthDataAIServices.DeidServices.json
@@ -2,7 +2,7 @@
   "swagger": "2.0",
   "info": {
     "title": "Azure Health Data Services de-identification service",
-    "version": "2024-07-12-preview",
+    "version": "2024-11-15",
     "x-typespec-generated": [
       {
         "emitter": "@azure-tools/typespec-autorest"
@@ -13,7 +13,7 @@
     "https"
   ],
   "x-ms-parameterized-host": {
-    "hostTemplate": "https://{endpoint}",
+    "hostTemplate": "{endpoint}",
     "useSchemePrefix": false,
     "parameters": [
       {
@@ -21,7 +21,9 @@
         "in": "path",
         "description": "Url of your De-identification Service.",
         "required": true,
-        "type": "string"
+        "type": "string",
+        "format": "uri",
+        "x-ms-skip-url-encoding": true
       }
     ]
   },
@@ -54,13 +56,16 @@
   "paths": {
     "/deid": {
       "post": {
-        "operationId": "Deidentify",
+        "operationId": "DeidentifyText",
         "summary": "De-identify text.",
         "description": "A remote procedure call (RPC) operation.",
         "parameters": [
           {
             "$ref": "#/parameters/Azure.Core.Foundations.ApiVersionParameter"
           },
+          {
+            "$ref": "#/parameters/Azure.Core.ClientRequestIdHeader"
+          },
           {
             "name": "body",
             "in": "body",
@@ -76,6 +81,13 @@
             "description": "The request has succeeded.",
             "schema": {
               "$ref": "#/definitions/DeidentificationResult"
+            },
+            "headers": {
+              "x-ms-client-request-id": {
+                "type": "string",
+                "format": "uuid",
+                "description": "An opaque, globally-unique, client-generated string identifier for the request."
+              }
             }
           },
           "default": {
@@ -93,7 +105,7 @@
         },
         "x-ms-examples": {
           "De-identify text.": {
-            "$ref": "./examples/Deidentify.json"
+            "$ref": "./examples/DeidentifyText.json"
           }
         }
       }
@@ -211,7 +223,7 @@
         }
       },
       "put": {
-        "operationId": "CreateJob",
+        "operationId": "DeidentifyDocuments",
         "summary": "Create a de-identification job.",
         "description": "Long-running resource create or replace operation template.",
         "parameters": [
@@ -293,7 +305,7 @@
         },
         "x-ms-examples": {
           "Create a de-identification job.": {
-            "$ref": "./examples/CreateJob.json"
+            "$ref": "./examples/DeidentifyDocuments.json"
           }
         },
         "x-ms-long-running-operation-options": {
@@ -444,7 +456,7 @@
           "200": {
             "description": "The request has succeeded.",
             "schema": {
-              "$ref": "#/definitions/PagedDocumentDetails"
+              "$ref": "#/definitions/PagedDeidentificationDocumentDetails"
             },
             "headers": {
               "x-ms-client-request-id": {
@@ -593,11 +605,11 @@
         "inputText": {
           "type": "string",
           "description": "Input text to de-identify.",
-          "maxLength": 100000
+          "maxLength": 48000
         },
         "operation": {
           "type": "string",
-          "description": "Operation to perform on the input.",
+          "description": "Operation to perform on the input documents.",
           "default": "Surrogate",
           "enum": [
             "Redact",
@@ -605,7 +617,7 @@
             "Tag"
           ],
           "x-ms-enum": {
-            "name": "OperationType",
+            "name": "DeidentificationOperationType",
             "modelAsString": true,
             "values": [
               {
@@ -626,33 +638,83 @@
             ]
           }
         },
-        "dataType": {
-          "type": "string",
-          "description": "Data type of the input.",
-          "default": "Plaintext",
-          "enum": [
-            "Plaintext"
-          ],
-          "x-ms-enum": {
-            "name": "DocumentDataType",
-            "modelAsString": true,
-            "values": [
-              {
-                "name": "Plaintext",
-                "value": "Plaintext",
-                "description": "Plain text data type."
-              }
-            ]
-          }
-        },
+        "customizations": {
+          "$ref": "#/definitions/DeidentificationCustomizationOptions",
+          "description": "Customization parameters to override default service behaviors."
+        }
+      },
+      "required": [
+        "inputText"
+      ]
+    },
+    "DeidentificationCustomizationOptions": {
+      "type": "object",
+      "description": "Customizations options to override default service behaviors for synchronous usage.",
+      "properties": {
         "redactionFormat": {
           "type": "string",
-          "description": "Format of the redacted output. Only valid when OperationType is \"Redact\".",
+          "description": "Format of the redacted output. Only valid when Operation is Redact. \nPlease refer to https://learn.microsoft.com/en-us/azure/healthcare-apis/deidentification/redaction-format for more details.",
+          "minLength": 1,
           "maxLength": 16
+        },
+        "surrogateLocale": {
+          "type": "string",
+          "description": "Locale in which the output surrogates are written.",
+          "default": "en-US"
+        }
+      }
+    },
+    "DeidentificationDocumentDetails": {
+      "type": "object",
+      "description": "Details of a single document in a job.",
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "Id of the document details.",
+          "readOnly": true
+        },
+        "input": {
+          "$ref": "#/definitions/DeidentificationDocumentLocation",
+          "description": "Location for the input."
+        },
+        "output": {
+          "$ref": "#/definitions/DeidentificationDocumentLocation",
+          "description": "Location for the output."
+        },
+        "status": {
+          "$ref": "#/definitions/Azure.Core.Foundations.OperationState",
+          "description": "Status of the document."
+        },
+        "error": {
+          "$ref": "#/definitions/Azure.Core.Foundations.Error",
+          "description": "Error when document fails."
         }
       },
       "required": [
-        "inputText"
+        "id",
+        "input",
+        "status"
+      ]
+    },
+    "DeidentificationDocumentLocation": {
+      "type": "object",
+      "description": "Location of a document.",
+      "properties": {
+        "location": {
+          "type": "string",
+          "format": "uri",
+          "description": "Location of document in storage.",
+          "maxLength": 1024
+        },
+        "etag": {
+          "$ref": "#/definitions/Azure.Core.eTag",
+          "description": "The entity tag for this resource.",
+          "readOnly": true
+        }
+      },
+      "required": [
+        "location",
+        "etag"
       ]
     },
     "DeidentificationJob": {
@@ -667,14 +729,6 @@
           "pattern": "^[a-zA-Z0-9][a-zA-Z0-9-_]+[a-zA-Z0-9]$",
           "readOnly": true
         },
-        "sourceLocation": {
-          "$ref": "#/definitions/SourceStorageLocation",
-          "description": "Storage location to perform the operation on."
-        },
-        "targetLocation": {
-          "$ref": "#/definitions/TargetStorageLocation",
-          "description": "Target location to store output of operation."
-        },
         "operation": {
           "type": "string",
           "description": "Operation to perform on the input documents.",
@@ -685,7 +739,7 @@
             "Tag"
           ],
           "x-ms-enum": {
-            "name": "OperationType",
+            "name": "DeidentificationOperationType",
             "modelAsString": true,
             "values": [
               {
@@ -706,33 +760,20 @@
             ]
           }
         },
-        "dataType": {
-          "type": "string",
-          "description": "Data type of the input documents.",
-          "default": "Plaintext",
-          "enum": [
-            "Plaintext"
-          ],
-          "x-ms-enum": {
-            "name": "DocumentDataType",
-            "modelAsString": true,
-            "values": [
-              {
-                "name": "Plaintext",
-                "value": "Plaintext",
-                "description": "Plain text data type."
-              }
-            ]
-          }
+        "sourceLocation": {
+          "$ref": "#/definitions/SourceStorageLocation",
+          "description": "Storage location to perform the operation on."
         },
-        "redactionFormat": {
-          "type": "string",
-          "description": "Format of the redacted output. Only valid when Operation is Redact.",
-          "minLength": 1,
-          "maxLength": 16
+        "targetLocation": {
+          "$ref": "#/definitions/TargetStorageLocation",
+          "description": "Target location to store output of operation."
+        },
+        "customizations": {
+          "$ref": "#/definitions/DeidentificationJobCustomizationOptions",
+          "description": "Customization parameters to override default service behaviors."
         },
         "status": {
-          "$ref": "#/definitions/JobStatus",
+          "$ref": "#/definitions/Azure.Core.Foundations.OperationState",
           "description": "Current status of a job.",
           "readOnly": true
         },
@@ -760,7 +801,7 @@
           "readOnly": true
         },
         "summary": {
-          "$ref": "#/definitions/JobSummary",
+          "$ref": "#/definitions/DeidentificationJobSummary",
           "description": "Summary of a job. Exists only when the job is completed.",
           "readOnly": true
         }
@@ -774,121 +815,24 @@
         "createdAt"
       ]
     },
-    "DeidentificationResult": {
-      "type": "object",
-      "description": "Response body for de-identification operation.",
-      "properties": {
-        "outputText": {
-          "type": "string",
-          "description": "Output text after de-identification. Not available for \"Tag\" operation."
-        },
-        "taggerResult": {
-          "$ref": "#/definitions/PhiTaggerResult",
-          "description": "Result of the \"Tag\" operation. Only available for \"Tag\" Operation."
-        }
-      }
-    },
-    "DocumentDetails": {
+    "DeidentificationJobCustomizationOptions": {
       "type": "object",
-      "description": "Details of a single document in a job.",
+      "description": "Customizations options to override default service behaviors for job usage.",
       "properties": {
-        "id": {
+        "redactionFormat": {
           "type": "string",
-          "description": "Id of the document details.",
-          "readOnly": true
-        },
-        "input": {
-          "$ref": "#/definitions/DocumentLocation",
-          "description": "Location for the input."
-        },
-        "output": {
-          "$ref": "#/definitions/DocumentLocation",
-          "description": "Location for the output."
-        },
-        "status": {
-          "$ref": "#/definitions/Azure.Core.Foundations.OperationState",
-          "description": "Status of the document."
+          "description": "Format of the redacted output. Only valid when Operation is Redact. \nPlease refer to https://learn.microsoft.com/en-us/azure/healthcare-apis/deidentification/redaction-format for more details.",
+          "minLength": 1,
+          "maxLength": 16
         },
-        "error": {
-          "$ref": "#/definitions/Azure.Core.Foundations.Error",
-          "description": "Error when document fails."
-        }
-      },
-      "required": [
-        "id",
-        "input",
-        "status"
-      ]
-    },
-    "DocumentLocation": {
-      "type": "object",
-      "description": "Location of a document.",
-      "properties": {
-        "path": {
+        "surrogateLocale": {
           "type": "string",
-          "description": "Path of document in storage.",
-          "maxLength": 1024
-        },
-        "etag": {
-          "$ref": "#/definitions/Azure.Core.eTag",
-          "description": "The entity tag for this resource.",
-          "readOnly": true
+          "description": "Locale in which the output surrogates are written.",
+          "default": "en-US"
         }
-      },
-      "required": [
-        "path",
-        "etag"
-      ]
-    },
-    "JobStatus": {
-      "type": "string",
-      "description": "List of statuses a job can have.",
-      "enum": [
-        "NotStarted",
-        "Running",
-        "Succeeded",
-        "PartialFailed",
-        "Failed",
-        "Canceled"
-      ],
-      "x-ms-enum": {
-        "name": "JobStatus",
-        "modelAsString": true,
-        "values": [
-          {
-            "name": "NotStarted",
-            "value": "NotStarted",
-            "description": "Job has been submitted and is waiting to be processed."
-          },
-          {
-            "name": "Running",
-            "value": "Running",
-            "description": "Job has been started."
-          },
-          {
-            "name": "Succeeded",
-            "value": "Succeeded",
-            "description": "Job has completed successfully. All documents have succeeded."
-          },
-          {
-            "name": "PartialFailed",
-            "value": "PartialFailed",
-            "description": "Job has completed with at least a single document failing."
-          },
-          {
-            "name": "Failed",
-            "value": "Failed",
-            "description": "Job has completed with all documents failing, or a validation failure."
-          },
-          {
-            "name": "Canceled",
-            "value": "Canceled",
-            "description": "Job has been canceled after user request."
-          }
-        ]
       }
     },
-    "JobSummary": {
+    "DeidentificationJobSummary": {
       "type": "object",
       "description": "Summary metrics of a job.",
       "properties": {
@@ -926,17 +870,30 @@
         "bytesProcessed"
       ]
     },
-    "PagedDeidentificationJob": {
+    "DeidentificationResult": {
       "type": "object",
-      "description": "Paged collection of DeidentificationJob items",
+      "description": "Response body for de-identification operation.",
+      "properties": {
+        "outputText": {
+          "type": "string",
+          "description": "Output text after de-identification. Not available for \"Tag\" operation."
+        },
+        "taggerResult": {
+          "$ref": "#/definitions/PhiTaggerResult",
+          "description": "Result of the \"Tag\" operation. Only available for \"Tag\" Operation."
+        }
+      }
+    },
+    "PagedDeidentificationDocumentDetails": {
+      "type": "object",
+      "description": "Paged collection of DeidentificationDocumentDetails items",
       "properties": {
         "value": {
           "type": "array",
-          "description": "The DeidentificationJob items on this page",
+          "description": "The DeidentificationDocumentDetails items on this page",
           "items": {
-            "$ref": "#/definitions/DeidentificationJob"
-          },
-          "x-ms-identifiers": []
+            "$ref": "#/definitions/DeidentificationDocumentDetails"
+          }
         },
         "nextLink": {
           "type": "string",
@@ -948,16 +905,17 @@
         "value"
       ]
     },
-    "PagedDocumentDetails": {
+    "PagedDeidentificationJob": {
       "type": "object",
-      "description": "Paged collection of DocumentDetails items",
+      "description": "Paged collection of DeidentificationJob items",
       "properties": {
         "value": {
           "type": "array",
-          "description": "The DocumentDetails items on this page",
+          "description": "The DeidentificationJob items on this page",
           "items": {
-            "$ref": "#/definitions/DocumentDetails"
-          }
+            "$ref": "#/definitions/DeidentificationJob"
+          },
+          "x-ms-identifiers": []
         },
         "nextLink": {
           "type": "string",
@@ -1198,15 +1156,6 @@
             "$ref": "#/definitions/PhiEntity"
           },
           "x-ms-identifiers": []
-        },
-        "path": {
-          "type": "string",
-          "description": "Path to the document in storage.",
-          "maxLength": 1024
-        },
-        "etag": {
-          "$ref": "#/definitions/Azure.Core.eTag",
-          "description": "The entity tag for this resource."
         }
       },
       "required": [
@@ -1225,7 +1174,6 @@
         "prefix": {
           "type": "string",
           "description": "Prefix to filter path by.",
-          "minLength": 1,
           "maxLength": 1024
         },
         "extensions": {
@@ -1282,9 +1230,13 @@
         },
         "prefix": {
           "type": "string",
-          "description": "Prefix to filter path by.",
-          "minLength": 1,
+          "description": "Replaces the input prefix of a file path with the output prefix, preserving the rest of the path structure.\n\nExample:\nFile full path: documents/user/note.txt\nInput Prefix: \"documents/user/\"\nOutput Prefix: \"output_docs/\"\n\nOutput file: \"output_docs/note.txt\"",
           "maxLength": 1024
+        },
+        "overwrite": {
+          "type": "boolean",
+          "description": "When set to true during a job, the service will overwrite the output location if it already exists.",
+          "default": false
         }
       },
       "required": [
diff --git a/swagger-specs/machinelearningservices/resource-manager/Microsoft.MachineLearningServices/stable/2024-10-01/registries.json b/swagger-specs/machinelearningservices/resource-manager/Microsoft.MachineLearningServices/stable/2024-10-01/registries.json
index 469254245..d1b71450f 100644
--- a/swagger-specs/machinelearningservices/resource-manager/Microsoft.MachineLearningServices/stable/2024-10-01/registries.json
+++ b/swagger-specs/machinelearningservices/resource-manager/Microsoft.MachineLearningServices/stable/2024-10-01/registries.json
@@ -88,10 +88,7 @@
         },
         "x-ms-examples": {
           "List registries with system created accounts.": {
-            "$ref": "./examples/Registries/list-SystemCreated.json"
-          },
-          "List registries with user created accounts.": {
-            "$ref": "./examples/Registries/list-UserCreated.json"
+            "$ref": "./examples/Registries/list.json"
           }
         },
         "x-ms-pageable": {
@@ -207,10 +204,7 @@
         },
         "x-ms-examples": {
           "Get Registry with system created accounts.": {
-            "$ref": "./examples/Registries/get-SystemCreated.json"
-          },
-          "Get Registry with user created accounts.": {
-            "$ref": "./examples/Registries/get-UserCreated.json"
+            "$ref": "./examples/Registries/get.json"
           }
         }
       },
@@ -265,10 +259,7 @@
         },
         "x-ms-examples": {
           "Update Registry with system created accounts.": {
-            "$ref": "./examples/Registries/update-SystemCreated.json"
-          },
-          "Update Registry with user created accounts.": {
-            "$ref": "./examples/Registries/update-UserCreated.json"
+            "$ref": "./examples/Registries/update.json"
           }
         }
       },
@@ -329,10 +320,7 @@
         },
         "x-ms-examples": {
           "CreateOrUpdate Registry with system created accounts.": {
-            "$ref": "./examples/Registries/createOrUpdate-SystemCreated.json"
-          },
-          "CreateOrUpdate Registry with user created accounts.": {
-            "$ref": "./examples/Registries/createOrUpdate-UserCreated.json"
+            "$ref": "./examples/Registries/createOrUpdate.json"
           }
         },
         "x-ms-long-running-operation": true,
@@ -433,11 +421,6 @@
           "description": "Details of system created ACR account to be used for the Registry",
           "$ref": "#/definitions/SystemCreatedAcrAccount",
           "x-nullable": true
-        },
-        "userCreatedAcrAccount": {
-          "description": "Details of user created ACR account to be used for the Registry",
-          "$ref": "#/definitions/UserCreatedAcrAccount",
-          "x-nullable": true
         }
       },
       "additionalProperties": false
@@ -769,11 +752,6 @@
           "description": "Details of system created storage account to be used for the registry",
           "$ref": "#/definitions/SystemCreatedStorageAccount",
           "x-nullable": true
-        },
-        "userCreatedStorageAccount": {
-          "description": "Details of user created storage account to be used for the registry",
-          "$ref": "#/definitions/UserCreatedStorageAccount",
-          "x-nullable": true
         }
       },
       "additionalProperties": false
@@ -827,28 +805,6 @@
         }
       },
       "additionalProperties": false
-    },
-    "UserCreatedAcrAccount": {
-      "type": "object",
-      "properties": {
-        "armResourceId": {
-          "description": "ARM ResourceId of a resource",
-          "$ref": "#/definitions/ArmResourceId",
-          "x-nullable": true
-        }
-      },
-      "additionalProperties": false
-    },
-    "UserCreatedStorageAccount": {
-      "type": "object",
-      "properties": {
-        "armResourceId": {
-          "description": "ARM ResourceId of a resource",
-          "$ref": "#/definitions/ArmResourceId",
-          "x-nullable": true
-        }
-      },
-      "additionalProperties": false
     }
   },
   "securityDefinitions": {
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/alerts.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/alerts.json
new file mode 100644
index 000000000..0b5e69c16
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/alerts.json
@@ -0,0 +1,720 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2015-06-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a subscription": {
+            "$ref": "./examples/Alerts/GetAlertsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the subscription",
+        "operationId": "Alerts_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataSelect"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataExpand"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a resource group": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the resource group",
+        "operationId": "Alerts_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataSelect"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataExpand"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsSubscriptionsLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the subscription that are stored in a specific location",
+        "operationId": "Alerts_ListSubscriptionLevelAlertsByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataSelect"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataExpand"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the resource group that are stored in a specific location",
+        "operationId": "Alerts_ListResourceGroupLevelAlertsByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataSelect"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataExpand"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alert on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Get an alert that is associated with a subscription",
+        "operationId": "Alerts_GetSubscriptionLevelAlert",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Alert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alert on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Get an alert that is associated a resource group or a resource in a resource group",
+        "operationId": "Alerts_GetResourceGroupLevelAlerts",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Alert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelAlertStateToDismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/reactivate": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelAlertStateToReactivate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelAlertStateToDismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/reactivate": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelAlertStateToReactivate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AlertList": {
+      "type": "object",
+      "description": "List of security alerts",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Alert"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "Alert": {
+      "type": "object",
+      "description": "Security alert",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/AlertProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "AlertProperties": {
+      "type": "object",
+      "description": "describes security alert properties.",
+      "properties": {
+        "state": {
+          "readOnly": true,
+          "type": "string",
+          "description": "State of the alert (Active, Dismissed etc.)"
+        },
+        "reportedTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The time the incident was reported to Microsoft.Security in UTC"
+        },
+        "vendorName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the vendor that discovered the incident"
+        },
+        "alertName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the alert type"
+        },
+        "alertDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the alert type"
+        },
+        "detectedTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The time the incident was detected by the vendor"
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the incident and what it means"
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Recommended steps to reradiate the incident"
+        },
+        "actionTaken": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The action that was taken as a response to the alert (Active, Blocked etc.)"
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Silent",
+            "Information",
+            "Low",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Silent"
+              },
+              {
+                "value": "Information"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Estimated severity of this alert"
+        },
+        "compromisedEntity": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The entity that the incident happened on"
+        },
+        "associatedResource": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure resource ID of the associated resource"
+        },
+        "extendedProperties": {
+          "$ref": "#/definitions/AlertExtendedProperties"
+        },
+        "systemSource": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The type of the alerted resource (Azure, Non-Azure)"
+        },
+        "canBeInvestigated": {
+          "readOnly": true,
+          "type": "boolean",
+          "description": "Whether this alert can be investigated with Azure Security Center"
+        },
+        "isIncident": {
+          "readOnly": true,
+          "type": "boolean",
+          "description": "Whether this alert is for incident type or not (otherwise - single alert)"
+        },
+        "entities": {
+          "type": "array",
+          "description": "objects that are related to this alerts",
+          "items": {
+            "$ref": "#/definitions/AlertEntity"
+          }
+        },
+        "confidenceScore": {
+          "readOnly": true,
+          "type": "number",
+          "format": "float",
+          "minimum": 0,
+          "maximum": 1,
+          "description": "level of confidence we have on the alert"
+        },
+        "confidenceReasons": {
+          "type": "array",
+          "description": "reasons the alert got the confidenceScore value",
+          "items": {
+            "$ref": "#/definitions/AlertConfidenceReason"
+          }
+        },
+        "subscriptionId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to"
+        },
+        "instanceId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Instance ID of the alert."
+        },
+        "workspaceArmId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure resource ID of the workspace that the alert was reported to."
+        },
+        "correlationKey": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Alerts with the same CorrelationKey will be grouped together in Ibiza."
+        }
+      }
+    },
+    "AlertConfidenceReason": {
+      "type": "object",
+      "description": "Factors that increase our confidence that the alert is a true positive",
+      "properties": {
+        "type": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Type of confidence factor"
+        },
+        "reason": {
+          "readOnly": true,
+          "type": "string",
+          "description": "description of the confidence reason"
+        }
+      }
+    },
+    "AlertEntity": {
+      "type": "object",
+      "additionalProperties": true,
+      "description": "Changing set of properties depending on the entity type.",
+      "properties": {
+        "type": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Type of entity"
+        }
+      }
+    },
+    "AlertExtendedProperties": {
+      "type": "object",
+      "additionalProperties": true,
+      "description": "Changing set of properties depending on the alert type."
+    }
+  },
+  "parameters": {
+    "AlertName": {
+      "name": "alertName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the alert object",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/allowedConnections.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/allowedConnections.json
new file mode 100644
index 000000000..c326c58c7
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/allowedConnections.json
@@ -0,0 +1,297 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2015-06-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/allowedConnections": {
+      "get": {
+        "x-ms-examples": {
+          "Get allowed connections on a subscription": {
+            "$ref": "./examples/AllowedConnections/GetAllowedConnectionsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "AllowedConnections"
+        ],
+        "description": "Gets the list of all possible traffic between resources for the subscription",
+        "operationId": "AllowedConnections_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AllowedConnectionsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/allowedConnections": {
+      "get": {
+        "x-ms-examples": {
+          "Get allowed connections on a subscription from security data location": {
+            "$ref": "./examples/AllowedConnections/GetAllowedConnectionsSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "AllowedConnections"
+        ],
+        "description": "Gets the list of all possible traffic between resources for the subscription and location.",
+        "operationId": "AllowedConnections_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AllowedConnectionsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/allowedConnections/{connectionType}": {
+      "get": {
+        "x-ms-examples": {
+          "Get allowed connections": {
+            "$ref": "./examples/AllowedConnections/GetAllowedConnections_example.json"
+          }
+        },
+        "tags": [
+          "AllowedConnections"
+        ],
+        "description": "Gets the list of all possible traffic between resources for the subscription and location, based on connection type.",
+        "operationId": "AllowedConnections_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/ConnectionType"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AllowedConnectionsResource"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AllowedConnectionsList": {
+      "type": "object",
+      "description": "List of all possible traffic between Azure resources",
+      "properties": {
+        "value": {
+          "type": "array",
+          "readOnly": true,
+          "items": {
+            "$ref": "#/definitions/AllowedConnectionsResource"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "AllowedConnectionsResource": {
+      "type": "object",
+      "description": "The resource whose properties describes the allowed traffic between Azure resources",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "readOnly": true,
+          "$ref": "#/definitions/AllowedConnectionsResourceProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "AllowedConnectionsResourceProperties": {
+      "type": "object",
+      "description": "Describes the allowed traffic between Azure resources",
+      "properties": {
+        "calculatedDateTime": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "The UTC time on which the allowed connections resource was calculated"
+        },
+        "connectableResources": {
+          "type": "array",
+          "readOnly": true,
+          "description": "List of connectable resources",
+          "items": {
+            "$ref": "#/definitions/ConnectableResource"
+          }
+        }
+      }
+    },
+    "ConnectableResource": {
+      "type": "object",
+      "description": "Describes the allowed inbound and outbound traffic of an Azure resource",
+      "properties": {
+        "id": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The Azure resource id"
+        },
+        "inboundConnectedResources": {
+          "type": "array",
+          "readOnly": true,
+          "description": "The list of Azure resources that the resource has inbound allowed connection from",
+          "items": {
+            "$ref": "#/definitions/ConnectedResource"
+          }
+        },
+        "outboundConnectedResources": {
+          "type": "array",
+          "readOnly": true,
+          "description": "The list of Azure resources that the resource has outbound allowed connection to",
+          "items": {
+            "$ref": "#/definitions/ConnectedResource"
+          }
+        }
+      }
+    },
+    "ConnectedResource": {
+      "type": "object",
+      "description": "Describes properties of a connected resource",
+      "properties": {
+        "connectedResourceId": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The Azure resource id of the connected resource"
+        },
+        "tcpPorts": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The allowed tcp ports"
+        },
+        "udpPorts": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The allowed udp ports"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ConnectionType": {
+      "name": "connectionType",
+      "type": "string",
+      "in": "path",
+      "description": "The type of allowed connections (Internal, External)",
+      "required": true,
+      "enum": [
+        "Internal",
+        "External"
+      ],
+      "x-ms-enum": {
+        "name": "connectionType",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "Internal"
+          },
+          {
+            "value": "External"
+          }
+        ]
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/discoveredSecuritySolutions.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/discoveredSecuritySolutions.json
new file mode 100644
index 000000000..4dd66014b
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/discoveredSecuritySolutions.json
@@ -0,0 +1,263 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2015-06-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/discoveredSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get discovered security solutions": {
+            "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "DiscoveredSecuritySolutions"
+        ],
+        "description": "Gets a list of discovered Security Solutions for the subscription.",
+        "operationId": "DiscoveredSecuritySolutions_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DiscoveredSecuritySolutionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/discoveredSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get discovered security solutions from a security data location": {
+            "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "DiscoveredSecuritySolutions"
+        ],
+        "description": "Gets a list of discovered Security Solutions for the subscription and location.",
+        "operationId": "DiscoveredSecuritySolutions_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DiscoveredSecuritySolutionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/discoveredSecuritySolutions/{discoveredSecuritySolutionName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get discovered security solution from a security data location": {
+            "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "DiscoveredSecuritySolutions"
+        ],
+        "description": "Gets a specific discovered Security Solution.",
+        "operationId": "DiscoveredSecuritySolutions_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/DiscoveredSecuritySolutionName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DiscoveredSecuritySolution"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "DiscoveredSecuritySolutionList": {
+      "type": "object",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/DiscoveredSecuritySolution"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "DiscoveredSecuritySolution": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/DiscoveredSecuritySolutionProperties"
+        }
+      },
+      "required": [
+        "properties"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "DiscoveredSecuritySolutionProperties": {
+      "type": "object",
+      "properties": {
+        "securityFamily": {
+          "type": "string",
+          "description": "The security family of the discovered solution",
+          "enum": [
+            "Waf",
+            "Ngfw",
+            "SaasWaf",
+            "Va"
+          ],
+          "x-ms-enum": {
+            "name": "securityFamily",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Waf"
+              },
+              {
+                "value": "Ngfw"
+              },
+              {
+                "value": "SaasWaf"
+              },
+              {
+                "value": "Va"
+              }
+            ]
+          }
+        },
+        "offer": {
+          "type": "string",
+          "description": "The security solutions' image offer"
+        },
+        "publisher": {
+          "type": "string",
+          "description": "The security solutions' image publisher"
+        },
+        "sku": {
+          "type": "string",
+          "description": "The security solutions' image sku"
+        }
+      },
+      "required": [
+        "securityFamily",
+        "offer",
+        "publisher",
+        "sku"
+      ]
+    }
+  },
+  "parameters": {
+    "DiscoveredSecuritySolutionName": {
+      "name": "discoveredSecuritySolutionName",
+      "type": "string",
+      "in": "path",
+      "required": true,
+      "description": "Name of a discovered security solution.",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/externalSecuritySolutions.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/externalSecuritySolutions.json
new file mode 100644
index 000000000..c0c70c7ac
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/externalSecuritySolutions.json
@@ -0,0 +1,385 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2015-06-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/externalSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get external security solutions on a subscription": {
+            "$ref": "./examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json"
+          }
+        },
+        "description": "Gets a list of external security solutions for the subscription.",
+        "tags": [
+          "ExternalSecuritySolutions"
+        ],
+        "operationId": "ExternalSecuritySolutions_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ExternalSecuritySolutionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/ExternalSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get external security solutions on a subscription from security data location": {
+            "$ref": "./examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json"
+          }
+        },
+        "description": "Gets a list of external Security Solutions for the subscription and location.",
+        "tags": [
+          "ExternalSecuritySolutions"
+        ],
+        "operationId": "ExternalSecuritySolutions_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ExternalSecuritySolutionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/ExternalSecuritySolutions/{externalSecuritySolutionsName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get external security solution": {
+            "$ref": "./examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json"
+          }
+        },
+        "description": "Gets a specific external Security Solution.",
+        "tags": [
+          "ExternalSecuritySolutions"
+        ],
+        "operationId": "ExternalSecuritySolutions_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/ExternalSecuritySolutionsName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ExternalSecuritySolution"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ExternalSecuritySolutionList": {
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ExternalSecuritySolution"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "ExternalSecuritySolution": {
+      "type": "object",
+      "description": "Represents a security solution external to Microsoft Defender for Cloud which sends information to an OMS workspace and whose data is displayed by Microsoft Defender for Cloud.",
+      "discriminator": "kind",
+      "properties": {},
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "#/definitions/ExternalSecuritySolutionKind"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "CefExternalSecuritySolution": {
+      "x-ms-discriminator-value": "CEF",
+      "type": "object",
+      "description": "Represents a security solution which sends CEF logs to an OMS workspace",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolution"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/CefSolutionProperties"
+        }
+      }
+    },
+    "AtaExternalSecuritySolution": {
+      "x-ms-discriminator-value": "ATA",
+      "type": "object",
+      "description": "Represents an ATA security solution which sends logs to an OMS workspace",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolution"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/AtaSolutionProperties"
+        }
+      }
+    },
+    "AadExternalSecuritySolution": {
+      "x-ms-discriminator-value": "AAD",
+      "type": "object",
+      "description": "Represents an AAD identity protection solution which sends logs to an OMS workspace.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolution"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/AadSolutionProperties"
+        }
+      }
+    },
+    "ExternalSecuritySolutionKind": {
+      "type": "object",
+      "description": "Describes an Azure resource with kind",
+      "properties": {
+        "kind": {
+          "type": "string",
+          "description": "The kind of the external solution",
+          "enum": [
+            "CEF",
+            "ATA",
+            "AAD"
+          ],
+          "x-ms-enum": {
+            "name": "ExternalSecuritySolutionKind",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "CEF"
+              },
+              {
+                "value": "ATA"
+              },
+              {
+                "value": "AAD"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "ExternalSecuritySolutionProperties": {
+      "type": "object",
+      "description": "The solution properties (correspond to the solution kind)",
+      "additionalProperties": true,
+      "properties": {
+        "deviceVendor": {
+          "type": "string"
+        },
+        "deviceType": {
+          "type": "string"
+        },
+        "workspace": {
+          "$ref": "#/definitions/ConnectedWorkspace"
+        }
+      }
+    },
+    "ConnectedWorkspace": {
+      "type": "object",
+      "title": "Represents an OMS workspace to which the solution is connected",
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "Azure resource ID of the connected OMS workspace"
+        }
+      }
+    },
+    "AadConnectivityState": {
+      "type": "object",
+      "description": "Describes an Azure resource with kind",
+      "properties": {
+        "connectivityState": {
+          "type": "string",
+          "title": "The connectivity state of the external AAD solution ",
+          "enum": [
+            "Discovered",
+            "NotLicensed",
+            "Connected"
+          ],
+          "x-ms-enum": {
+            "name": "AadConnectivityState",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Discovered"
+              },
+              {
+                "value": "NotLicensed"
+              },
+              {
+                "value": "Connected"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AadSolutionProperties": {
+      "type": "object",
+      "title": "The external security solution properties for AAD solutions",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolutionProperties"
+        },
+        {
+          "$ref": "#/definitions/AadConnectivityState"
+        }
+      ]
+    },
+    "CefSolutionProperties": {
+      "type": "object",
+      "title": "The external security solution properties for CEF solutions",
+      "properties": {
+        "hostname": {
+          "type": "string"
+        },
+        "agent": {
+          "type": "string"
+        },
+        "lastEventReceived": {
+          "type": "string"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolutionProperties"
+        }
+      ]
+    },
+    "AtaSolutionProperties": {
+      "type": "object",
+      "title": "The external security solution properties for ATA solutions",
+      "properties": {
+        "lastEventReceived": {
+          "type": "string"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolutionProperties"
+        }
+      ]
+    }
+  },
+  "parameters": {
+    "ExternalSecuritySolutionsName": {
+      "name": "externalSecuritySolutionsName",
+      "in": "path",
+      "description": "Name of an external security solution.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/jitNetworkAccessPolicies.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/jitNetworkAccessPolicies.json
new file mode 100644
index 000000000..34e0e1abf
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/jitNetworkAccessPolicies.json
@@ -0,0 +1,770 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2015-06-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/jitNetworkAccessPolicies": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policies on a subscription": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control.",
+        "operationId": "JitNetworkAccessPolicies_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPoliciesList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policies on a subscription from a security data location": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location",
+        "operationId": "JitNetworkAccessPolicies_ListByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPoliciesList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/jitNetworkAccessPolicies": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policies on a resource group": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location",
+        "operationId": "JitNetworkAccessPolicies_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPoliciesList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policies on a resource group from a security data location": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location",
+        "operationId": "JitNetworkAccessPolicies_ListByResourceGroupAndRegion",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPoliciesList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policy": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location",
+        "operationId": "JitNetworkAccessPolicies_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPolicy"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create JIT network access policy": {
+            "$ref": "./examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Create a policy for protecting resources using Just-in-Time access control",
+        "operationId": "JitNetworkAccessPolicies_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicy"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPolicy"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a JIT network access policy": {
+            "$ref": "./examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Delete a Just-in-Time access control policy.",
+        "operationId": "JitNetworkAccessPolicies_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Resource was deleted"
+          },
+          "204": {
+            "description": "No Content - Resource does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}/{jitNetworkAccessPolicyInitiateType}": {
+      "post": {
+        "x-ms-examples": {
+          "Initiate an action on a JIT network access policy": {
+            "$ref": "./examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Initiate a JIT access from a specific Just-in-Time policy configuration.",
+        "operationId": "JitNetworkAccessPolicies_Initiate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyName"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyInitiateType"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyInitiateRequest"
+          }
+        ],
+        "responses": {
+          "202": {
+            "description": "Accepted",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessRequest"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "JitNetworkAccessPoliciesList": {
+      "type": "object",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPolicy"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "JitNetworkAccessPolicy": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/JitNetworkAccessPolicyProperties"
+        }
+      },
+      "required": [
+        "properties"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Kind"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "JitNetworkAccessPolicyProperties": {
+      "type": "object",
+      "properties": {
+        "virtualMachines": {
+          "type": "array",
+          "description": "Configurations for Microsoft.Compute/virtualMachines resource type.",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine"
+          }
+        },
+        "requests": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessRequest"
+          }
+        },
+        "provisioningState": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Gets the provisioning state of the Just-in-Time policy."
+        }
+      },
+      "required": [
+        "virtualMachines"
+      ]
+    },
+    "JitNetworkAccessPolicyVirtualMachine": {
+      "type": "object",
+      "required": [
+        "id",
+        "ports"
+      ],
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "Resource ID of the virtual machine that is linked to this policy"
+        },
+        "ports": {
+          "type": "array",
+          "description": "Port configurations for the virtual machine",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPortRule"
+          }
+        },
+        "publicIpAddress": {
+          "type": "string",
+          "description": "Public IP address of the Azure Firewall that is linked to this policy, if applicable"
+        }
+      }
+    },
+    "JitNetworkAccessPortRule": {
+      "type": "object",
+      "properties": {
+        "number": {
+          "$ref": "#/definitions/PortNumber"
+        },
+        "protocol": {
+          "type": "string",
+          "enum": [
+            "TCP",
+            "UDP",
+            "*"
+          ],
+          "x-ms-enum": {
+            "name": "protocol",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "TCP"
+              },
+              {
+                "value": "UDP"
+              },
+              {
+                "value": "*",
+                "name": "All"
+              }
+            ]
+          }
+        },
+        "allowedSourceAddressPrefix": {
+          "type": "string",
+          "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+        },
+        "allowedSourceAddressPrefixes": {
+          "type": "array",
+          "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.",
+          "items": {
+            "type": "string",
+            "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+          }
+        },
+        "maxRequestAccessDuration": {
+          "type": "string",
+          "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day"
+        }
+      },
+      "required": [
+        "maxRequestAccessDuration",
+        "number",
+        "protocol"
+      ]
+    },
+    "JitNetworkAccessRequest": {
+      "type": "object",
+      "properties": {
+        "virtualMachines": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine"
+          }
+        },
+        "startTimeUtc": {
+          "type": "string",
+          "format": "date-time",
+          "description": "The start time of the request in UTC"
+        },
+        "requestor": {
+          "type": "string",
+          "description": "The identity of the person who made the request"
+        },
+        "justification": {
+          "type": "string",
+          "description": "The justification for making the initiate request"
+        }
+      },
+      "required": [
+        "requestor",
+        "startTimeUtc",
+        "virtualMachines"
+      ]
+    },
+    "JitNetworkAccessRequestVirtualMachine": {
+      "type": "object",
+      "required": [
+        "id",
+        "ports"
+      ],
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "Resource ID of the virtual machine that is linked to this policy"
+        },
+        "ports": {
+          "type": "array",
+          "description": "The ports that were opened for the virtual machine",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessRequestPort"
+          }
+        }
+      }
+    },
+    "JitNetworkAccessRequestPort": {
+      "type": "object",
+      "properties": {
+        "number": {
+          "$ref": "#/definitions/PortNumber"
+        },
+        "allowedSourceAddressPrefix": {
+          "type": "string",
+          "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+        },
+        "allowedSourceAddressPrefixes": {
+          "type": "array",
+          "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.",
+          "items": {
+            "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\".",
+            "type": "string"
+          }
+        },
+        "endTimeUtc": {
+          "type": "string",
+          "format": "date-time",
+          "description": "The date & time at which the request ends in UTC"
+        },
+        "status": {
+          "type": "string",
+          "description": "The status of the port",
+          "enum": [
+            "Revoked",
+            "Initiated"
+          ],
+          "x-ms-enum": {
+            "name": "status",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Revoked"
+              },
+              {
+                "value": "Initiated"
+              }
+            ]
+          }
+        },
+        "statusReason": {
+          "type": "string",
+          "description": "A description of why the `status` has its value",
+          "enum": [
+            "Expired",
+            "UserRequested",
+            "NewerRequestInitiated"
+          ],
+          "x-ms-enum": {
+            "name": "statusReason",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Expired"
+              },
+              {
+                "value": "UserRequested"
+              },
+              {
+                "value": "NewerRequestInitiated"
+              }
+            ]
+          }
+        },
+        "mappedPort": {
+          "type": "integer",
+          "description": "The port which is mapped to this port's `number` in the Azure Firewall, if applicable"
+        }
+      },
+      "required": [
+        "endTimeUtc",
+        "number",
+        "status",
+        "statusReason"
+      ]
+    },
+    "JitNetworkAccessPolicyInitiateRequest": {
+      "type": "object",
+      "properties": {
+        "virtualMachines": {
+          "type": "array",
+          "description": "A list of virtual machines & ports to open access for",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPolicyInitiateVirtualMachine"
+          }
+        },
+        "justification": {
+          "type": "string",
+          "description": "The justification for making the initiate request"
+        }
+      },
+      "required": [
+        "virtualMachines"
+      ]
+    },
+    "JitNetworkAccessPolicyInitiateVirtualMachine": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "Resource ID of the virtual machine that is linked to this policy"
+        },
+        "ports": {
+          "type": "array",
+          "description": "The ports to open for the resource with the `id`",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPolicyInitiatePort"
+          }
+        }
+      },
+      "required": [
+        "id",
+        "ports"
+      ]
+    },
+    "JitNetworkAccessPolicyInitiatePort": {
+      "type": "object",
+      "properties": {
+        "number": {
+          "$ref": "#/definitions/PortNumber"
+        },
+        "allowedSourceAddressPrefix": {
+          "type": "string",
+          "description": "Source of the allowed traffic. If omitted, the request will be for the source IP address of the initiate request."
+        },
+        "endTimeUtc": {
+          "type": "string",
+          "format": "date-time",
+          "description": "The time to close the request in UTC"
+        }
+      },
+      "required": [
+        "endTimeUtc",
+        "number"
+      ]
+    },
+    "PortNumber": {
+      "type": "integer",
+      "minimum": 0,
+      "maximum": 65535
+    }
+  },
+  "parameters": {
+    "JitNetworkAccessPolicyName": {
+      "name": "jitNetworkAccessPolicyName",
+      "type": "string",
+      "in": "path",
+      "required": true,
+      "description": "Name of a Just-in-Time access configuration policy.",
+      "x-ms-parameter-location": "method"
+    },
+    "JitNetworkAccessPolicyInitiateType": {
+      "name": "jitNetworkAccessPolicyInitiateType",
+      "type": "string",
+      "in": "path",
+      "required": true,
+      "description": "Type of the action to do on the Just-in-Time access policy.",
+      "enum": [
+        "initiate"
+      ],
+      "x-ms-parameter-location": "method"
+    },
+    "JitNetworkAccessPolicyInitiateRequest": {
+      "name": "body",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/JitNetworkAccessPolicyInitiateRequest"
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "JitNetworkAccessPolicy": {
+      "name": "body",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/JitNetworkAccessPolicy"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/locations.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/locations.json
new file mode 100644
index 000000000..fbcc71c65
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/locations.json
@@ -0,0 +1,142 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2015-06-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations": {
+      "get": {
+        "x-ms-examples": {
+          "Get security data locations": {
+            "$ref": "./examples/Locations/GetLocations_example.json"
+          }
+        },
+        "tags": [
+          "Locations"
+        ],
+        "description": "The location of the responsible ASC of the specific subscription (home region). For each subscription there is only one responsible location. The location in the response should be used to read or write other resources in ASC according to their ID.",
+        "operationId": "Locations_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/AscLocationList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security data location": {
+            "$ref": "./examples/Locations/GetLocation_example.json"
+          }
+        },
+        "tags": [
+          "Locations"
+        ],
+        "description": "Details of a specific location",
+        "operationId": "Locations_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/AscLocation"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ExtendedResourceProvider": {
+      "name": "extendedResourceProvider",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Resource provider name of the base resource",
+      "x-ms-parameter-location": "method"
+    },
+    "ExtendedResourceType": {
+      "name": "extendedResourceType",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Type of the base resource",
+      "x-ms-parameter-location": "method"
+    },
+    "ExtendedResourceName": {
+      "name": "extendedResourceName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The name of the base resource",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/operations.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/operations.json
new file mode 100644
index 000000000..bd7e79846
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/operations.json
@@ -0,0 +1,134 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2015-06-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/providers/Microsoft.Security/operations": {
+      "get": {
+        "tags": [
+          "Operations"
+        ],
+        "description": "Exposes all available operations for discovery purposes.",
+        "operationId": "Operations_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/OperationList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    }
+  },
+  "definitions": {
+    "OperationList": {
+      "type": "object",
+      "description": "List of possible operations for Microsoft.Security resource provider",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of Security operations",
+          "items": {
+            "$ref": "#/definitions/Operation"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "Operation": {
+      "type": "object",
+      "description": "Possible operation in the REST API of Microsoft.Security",
+      "properties": {
+        "name": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the operation"
+        },
+        "origin": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Where the operation is originated"
+        },
+        "display": {
+          "$ref": "#/definitions/OperationDisplay"
+        }
+      }
+    },
+    "OperationDisplay": {
+      "type": "object",
+      "description": "Security operation display",
+      "properties": {
+        "provider": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The resource provider for the operation."
+        },
+        "resource": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The display name of the resource the operation applies to."
+        },
+        "operation": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The display name of the security operation."
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The description of the operation."
+        }
+      }
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/tasks.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/tasks.json
new file mode 100644
index 000000000..391d0bf95
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/tasks.json
@@ -0,0 +1,454 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2015-06-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/tasks": {
+      "get": {
+        "x-ms-examples": {
+          "Get security recommendations tasks": {
+            "$ref": "./examples/Tasks/GetTasksSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Tasks"
+        ],
+        "description": "Recommended tasks that will help improve the security of the subscription proactively",
+        "operationId": "Tasks_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityTaskList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/tasks": {
+      "get": {
+        "x-ms-examples": {
+          "Get security recommendations tasks from security data location": {
+            "$ref": "./examples/Tasks/GetTasksSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Tasks"
+        ],
+        "description": "Recommended tasks that will help improve the security of the subscription proactively",
+        "operationId": "Tasks_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityTaskList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security recommendation task from security data location": {
+            "$ref": "./examples/Tasks/GetTaskSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Tasks"
+        ],
+        "description": "Recommended tasks that will help improve the security of the subscription proactively",
+        "operationId": "Tasks_GetSubscriptionLevelTask",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/TaskName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityTask"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}/{taskUpdateActionType}": {
+      "post": {
+        "x-ms-examples": {
+          "Change security recommendation task state": {
+            "$ref": "./examples/Tasks/UpdateTaskSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Tasks"
+        ],
+        "description": "Recommended tasks that will help improve the security of the subscription proactively",
+        "operationId": "Tasks_UpdateSubscriptionLevelTaskState",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/TaskName"
+          },
+          {
+            "$ref": "#/parameters/TaskUpdateActionType"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/tasks": {
+      "get": {
+        "x-ms-examples": {
+          "Get security recommendation tasks in a resource group": {
+            "$ref": "./examples/Tasks/GetTasksResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Tasks"
+        ],
+        "description": "Recommended tasks that will help improve the security of the subscription proactively",
+        "operationId": "Tasks_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityTaskList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security recommendation task in a resource group": {
+            "$ref": "./examples/Tasks/GetTaskResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Tasks"
+        ],
+        "description": "Recommended tasks that will help improve the security of the subscription proactively",
+        "operationId": "Tasks_GetResourceGroupLevelTask",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/TaskName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityTask"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/tasks/{taskName}/{taskUpdateActionType}": {
+      "post": {
+        "x-ms-examples": {
+          "Change security recommendation task state": {
+            "$ref": "./examples/Tasks/UpdateTaskResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Tasks"
+        ],
+        "description": "Recommended tasks that will help improve the security of the subscription proactively",
+        "operationId": "Tasks_UpdateResourceGroupLevelTaskState",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/TaskName"
+          },
+          {
+            "$ref": "#/parameters/TaskUpdateActionType"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityTaskList": {
+      "type": "object",
+      "description": "List of security task recommendations",
+      "properties": {
+        "value": {
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityTask"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityTask": {
+      "type": "object",
+      "description": "Security task that we recommend to do in order to strengthen security",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecurityTaskProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityTaskProperties": {
+      "type": "object",
+      "description": "Describes properties of a task.",
+      "properties": {
+        "state": {
+          "readOnly": true,
+          "type": "string",
+          "description": "State of the task (Active, Resolved etc.)"
+        },
+        "creationTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The time this task was discovered in UTC"
+        },
+        "securityTaskParameters": {
+          "$ref": "#/definitions/SecurityTaskParameters"
+        },
+        "lastStateChangeTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The time this task's details were last changed in UTC"
+        },
+        "subState": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Additional data on the state of the task"
+        }
+      }
+    },
+    "SecurityTaskParameters": {
+      "type": "object",
+      "description": "Changing set of properties, depending on the task type that is derived from the name field",
+      "additionalProperties": true,
+      "properties": {
+        "name": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the task type"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "TaskName": {
+      "name": "taskName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the task object, will be a GUID",
+      "x-ms-parameter-location": "method"
+    },
+    "TaskUpdateActionType": {
+      "name": "taskUpdateActionType",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "enum": [
+        "Activate",
+        "Dismiss",
+        "Start",
+        "Resolve",
+        "Close"
+      ],
+      "x-ms-enum": {
+        "name": "TaskUpdateActionType",
+        "modelAsString": true
+      },
+      "description": "Type of the action to do on the task",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/topologies.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/topologies.json
new file mode 100644
index 000000000..ef9b292b1
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2015-06-01-preview/topologies.json
@@ -0,0 +1,301 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2015-06-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/topologies": {
+      "get": {
+        "x-ms-examples": {
+          "Get topology on a subscription": {
+            "$ref": "./examples/Topology/GetTopologySubscription_example.json"
+          }
+        },
+        "tags": [
+          "Topology"
+        ],
+        "description": "Gets a list that allows to build a topology view of a subscription.",
+        "operationId": "Topology_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/TopologyList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/topologies": {
+      "get": {
+        "x-ms-examples": {
+          "Get topology on a subscription from security data location": {
+            "$ref": "./examples/Topology/GetTopologySubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Topology"
+        ],
+        "description": "Gets a list that allows to build a topology view of a subscription and location.",
+        "operationId": "Topology_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/TopologyList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/topologies/{topologyResourceName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get topology": {
+            "$ref": "./examples/Topology/GetTopology_example.json"
+          }
+        },
+        "tags": [
+          "Topology"
+        ],
+        "description": "Gets a specific topology component.",
+        "operationId": "Topology_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/TopologyResourceName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/TopologyResource"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "TopologyList": {
+      "type": "object",
+      "properties": {
+        "value": {
+          "type": "array",
+          "readOnly": true,
+          "items": {
+            "$ref": "#/definitions/TopologyResource"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "TopologyResource": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "readOnly": true,
+          "$ref": "#/definitions/TopologyResourceProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "TopologyResourceProperties": {
+      "type": "object",
+      "properties": {
+        "calculatedDateTime": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "The UTC time on which the topology was calculated"
+        },
+        "topologyResources": {
+          "type": "array",
+          "readOnly": true,
+          "description": "Azure resources which are part of this topology resource",
+          "items": {
+            "$ref": "#/definitions/TopologySingleResource"
+          }
+        }
+      }
+    },
+    "TopologySingleResource": {
+      "type": "object",
+      "properties": {
+        "resourceId": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Azure resource id"
+        },
+        "severity": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The security severity of the resource"
+        },
+        "recommendationsExist": {
+          "type": "boolean",
+          "readOnly": true,
+          "description": "Indicates if the resource has security recommendations"
+        },
+        "networkZones": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Indicates the resource connectivity level to the Internet (InternetFacing, Internal ,etc.)"
+        },
+        "topologyScore": {
+          "type": "integer",
+          "readOnly": true,
+          "description": "Score of the resource based on its security severity"
+        },
+        "location": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The location of this resource"
+        },
+        "parents": {
+          "type": "array",
+          "readOnly": true,
+          "description": "Azure resources connected to this resource which are in higher level in the topology view",
+          "items": {
+            "$ref": "#/definitions/TopologySingleResourceParent"
+          }
+        },
+        "children": {
+          "type": "array",
+          "readOnly": true,
+          "description": "Azure resources connected to this resource which are in lower level in the topology view",
+          "items": {
+            "$ref": "#/definitions/TopologySingleResourceChild"
+          }
+        }
+      }
+    },
+    "TopologySingleResourceParent": {
+      "type": "object",
+      "properties": {
+        "resourceId": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Azure resource id which serves as parent resource in topology view"
+        }
+      }
+    },
+    "TopologySingleResourceChild": {
+      "type": "object",
+      "properties": {
+        "resourceId": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Azure resource id which serves as child resource in topology view"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "TopologyResourceName": {
+      "name": "topologyResourceName",
+      "in": "path",
+      "description": "Name of a topology resources collection.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/advancedThreatProtectionSettings.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/advancedThreatProtectionSettings.json
new file mode 100644
index 000000000..3edc85033
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/advancedThreatProtectionSettings.json
@@ -0,0 +1,166 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{resourceId}/providers/Microsoft.Security/advancedThreatProtectionSettings/{settingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Gets the Advanced Threat Protection settings for the specified resource.": {
+            "$ref": "./examples/AdvancedThreatProtection/GetAdvancedThreatProtectionSettings_example.json"
+          }
+        },
+        "tags": [
+          "AdvancedThreatProtection"
+        ],
+        "description": "Gets the Advanced Threat Protection settings for the specified resource.",
+        "operationId": "AdvancedThreatProtection_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AdvancedThreatProtectionSettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful request to get Advanced Threat Protection settings.",
+            "schema": {
+              "$ref": "#/definitions/AdvancedThreatProtectionSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Creates or updates the Advanced Threat Protection settings on a specified resource.": {
+            "$ref": "./examples/AdvancedThreatProtection/PutAdvancedThreatProtectionSettings_example.json"
+          }
+        },
+        "tags": [
+          "AdvancedThreatProtection"
+        ],
+        "description": "Creates or updates the Advanced Threat Protection settings on a specified resource.",
+        "operationId": "AdvancedThreatProtection_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AdvancedThreatProtectionSettingName"
+          },
+          {
+            "$ref": "#/parameters/AdvancedThreatProtectionSetting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful request to put Advanced Threat Protection settings.",
+            "schema": {
+              "$ref": "#/definitions/AdvancedThreatProtectionSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AdvancedThreatProtectionProperties": {
+      "properties": {
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Indicates whether Advanced Threat Protection is enabled."
+        }
+      },
+      "description": "The Advanced Threat Protection settings."
+    },
+    "AdvancedThreatProtectionSetting": {
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/AdvancedThreatProtectionProperties"
+        }
+      },
+      "description": "The Advanced Threat Protection resource."
+    }
+  },
+  "parameters": {
+    "AdvancedThreatProtectionSettingName": {
+      "name": "settingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "enum": [
+        "current"
+      ],
+      "description": "Advanced Threat Protection setting name.",
+      "x-ms-parameter-location": "method"
+    },
+    "AdvancedThreatProtectionSetting": {
+      "name": "advancedThreatProtectionSetting",
+      "in": "body",
+      "required": true,
+      "description": "Advanced Threat Protection Settings",
+      "schema": {
+        "$ref": "#/definitions/AdvancedThreatProtectionSetting"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/autoProvisioningSettings.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/autoProvisioningSettings.json
new file mode 100644
index 000000000..918725ad7
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/autoProvisioningSettings.json
@@ -0,0 +1,243 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings": {
+      "get": {
+        "x-ms-examples": {
+          "Get auto provisioning settings for subscription": {
+            "$ref": "./examples/AutoProvisioningSettings/GetAutoProvisioningSettingsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "AutoProvisioningSettings"
+        ],
+        "description": "Exposes the auto provisioning settings of the subscriptions",
+        "operationId": "AutoProvisioningSettings_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AutoProvisioningSettingList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/autoProvisioningSettings/{settingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get an auto provisioning setting for subscription": {
+            "$ref": "./examples/AutoProvisioningSettings/GetAutoProvisioningSettingSubscription_example.json"
+          }
+        },
+        "tags": [
+          "AutoProvisioningSettings"
+        ],
+        "description": "Details of a specific setting",
+        "operationId": "AutoProvisioningSettings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/AutoProvisioningSettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AutoProvisioningSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create auto provisioning settings for subscription": {
+            "$ref": "./examples/AutoProvisioningSettings/CreateAutoProvisioningSettingsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "AutoProvisioningSettings"
+        ],
+        "description": "Details of a specific setting",
+        "operationId": "AutoProvisioningSettings_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/AutoProvisioningSettingName"
+          },
+          {
+            "$ref": "#/parameters/AutoProvisioningSetting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AutoProvisioningSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AutoProvisioningSettingList": {
+      "type": "object",
+      "description": "List of all the auto provisioning settings response",
+      "properties": {
+        "value": {
+          "description": "List of all the auto provisioning settings",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AutoProvisioningSetting"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "AutoProvisioningSetting": {
+      "type": "object",
+      "description": "Auto provisioning setting",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Auto provisioning setting data",
+          "$ref": "#/definitions/AutoProvisioningSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "AutoProvisioningSettingProperties": {
+      "type": "object",
+      "description": "describes properties of an auto provisioning setting",
+      "properties": {
+        "autoProvision": {
+          "type": "string",
+          "description": "Describes what kind of security agent provisioning action to take",
+          "enum": [
+            "On",
+            "Off"
+          ],
+          "x-ms-enum": {
+            "name": "autoProvision",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "On",
+                "description": "Install missing security agent on VMs automatically"
+              },
+              {
+                "value": "Off",
+                "description": "Do not install security agent on the VMs automatically"
+              }
+            ]
+          }
+        }
+      },
+      "required": [
+        "autoProvision"
+      ]
+    }
+  },
+  "parameters": {
+    "AutoProvisioningSettingName": {
+      "name": "settingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Auto provisioning setting key",
+      "x-ms-parameter-location": "method"
+    },
+    "AutoProvisioningSetting": {
+      "name": "setting",
+      "in": "body",
+      "required": true,
+      "description": "Auto provisioning setting key",
+      "schema": {
+        "$ref": "#/definitions/AutoProvisioningSetting"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/compliances.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/compliances.json
new file mode 100644
index 000000000..b0f9ba593
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/compliances.json
@@ -0,0 +1,206 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/compliances": {
+      "get": {
+        "x-ms-examples": {
+          "Get security compliance data over time": {
+            "$ref": "./examples/Compliances/GetCompliances_example.json"
+          }
+        },
+        "tags": [
+          "Compliances"
+        ],
+        "description": "The Compliance scores of the specific management group.",
+        "operationId": "Compliances_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ComplianceList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{scope}/providers/Microsoft.Security/compliances/{complianceName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security compliance data for a day": {
+            "$ref": "./examples/Compliances/GetCompliance_example.json"
+          }
+        },
+        "tags": [
+          "Compliances"
+        ],
+        "description": "Details of a specific Compliance.",
+        "operationId": "Compliances_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/ComplianceName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Compliance"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ComplianceList": {
+      "type": "object",
+      "readOnly": true,
+      "description": "List of Compliance objects response",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of Compliance objects",
+          "items": {
+            "$ref": "#/definitions/Compliance"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "Compliance": {
+      "type": "object",
+      "readOnly": true,
+      "description": "Compliance of a scope",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Compliance data",
+          "$ref": "#/definitions/ComplianceProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "ComplianceProperties": {
+      "type": "object",
+      "description": "The Compliance score (percentage) of a Subscription is a sum of all Resources' Compliances under the given Subscription. A Resource Compliance is defined as the compliant ('healthy') Policy Definitions out of all Policy Definitions applicable to a given resource.",
+      "properties": {
+        "assessmentTimestampUtcDate": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The timestamp when the Compliance calculation was conducted."
+        },
+        "resourceCount": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The resource count of the given subscription for which the Compliance calculation was conducted (needed for Management Group Compliance calculation)."
+        },
+        "assessmentResult": {
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ComplianceSegment"
+          },
+          "description": "An array of segment, which is the actually the compliance assessment."
+        }
+      }
+    },
+    "ComplianceSegment": {
+      "type": "object",
+      "description": "A segment of a compliance assessment.",
+      "properties": {
+        "segmentType": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The segment type, e.g. compliant, non-compliance, insufficient coverage, N/A, etc."
+        },
+        "percentage": {
+          "type": "number",
+          "format": "double",
+          "readOnly": true,
+          "description": "The size (%) of the segment."
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ComplianceName": {
+      "name": "complianceName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "name of the Compliance",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/deviceSecurityGroups.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/deviceSecurityGroups.json
new file mode 100644
index 000000000..655474e9e
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/deviceSecurityGroups.json
@@ -0,0 +1,631 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups": {
+      "get": {
+        "x-ms-examples": {
+          "List all device security groups for the specified IoT Hub resource": {
+            "$ref": "./examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json"
+          }
+        },
+        "tags": [
+          "DeviceSecurityGroups"
+        ],
+        "description": "Use this method get the list of device security groups for the specified IoT Hub resource.",
+        "operationId": "DeviceSecurityGroups_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DeviceSecurityGroupList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a device security group for the specified IoT Hub resource": {
+            "$ref": "./examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json"
+          }
+        },
+        "tags": [
+          "DeviceSecurityGroups"
+        ],
+        "description": "Use this method to get the device security group for the specified IoT Hub resource.",
+        "operationId": "DeviceSecurityGroups_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DeviceSecurityGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful request to get device security group.",
+            "schema": {
+              "$ref": "#/definitions/DeviceSecurityGroup"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create or update a device security group for the specified IoT hub resource": {
+            "$ref": "./examples/DeviceSecurityGroups/PutDeviceSecurityGroups_example.json"
+          }
+        },
+        "tags": [
+          "DeviceSecurityGroups"
+        ],
+        "description": "Use this method to creates or updates the device security group on a specified IoT Hub resource.",
+        "operationId": "DeviceSecurityGroups_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DeviceSecurityGroupName"
+          },
+          {
+            "$ref": "#/parameters/DeviceSecurityGroup"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Security group was updated.",
+            "schema": {
+              "$ref": "#/definitions/DeviceSecurityGroup"
+            }
+          },
+          "201": {
+            "description": "Security group was created.",
+            "schema": {
+              "$ref": "#/definitions/DeviceSecurityGroup"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a device security group for the specified IoT Hub resource": {
+            "$ref": "./examples/DeviceSecurityGroups/DeleteDeviceSecurityGroups_example.json"
+          }
+        },
+        "tags": [
+          "DeviceSecurityGroups"
+        ],
+        "description": "User this method to deletes the device security group.",
+        "operationId": "DeviceSecurityGroups_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DeviceSecurityGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Device security group has been deleted."
+          },
+          "204": {
+            "description": "Device security group does not exist."
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "DeviceSecurityGroupList": {
+      "type": "object",
+      "readOnly": true,
+      "description": "List of device security groups",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of device security group objects",
+          "items": {
+            "$ref": "#/definitions/DeviceSecurityGroup"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "DeviceSecurityGroup": {
+      "type": "object",
+      "description": "The device security group resource",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Device Security group data",
+          "$ref": "#/definitions/DeviceSecurityGroupProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "DeviceSecurityGroupProperties": {
+      "type": "object",
+      "description": "describes properties of a security group.",
+      "properties": {
+        "thresholdRules": {
+          "type": "array",
+          "description": "The list of custom alert threshold rules.",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/ThresholdCustomAlertRule"
+          }
+        },
+        "timeWindowRules": {
+          "type": "array",
+          "description": "The list of custom alert time-window rules.",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/TimeWindowCustomAlertRule"
+          }
+        },
+        "allowlistRules": {
+          "type": "array",
+          "description": "The allow-list custom alert rules.",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/AllowlistCustomAlertRule"
+          }
+        },
+        "denylistRules": {
+          "type": "array",
+          "description": "The deny-list custom alert rules.",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/DenylistCustomAlertRule"
+          }
+        }
+      }
+    },
+    "CustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule.",
+      "discriminator": "ruleType",
+      "properties": {
+        "displayName": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The display name of the custom alert."
+        },
+        "description": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The description of the custom alert."
+        },
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Status of the custom alert."
+        },
+        "ruleType": {
+          "type": "string",
+          "description": "The type of the custom alert rule."
+        }
+      },
+      "required": [
+        "isEnabled",
+        "ruleType"
+      ]
+    },
+    "ListCustomAlertRule": {
+      "type": "object",
+      "description": "A List custom alert rule.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/CustomAlertRule"
+        }
+      ],
+      "properties": {
+        "valueType": {
+          "type": "string",
+          "description": "The value type of the items in the list.",
+          "enum": [
+            "IpCidr",
+            "String"
+          ],
+          "readOnly": true,
+          "x-ms-enum": {
+            "name": "valueType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "IpCidr",
+                "description": "An IP range in CIDR format (e.g. '192.168.0.1/8')."
+              },
+              {
+                "value": "String",
+                "description": "Any string value."
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AllowlistCustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule that checks if a value (depends on the custom alert type) is allowed.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ListCustomAlertRule"
+        }
+      ],
+      "properties": {
+        "allowlistValues": {
+          "type": "array",
+          "description": "The values to allow. The format of the values depends on the rule type.",
+          "items": {
+            "type": "string"
+          }
+        }
+      },
+      "required": [
+        "allowlistValues"
+      ]
+    },
+    "ConnectionToIpNotAllowed": {
+      "type": "object",
+      "description": "Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AllowlistCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "LocalUserNotAllowed": {
+      "type": "object",
+      "description": "Login by a local user that isn't allowed. Allow list consists of login names to allow.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AllowlistCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "ProcessNotAllowed": {
+      "type": "object",
+      "description": "Execution of a process that isn't allowed. Allow list consists of process names to allow.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AllowlistCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "DenylistCustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule that checks if a value (depends on the custom alert type) is denied.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ListCustomAlertRule"
+        }
+      ],
+      "properties": {
+        "denylistValues": {
+          "type": "array",
+          "description": "The values to deny. The format of the values depends on the rule type.",
+          "items": {
+            "type": "string"
+          }
+        }
+      },
+      "required": [
+        "denylistValues"
+      ]
+    },
+    "ThresholdCustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule that checks if a value (depends on the custom alert type) is within the given range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/CustomAlertRule"
+        }
+      ],
+      "properties": {
+        "minThreshold": {
+          "type": "integer",
+          "description": "The minimum threshold."
+        },
+        "maxThreshold": {
+          "type": "integer",
+          "description": "The maximum threshold."
+        }
+      },
+      "required": [
+        "minThreshold",
+        "maxThreshold"
+      ]
+    },
+    "TimeWindowCustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ThresholdCustomAlertRule"
+        }
+      ],
+      "properties": {
+        "timeWindowSize": {
+          "type": "string",
+          "description": "The time window size in iso8601 format.",
+          "format": "duration"
+        }
+      },
+      "required": [
+        "timeWindowSize"
+      ]
+    },
+    "ActiveConnectionsNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of active connections is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "AmqpC2DMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of cloud to device messages (AMQP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "MqttC2DMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of cloud to device messages (MQTT protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "HttpC2DMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of cloud to device messages (HTTP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "AmqpC2DRejectedMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "MqttC2DRejectedMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "HttpC2DRejectedMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "AmqpD2CMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of device to cloud messages (AMQP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "MqttD2CMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of device to cloud messages (MQTT protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "HttpD2CMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of device to cloud messages (HTTP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "DirectMethodInvokesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of direct method invokes is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "FailedLocalLoginsNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of failed local logins is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "FileUploadsNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of file uploads is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "QueuePurgesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of device queue purges is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "TwinUpdatesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of twin updates is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "UnauthorizedOperationsNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of unauthorized operations is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    }
+  },
+  "parameters": {
+    "DeviceSecurityGroupName": {
+      "name": "deviceSecurityGroupName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The name of the device security group. Note that the name of the device security group is case insensitive.",
+      "x-ms-parameter-location": "method"
+    },
+    "DeviceSecurityGroup": {
+      "name": "deviceSecurityGroup",
+      "in": "body",
+      "required": true,
+      "description": "Security group object.",
+      "schema": {
+        "$ref": "#/definitions/DeviceSecurityGroup"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/informationProtectionPolicies.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/informationProtectionPolicies.json
new file mode 100644
index 000000000..90e13c30f
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/informationProtectionPolicies.json
@@ -0,0 +1,362 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/informationProtectionPolicies/{informationProtectionPolicyName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get the customized information protection policy for a management group": {
+            "$ref": "./examples/InformationProtectionPolicies/GetCustomInformationProtectionPolicy_example.json"
+          },
+          "Get the effective information protection policy for a management group": {
+            "$ref": "./examples/InformationProtectionPolicies/GetEffectiveInformationProtectionPolicy_example.json"
+          }
+        },
+        "tags": [
+          "InformationProtectionPolicies"
+        ],
+        "description": "Details of the information protection policy.",
+        "operationId": "InformationProtectionPolicies_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/InformationProtectionPolicyName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/InformationProtectionPolicy"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create or update an information protection policy for a management group": {
+            "$ref": "./examples/InformationProtectionPolicies/CreateOrUpdateInformationProtectionPolicy_example.json"
+          }
+        },
+        "tags": [
+          "InformationProtectionPolicies"
+        ],
+        "description": "Details of the information protection policy.",
+        "operationId": "InformationProtectionPolicies_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/InformationProtectionPolicyName"
+          },
+          {
+            "$ref": "#/parameters/InformationProtectionPolicy"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/InformationProtectionPolicy"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/InformationProtectionPolicy"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/{scope}/providers/Microsoft.Security/informationProtectionPolicies": {
+      "get": {
+        "x-ms-examples": {
+          "Get information protection policies": {
+            "$ref": "./examples/InformationProtectionPolicies/ListInformationProtectionPolicies_example.json"
+          }
+        },
+        "tags": [
+          "InformationProtectionPolicies"
+        ],
+        "description": "Information protection policies of a specific management group.",
+        "operationId": "InformationProtectionPolicies_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/InformationProtectionPolicyList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    }
+  },
+  "definitions": {
+    "InformationProtectionPolicyList": {
+      "type": "object",
+      "readOnly": true,
+      "description": "Information protection policies response.",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of information protection policies.",
+          "items": {
+            "$ref": "#/definitions/InformationProtectionPolicy"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "InformationProtectionPolicy": {
+      "type": "object",
+      "description": "Information protection policy.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Information protection policy data",
+          "$ref": "#/definitions/InformationProtectionPolicyProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "InformationProtectionPolicyProperties": {
+      "type": "object",
+      "description": "describes properties of an information protection policy.",
+      "properties": {
+        "lastModifiedUtc": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "Describes the last UTC time the policy was modified."
+        },
+        "version": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Describes the version of the policy."
+        },
+        "labels": {
+          "type": "object",
+          "description": "Dictionary of sensitivity labels.",
+          "additionalProperties": {
+            "type": "object",
+            "$ref": "#/definitions/SensitivityLabel"
+          }
+        },
+        "informationTypes": {
+          "type": "object",
+          "description": "The sensitivity information types.",
+          "additionalProperties": {
+            "type": "object",
+            "$ref": "#/definitions/InformationType"
+          }
+        }
+      }
+    },
+    "SensitivityLabel": {
+      "type": "object",
+      "description": "The sensitivity label.",
+      "properties": {
+        "displayName": {
+          "type": "string",
+          "description": "The name of the sensitivity label."
+        },
+        "description": {
+          "type": "string",
+          "description": "The description of the sensitivity label."
+        },
+        "rank": {
+          "type": "string",
+          "description": "The rank of the sensitivity label.",
+          "enum": [
+            "None",
+            "Low",
+            "Medium",
+            "High",
+            "Critical"
+          ],
+          "x-ms-enum": {
+            "name": "rank",
+            "modelAsString": false
+          }
+        },
+        "order": {
+          "format": "int32",
+          "description": "The order of the sensitivity label.",
+          "type": "integer"
+        },
+        "enabled": {
+          "type": "boolean",
+          "description": "Indicates whether the label is enabled or not."
+        }
+      }
+    },
+    "InformationType": {
+      "type": "object",
+      "description": "The information type.",
+      "properties": {
+        "displayName": {
+          "type": "string",
+          "description": "The name of the information type."
+        },
+        "description": {
+          "type": "string",
+          "description": "The description of the information type."
+        },
+        "order": {
+          "format": "int32",
+          "description": "The order of the information type.",
+          "type": "integer"
+        },
+        "recommendedLabelId": {
+          "type": "string",
+          "format": "uuid",
+          "description": "The recommended label id to be associated with this information type."
+        },
+        "enabled": {
+          "type": "boolean",
+          "description": "Indicates whether the information type is enabled or not."
+        },
+        "custom": {
+          "type": "boolean",
+          "description": "Indicates whether the information type is custom or not."
+        },
+        "keywords": {
+          "type": "array",
+          "description": "The information type keywords.",
+          "items": {
+            "$ref": "#/definitions/InformationProtectionKeyword"
+          }
+        }
+      }
+    },
+    "InformationProtectionKeyword": {
+      "type": "object",
+      "description": "The information type keyword.",
+      "properties": {
+        "pattern": {
+          "type": "string",
+          "description": "The keyword pattern."
+        },
+        "custom": {
+          "type": "boolean",
+          "description": "Indicates whether the keyword is custom or not."
+        },
+        "canBeNumeric": {
+          "type": "boolean",
+          "description": "Indicates whether the keyword can be applied on numeric types or not."
+        },
+        "excluded": {
+          "type": "boolean",
+          "description": "Indicates whether the keyword is excluded or not."
+        }
+      }
+    }
+  },
+  "parameters": {
+    "InformationProtectionPolicyName": {
+      "name": "informationProtectionPolicyName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "enum": [
+        "effective",
+        "custom"
+      ],
+      "x-ms-enum": {
+        "name": "InformationProtectionPolicyName",
+        "modelAsString": true
+      },
+      "description": "Name of the information protection policy.",
+      "x-ms-parameter-location": "method"
+    },
+    "InformationProtectionPolicy": {
+      "name": "informationProtectionPolicy",
+      "in": "body",
+      "required": true,
+      "description": "Information protection policy.",
+      "schema": {
+        "$ref": "#/definitions/InformationProtectionPolicy"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutionAnalytics.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutionAnalytics.json
new file mode 100644
index 000000000..54e224ea4
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutionAnalytics.json
@@ -0,0 +1,916 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solutions Analytics": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityAnalyticsList_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions Analytics"
+        ],
+        "description": "Security Analytics of a security solution",
+        "operationId": "IoTSecuritySolutionsAnalytics_GetAll",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionAnalyticsModelList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solutions Analytics": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityAnalytics_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions Analytics"
+        ],
+        "description": "Security Analytics of a security solution",
+        "operationId": "IoTSecuritySolutionsAnalytics_GetDefault",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionAnalyticsModel"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solutions Analytics": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityAggregatedAlertList_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions Analytics"
+        ],
+        "description": "Security Analytics of a security solution",
+        "operationId": "IoTSecuritySolutionsAnalyticsAggregatedAlerts_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "name": "$top",
+            "in": "query",
+            "description": "The number of results to retrieve.",
+            "required": false,
+            "type": "integer"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecurityAggregatedAlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts/{aggregatedAlertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solutions Analytics": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityAggregatedAlert_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions Analytics"
+        ],
+        "description": "Security Analytics of a security solution",
+        "operationId": "IoTSecuritySolutionsAnalyticsAggregatedAlert_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/AggregatedAlertName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecurityAggregatedAlert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts/{aggregatedAlertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Get Security Solutions Analytics": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/PostIoTSecuritySolutionsSecurityAggregatedAlertDismiss_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions Analytics"
+        ],
+        "description": "Security Analytics of a security solution",
+        "operationId": "IoTSecuritySolutionsAnalyticsAggregatedAlert_Dismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/AggregatedAlertName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Dismissed"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedRecommendations/{aggregatedRecommendationName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solutions Analytics": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityRecommendation_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions Analytics"
+        ],
+        "description": "Security Analytics of a security solution",
+        "operationId": "IoTSecuritySolutionsAnalyticsRecommendation_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/AggregatedRecommendationName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecurityAggregatedRecommendation"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedRecommendations": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solutions Analytics": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityRecommendationList_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions Analytics"
+        ],
+        "description": "Security Analytics of a security solution",
+        "operationId": "IoTSecuritySolutionsAnalyticsRecommendations_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "name": "$top",
+            "in": "query",
+            "description": "The number of results to retrieve.",
+            "required": false,
+            "type": "integer"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecurityAggregatedRecommendationList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    }
+  },
+  "definitions": {
+    "IoTSeverityMetrics": {
+      "type": "object",
+      "description": "Severity metrics",
+      "properties": {
+        "high": {
+          "type": "integer",
+          "description": "count of high severity items"
+        },
+        "medium": {
+          "type": "integer",
+          "description": "count of medium severity items"
+        },
+        "low": {
+          "type": "integer",
+          "description": "count of low severity items"
+        }
+      }
+    },
+    "IoTSecuritySolutionAnalyticsModel": {
+      "type": "object",
+      "description": "Security Analytics of a security solution",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security Solution  Aggregated Alert data",
+          "$ref": "#/definitions/IoTSecuritySolutionAnalyticsModelProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "IoTSecuritySolutionAnalyticsModelProperties": {
+      "description": "Security Analytics of a security solution properties",
+      "properties": {
+        "metrics": {
+          "type": "object",
+          "$ref": "#/definitions/IoTSeverityMetrics",
+          "description": "Security Analytics of a security solution",
+          "readOnly": true
+        },
+        "unhealthyDeviceCount": {
+          "type": "integer",
+          "readOnly": true,
+          "description": "number of unhealthy devices"
+        },
+        "devicesMetrics": {
+          "description": "The list of devices metrics by the aggregated date.",
+          "type": "array",
+          "readOnly": true,
+          "items": {
+            "properties": {
+              "date": {
+                "type": "string",
+                "format": "date-time",
+                "description": "the date of the metrics"
+              },
+              "devicesMetrics": {
+                "type": "object",
+                "$ref": "#/definitions/IoTSeverityMetrics",
+                "description": "devices alerts count by severity."
+              }
+            }
+          }
+        },
+        "topAlertedDevices": {
+          "description": "The list of top 3 devices with the most attacked.",
+          "type": "object",
+          "$ref": "#/definitions/IoTSecurityAlertedDevicesList"
+        },
+        "mostPrevalentDeviceAlerts": {
+          "description": "The list of most prevalent 3 alerts.",
+          "type": "object",
+          "$ref": "#/definitions/IoTSecurityDeviceAlertsList"
+        },
+        "mostPrevalentDeviceRecommendations": {
+          "description": "The list of most prevalent 3 recommendations.",
+          "type": "object",
+          "$ref": "#/definitions/IoTSecurityDeviceRecommendationsList"
+        }
+      }
+    },
+    "IoTSecuritySolutionAnalyticsModelList": {
+      "description": "List of Security Analytics of a security solution",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of Security Analytics of a security solution",
+          "items": {
+            "$ref": "#/definitions/IoTSecuritySolutionAnalyticsModel"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecurityAggregatedAlertList": {
+      "description": "List of IoT aggregated security alerts",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of aggregated alerts data",
+          "items": {
+            "$ref": "#/definitions/IoTSecurityAggregatedAlert"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecurityAggregatedRecommendationList": {
+      "description": "List of IoT aggregated security recommendations",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of aggregated alerts data",
+          "items": {
+            "$ref": "#/definitions/IoTSecurityAggregatedRecommendation"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecurityAlertedDevicesList": {
+      "description": "List of devices with the count of raised alerts",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of aggregated alerts data",
+          "items": {
+            "$ref": "#/definitions/IoTSecurityAlertedDevice"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecurityDeviceAlertsList": {
+      "description": "List of alerts with the count of raised alerts",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of top alerts data",
+          "items": {
+            "$ref": "#/definitions/IoTSecurityDeviceAlert"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecurityDeviceRecommendationsList": {
+      "description": "List of recommendations with the count of devices",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of aggregated recommendation data",
+          "items": {
+            "$ref": "#/definitions/IoTSecurityDeviceRecommendation"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecurityAggregatedAlert": {
+      "type": "object",
+      "description": "Security Solution Aggregated Alert information",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security Solution  Aggregated Alert data",
+          "$ref": "#/definitions/IoTSecurityAggregatedAlertProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "#/definitions/TagsResource"
+        }
+      ]
+    },
+    "IoTSecurityAggregatedAlertProperties": {
+      "type": "object",
+      "description": "Security Solution Aggregated Alert data",
+      "properties": {
+        "alertType": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the alert type"
+        },
+        "alertDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the alert type"
+        },
+        "aggregatedDateUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date",
+          "description": "The date the incidents were detected by the vendor"
+        },
+        "vendorName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the vendor that discovered the incident"
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Estimated severity of this alert"
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Recommended steps for remediation"
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the incident and what it means"
+        },
+        "count": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "Occurrence number of the alert within the aggregated date"
+        },
+        "effectedResourceType": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure resource ID of the resource that got the alerts"
+        },
+        "systemSource": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The type of the alerted resource (Azure, Non-Azure)"
+        },
+        "actionTaken": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The action that was taken as a response to the alert (Active, Blocked etc.)"
+        },
+        "logAnalyticsQuery": {
+          "readOnly": true,
+          "type": "string",
+          "description": "query in log analytics to get the list of affected devices/alerts"
+        }
+      }
+    },
+    "IoTSecurityAggregatedRecommendation": {
+      "type": "object",
+      "description": "Security Solution Recommendation Information",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security Solution data",
+          "$ref": "#/definitions/IoTSecurityAggregatedRecommendationProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "#/definitions/TagsResource"
+        }
+      ]
+    },
+    "IoTSecurityAggregatedRecommendationProperties": {
+      "type": "object",
+      "description": "Security Solution Recommendation Information",
+      "properties": {
+        "recommendationName": {
+          "type": "string",
+          "description": "Name of the recommendation"
+        },
+        "recommendationDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the recommendation type."
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the incident and what it means"
+        },
+        "recommendationTypeId": {
+          "description": "The recommendation-type GUID.",
+          "type": "string",
+          "readOnly": true
+        },
+        "detectedBy": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the vendor that discovered the issue"
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Recommended steps for remediation"
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Estimated severity of this recommendation"
+        },
+        "healthyDevices": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "the number of the healthy devices within the solution"
+        },
+        "unhealthyDeviceCount": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "the number of the unhealthy devices within the solution"
+        },
+        "logAnalyticsQuery": {
+          "readOnly": true,
+          "type": "string",
+          "description": "query in log analytics to get the list of affected devices/alerts"
+        }
+      }
+    },
+    "IoTSecurityAlertedDevice": {
+      "type": "object",
+      "description": "Statistic information about the number of alerts per device during the last period",
+      "properties": {
+        "deviceId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the alert type"
+        },
+        "alertsCount": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "the number of alerts raised for this device"
+        }
+      }
+    },
+    "IoTSecurityDeviceAlert": {
+      "type": "object",
+      "description": "Statistic information about the number of alerts per alert type during the last period",
+      "properties": {
+        "alertDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the alert"
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Estimated severity of this alert"
+        },
+        "alertsCount": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "the number of alerts raised for this alert type"
+        }
+      }
+    },
+    "IoTSecurityDeviceRecommendation": {
+      "type": "object",
+      "description": "Statistic information about the number of recommendations per recommendation type",
+      "properties": {
+        "recommendationDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the recommendation"
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Estimated severity of this recommendation"
+        },
+        "devicesCount": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "the number of device with this recommendation"
+        }
+      }
+    },
+    "TagsResource": {
+      "properties": {
+        "tags": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Resource tags"
+        }
+      },
+      "description": "A container holding only the Tags for a resource, allowing the user to update the tags."
+    }
+  },
+  "parameters": {
+    "SolutionName": {
+      "name": "solutionName",
+      "in": "path",
+      "required": true,
+      "description": "The solution manager name",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "AggregatedAlertName": {
+      "name": "aggregatedAlertName",
+      "in": "path",
+      "required": true,
+      "description": "Identifier of the aggregated alert",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "AggregatedRecommendationName": {
+      "name": "aggregatedRecommendationName",
+      "in": "path",
+      "required": true,
+      "description": "Identifier of the aggregated recommendation",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutions.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutions.json
new file mode 100644
index 000000000..0e1a2d2e6
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/iotSecuritySolutions.json
@@ -0,0 +1,659 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solutions list": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList_example.json"
+          },
+          "Get Security Solutions list By IotHub": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions"
+        ],
+        "description": "List of security solutions",
+        "operationId": "IoTSecuritySolutions_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/FilterParam"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solutions list": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByRg_example.json"
+          },
+          "Get Security Solutions list By IotHub": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHubAndRg_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions"
+        ],
+        "description": "List of security solutions",
+        "operationId": "IoTSecuritySolutionsResourceGroup_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/FilterParam"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get an iot security solution": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolution_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions"
+        ],
+        "description": "Details of a specific iot security solution",
+        "operationId": "IotSecuritySolution_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionModel"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create an iot security solution": {
+            "$ref": "./examples/IoTSecuritySolutions/CreateIoTSecuritySolution_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions"
+        ],
+        "description": "Create new solution manager",
+        "operationId": "IotSecuritySolution_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/IotSecuritySolutionData"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Updated",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionModel"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionModel"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "patch": {
+        "x-ms-examples": {
+          "Update an iot security solution": {
+            "$ref": "./examples/IoTSecuritySolutions/UpdateIoTSecuritySolution_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions"
+        ],
+        "description": "update existing Security Solution tags or user defined resources. To update other fields use the CreateOrUpdate method",
+        "operationId": "IotSecuritySolution_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/UpdateIotSecuritySolution"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Updated",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionModel"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Create an iot security solution": {
+            "$ref": "./examples/IoTSecuritySolutions/DeleteIoTSecuritySolution_example.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solutions"
+        ],
+        "description": "Create new solution manager",
+        "operationId": "IotSecuritySolution_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Security Solution deleted"
+          },
+          "204": {
+            "description": "Security Solution was not exists"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "TagsResource": {
+      "properties": {
+        "tags": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Resource tags"
+        }
+      },
+      "description": "A container holding only the Tags for a resource, allowing the user to update the tags."
+    },
+    "IoTSecuritySolutionsList": {
+      "description": "List of iot solutions",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of security solutions",
+          "items": {
+            "$ref": "#/definitions/IoTSecuritySolutionModel"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecuritySolutionModel": {
+      "type": "object",
+      "description": "Security Solution",
+      "properties": {
+        "location": {
+          "type": "string",
+          "description": "The resource location."
+        },
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security Solution data",
+          "$ref": "#/definitions/IoTSecuritySolutionProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "#/definitions/TagsResource"
+        }
+      ]
+    },
+    "IoTSecuritySolutionProperties": {
+      "type": "object",
+      "description": "Security Solution setting data",
+      "properties": {
+        "workspace": {
+          "type": "string",
+          "description": "Workspace resource ID"
+        },
+        "displayName": {
+          "type": "string",
+          "description": "Resource display name."
+        },
+        "status": {
+          "type": "string",
+          "enum": [
+            "Enabled",
+            "Disabled"
+          ],
+          "default": "Enabled",
+          "description": "Security solution status",
+          "x-ms-enum": {
+            "name": "SecuritySolutionStatus",
+            "modelAsString": true
+          }
+        },
+        "export": {
+          "type": "array",
+          "items": {
+            "enum": [
+              "RawEvents"
+            ],
+            "type": "string",
+            "x-ms-enum": {
+              "name": "ExportData",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "RawEvents",
+                  "description": "Agent raw events"
+                }
+              ]
+            }
+          },
+          "description": "List of additional export to workspace data options"
+        },
+        "disabledDataSources": {
+          "type": "array",
+          "items": {
+            "enum": [
+              "TwinData"
+            ],
+            "type": "string",
+            "x-ms-enum": {
+              "name": "DataSource",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "TwinData",
+                  "description": "Devices twin data"
+                }
+              ]
+            }
+          },
+          "description": "Disabled data sources. Disabling these data sources compromises the system."
+        },
+        "iotHubs": {
+          "type": "array",
+          "description": "IoT Hub resource IDs",
+          "items": {
+            "type": "string"
+          }
+        },
+        "userDefinedResources": {
+          "$ref": "#/definitions/UserDefinedResourcesProperties"
+        },
+        "autoDiscoveredResources": {
+          "type": "array",
+          "description": "List of resources that were automatically discovered as relevant to the security solution.",
+          "items": {
+            "type": "string"
+          },
+          "readOnly": true
+        },
+        "recommendationsConfiguration": {
+          "$ref": "#/definitions/RecommendationConfigurationList"
+        }
+      },
+      "required": [
+        "iotHubs",
+        "workspace",
+        "displayName"
+      ]
+    },
+    "UserDefinedResourcesProperties": {
+      "type": "object",
+      "description": "Properties of the solution's user defined resources.",
+      "properties": {
+        "query": {
+          "type": "string",
+          "x-nullable": true,
+          "description": "Azure Resource Graph query which represents the security solution's user defined resources. Required to start with \"where type != \"Microsoft.Devices/IotHubs\"\""
+        },
+        "querySubscriptions": {
+          "type": "array",
+          "x-nullable": true,
+          "description": "List of Azure subscription ids on which the user defined resources query should be executed.",
+          "items": {
+            "type": "string",
+            "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"
+          }
+        }
+      },
+      "required": [
+        "query",
+        "querySubscriptions"
+      ]
+    },
+    "RecommendationConfigurationProperties": {
+      "type": "object",
+      "description": "Recommendation configuration",
+      "properties": {
+        "recommendationType": {
+          "type": "string",
+          "description": "The recommendation type.",
+          "enum": [
+            "IoT_ACRAuthentication",
+            "IoT_AgentSendsUnutilizedMessages",
+            "IoT_Baseline",
+            "IoT_EdgeHubMemOptimize",
+            "IoT_EdgeLoggingOptions",
+            "IoT_InconsistentModuleSettings",
+            "IoT_InstallAgent",
+            "IoT_IPFilter_DenyAll",
+            "IoT_IPFilter_PermissiveRule",
+            "IoT_OpenPorts",
+            "IoT_PermissiveFirewallPolicy",
+            "IoT_PermissiveInputFirewallRules",
+            "IoT_PermissiveOutputFirewallRules",
+            "IoT_PrivilegedDockerOptions",
+            "IoT_SharedCredentials",
+            "IoT_VulnerableTLSCipherSuite"
+          ],
+          "x-ms-enum": {
+            "name": "RecommendationType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "IoT_ACRAuthentication",
+                "description": "Authentication schema used for pull an edge module from an ACR repository does not use Service Principal Authentication."
+              },
+              {
+                "value": "IoT_AgentSendsUnutilizedMessages",
+                "description": "IoT agent message size capacity is currently underutilized, causing an increase in the number of sent messages. Adjust message intervals for better utilization."
+              },
+              {
+                "value": "IoT_Baseline",
+                "description": "Identified security related system configuration issues."
+              },
+              {
+                "value": "IoT_EdgeHubMemOptimize",
+                "description": "You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used by Edge modules in your solution."
+              },
+              {
+                "value": "IoT_EdgeLoggingOptions",
+                "description": "Logging is disabled for this edge module."
+              },
+              {
+                "value": "IoT_InconsistentModuleSettings",
+                "description": "A minority within a device security group has inconsistent Edge Module settings with the rest of their group."
+              },
+              {
+                "value": "IoT_InstallAgent",
+                "description": "Install the Azure Security of Things Agent."
+              },
+              {
+                "value": "IoT_IPFilter_DenyAll",
+                "description": "IP Filter Configuration should have rules defined for allowed traffic and should deny all other traffic by default."
+              },
+              {
+                "value": "IoT_IPFilter_PermissiveRule",
+                "description": "An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose your IoT hub to malicious intenders."
+              },
+              {
+                "value": "IoT_OpenPorts",
+                "description": "A listening endpoint was found on the device."
+              },
+              {
+                "value": "IoT_PermissiveFirewallPolicy",
+                "description": "An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by default and define rules to allow necessary communication to/from the device."
+              },
+              {
+                "value": "IoT_PermissiveInputFirewallRules",
+                "description": "A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports."
+              },
+              {
+                "value": "IoT_PermissiveOutputFirewallRules",
+                "description": "A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports."
+              },
+              {
+                "value": "IoT_PrivilegedDockerOptions",
+                "description": "Edge module is configured to run in privileged mode, with extensive Linux capabilities or with host-level network access (send/receive data to host machine)."
+              },
+              {
+                "value": "IoT_SharedCredentials",
+                "description": "Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an illegitimate device impersonating a legitimate device. It also exposes the risk of device impersonation by an attacker."
+              },
+              {
+                "value": "IoT_VulnerableTLSCipherSuite",
+                "description": "Insecure TLS configurations detected. Immediate upgrade recommended."
+              }
+            ]
+          }
+        },
+        "name": {
+          "type": "string",
+          "readOnly": true
+        },
+        "status": {
+          "type": "string",
+          "enum": [
+            "Disabled",
+            "Enabled"
+          ],
+          "default": "Enabled",
+          "description": "Recommendation status. The recommendation is not generated when the status is disabled",
+          "x-ms-enum": {
+            "name": "RecommendationConfigStatus",
+            "modelAsString": true
+          }
+        }
+      },
+      "required": [
+        "recommendationType",
+        "status"
+      ]
+    },
+    "RecommendationConfigurationList": {
+      "type": "array",
+      "description": "List of recommendation configuration",
+      "items": {
+        "$ref": "#/definitions/RecommendationConfigurationProperties"
+      }
+    },
+    "UpdateIotSecuritySolutionData": {
+      "type": "object",
+      "properties": {
+        "userDefinedResources": {
+          "$ref": "#/definitions/UserDefinedResourcesProperties"
+        },
+        "recommendationsConfiguration": {
+          "$ref": "#/definitions/RecommendationConfigurationList"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/TagsResource"
+        }
+      ]
+    }
+  },
+  "parameters": {
+    "SolutionName": {
+      "name": "solutionName",
+      "in": "path",
+      "required": true,
+      "description": "The solution manager name",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "IotSecuritySolutionData": {
+      "name": "iotSecuritySolutionData",
+      "in": "body",
+      "required": true,
+      "description": "The security solution data",
+      "schema": {
+        "$ref": "#/definitions/IoTSecuritySolutionModel"
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "FilterParam": {
+      "name": "$filter",
+      "in": "query",
+      "required": false,
+      "description": "filter the Security Solution with OData syntax. supporting filter by iotHubs",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "UpdateIotSecuritySolution": {
+      "name": "updateIotSecuritySolutionData",
+      "in": "body",
+      "required": true,
+      "description": "The security solution data",
+      "x-ms-parameter-location": "method",
+      "schema": {
+        "$ref": "#/definitions/UpdateIotSecuritySolutionData"
+      }
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/securityContacts.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/securityContacts.json
new file mode 100644
index 000000000..5c121c998
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/securityContacts.json
@@ -0,0 +1,363 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts": {
+      "get": {
+        "x-ms-examples": {
+          "Update security contact data minimal": {
+            "$ref": "./examples/SecurityContacts/GetSecurityContactsSubscription_min_example.json"
+          },
+          "Update security contact data full": {
+            "$ref": "./examples/SecurityContacts/GetSecurityContactsSubscription_full_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Security contact configurations for the subscription",
+        "operationId": "SecurityContacts_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContactList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts/{securityContactName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security contact data minimal": {
+            "$ref": "./examples/SecurityContacts/GetSecurityContact_min_example.json"
+          },
+          "Get security contact data full": {
+            "$ref": "./examples/SecurityContacts/GetSecurityContact_full_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContact"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create security contact data minimal": {
+            "$ref": "./examples/SecurityContacts/CreateSecurityContact_min_example.json"
+          },
+          "Create security contact data full": {
+            "$ref": "./examples/SecurityContacts/CreateSecurityContact_full_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          },
+          {
+            "$ref": "#/parameters/SecurityContact"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContact"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete security contact data": {
+            "$ref": "./examples/SecurityContacts/DeleteSecurityContact_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "patch": {
+        "x-ms-examples": {
+          "Update security contact data minimal": {
+            "$ref": "./examples/SecurityContacts/UpdateSecurityContact_min_example.json"
+          },
+          "Update security contact data full": {
+            "$ref": "./examples/SecurityContacts/UpdateSecurityContact_full_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          },
+          {
+            "$ref": "#/parameters/SecurityContact"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContact"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityContactList": {
+      "type": "object",
+      "description": "List of security contacts response",
+      "properties": {
+        "value": {
+          "readOnly": true,
+          "description": "List of security contacts",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityContact"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityContact": {
+      "type": "object",
+      "description": "Contact details for security issues",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security contact data",
+          "$ref": "#/definitions/SecurityContactProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityContactProperties": {
+      "type": "object",
+      "description": "describes security contact properties",
+      "properties": {
+        "email": {
+          "type": "string",
+          "format": "email",
+          "description": "The email of this security contact"
+        },
+        "phone": {
+          "type": "string",
+          "description": "The phone number of this security contact"
+        },
+        "alertNotifications": {
+          "type": "string",
+          "enum": [
+            "On",
+            "Off"
+          ],
+          "x-ms-enum": {
+            "name": "alertNotifications",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "On",
+                "description": "Get notifications on new alerts"
+              },
+              {
+                "value": "Off",
+                "description": "Don't get notifications on new alerts"
+              }
+            ]
+          },
+          "description": "Whether to send security alerts notifications to the security contact"
+        },
+        "alertsToAdmins": {
+          "type": "string",
+          "enum": [
+            "On",
+            "Off"
+          ],
+          "x-ms-enum": {
+            "name": "alertsToAdmins",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "On",
+                "description": "Send notification on new alerts to the subscription's admins"
+              },
+              {
+                "value": "Off",
+                "description": "Don't send notification on new alerts to the subscription's admins"
+              }
+            ]
+          },
+          "description": "Whether to send security alerts notifications to subscription admins"
+        }
+      },
+      "required": [
+        "email",
+        "alertNotifications",
+        "alertsToAdmins"
+      ]
+    }
+  },
+  "parameters": {
+    "SecurityContactName": {
+      "name": "securityContactName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the security contact object",
+      "x-ms-parameter-location": "method"
+    },
+    "SecurityContact": {
+      "name": "securityContact",
+      "in": "body",
+      "required": true,
+      "description": "Security contact object",
+      "schema": {
+        "$ref": "#/definitions/SecurityContact"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/settings.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/settings.json
new file mode 100644
index 000000000..7417cbd2f
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/settings.json
@@ -0,0 +1,265 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings": {
+      "get": {
+        "x-ms-examples": {
+          "Get settings of subscription": {
+            "$ref": "./examples/Settings/GetSettings_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "Settings about different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SettingsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings/{settingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a setting on subscription": {
+            "$ref": "./examples/Settings/GetSetting_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "Settings of different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Setting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Update a setting for subscription": {
+            "$ref": "./examples/Settings/UpdateSetting_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "updating settings about different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SettingName"
+          },
+          {
+            "$ref": "#/parameters/Setting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Setting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SettingsList": {
+      "type": "object",
+      "description": "Subscription settings list.",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "The settings list.",
+          "items": {
+            "$ref": "#/definitions/Setting"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "DataExportSetting": {
+      "type": "object",
+      "description": "Represents a data export setting",
+      "x-ms-discriminator-value": "DataExportSetting",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Data export setting data",
+          "$ref": "#/definitions/DataExportSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/Setting"
+        }
+      ]
+    },
+    "Setting": {
+      "type": "object",
+      "description": "The kind of the security setting",
+      "properties": {
+        "kind": {
+          "type": "string",
+          "description": "the kind of the settings string (DataExportSetting)",
+          "enum": [
+            "DataExportSetting",
+            "AlertSuppressionSetting"
+          ],
+          "x-ms-enum": {
+            "name": "SettingKind",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "DataExportSetting"
+              },
+              {
+                "value": "AlertSuppressionSetting"
+              }
+            ]
+          }
+        }
+      },
+      "discriminator": "kind",
+      "required": [
+        "kind"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "DataExportSettingProperties": {
+      "type": "object",
+      "description": "The data export setting properties",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Is the data export setting is enabled"
+        }
+      },
+      "required": [
+        "enabled"
+      ]
+    }
+  },
+  "parameters": {
+    "SettingName": {
+      "name": "settingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of setting: (MCAS/WDATP)",
+      "enum": [
+        "MCAS",
+        "WDATP"
+      ],
+      "x-ms-parameter-location": "method"
+    },
+    "Setting": {
+      "name": "setting",
+      "in": "body",
+      "required": true,
+      "description": "Setting object",
+      "schema": {
+        "$ref": "#/definitions/Setting"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json
new file mode 100644
index 000000000..c1e9d23c8
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json
@@ -0,0 +1,306 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2017-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings": {
+      "get": {
+        "x-ms-examples": {
+          "Get workspace settings on subscription": {
+            "$ref": "./examples/WorkspaceSettings/GetWorkspaceSettings_example.json"
+          }
+        },
+        "tags": [
+          "Workspace Settings"
+        ],
+        "description": "Settings about where we should store your security data and logs. If the result is empty, it means that no custom-workspace configuration was set",
+        "operationId": "WorkspaceSettings_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/WorkspaceSettingList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/workspaceSettings/{workspaceSettingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a workspace setting on subscription": {
+            "$ref": "./examples/WorkspaceSettings/GetWorkspaceSetting_example.json"
+          }
+        },
+        "tags": [
+          "Workspace Settings"
+        ],
+        "description": "Settings about where we should store your security data and logs. If the result is empty, it means that no custom-workspace configuration was set",
+        "operationId": "WorkspaceSettings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/WorkspaceSettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/WorkspaceSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create a workspace setting data for subscription": {
+            "$ref": "./examples/WorkspaceSettings/CreateWorkspaceSetting_example.json"
+          }
+        },
+        "tags": [
+          "Workspace Settings"
+        ],
+        "description": "creating settings about where we should store your security data and logs",
+        "operationId": "WorkspaceSettings_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/WorkspaceSettingName"
+          },
+          {
+            "$ref": "#/parameters/WorkspaceSetting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/WorkspaceSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "patch": {
+        "x-ms-examples": {
+          "Update a workspace setting data for subscription": {
+            "$ref": "./examples/WorkspaceSettings/UpdateWorkspaceSetting_example.json"
+          }
+        },
+        "tags": [
+          "Workspace Settings"
+        ],
+        "description": "Settings about where we should store your security data and logs",
+        "operationId": "WorkspaceSettings_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/WorkspaceSettingName"
+          },
+          {
+            "$ref": "#/parameters/WorkspaceSetting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/WorkspaceSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a workspace setting data for resource group": {
+            "$ref": "./examples/WorkspaceSettings/DeleteWorkspaceSetting_example.json"
+          }
+        },
+        "tags": [
+          "Workspace Settings"
+        ],
+        "description": "Deletes the custom workspace settings for this subscription. new VMs will report to the default workspace",
+        "operationId": "WorkspaceSettings_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/WorkspaceSettingName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "WorkspaceSettingList": {
+      "description": "List of workspace settings response",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of workspace settings",
+          "items": {
+            "$ref": "#/definitions/WorkspaceSetting"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "WorkspaceSetting": {
+      "type": "object",
+      "description": "Configures where to store the OMS agent data for workspaces under a scope",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Workspace setting data",
+          "$ref": "#/definitions/WorkspaceSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "WorkspaceSettingProperties": {
+      "type": "object",
+      "description": "Workspace setting data",
+      "properties": {
+        "workspaceId": {
+          "type": "string",
+          "description": "The full Azure ID of the workspace to save the data in"
+        },
+        "scope": {
+          "type": "string",
+          "description": "All the VMs in this scope will send their security data to the mentioned workspace unless overridden by a setting with more specific scope"
+        }
+      },
+      "required": [
+        "workspaceId",
+        "scope"
+      ]
+    }
+  },
+  "parameters": {
+    "WorkspaceSettingName": {
+      "name": "workspaceSettingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the security setting",
+      "x-ms-parameter-location": "method"
+    },
+    "WorkspaceSetting": {
+      "name": "workspaceSetting",
+      "in": "body",
+      "required": true,
+      "description": "Security data setting object",
+      "schema": {
+        "$ref": "#/definitions/WorkspaceSetting"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/alertsSuppressionRules.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/alertsSuppressionRules.json
new file mode 100644
index 000000000..8247b2392
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/alertsSuppressionRules.json
@@ -0,0 +1,337 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/alertsSuppressionRules": {
+      "get": {
+        "x-ms-examples": {
+          "Get suppression rules for subscription": {
+            "$ref": "./examples/AlertsSuppressionRules/GetAlertsSuppressionRules_example.json"
+          },
+          "Get suppression alert rule for subscription, filtered by AlertType": {
+            "$ref": "./examples/AlertsSuppressionRules/GetAlertsSuppressionRulesWithAlertType_example.json"
+          }
+        },
+        "tags": [
+          "AlertsSuppressionRules"
+        ],
+        "description": "List of all the dismiss rules for the given subscription",
+        "operationId": "AlertsSuppressionRules_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/AlertType"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertsSuppressionRulesList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/alertsSuppressionRules/{alertsSuppressionRuleName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get suppression alert rule for subscription": {
+            "$ref": "./examples/AlertsSuppressionRules/GetAlertsSuppressionRule_example.json"
+          }
+        },
+        "tags": [
+          "AlertsSuppressionRules"
+        ],
+        "description": "Get dismiss rule, with name: {alertsSuppressionRuleName}, for the given subscription",
+        "operationId": "AlertsSuppressionRules_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/AlertsSuppressionRuleName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertsSuppressionRule"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Update or create suppression rule for subscription": {
+            "$ref": "./examples/AlertsSuppressionRules/PutAlertsSuppressionRule_example.json"
+          }
+        },
+        "tags": [
+          "AlertsSuppressionRules"
+        ],
+        "description": "Update existing rule or create new rule if it doesn't exist",
+        "operationId": "AlertsSuppressionRules_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/AlertsSuppressionRuleName"
+          },
+          {
+            "$ref": "#/parameters/AlertsSuppressionRule"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertsSuppressionRule"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete suppression rule data for a subscription": {
+            "$ref": "./examples/AlertsSuppressionRules/DeleteAlertsSuppressionRule_example.json"
+          }
+        },
+        "tags": [
+          "AlertsSuppressionRules"
+        ],
+        "description": "Delete dismiss alert rule for this subscription.",
+        "operationId": "AlertsSuppressionRules_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/AlertsSuppressionRuleName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "OK, No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AlertsSuppressionRulesList": {
+      "type": "object",
+      "description": "Suppression rules list for subscription.",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AlertsSuppressionRule"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "URI to fetch the next page."
+        }
+      },
+      "required": [
+        "value"
+      ]
+    },
+    "AlertsSuppressionRule": {
+      "type": "object",
+      "description": "Describes the suppression rule",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/AlertsSuppressionRuleProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "AlertsSuppressionRuleProperties": {
+      "type": "object",
+      "description": "describes AlertsSuppressionRule properties",
+      "properties": {
+        "alertType": {
+          "type": "string",
+          "description": "Type of the alert to automatically suppress. For all alert types, use '*'"
+        },
+        "lastModifiedUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The last time this rule was modified"
+        },
+        "expirationDateUtc": {
+          "type": "string",
+          "format": "date-time",
+          "description": "Expiration date of the rule, if value is not provided or provided as null there will no expiration at all"
+        },
+        "reason": {
+          "type": "string",
+          "description": "The reason for dismissing the alert"
+        },
+        "state": {
+          "type": "string",
+          "description": "Possible states of the rule",
+          "x-ms-enum": {
+            "name": "RuleState"
+          },
+          "enum": [
+            "Enabled",
+            "Disabled",
+            "Expired"
+          ]
+        },
+        "comment": {
+          "type": "string",
+          "description": "Any comment regarding the rule"
+        },
+        "suppressionAlertsScope": {
+          "type": "object",
+          "description": "The suppression conditions",
+          "$ref": "#/definitions/SuppressionAlertsScope"
+        }
+      },
+      "required": [
+        "alertType",
+        "reason",
+        "state"
+      ]
+    },
+    "ScopeElement": {
+      "type": "object",
+      "additionalProperties": true,
+      "description": "A more specific scope used to identify the alerts to suppress.",
+      "properties": {
+        "field": {
+          "type": "string",
+          "description": "The alert entity type to suppress by."
+        }
+      }
+    },
+    "SuppressionAlertsScope": {
+      "type": "object",
+      "properties": {
+        "allOf": {
+          "type": "array",
+          "description": "All the conditions inside need to be true in order to suppress the alert",
+          "items": {
+            "$ref": "#/definitions/ScopeElement"
+          }
+        }
+      },
+      "required": [
+        "allOf"
+      ]
+    }
+  },
+  "parameters": {
+    "AlertType": {
+      "name": "AlertType",
+      "in": "query",
+      "type": "string",
+      "description": "Type of the alert to get rules for",
+      "x-ms-parameter-location": "method"
+    },
+    "AlertsSuppressionRule": {
+      "name": "alertsSuppressionRule",
+      "in": "body",
+      "required": true,
+      "description": "Suppression rule object",
+      "schema": {
+        "$ref": "#/definitions/AlertsSuppressionRule"
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "AlertsSuppressionRuleName": {
+      "name": "alertsSuppressionRuleName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The unique name of the suppression alert rule",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json
new file mode 100644
index 000000000..f4dfcf832
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessmentMetadata.json
@@ -0,0 +1,530 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2019-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/providers/Microsoft.Security/assessmentMetadata": {
+      "get": {
+        "x-ms-examples": {
+          "List security assessment metadata": {
+            "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on all assessment types",
+        "operationId": "AssessmentsMetadata_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadataList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security assessment metadata": {
+            "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on an assessment type",
+        "operationId": "AssessmentsMetadata_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadata"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata": {
+      "get": {
+        "x-ms-examples": {
+          "List security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on all assessment types in a specific subscription",
+        "operationId": "AssessmentsMetadataSubscription_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadataList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on an assessment type in a specific subscription",
+        "operationId": "AssessmentsMetadataSubscription_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadata"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Create metadata information on an assessment type in a specific subscription",
+        "operationId": "AssessmentsMetadataSubscription_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityAssessmentMetadata"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadata"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Delete metadata information on an assessment type in a specific subscription, will cause the deletion of all the assessments of that type in that subscription",
+        "operationId": "AssessmentsMetadataSubscription_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityAssessmentMetadataList": {
+      "type": "object",
+      "description": "List of security assessment metadata",
+      "properties": {
+        "value": {
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityAssessmentMetadata"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityAssessmentMetadata": {
+      "type": "object",
+      "description": "Security assessment metadata",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityAssessmentMetadataProperties": {
+      "type": "object",
+      "description": "Describes properties of an assessment metadata.",
+      "properties": {
+        "displayName": {
+          "type": "string",
+          "description": "User friendly display name of the assessment"
+        },
+        "policyDefinitionId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure resource ID of the policy definition that turns this assessment calculation on"
+        },
+        "description": {
+          "type": "string",
+          "description": "Human readable description of the assessment"
+        },
+        "remediationDescription": {
+          "type": "string",
+          "description": "Human readable description of what you should do to mitigate this security issue"
+        },
+        "categories": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "description": "The categories of resource that is at risk when the assessment is unhealthy",
+            "enum": [
+              "Compute",
+              "Networking",
+              "Data",
+              "IdentityAndAccess",
+              "IoT"
+            ],
+            "x-ms-enum": {
+              "name": "categories",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "Compute"
+                },
+                {
+                  "value": "Networking"
+                },
+                {
+                  "value": "Data"
+                },
+                {
+                  "value": "IdentityAndAccess"
+                },
+                {
+                  "value": "IoT"
+                }
+              ]
+            }
+          }
+        },
+        "severity": {
+          "type": "string",
+          "description": "The severity level of the assessment",
+          "enum": [
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "severity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "userImpact": {
+          "type": "string",
+          "description": "The user impact of the assessment",
+          "enum": [
+            "Low",
+            "Moderate",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "userImpact",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Moderate"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "implementationEffort": {
+          "type": "string",
+          "description": "The implementation effort required to remediate this assessment",
+          "enum": [
+            "Low",
+            "Moderate",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "implementationEffort",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Moderate"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "threats": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "description": "Threats impact of the assessment",
+            "enum": [
+              "accountBreach",
+              "dataExfiltration",
+              "dataSpillage",
+              "maliciousInsider",
+              "elevationOfPrivilege",
+              "threatResistance",
+              "missingCoverage",
+              "denialOfService"
+            ],
+            "x-ms-enum": {
+              "name": "threats",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "accountBreach"
+                },
+                {
+                  "value": "dataExfiltration"
+                },
+                {
+                  "value": "dataSpillage"
+                },
+                {
+                  "value": "maliciousInsider"
+                },
+                {
+                  "value": "elevationOfPrivilege"
+                },
+                {
+                  "value": "threatResistance"
+                },
+                {
+                  "value": "missingCoverage"
+                },
+                {
+                  "value": "denialOfService"
+                }
+              ]
+            }
+          }
+        },
+        "preview": {
+          "type": "boolean",
+          "description": "True if this assessment is in preview release status"
+        },
+        "assessmentType": {
+          "type": "string",
+          "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition",
+          "enum": [
+            "BuiltIn",
+            "CustomPolicy",
+            "CustomerManaged"
+          ],
+          "x-ms-enum": {
+            "name": "assessmentType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "BuiltIn",
+                "description": "Microsoft Defender for Cloud managed assessments"
+              },
+              {
+                "value": "CustomPolicy",
+                "description": "User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud"
+              },
+              {
+                "value": "CustomerManaged",
+                "description": "User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud"
+              }
+            ]
+          }
+        }
+      },
+      "required": [
+        "displayName",
+        "severity",
+        "assessmentType"
+      ]
+    }
+  },
+  "parameters": {
+    "AssessmentsMetadataName": {
+      "name": "assessmentMetadataName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The Assessment Key - Unique key for the assessment type",
+      "x-ms-parameter-location": "method"
+    },
+    "SecurityAssessmentMetadata": {
+      "name": "assessmentMetadata",
+      "in": "body",
+      "required": true,
+      "description": "AssessmentMetadata object",
+      "schema": {
+        "$ref": "#/definitions/SecurityAssessmentMetadata"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessments.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessments.json
new file mode 100644
index 000000000..6d7298eb0
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/assessments.json
@@ -0,0 +1,374 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2019-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/assessments": {
+      "get": {
+        "x-ms-examples": {
+          "List security assessments": {
+            "$ref": "./examples/Assessments/ListAssessments_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Get security assessments on all your scanned resources inside a scope",
+        "operationId": "Assessments_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security recommendation task from security data location": {
+            "$ref": "./examples/Assessments/GetAssessment_example.json"
+          },
+          "Get security recommendation task from security data location with expand parameter": {
+            "$ref": "./examples/Assessments/GetAssessmentWithExpand_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Get a security assessment on your scanned resource",
+        "operationId": "Assessments_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/ExpandAssessments"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create security recommendation task on a resource": {
+            "$ref": "./examples/Assessments/PutAssessment_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Create a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+        "operationId": "Assessments_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/AssessmentBody"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessment"
+            }
+          },
+          "200": {
+            "description": "OK - Updated",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security recommendation task on a resource": {
+            "$ref": "./examples/Assessments/DeleteAssessment_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Delete a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+        "operationId": "Assessments_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Assessment was deleted"
+          },
+          "204": {
+            "description": "No Content - Assessment does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityAssessmentList": {
+      "type": "object",
+      "description": "Page of a security assessments list",
+      "properties": {
+        "value": {
+          "description": "Collection of security assessments in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityAssessment"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityAssessment": {
+      "type": "object",
+      "description": "Security assessment on a resource",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecurityAssessmentProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityAssessmentProperties": {
+      "type": "object",
+      "description": "Describes properties of an assessment.",
+      "properties": {
+        "resourceDetails": {
+          "$ref": "../../../common/v1/types.json#/definitions/ResourceDetails"
+        },
+        "displayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "User friendly display name of the assessment"
+        },
+        "status": {
+          "$ref": "#/definitions/AssessmentStatus"
+        },
+        "additionalData": {
+          "type": "object",
+          "description": "Additional data regarding the assessment",
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "links": {
+          "$ref": "#/definitions/AssessmentLinks"
+        }
+      },
+      "required": [
+        "resourceDetails",
+        "status"
+      ]
+    },
+    "AssessmentLinks": {
+      "type": "object",
+      "description": "Links relevant to the assessment",
+      "readOnly": true,
+      "properties": {
+        "azurePortalUri": {
+          "type": "string",
+          "description": "Link to assessment in Azure Portal",
+          "readOnly": true
+        }
+      }
+    },
+    "AssessmentStatus": {
+      "type": "object",
+      "description": "The result of the assessment",
+      "properties": {
+        "code": {
+          "type": "string",
+          "description": "Programmatic code for the status of the assessment",
+          "enum": [
+            "Healthy",
+            "Unhealthy",
+            "NotApplicable"
+          ],
+          "x-ms-enum": {
+            "name": "AssessmentStatusCode",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Healthy",
+                "description": "The resource is healthy"
+              },
+              {
+                "value": "Unhealthy",
+                "description": "The resource has a security issue that needs to be addressed"
+              },
+              {
+                "value": "NotApplicable",
+                "description": "Assessment for this resource did not happen"
+              }
+            ]
+          }
+        },
+        "cause": {
+          "type": "string",
+          "description": "Programmatic code for the cause of the assessment status"
+        },
+        "description": {
+          "type": "string",
+          "description": "Human readable description of the assessment status"
+        }
+      },
+      "required": [
+        "code"
+      ]
+    }
+  },
+  "parameters": {
+    "ExpandAssessments": {
+      "name": "$expand",
+      "in": "query",
+      "required": false,
+      "type": "string",
+      "description": "OData expand. Optional.",
+      "x-ms-parameter-location": "method",
+      "enum": [
+        "links",
+        "metadata"
+      ],
+      "x-ms-enum": {
+        "name": "ExpandEnum",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "links",
+            "description": "All links associated with an assessment"
+          },
+          {
+            "value": "metadata",
+            "description": "Assessment metadata"
+          }
+        ]
+      }
+    },
+    "AssessmentName": {
+      "name": "assessmentName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The Assessment Key - Unique key for the assessment type",
+      "x-ms-parameter-location": "method"
+    },
+    "AssessmentBody": {
+      "name": "assessment",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/SecurityAssessment"
+      },
+      "description": "Calculated assessment on a pre-defined assessment metadata",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/automations.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/automations.json
new file mode 100644
index 000000000..71a866e49
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/automations.json
@@ -0,0 +1,695 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2019-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/automations": {
+      "get": {
+        "x-ms-examples": {
+          "List all security automations of a specified subscription": {
+            "$ref": "./examples/Automations/GetAutomationsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Lists all the security automations in the specified subscription. Use the 'nextLink' property in the response to get the next page of security automations for the specified subscription.",
+        "operationId": "Automations_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AutomationList"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations": {
+      "get": {
+        "x-ms-examples": {
+          "List all security automations of a specified resource group": {
+            "$ref": "./examples/Automations/GetAutomationsResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Lists all the security automations in the specified resource group. Use the 'nextLink' property in the response to get the next page of security automations for the specified resource group.",
+        "operationId": "Automations_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AutomationList"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}": {
+      "get": {
+        "x-ms-examples": {
+          "Retrieve a security automation": {
+            "$ref": "./examples/Automations/GetAutomationResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Retrieves information about the model of a security automation.",
+        "operationId": "Automations_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/AutomationName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Automation"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create or update a security automation for all assessments (including all severities)": {
+            "$ref": "./examples/Automations/PutAutomationAllAssessments_example.json"
+          },
+          "Create or update a security automation for all high severity assessments": {
+            "$ref": "./examples/Automations/PutAutomationHighSeverityAssessments_example.json"
+          },
+          "Disable or enable a security automation": {
+            "$ref": "./examples/Automations/PutDisableAutomation_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Creates or updates a security automation. If a security automation is already created and a subsequent request is issued for the same automation id, then it will be updated.",
+        "operationId": "Automations_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/AutomationName"
+          },
+          {
+            "$ref": "#/parameters/AutomationInBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Automation"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/Automation"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security automation": {
+            "$ref": "./examples/Automations/DeleteAutomation_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "operationId": "Automations_Delete",
+        "description": "Deletes a security automation.",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/AutomationName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "NoContent"
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}/validate": {
+      "post": {
+        "x-ms-examples": {
+          "Validate the security automation model before create or update": {
+            "$ref": "./examples/Automations/ValidateAutomation_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Validates the security automation model before create or update. Any validation errors are returned to the client.",
+        "operationId": "Automations_Validate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/AutomationName"
+          },
+          {
+            "$ref": "#/parameters/AutomationInBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AutomationValidationStatus"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AutomationList": {
+      "description": "List of security automations response.",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "The list of security automations under the given scope.",
+          "items": {
+            "$ref": "#/definitions/Automation"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "Automation": {
+      "type": "object",
+      "description": "The security automation resource.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security automation data",
+          "$ref": "#/definitions/AutomationProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/TrackedResource"
+        }
+      ]
+    },
+    "AutomationProperties": {
+      "type": "object",
+      "description": "A set of properties that defines the behavior of the automation configuration. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas.",
+      "properties": {
+        "description": {
+          "type": "string",
+          "description": "The security automation description."
+        },
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Indicates whether the security automation is enabled."
+        },
+        "scopes": {
+          "type": "array",
+          "description": "A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes.",
+          "items": {
+            "$ref": "#/definitions/AutomationScope"
+          }
+        },
+        "sources": {
+          "type": "array",
+          "description": "A collection of the source event types which evaluate the security automation set of rules.",
+          "items": {
+            "$ref": "#/definitions/AutomationSource"
+          }
+        },
+        "actions": {
+          "type": "array",
+          "description": "A collection of the actions which are triggered if all the configured rules evaluations, within at least one rule set, are true.",
+          "items": {
+            "$ref": "#/definitions/AutomationAction"
+          }
+        }
+      }
+    },
+    "AutomationSource": {
+      "type": "object",
+      "description": "The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas.",
+      "properties": {
+        "eventSource": {
+          "type": "string",
+          "description": "A valid event source type.",
+          "enum": [
+            "Assessments",
+            "AssessmentsSnapshot",
+            "SubAssessments",
+            "SubAssessmentsSnapshot",
+            "Alerts",
+            "SecureScores",
+            "SecureScoresSnapshot",
+            "SecureScoreControls",
+            "SecureScoreControlsSnapshot",
+            "RegulatoryComplianceAssessment",
+            "RegulatoryComplianceAssessmentSnapshot"
+          ],
+          "x-ms-enum": {
+            "name": "EventSource",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Assessments"
+              },
+              {
+                "value": "AssessmentsSnapshot"
+              },
+              {
+                "value": "SubAssessments"
+              },
+              {
+                "value": "SubAssessmentsSnapshot"
+              },
+              {
+                "value": "Alerts"
+              },
+              {
+                "value": "SecureScores"
+              },
+              {
+                "value": "SecureScoresSnapshot"
+              },
+              {
+                "value": "SecureScoreControls"
+              },
+              {
+                "value": "SecureScoreControlsSnapshot"
+              },
+              {
+                "value": "RegulatoryComplianceAssessment"
+              },
+              {
+                "value": "RegulatoryComplianceAssessmentSnapshot"
+              }
+            ]
+          }
+        },
+        "ruleSets": {
+          "type": "array",
+          "description": "A set of rules which evaluate upon event interception. A logical disjunction is applied between defined rule sets (logical 'or').",
+          "items": {
+            "$ref": "#/definitions/AutomationRuleSet"
+          }
+        }
+      }
+    },
+    "AutomationScope": {
+      "type": "object",
+      "description": "A single automation scope.",
+      "properties": {
+        "description": {
+          "type": "string",
+          "description": "The resources scope description."
+        },
+        "scopePath": {
+          "type": "string",
+          "description": "The resources scope path. Can be the subscription on which the automation is defined on or a resource group under that subscription (fully qualified Azure resource IDs)."
+        }
+      }
+    },
+    "AutomationAction": {
+      "type": "object",
+      "description": "The action that should be triggered.",
+      "discriminator": "actionType",
+      "required": [
+        "actionType"
+      ],
+      "properties": {
+        "actionType": {
+          "type": "string",
+          "description": "The type of the action that will be triggered by the Automation",
+          "enum": [
+            "LogicApp",
+            "EventHub",
+            "Workspace"
+          ],
+          "x-ms-enum": {
+            "name": "ActionType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "LogicApp"
+              },
+              {
+                "value": "EventHub"
+              },
+              {
+                "value": "Workspace"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AutomationActionLogicApp": {
+      "type": "object",
+      "description": "The logic app action that should be triggered. To learn more about Microsoft Defender for Cloud's Workflow Automation capabilities, visit https://aka.ms/ASCWorkflowAutomationLearnMore",
+      "x-ms-discriminator-value": "LogicApp",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AutomationAction"
+        }
+      ],
+      "properties": {
+        "logicAppResourceId": {
+          "type": "string",
+          "description": "The triggered Logic App Azure Resource ID. This can also reside on other subscriptions, given that you have permissions to trigger the Logic App"
+        },
+        "uri": {
+          "type": "string",
+          "description": "The Logic App trigger URI endpoint (it will not be included in any response).",
+          "format": "uri"
+        }
+      }
+    },
+    "AutomationActionEventHub": {
+      "type": "object",
+      "description": "The target Event Hub to which event data will be exported. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore",
+      "x-ms-discriminator-value": "EventHub",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AutomationAction"
+        }
+      ],
+      "properties": {
+        "eventHubResourceId": {
+          "type": "string",
+          "description": "The target Event Hub Azure Resource ID."
+        },
+        "sasPolicyName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The target Event Hub SAS policy name."
+        },
+        "connectionString": {
+          "type": "string",
+          "description": "The target Event Hub connection string (it will not be included in any response)."
+        }
+      }
+    },
+    "AutomationActionWorkspace": {
+      "type": "object",
+      "description": "The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments data will reside in the 'SecurityRecommendation' table (under the 'Security'/'SecurityCenterFree' solutions). Note that in order to view the data in the workspace, the Security Center Log Analytics free/standard solution needs to be enabled on that workspace. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore",
+      "x-ms-discriminator-value": "Workspace",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AutomationAction"
+        }
+      ],
+      "properties": {
+        "workspaceResourceId": {
+          "type": "string",
+          "description": "The fully qualified Log Analytics Workspace Azure Resource ID."
+        }
+      }
+    },
+    "AutomationRuleSet": {
+      "type": "object",
+      "description": "A rule set which evaluates all its rules upon an event interception. Only when all the included rules in the rule set will be evaluated as 'true', will the event trigger the defined actions.",
+      "properties": {
+        "rules": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AutomationTriggeringRule"
+          }
+        }
+      }
+    },
+    "AutomationTriggeringRule": {
+      "type": "object",
+      "description": "A rule which is evaluated upon event interception. The rule is configured by comparing a specific value from the event model to an expected value. This comparison is done by using one of the supported operators set.",
+      "properties": {
+        "propertyJPath": {
+          "type": "string",
+          "description": "The JPath of the entity model property that should be checked."
+        },
+        "propertyType": {
+          "type": "string",
+          "description": "The data type of the compared operands (string, integer, floating point number or a boolean [true/false]]",
+          "enum": [
+            "String",
+            "Integer",
+            "Number",
+            "Boolean"
+          ],
+          "x-ms-enum": {
+            "name": "PropertyType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "String"
+              },
+              {
+                "value": "Integer"
+              },
+              {
+                "value": "Number"
+              },
+              {
+                "value": "Boolean"
+              }
+            ]
+          }
+        },
+        "expectedValue": {
+          "type": "string",
+          "description": "The expected value."
+        },
+        "operator": {
+          "type": "string",
+          "description": "A valid comparer operator to use. A case-insensitive comparison will be applied for String PropertyType.",
+          "enum": [
+            "Equals",
+            "GreaterThan",
+            "GreaterThanOrEqualTo",
+            "LesserThan",
+            "LesserThanOrEqualTo",
+            "NotEquals",
+            "Contains",
+            "StartsWith",
+            "EndsWith"
+          ],
+          "x-ms-enum": {
+            "name": "Operator",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Equals",
+                "description": "Applies for decimal and non-decimal operands"
+              },
+              {
+                "value": "GreaterThan",
+                "description": "Applies only for decimal operands"
+              },
+              {
+                "value": "GreaterThanOrEqualTo",
+                "description": "Applies only for decimal operands"
+              },
+              {
+                "value": "LesserThan",
+                "description": "Applies only for decimal operands"
+              },
+              {
+                "value": "LesserThanOrEqualTo",
+                "description": "Applies only for decimal operands"
+              },
+              {
+                "value": "NotEquals",
+                "description": "Applies  for decimal and non-decimal operands"
+              },
+              {
+                "value": "Contains",
+                "description": "Applies only for non-decimal operands"
+              },
+              {
+                "value": "StartsWith",
+                "description": "Applies only for non-decimal operands"
+              },
+              {
+                "value": "EndsWith",
+                "description": "Applies only for non-decimal operands"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AutomationValidationStatus": {
+      "type": "object",
+      "description": "The security automation model state property bag.",
+      "properties": {
+        "isValid": {
+          "type": "boolean",
+          "description": "Indicates whether the model is valid or not."
+        },
+        "message": {
+          "type": "string",
+          "description": "The validation message."
+        }
+      }
+    }
+  },
+  "parameters": {
+    "AutomationName": {
+      "name": "automationName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The security automation name.",
+      "x-ms-parameter-location": "method"
+    },
+    "AutomationInBody": {
+      "name": "Automation",
+      "in": "body",
+      "required": true,
+      "description": "The security automation resource",
+      "schema": {
+        "$ref": "#/definitions/Automation"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json
new file mode 100644
index 000000000..5d4856e3c
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json
@@ -0,0 +1,622 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2019-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards": {
+      "get": {
+        "x-ms-examples": {
+          "Get all supported regulatory compliance standards details and state": {
+            "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceStandardList_example.json"
+          }
+        },
+        "tags": [
+          "RegulatoryCompliance"
+        ],
+        "description": "Supported regulatory compliance standards details and state",
+        "operationId": "RegulatoryComplianceStandards_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/RegulatoryComplianceStandardList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get selected regulatory compliance standard details and state": {
+            "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceStandard_example.json"
+          }
+        },
+        "tags": [
+          "RegulatoryCompliance"
+        ],
+        "description": "Supported regulatory compliance details state for selected standard",
+        "operationId": "RegulatoryComplianceStandards_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/RegulatoryComplianceStandardName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/RegulatoryComplianceStandard"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls": {
+      "get": {
+        "x-ms-examples": {
+          "Get all regulatory compliance controls details and state for selected standard": {
+            "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceControlList_example.json"
+          }
+        },
+        "tags": [
+          "RegulatoryCompliance"
+        ],
+        "description": "All supported regulatory compliance controls details and state for selected standard",
+        "operationId": "RegulatoryComplianceControls_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/RegulatoryComplianceStandardName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/RegulatoryComplianceControlList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls/{regulatoryComplianceControlName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get selected regulatory compliance control details and state": {
+            "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceControl_example.json"
+          }
+        },
+        "tags": [
+          "RegulatoryCompliance"
+        ],
+        "description": "Selected regulatory compliance control details and state",
+        "operationId": "RegulatoryComplianceControls_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/RegulatoryComplianceStandardName"
+          },
+          {
+            "$ref": "#/parameters/RegulatoryComplianceControlName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/RegulatoryComplianceControl"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls/{regulatoryComplianceControlName}/regulatoryComplianceAssessments": {
+      "get": {
+        "x-ms-examples": {
+          "Get all assessments mapped to selected regulatory compliance control": {
+            "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceAssessmentList_example.json"
+          }
+        },
+        "tags": [
+          "RegulatoryCompliance"
+        ],
+        "description": "Details and state of assessments mapped to selected regulatory compliance control",
+        "operationId": "RegulatoryComplianceAssessments_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/RegulatoryComplianceStandardName"
+          },
+          {
+            "$ref": "#/parameters/RegulatoryComplianceControlName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/RegulatoryComplianceAssessmentList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/regulatoryComplianceStandards/{regulatoryComplianceStandardName}/regulatoryComplianceControls/{regulatoryComplianceControlName}/regulatoryComplianceAssessments/{regulatoryComplianceAssessmentName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get selected regulatory compliance assessment details and state": {
+            "$ref": "./examples/RegulatoryCompliance/getRegulatoryComplianceAssessment_example.json"
+          }
+        },
+        "tags": [
+          "RegulatoryCompliance"
+        ],
+        "description": "Supported regulatory compliance details and state for selected assessment",
+        "operationId": "RegulatoryComplianceAssessments_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/RegulatoryComplianceStandardName"
+          },
+          {
+            "$ref": "#/parameters/RegulatoryComplianceControlName"
+          },
+          {
+            "$ref": "#/parameters/RegulatoryComplianceAssessmentName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/RegulatoryComplianceAssessment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "RegulatoryComplianceStandardList": {
+      "description": "List of regulatory compliance standards response",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/RegulatoryComplianceStandard"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "RegulatoryComplianceStandard": {
+      "type": "object",
+      "description": "Regulatory compliance standard details and state",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Regulatory compliance standard data",
+          "$ref": "#/definitions/RegulatoryComplianceStandardProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "RegulatoryComplianceStandardProperties": {
+      "type": "object",
+      "description": "Regulatory compliance standard data",
+      "properties": {
+        "state": {
+          "type": "string",
+          "description": "Aggregative state based on the standard's supported controls states",
+          "enum": [
+            "Passed",
+            "Failed",
+            "Skipped",
+            "Unsupported"
+          ],
+          "x-ms-enum": {
+            "name": "state",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Passed",
+                "description": "All supported regulatory compliance controls in the given standard have a passed state"
+              },
+              {
+                "value": "Failed",
+                "description": "At least one supported regulatory compliance control in the given standard has a state of failed"
+              },
+              {
+                "value": "Skipped",
+                "description": "All supported regulatory compliance controls in the given standard have a state of skipped"
+              },
+              {
+                "value": "Unsupported",
+                "description": "No supported regulatory compliance data for the given standard"
+              }
+            ]
+          }
+        },
+        "passedControls": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The number of supported regulatory compliance controls of the given standard with a passed state"
+        },
+        "failedControls": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The number of supported regulatory compliance controls of the given standard with a failed state"
+        },
+        "skippedControls": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The number of supported regulatory compliance controls of the given standard with a skipped state"
+        },
+        "unsupportedControls": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The number of regulatory compliance controls of the given standard which are unsupported by automated assessments"
+        }
+      }
+    },
+    "RegulatoryComplianceControlList": {
+      "description": "List of regulatory compliance controls response",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of regulatory compliance controls",
+          "items": {
+            "$ref": "#/definitions/RegulatoryComplianceControl"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "RegulatoryComplianceControl": {
+      "type": "object",
+      "description": "Regulatory compliance control details and state",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Regulatory compliance control data",
+          "$ref": "#/definitions/RegulatoryComplianceControlProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "RegulatoryComplianceControlProperties": {
+      "type": "object",
+      "description": "Regulatory compliance control data",
+      "properties": {
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The description of the regulatory compliance control"
+        },
+        "state": {
+          "type": "string",
+          "description": "Aggregative state based on the control's supported assessments states",
+          "enum": [
+            "Passed",
+            "Failed",
+            "Skipped",
+            "Unsupported"
+          ],
+          "x-ms-enum": {
+            "name": "state",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Passed",
+                "description": "All supported regulatory compliance assessments in the given control have a passed state"
+              },
+              {
+                "value": "Failed",
+                "description": "At least one supported regulatory compliance assessment in the given control has a state of failed"
+              },
+              {
+                "value": "Skipped",
+                "description": "All supported regulatory compliance assessments in the given control have a state of skipped"
+              },
+              {
+                "value": "Unsupported",
+                "description": "No supported regulatory assessment data for the given control"
+              }
+            ]
+          }
+        },
+        "passedAssessments": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The number of supported regulatory compliance assessments of the given control with a passed state"
+        },
+        "failedAssessments": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The number of supported regulatory compliance assessments of the given control with a failed state"
+        },
+        "skippedAssessments": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The number of supported regulatory compliance assessments of the given control with a skipped state"
+        }
+      }
+    },
+    "RegulatoryComplianceAssessmentList": {
+      "description": "List of regulatory compliance assessment response",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/RegulatoryComplianceAssessment"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "RegulatoryComplianceAssessment": {
+      "type": "object",
+      "description": "Regulatory compliance assessment details and state",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Regulatory compliance assessment data",
+          "$ref": "#/definitions/RegulatoryComplianceAssessmentProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "RegulatoryComplianceAssessmentProperties": {
+      "type": "object",
+      "description": "Regulatory compliance assessment data",
+      "properties": {
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The description of the regulatory compliance assessment"
+        },
+        "assessmentType": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The expected type of assessment contained in the AssessmentDetailsLink"
+        },
+        "assessmentDetailsLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Link to more detailed assessment results data. The response type will be according to the assessmentType field"
+        },
+        "state": {
+          "type": "string",
+          "description": "Aggregative state based on the assessment's scanned resources states",
+          "enum": [
+            "Passed",
+            "Failed",
+            "Skipped",
+            "Unsupported"
+          ],
+          "x-ms-enum": {
+            "name": "state",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Passed",
+                "description": "All related resources passed the given assessment"
+              },
+              {
+                "value": "Failed",
+                "description": "The given assessment failed on at least one resource"
+              },
+              {
+                "value": "Skipped",
+                "description": "The given assessment skipped on all related resources"
+              },
+              {
+                "value": "Unsupported",
+                "description": "The given assessment has no supported resources"
+              }
+            ]
+          }
+        },
+        "passedResources": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The given assessment's related resources count with passed state."
+        },
+        "failedResources": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The given assessment's related resources count with failed state."
+        },
+        "skippedResources": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The given assessment's related resources count with skipped state."
+        },
+        "unsupportedResources": {
+          "readOnly": true,
+          "type": "integer",
+          "description": "The given assessment's related resources count with unsupported state."
+        }
+      }
+    }
+  },
+  "parameters": {
+    "RegulatoryComplianceStandardName": {
+      "name": "regulatoryComplianceStandardName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the regulatory compliance standard object",
+      "x-ms-parameter-location": "method"
+    },
+    "RegulatoryComplianceControlName": {
+      "name": "regulatoryComplianceControlName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the regulatory compliance control object",
+      "x-ms-parameter-location": "method"
+    },
+    "RegulatoryComplianceAssessmentName": {
+      "name": "regulatoryComplianceAssessmentName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the regulatory compliance assessment object",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/subAssessments.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/subAssessments.json
new file mode 100644
index 000000000..8cebdbbd4
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2019-01-01-preview/subAssessments.json
@@ -0,0 +1,550 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2019-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/subAssessments": {
+      "get": {
+        "x-ms-examples": {
+          "List security sub-assessments": {
+            "$ref": "./examples/SubAssessments/ListSubscriptionSubAssessments_example.json"
+          }
+        },
+        "tags": [
+          "SubAssessments"
+        ],
+        "description": "Get security sub-assessments on all your scanned resources inside a subscription scope",
+        "operationId": "SubAssessments_ListAll",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecuritySubAssessmentList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/subAssessments": {
+      "get": {
+        "x-ms-examples": {
+          "List security sub-assessments": {
+            "$ref": "./examples/SubAssessments/ListSubAssessments_example.json"
+          }
+        },
+        "tags": [
+          "SubAssessments"
+        ],
+        "description": "Get security sub-assessments on all your scanned resources inside a scope",
+        "operationId": "SubAssessments_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecuritySubAssessmentList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/subAssessments/{subAssessmentName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security recommendation task from security data location": {
+            "$ref": "./examples/SubAssessments/GetSubAssessment_example.json"
+          }
+        },
+        "tags": [
+          "SubAssessments"
+        ],
+        "description": "Get a security sub-assessment on your scanned resource",
+        "operationId": "SubAssessments_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/SubAssessmentName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecuritySubAssessment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecuritySubAssessmentList": {
+      "type": "object",
+      "description": "List of security sub-assessments",
+      "properties": {
+        "value": {
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecuritySubAssessment"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecuritySubAssessment": {
+      "type": "object",
+      "description": "Security sub-assessment on a resource",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecuritySubAssessmentProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecuritySubAssessmentProperties": {
+      "type": "object",
+      "description": "Describes properties of an sub-assessment.",
+      "properties": {
+        "id": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Vulnerability ID"
+        },
+        "displayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "User friendly display name of the sub-assessment"
+        },
+        "status": {
+          "$ref": "#/definitions/SubAssessmentStatus"
+        },
+        "remediation": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Information on how to remediate this sub-assessment"
+        },
+        "impact": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the impact of this sub-assessment"
+        },
+        "category": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Category of the sub-assessment"
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Human readable description of the assessment status"
+        },
+        "timeGenerated": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The date and time the sub-assessment was generated"
+        },
+        "resourceDetails": {
+          "$ref": "../../../common/v1/types.json#/definitions/ResourceDetails"
+        },
+        "additionalData": {
+          "$ref": "#/definitions/AdditionalData"
+        }
+      }
+    },
+    "AdditionalData": {
+      "type": "object",
+      "description": "Details of the sub-assessment",
+      "discriminator": "assessedResourceType",
+      "properties": {
+        "assessedResourceType": {
+          "type": "string",
+          "description": "Sub-assessment resource type",
+          "enum": [
+            "SqlServerVulnerability",
+            "ContainerRegistryVulnerability",
+            "ServerVulnerability"
+          ],
+          "x-ms-enum": {
+            "name": "AssessedResourceType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "SqlServerVulnerability"
+              },
+              {
+                "value": "ContainerRegistryVulnerability"
+              },
+              {
+                "value": "ServerVulnerability"
+              }
+            ]
+          }
+        }
+      },
+      "required": [
+        "assessedResourceType"
+      ]
+    },
+    "SubAssessmentStatus": {
+      "type": "object",
+      "description": "Status of the sub-assessment",
+      "properties": {
+        "code": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Programmatic code for the status of the assessment",
+          "enum": [
+            "Healthy",
+            "Unhealthy",
+            "NotApplicable"
+          ],
+          "x-ms-enum": {
+            "name": "SubAssessmentStatusCode",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Healthy",
+                "description": "The resource is healthy"
+              },
+              {
+                "value": "Unhealthy",
+                "description": "The resource has a security issue that needs to be addressed"
+              },
+              {
+                "value": "NotApplicable",
+                "description": "Assessment for this resource did not happen"
+              }
+            ]
+          }
+        },
+        "cause": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Programmatic code for the cause of the assessment status"
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Human readable description of the assessment status"
+        },
+        "severity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "severity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "The sub-assessment severity level"
+        }
+      }
+    },
+    "SqlServerVulnerabilityProperties": {
+      "type": "object",
+      "description": "Details of the resource that was assessed",
+      "x-ms-discriminator-value": "SqlServerVulnerability",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AdditionalData"
+        }
+      ],
+      "properties": {
+        "type": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The resource type the sub assessment refers to in its resource details"
+        },
+        "query": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The T-SQL query that runs on your SQL database to perform the particular check"
+        }
+      }
+    },
+    "ContainerRegistryVulnerabilityProperties": {
+      "type": "object",
+      "description": "Additional context fields for container registry Vulnerability assessment",
+      "x-ms-discriminator-value": "ContainerRegistryVulnerability",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AdditionalData"
+        }
+      ],
+      "properties": {
+        "type": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Vulnerability Type. e.g: Vulnerability, Potential Vulnerability, Information Gathered, Vulnerability"
+        },
+        "cvss": {
+          "readOnly": true,
+          "type": "object",
+          "description": "Dictionary from cvss version to cvss details object",
+          "additionalProperties": {
+            "$ref": "#/definitions/CVSS"
+          }
+        },
+        "patchable": {
+          "readOnly": true,
+          "type": "boolean",
+          "description": "Indicates whether a patch is available or not"
+        },
+        "cve": {
+          "readOnly": true,
+          "type": "array",
+          "description": "List of CVEs",
+          "items": {
+            "$ref": "#/definitions/CVE"
+          }
+        },
+        "publishedTime": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "Published time"
+        },
+        "vendorReferences": {
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/VendorReference"
+          }
+        },
+        "repositoryName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the repository which the vulnerable image belongs to"
+        },
+        "imageDigest": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Digest of the vulnerable image"
+        }
+      }
+    },
+    "ServerVulnerabilityProperties": {
+      "type": "object",
+      "description": "Additional context fields for server vulnerability assessment",
+      "x-ms-discriminator-value": "ServerVulnerabilityAssessment",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AdditionalData"
+        }
+      ],
+      "properties": {
+        "type": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Vulnerability Type. e.g: Vulnerability, Potential Vulnerability, Information Gathered"
+        },
+        "cvss": {
+          "readOnly": true,
+          "type": "object",
+          "description": "Dictionary from cvss version to cvss details object",
+          "additionalProperties": {
+            "$ref": "#/definitions/CVSS"
+          }
+        },
+        "patchable": {
+          "readOnly": true,
+          "type": "boolean",
+          "description": "Indicates whether a patch is available or not"
+        },
+        "cve": {
+          "readOnly": true,
+          "type": "array",
+          "description": "List of CVEs",
+          "items": {
+            "$ref": "#/definitions/CVE"
+          }
+        },
+        "threat": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Threat name"
+        },
+        "publishedTime": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "Published time"
+        },
+        "vendorReferences": {
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/VendorReference"
+          }
+        }
+      }
+    },
+    "CVSS": {
+      "type": "object",
+      "description": "CVSS details",
+      "properties": {
+        "base": {
+          "readOnly": true,
+          "type": "number",
+          "description": "CVSS base"
+        }
+      }
+    },
+    "CVE": {
+      "type": "object",
+      "description": "CVE details",
+      "properties": {
+        "title": {
+          "readOnly": true,
+          "type": "string",
+          "description": "CVE title"
+        },
+        "link": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Link url"
+        }
+      }
+    },
+    "VendorReference": {
+      "type": "object",
+      "description": "Vendor reference",
+      "properties": {
+        "title": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Link title"
+        },
+        "link": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Link url"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "AssessmentName": {
+      "name": "assessmentName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The Assessment Key - Unique key for the assessment type",
+      "x-ms-parameter-location": "method"
+    },
+    "SubAssessmentName": {
+      "name": "subAssessmentName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The Sub-Assessment Key - Unique key for the sub-assessment type",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2020-01-01-preview/connectors.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2020-01-01-preview/connectors.json
new file mode 100644
index 000000000..e780b1510
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2020-01-01-preview/connectors.json
@@ -0,0 +1,618 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/connectors": {
+      "get": {
+        "x-ms-examples": {
+          "Get all cloud accounts connectors of a subscription": {
+            "$ref": "./examples/Connectors/GetListConnectorSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Connectors"
+        ],
+        "description": "Cloud accounts connectors of a subscription",
+        "operationId": "Connectors_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ConnectorSettingList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/connectors/{connectorName}": {
+      "get": {
+        "x-ms-examples": {
+          "Details of a specific cloud account connector": {
+            "$ref": "./examples/Connectors/GetConnectorSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Connectors"
+        ],
+        "description": "Details of a specific cloud account connector",
+        "operationId": "Connectors_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/ConnectorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ConnectorSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "AwsCred - Create a cloud account connector for a subscription": {
+            "$ref": "./examples/Connectors/CreateUpdateAwsCredConnectorSubscription_example.json"
+          },
+          "AwsAssumeRole - Create a cloud account connector for a subscription": {
+            "$ref": "./examples/Connectors/CreateUpdateAwsAssumeRoleConnectorSubscription_example.json"
+          },
+          "gcpCredentials - Create a cloud account connector for a subscription": {
+            "$ref": "./examples/Connectors/CreateUpdateGcpCredentialsConnectorSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Connectors"
+        ],
+        "description": "Create a cloud account connector or update an existing one. Connect to your cloud account. For AWS, use either account credentials or role-based authentication. For GCP, use account organization credentials.",
+        "operationId": "Connectors_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/ConnectorName"
+          },
+          {
+            "$ref": "#/parameters/ConnectorSetting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ConnectorSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a cloud account connector from a subscription": {
+            "$ref": "./examples/Connectors/DeleteConnectorSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Connectors"
+        ],
+        "description": "Delete a cloud account connector from a subscription",
+        "operationId": "Connectors_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/ConnectorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK"
+          },
+          "204": {
+            "description": "The connector is not found"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ConnectorSettingList": {
+      "type": "object",
+      "description": "For a subscription, list of all cloud account connectors and their settings",
+      "properties": {
+        "value": {
+          "description": "List of all the cloud account connector settings",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ConnectorSetting"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "ConnectorSetting": {
+      "type": "object",
+      "description": "The connector setting",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Connector setting data",
+          "$ref": "#/definitions/ConnectorSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "ConnectorSettingProperties": {
+      "type": "object",
+      "description": "Describes properties of a connector setting",
+      "properties": {
+        "hybridComputeSettings": {
+          "description": "Settings for hybrid compute management. These settings are relevant only for Arc autoProvision (Hybrid Compute).",
+          "type": "object",
+          "$ref": "#/definitions/HybridComputeSettingsProperties"
+        },
+        "authenticationDetails": {
+          "description": "Settings for authentication management, these settings are relevant only for the cloud connector.",
+          "type": "object",
+          "$ref": "#/definitions/AuthenticationDetailsProperties"
+        }
+      }
+    },
+    "HybridComputeSettingsProperties": {
+      "type": "object",
+      "description": "Settings for hybrid compute management",
+      "properties": {
+        "hybridComputeProvisioningState": {
+          "description": "State of the service principal and its secret",
+          "type": "string",
+          "readOnly": true,
+          "enum": [
+            "Valid",
+            "Invalid",
+            "Expired"
+          ],
+          "x-ms-enum": {
+            "name": "hybridComputeProvisioningState",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Valid",
+                "description": "Valid service principal details."
+              },
+              {
+                "value": "Invalid",
+                "description": "Invalid service principal details."
+              },
+              {
+                "value": "Expired",
+                "description": "the service principal details are expired"
+              }
+            ]
+          }
+        },
+        "autoProvision": {
+          "type": "string",
+          "description": "Whether or not to automatically install Azure Arc (hybrid compute) agents on machines",
+          "enum": [
+            "On",
+            "Off"
+          ],
+          "x-ms-enum": {
+            "name": "autoProvision",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "On",
+                "description": "Install missing Azure Arc agents on machines automatically"
+              },
+              {
+                "value": "Off",
+                "description": "Do not install Azure Arc agent on the machines automatically"
+              }
+            ]
+          }
+        },
+        "resourceGroupName": {
+          "type": "string",
+          "description": "The name of the resource group where Arc (Hybrid Compute) connectors are connected."
+        },
+        "region": {
+          "type": "string",
+          "description": "The location where the metadata of machines will be stored",
+          "x-ms-mutability": [
+            "create",
+            "read"
+          ]
+        },
+        "proxyServer": {
+          "type": "object",
+          "description": "For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use.",
+          "$ref": "#/definitions/ProxyServerProperties"
+        },
+        "servicePrincipal": {
+          "description": "An object to access resources that are secured by an Azure AD tenant.",
+          "type": "object",
+          "$ref": "#/definitions/ServicePrincipalProperties"
+        }
+      },
+      "required": [
+        "autoProvision"
+      ]
+    },
+    "ServicePrincipalProperties": {
+      "type": "object",
+      "description": "Details of the service principal.",
+      "properties": {
+        "applicationId": {
+          "type": "string",
+          "description": "Application ID of service principal."
+        },
+        "secret": {
+          "type": "string",
+          "description": "A secret string that the application uses to prove its identity, also can be referred to as application password (write only)."
+        }
+      }
+    },
+    "AuthenticationDetailsProperties": {
+      "type": "object",
+      "description": "Settings for cloud authentication management",
+      "discriminator": "authenticationType",
+      "properties": {
+        "authenticationProvisioningState": {
+          "description": "State of the multi-cloud connector",
+          "type": "string",
+          "readOnly": true,
+          "enum": [
+            "Valid",
+            "Invalid",
+            "Expired",
+            "IncorrectPolicy"
+          ],
+          "x-ms-enum": {
+            "name": "authenticationProvisioningState",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Valid",
+                "description": "Valid connector"
+              },
+              {
+                "value": "Invalid",
+                "description": "Invalid connector"
+              },
+              {
+                "value": "Expired",
+                "description": "the connection has expired"
+              },
+              {
+                "value": "IncorrectPolicy",
+                "description": "Incorrect policy of the connector"
+              }
+            ]
+          }
+        },
+        "grantedPermissions": {
+          "description": "The permissions detected in the cloud account.",
+          "type": "array",
+          "readOnly": true,
+          "items": {
+            "$ref": "#/definitions/PermissionProperty"
+          }
+        },
+        "authenticationType": {
+          "description": "Connect to your cloud account, for AWS use either account credentials or role-based authentication. For GCP use account organization credentials.",
+          "type": "string",
+          "enum": [
+            "awsCreds",
+            "awsAssumeRole",
+            "gcpCredentials"
+          ],
+          "x-ms-enum": {
+            "name": "authenticationType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "awsCreds",
+                "description": "AWS cloud account connector user credentials authentication"
+              },
+              {
+                "value": "awsAssumeRole",
+                "description": "AWS account connector assume role authentication"
+              },
+              {
+                "value": "gcpCredentials",
+                "description": "GCP account connector service to service authentication"
+              }
+            ]
+          }
+        }
+      },
+      "required": [
+        "authenticationType"
+      ]
+    },
+    "AwsCredsAuthenticationDetailsProperties": {
+      "type": "object",
+      "description": "AWS cloud account connector based credentials, the credentials is composed of access key ID and secret key, for more details, refer to <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html\">Creating an IAM User in Your AWS Account (write only)</a>",
+      "x-ms-discriminator-value": "awsCreds",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AuthenticationDetailsProperties"
+        }
+      ],
+      "properties": {
+        "accountId": {
+          "description": "The ID of the cloud account",
+          "type": "string",
+          "readOnly": true
+        },
+        "awsAccessKeyId": {
+          "type": "string",
+          "description": "Public key element of the AWS credential object (write only)"
+        },
+        "awsSecretAccessKey": {
+          "type": "string",
+          "description": "Secret key element of the AWS credential object (write only)"
+        }
+      },
+      "required": [
+        "awsAccessKeyId",
+        "awsSecretAccessKey"
+      ]
+    },
+    "AwAssumeRoleAuthenticationDetailsProperties": {
+      "type": "object",
+      "description": "AWS cloud account connector based assume role, the role enables delegating access to your AWS resources. The role is composed of role Amazon Resource Name (ARN) and external ID. For more details, refer to <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user.html\">Creating a Role to Delegate Permissions to an IAM User (write only)</a>",
+      "x-ms-discriminator-value": "awsAssumeRole",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AuthenticationDetailsProperties"
+        }
+      ],
+      "properties": {
+        "accountId": {
+          "description": "The ID of the cloud account",
+          "type": "string",
+          "readOnly": true
+        },
+        "awsAssumeRoleArn": {
+          "type": "string",
+          "description": "Assumed role ID is an identifier that you can use to create temporary security credentials."
+        },
+        "awsExternalId": {
+          "type": "string",
+          "description": "A unique identifier that is required when you assume a role in another account."
+        }
+      },
+      "required": [
+        "awsAssumeRoleArn",
+        "awsExternalId"
+      ]
+    },
+    "GcpCredentialsDetailsProperties": {
+      "type": "object",
+      "description": "GCP cloud account connector based service to service credentials, the credentials are composed of the organization ID and a JSON API key (write only)",
+      "x-ms-discriminator-value": "gcpCredentials",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AuthenticationDetailsProperties"
+        }
+      ],
+      "properties": {
+        "organizationId": {
+          "description": "The organization ID of the GCP cloud account",
+          "type": "string"
+        },
+        "type": {
+          "type": "string",
+          "description": "Type field of the API key (write only)"
+        },
+        "projectId": {
+          "type": "string",
+          "description": "Project ID field of the API key (write only)"
+        },
+        "privateKeyId": {
+          "type": "string",
+          "description": "Private key ID field of the API key (write only)"
+        },
+        "privateKey": {
+          "type": "string",
+          "description": "Private key field of the API key (write only)"
+        },
+        "clientEmail": {
+          "type": "string",
+          "description": "Client email field of the API key (write only)"
+        },
+        "clientId": {
+          "type": "string",
+          "description": "Client ID field of the API key (write only)"
+        },
+        "authUri": {
+          "type": "string",
+          "description": "Auth URI field of the API key (write only)"
+        },
+        "tokenUri": {
+          "type": "string",
+          "description": "Token URI field of the API key (write only)"
+        },
+        "authProviderX509CertUrl": {
+          "type": "string",
+          "description": "Auth provider x509 certificate URL field of the API key (write only)"
+        },
+        "clientX509CertUrl": {
+          "type": "string",
+          "description": "Client x509 certificate URL field of the API key (write only)"
+        }
+      },
+      "required": [
+        "organizationId",
+        "type",
+        "projectId",
+        "privateKeyId",
+        "privateKey",
+        "clientEmail",
+        "clientId",
+        "authUri",
+        "tokenUri",
+        "authProviderX509CertUrl",
+        "clientX509CertUrl"
+      ]
+    },
+    "PermissionProperty": {
+      "description": "A permission detected in the cloud account.",
+      "type": "string",
+      "readOnly": true,
+      "enum": [
+        "AWS::AWSSecurityHubReadOnlyAccess",
+        "AWS::SecurityAudit",
+        "AWS::AmazonSSMAutomationRole",
+        "GCP::Security Center Admin Viewer"
+      ],
+      "x-ms-enum": {
+        "name": "PermissionProperty",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "AWS::AWSSecurityHubReadOnlyAccess",
+            "description": "This permission provides read only access to AWS Security Hub resources."
+          },
+          {
+            "value": "AWS::SecurityAudit",
+            "description": "This permission grants access to read security configuration metadata."
+          },
+          {
+            "value": "AWS::AmazonSSMAutomationRole",
+            "description": "The permission provides for EC2 Automation service to execute activities defined within Automation documents."
+          },
+          {
+            "value": "GCP::Security Center Admin Viewer",
+            "description": "This permission provides read only access to GCP Security Command Center."
+          }
+        ]
+      }
+    },
+    "ProxyServerProperties": {
+      "type": "object",
+      "description": "For a non-Azure machine that is not connected directly to the internet, specify a proxy server that the non-Azure machine can use.",
+      "properties": {
+        "ip": {
+          "type": "string",
+          "description": "Proxy server IP"
+        },
+        "port": {
+          "type": "string",
+          "description": "Proxy server port"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ConnectorName": {
+      "name": "connectorName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the cloud account connector",
+      "x-ms-parameter-location": "method"
+    },
+    "ConnectorSetting": {
+      "name": "connectorSetting",
+      "in": "body",
+      "required": true,
+      "description": "Settings for the cloud account connector",
+      "schema": {
+        "$ref": "#/definitions/ConnectorSetting"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2020-01-01-preview/secureScore.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2020-01-01-preview/secureScore.json
new file mode 100644
index 000000000..24f813874
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2020-01-01-preview/secureScore.json
@@ -0,0 +1,622 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScores": {
+      "get": {
+        "x-ms-examples": {
+          "List secure scores": {
+            "$ref": "./examples/secureScores/ListSecureScores_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score"
+        ],
+        "description": "List secure scores for all your Microsoft Defender for Cloud initiatives within your current scope.",
+        "operationId": "SecureScores_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecureScoresList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScores/{secureScoreName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get single secure score": {
+            "$ref": "./examples/secureScores/GetSecureScoresSingle_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score"
+        ],
+        "description": "Get secure score for a specific Microsoft Defender for Cloud initiative within your current scope. For the ASC Default initiative, use 'ascScore'.",
+        "operationId": "SecureScores_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/secureScoreName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecureScoreItem"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScores/{secureScoreName}/secureScoreControls": {
+      "get": {
+        "x-ms-examples": {
+          "Get security controls and their current score for the specified initiative": {
+            "$ref": "./examples/secureScores/ListSecureScoreControlsForName_builtin_example.json"
+          },
+          "Get security controls and their current score for the specified initiative with the expand parameter": {
+            "$ref": "./examples/secureScores/ListSecureScoreControlsForNameWithExpand_builtin_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score"
+        ],
+        "description": "Get all security controls for a specific initiative within a scope",
+        "operationId": "SecureScoreControls_ListBySecureScore",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/secureScoreName"
+          },
+          {
+            "$ref": "#/parameters/ExpandControlsDefinition"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecureScoreControlList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScoreControls": {
+      "get": {
+        "x-ms-examples": {
+          "List all secure scores controls": {
+            "$ref": "./examples/secureScores/ListSecureScoreControls_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score Controls"
+        ],
+        "description": "Get all security controls within a scope",
+        "operationId": "SecureScoreControls_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/ExpandControlsDefinition"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecureScoreControlList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/providers/Microsoft.Security/secureScoreControlDefinitions": {
+      "get": {
+        "x-ms-examples": {
+          "List security controls definition": {
+            "$ref": "./examples/secureScoreControlDefinitions/ListSecureScoreControlDefinitions_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score Control Definitions"
+        ],
+        "description": "List the available security controls, their assessments, and the max score",
+        "operationId": "SecureScoreControlDefinitions_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/secureScoreControlDefinitionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScoreControlDefinitions": {
+      "get": {
+        "x-ms-examples": {
+          "List security controls definition by subscription": {
+            "$ref": "./examples/secureScoreControlDefinitions/ListSecureScoreControlDefinitions_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score Control Definitions"
+        ],
+        "description": "For a specified subscription, list the available security controls, their assessments, and the max score",
+        "operationId": "SecureScoreControlDefinitions_ListBySubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/secureScoreControlDefinitionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecureScoresList": {
+      "type": "object",
+      "description": "List of secure scores",
+      "properties": {
+        "value": {
+          "description": "Collection of secure scores in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecureScoreItem"
+          }
+        },
+        "nextLink": {
+          "description": "The URI to fetch the next page.",
+          "readOnly": true,
+          "type": "string"
+        }
+      }
+    },
+    "SecureScoreItem": {
+      "description": "Secure score item data model",
+      "readOnly": true,
+      "type": "object",
+      "properties": {
+        "properties": {
+          "description": "Secure score item",
+          "readOnly": true,
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecureScoreItemProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecureScoreItemProperties": {
+      "description": "Describes properties of a calculated secure score.",
+      "readOnly": true,
+      "type": "object",
+      "properties": {
+        "displayName": {
+          "description": "The initiative’s name",
+          "readOnly": true,
+          "type": "string"
+        },
+        "score": {
+          "description": "score object",
+          "readOnly": true,
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/ScoreDetails"
+        },
+        "weight": {
+          "description": "The relative weight for each subscription. Used when calculating an aggregated secure score for multiple subscriptions.",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "minimum": 0,
+          "exclusiveMinimum": false
+        }
+      }
+    },
+    "ScoreDetails": {
+      "description": "Calculation result data",
+      "readOnly": true,
+      "type": "object",
+      "properties": {
+        "max": {
+          "description": "Maximum score available",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32",
+          "minimum": 0,
+          "exclusiveMinimum": false
+        },
+        "current": {
+          "description": "Current score",
+          "readOnly": true,
+          "type": "number",
+          "format": "double",
+          "minimum": 0.00,
+          "exclusiveMinimum": false
+        },
+        "percentage": {
+          "description": "Ratio of the current score divided by the maximum. Rounded to 4 digits after the decimal point",
+          "readOnly": true,
+          "type": "number",
+          "format": "double",
+          "minimum": 0.00,
+          "maximum": 1.00,
+          "exclusiveMinimum": false,
+          "exclusiveMaximum": false
+        }
+      }
+    },
+    "SecureScoreControlScore": {
+      "description": "Calculation result data",
+      "type": "object",
+      "properties": {
+        "max": {
+          "description": "Maximum control score (0..10)",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32",
+          "minimum": 0,
+          "maximum": 10,
+          "exclusiveMinimum": false
+        },
+        "current": {
+          "description": "Actual score for the control = (achieved points / total points) * max score. if total points is zeroed, the return number is 0.00",
+          "readOnly": true,
+          "type": "number",
+          "format": "double",
+          "minimum": 0.00,
+          "maximum": 10.00,
+          "exclusiveMinimum": false
+        },
+        "percentage": {
+          "description": "Ratio of the current score divided by the maximum. Rounded to 4 digits after the decimal point",
+          "readOnly": true,
+          "type": "number",
+          "format": "double",
+          "minimum": 0.00,
+          "maximum": 1.00,
+          "exclusiveMinimum": false,
+          "exclusiveMaximum": false
+        }
+      }
+    },
+    "SecureScoreControlList": {
+      "description": "List of security controls",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Collection of security controls in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecureScoreControlDetails"
+          }
+        },
+        "nextLink": {
+          "description": "The URI to fetch the next page.",
+          "readOnly": true,
+          "type": "string"
+        }
+      }
+    },
+    "SecureScoreControlDetails": {
+      "description": "Details of the security control, its score, and the health status of the relevant resources.",
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecureScoreControlScoreDetails"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecureScoreControlScoreDetails": {
+      "description": "Calculation result data in control level",
+      "type": "object",
+      "properties": {
+        "displayName": {
+          "description": "User friendly display name of the control",
+          "readOnly": true,
+          "type": "string"
+        },
+        "score": {
+          "description": "Actual score object for the control",
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/ScoreDetails"
+        },
+        "healthyResourceCount": {
+          "description": "Number of healthy resources in the control",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32"
+        },
+        "unhealthyResourceCount": {
+          "description": "Number of unhealthy resources in the control",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32"
+        },
+        "notApplicableResourceCount": {
+          "description": "Number of not applicable resources in the control",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32"
+        },
+        "weight": {
+          "description": "The relative weight for this specific control in each of your subscriptions. Used when calculating an aggregated score for this control across all of your subscriptions.",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "minimum": 0,
+          "exclusiveMinimum": false
+        },
+        "definition": {
+          "$ref": "#/definitions/SecureScoreControlDefinitionItem"
+        }
+      }
+    },
+    "secureScoreControlDefinitionList": {
+      "description": "List of security controls definition",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Collection of security controls definition in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecureScoreControlDefinitionItem"
+          }
+        },
+        "nextLink": {
+          "description": "The URI to fetch the next page.",
+          "readOnly": true,
+          "type": "string"
+        }
+      }
+    },
+    "SecureScoreControlDefinitionItem": {
+      "description": "Information about the security control.",
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecureScoreControlDefinitionItemProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecureScoreControlDefinitionItemProperties": {
+      "description": "Security Control Definition Properties.",
+      "type": "object",
+      "properties": {
+        "displayName": {
+          "description": "User friendly display name of the control",
+          "readOnly": true,
+          "type": "string"
+        },
+        "description": {
+          "description": "User friendly description of the control",
+          "readOnly": true,
+          "type": "string",
+          "maxLength": 256
+        },
+        "maxScore": {
+          "description": "Maximum control score (0..10)",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32",
+          "minimum": 0,
+          "maximum": 10,
+          "exclusiveMinimum": false
+        },
+        "source": {
+          "description": "Source object from which the control was created",
+          "readOnly": true,
+          "$ref": "#/definitions/SecureScoreControlDefinitionSource"
+        },
+        "assessmentDefinitions": {
+          "description": "Array of assessments metadata IDs that are included in this security control",
+          "readOnly": true,
+          "$ref": "../../../common/v1/types.json#/definitions/AzureResourceLinks"
+        }
+      }
+    },
+    "SecureScoreControlDefinitionSource": {
+      "description": "The type of the security control (For example, BuiltIn)",
+      "readOnly": true,
+      "type": "object",
+      "properties": {
+        "sourceType": {
+          "description": "The type of security control (for example, BuiltIn)",
+          "type": "string",
+          "enum": [
+            "BuiltIn",
+            "Custom"
+          ],
+          "x-ms-enum": {
+            "name": "controlType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "BuiltIn",
+                "description": "Microsoft Defender for Cloud managed assessments"
+              },
+              {
+                "value": "Custom",
+                "description": "Non Microsoft Defender for Cloud managed assessments"
+              }
+            ]
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ExpandControlsDefinition": {
+      "name": "$expand",
+      "in": "query",
+      "required": false,
+      "type": "string",
+      "description": "OData expand. Optional.",
+      "x-ms-parameter-location": "method",
+      "enum": [
+        "definition"
+      ],
+      "x-ms-enum": {
+        "name": "ExpandControlsEnum",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "definition",
+            "description": "Add definition object for each control"
+          }
+        ]
+      }
+    },
+    "secureScoreName": {
+      "name": "secureScoreName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The initiative name. For the ASC Default initiative, use 'ascScore' as in the sample request below.",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2020-01-01-preview/securityContacts.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2020-01-01-preview/securityContacts.json
new file mode 100644
index 000000000..58a291e83
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2020-01-01-preview/securityContacts.json
@@ -0,0 +1,392 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts": {
+      "get": {
+        "x-ms-examples": {
+          "List security contact data": {
+            "$ref": "./examples/SecurityContacts/GetSecurityContactsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "List all security contact configurations for the subscription",
+        "operationId": "SecurityContacts_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContactList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts/{securityContactName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a security contact": {
+            "$ref": "./examples/SecurityContacts/GetSecurityContact_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Get Default Security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContact"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create security contact data": {
+            "$ref": "./examples/SecurityContacts/CreateSecurityContact_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Create security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          },
+          {
+            "$ref": "#/parameters/SecurityContact"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/SecurityContact"
+            }
+          },
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContact"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Deletes a security contact data": {
+            "$ref": "./examples/SecurityContacts/DeleteSecurityContact_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Delete security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Security contact deleted"
+          },
+          "204": {
+            "description": "Security contact was not found"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityContactList": {
+      "type": "object",
+      "description": "List of security contacts response",
+      "properties": {
+        "value": {
+          "readOnly": true,
+          "description": "List of security contacts",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityContact"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityContact": {
+      "type": "object",
+      "description": "Contact details and configurations for notifications coming from Microsoft Defender for Cloud.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security contact data",
+          "$ref": "#/definitions/SecurityContactProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityContactProperties": {
+      "type": "object",
+      "description": "Describes security contact properties",
+      "properties": {
+        "emails": {
+          "type": "string",
+          "description": "List of email addresses which will get notifications from Microsoft Defender for Cloud by the configurations defined in this security contact."
+        },
+        "phone": {
+          "type": "string",
+          "description": "The security contact's phone number"
+        },
+        "alertNotifications": {
+          "type": "object",
+          "description": "Defines whether to send email notifications about new security alerts",
+          "properties": {
+            "state": {
+              "type": "string",
+              "description": "Defines if email notifications will be sent about new security alerts",
+              "enum": [
+                "On",
+                "Off"
+              ],
+              "x-ms-enum": {
+                "name": "state",
+                "modelAsString": true,
+                "values": [
+                  {
+                    "value": "On",
+                    "description": "Get notifications on new alerts"
+                  },
+                  {
+                    "value": "Off",
+                    "description": "Don't get notifications on new alerts"
+                  }
+                ]
+              }
+            },
+            "minimalSeverity": {
+              "type": "string",
+              "description": "Defines the minimal alert severity which will be sent as email notifications",
+              "enum": [
+                "High",
+                "Medium",
+                "Low"
+              ],
+              "x-ms-enum": {
+                "name": "minimalSeverity",
+                "modelAsString": true,
+                "values": [
+                  {
+                    "value": "High",
+                    "description": "Get notifications on new alerts with High severity"
+                  },
+                  {
+                    "value": "Medium",
+                    "description": "Get notifications on new alerts with medium or high severity"
+                  },
+                  {
+                    "value": "Low",
+                    "description": "Don't get notifications on new alerts with low, medium or high severity"
+                  }
+                ]
+              }
+            }
+          }
+        },
+        "notificationsByRole": {
+          "type": "object",
+          "description": "Defines whether to send email notifications from Microsoft Defender for Cloud to persons with specific RBAC roles on the subscription.",
+          "properties": {
+            "state": {
+              "type": "string",
+              "description": "Defines whether to send email notifications from AMicrosoft Defender for Cloud to persons with specific RBAC roles on the subscription.",
+              "enum": [
+                "On",
+                "Off"
+              ],
+              "x-ms-enum": {
+                "name": "state",
+                "modelAsString": true,
+                "values": [
+                  {
+                    "value": "On",
+                    "description": "Send notification on new alerts to the subscription's admins"
+                  },
+                  {
+                    "value": "Off",
+                    "description": "Don't send notification on new alerts to the subscription's admins"
+                  }
+                ]
+              }
+            },
+            "roles": {
+              "type": "array",
+              "description": "Defines which RBAC roles will get email notifications from Microsoft Defender for Cloud. List of allowed RBAC roles: ",
+              "items": {
+                "$ref": "#/definitions/SecurityContactRole"
+              }
+            }
+          }
+        }
+      }
+    },
+    "SecurityContactRole": {
+      "type": "string",
+      "description": "A possible role to configure sending security notification alerts to",
+      "enum": [
+        "AccountAdmin",
+        "ServiceAdmin",
+        "Owner",
+        "Contributor"
+      ],
+      "x-ms-enum": {
+        "name": "roles",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "AccountAdmin",
+            "description": "If enabled, send notification on new alerts to the account admins"
+          },
+          {
+            "value": "ServiceAdmin",
+            "description": "If enabled, send notification on new alerts to the service admins"
+          },
+          {
+            "value": "Owner",
+            "description": "If enabled, send notification on new alerts to the subscription owners"
+          },
+          {
+            "value": "Contributor",
+            "description": "If enabled, send notification on new alerts to the subscription contributors"
+          }
+        ]
+      }
+    }
+  },
+  "parameters": {
+    "SecurityContactName": {
+      "name": "securityContactName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the security contact object",
+      "x-ms-parameter-location": "method"
+    },
+    "SecurityContact": {
+      "name": "securityContact",
+      "in": "body",
+      "required": true,
+      "description": "Security contact object",
+      "schema": {
+        "$ref": "#/definitions/SecurityContact"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-05-01-preview/softwareInventories.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-05-01-preview/softwareInventories.json
new file mode 100644
index 000000000..1af50949c
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-05-01-preview/softwareInventories.json
@@ -0,0 +1,307 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2021-05-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/softwareInventories": {
+      "get": {
+        "description": "Gets the software inventory of the virtual machine.",
+        "operationId": "SoftwareInventories_ListByExtendedResource",
+        "x-ms-examples": {
+          "Gets the software inventory of the virtual machine": {
+            "$ref": "./examples/SoftwareInventories/ListByExtendedResourceSoftwareInventories_example.json"
+          }
+        },
+        "tags": [
+          "softwareInventories"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "name": "resourceNamespace",
+            "in": "path",
+            "description": "The namespace of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceType",
+            "in": "path",
+            "description": "The type of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceName",
+            "in": "path",
+            "description": "Name of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SoftwaresList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/softwareInventories": {
+      "get": {
+        "description": "Gets the software inventory of all virtual machines in the subscriptions.",
+        "operationId": "SoftwareInventories_ListBySubscription",
+        "x-ms-examples": {
+          "Gets the software inventory of all virtual machines in the subscriptions": {
+            "$ref": "./examples/SoftwareInventories/ListBySubscriptionSoftwareInventories_example.json"
+          }
+        },
+        "tags": [
+          "softwareInventories"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SoftwaresList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/softwareInventories/{softwareName}": {
+      "get": {
+        "description": "Gets a single software data of the virtual machine.",
+        "operationId": "SoftwareInventories_Get",
+        "x-ms-examples": {
+          "Gets a single software data of the virtual machine": {
+            "$ref": "./examples/SoftwareInventories/GetSoftware_example.json"
+          }
+        },
+        "tags": [
+          "softwareInventories"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "name": "resourceNamespace",
+            "in": "path",
+            "description": "The namespace of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceType",
+            "in": "path",
+            "description": "The type of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceName",
+            "in": "path",
+            "description": "Name of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "softwareName",
+            "in": "path",
+            "description": "Name of the installed software.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Software"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SoftwaresList": {
+      "type": "object",
+      "description": "Represents the software inventory of the virtual machine.",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Software"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "Software": {
+      "type": "object",
+      "description": "Represents a software data",
+      "required": [
+        "properties"
+      ],
+      "properties": {
+        "properties": {
+          "description": "Properties of the Software Inventory resource",
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SoftwareProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SoftwareProperties": {
+      "description": "Software Inventory resource properties",
+      "properties": {
+        "deviceId": {
+          "type": "string",
+          "description": "Unique identifier for the virtual machine in the service."
+        },
+        "osPlatform": {
+          "type": "string",
+          "description": "Platform of the operating system running on the device."
+        },
+        "vendor": {
+          "type": "string",
+          "description": "Name of the software vendor."
+        },
+        "softwareName": {
+          "type": "string",
+          "description": "Name of the software product."
+        },
+        "version": {
+          "type": "string",
+          "description": "Version number of the software product."
+        },
+        "endOfSupportStatus": {
+          "type": "string",
+          "description": "End of support status.",
+          "enum": [
+            "None",
+            "noLongerSupported",
+            "versionNoLongerSupported",
+            "upcomingNoLongerSupported",
+            "upcomingVersionNoLongerSupported"
+          ],
+          "x-ms-enum": {
+            "name": "EndOfSupportStatus",
+            "modelAsString": true
+          }
+        },
+        "endOfSupportDate": {
+          "type": "string",
+          "description": "The end of support date in case the product is upcoming end of support."
+        },
+        "numberOfKnownVulnerabilities": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Number of weaknesses."
+        },
+        "firstSeenAt": {
+          "type": "string",
+          "description": "First time that the software was seen in the device."
+        }
+      }
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/customAssessmentAutomation.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/customAssessmentAutomation.json
new file mode 100644
index 000000000..2c3997011
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/customAssessmentAutomation.json
@@ -0,0 +1,435 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2021-07-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations/{customAssessmentAutomationName}": {
+      "get": {
+        "summary": "Gets a custom assessment automation",
+        "description": "Gets a single custom assessment automation by name for the provided subscription and resource group.",
+        "tags": [
+          "customAssessmentAutomations"
+        ],
+        "operationId": "CustomAssessmentAutomations_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/customAssessmentAutomationName"
+          }
+        ],
+        "x-ms-examples": {
+          "Get a Custom Assessment Automation": {
+            "$ref": "./examples/CustomAssessmentAutomations/customAssessmentAutomationGet_example.json"
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/customAssessmentAutomation"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "summary": "Creates a custom assessment automation",
+        "description": "Creates or updates a custom assessment automation for the provided subscription. Please note that providing an existing custom assessment automation will replace the existing record.",
+        "tags": [
+          "customAssessmentAutomations"
+        ],
+        "operationId": "CustomAssessmentAutomations_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/customAssessmentAutomationName"
+          },
+          {
+            "$ref": "#/parameters/customAssessmentAutomationBody"
+          }
+        ],
+        "x-ms-examples": {
+          "Create a Custom Assessment Automation": {
+            "$ref": "./examples/CustomAssessmentAutomations/customAssessmentAutomationCreate_example.json"
+          }
+        },
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/customAssessmentAutomation"
+            }
+          },
+          "200": {
+            "description": "OK - Updated",
+            "schema": {
+              "$ref": "#/definitions/customAssessmentAutomation"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "summary": "Deletes a custom assessment automation",
+        "description": "Deletes a custom assessment automation by name for a provided subscription",
+        "tags": [
+          "customAssessmentAutomations"
+        ],
+        "operationId": "CustomAssessmentAutomations_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/customAssessmentAutomationName"
+          }
+        ],
+        "x-ms-examples": {
+          "Delete a Custom Assessment Automation": {
+            "$ref": "./examples/CustomAssessmentAutomations/customAssessmentAutomationDelete_example.json"
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK - Custom Assessment Automation was deleted"
+          },
+          "204": {
+            "description": "No Content - Custom Assessment Automation does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customAssessmentAutomations": {
+      "get": {
+        "summary": "List custom assessment automations in a subscription and a resource group",
+        "description": "List custom assessment automations by provided subscription and resource group",
+        "tags": [
+          "customAssessmentAutomations"
+        ],
+        "operationId": "CustomAssessmentAutomations_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "x-ms-examples": {
+          "List Custom Assessment Automations in a subscription and a resource group": {
+            "$ref": "./examples/CustomAssessmentAutomations/customAssessmentAutomationListByResourceGroup_example.json"
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK - Returns a collection of Custom Assessment Automations",
+            "schema": {
+              "$ref": "#/definitions/customAssessmentAutomationsListResult"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/customAssessmentAutomations": {
+      "get": {
+        "summary": "List custom assessment automations in a subscription",
+        "description": "List custom assessment automations by provided subscription",
+        "tags": [
+          "customAssessmentAutomations"
+        ],
+        "operationId": "CustomAssessmentAutomations_ListBySubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "x-ms-examples": {
+          "List Custom Assessment Automations in a subscription": {
+            "$ref": "./examples/CustomAssessmentAutomations/customAssessmentAutomationListBySubscription_example.json"
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK - Returns a collection of Custom Assessment Automations",
+            "schema": {
+              "$ref": "#/definitions/customAssessmentAutomationsListResult"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    }
+  },
+  "definitions": {
+    "customAssessmentAutomationsListResult": {
+      "type": "object",
+      "description": "A list of Custom Assessment Automations",
+      "properties": {
+        "value": {
+          "description": "Collection of Custom Assessment Automations",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/customAssessmentAutomation"
+          }
+        },
+        "nextLink": {
+          "description": "The link used to get the next page of operations.",
+          "type": "string"
+        }
+      }
+    },
+    "customAssessmentAutomation": {
+      "type": "object",
+      "description": "Custom Assessment Automation",
+      "properties": {
+        "systemData": {
+          "readOnly": true,
+          "type": "object",
+          "description": "Azure Resource Manager metadata containing createdBy and modifiedBy information.",
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "describes Custom Assessment Automation properties.",
+          "$ref": "#/definitions/customAssessmentAutomationProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "customAssessmentAutomationRequest": {
+      "type": "object",
+      "description": "Custom Assessment Automation request",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "describes Custom Assessment Automation request properties.",
+          "$ref": "#/definitions/customAssessmentAutomationRequestProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "customAssessmentAutomationProperties": {
+      "type": "object",
+      "description": "describes the Custom Assessment Automation properties",
+      "properties": {
+        "compressedQuery": {
+          "description": "GZip encoded KQL query representing the assessment automation results required.",
+          "type": "string"
+        },
+        "supportedCloud": {
+          "description": "Relevant cloud for the custom assessment automation.",
+          "type": "string",
+          "enum": [
+            "AWS",
+            "GCP"
+          ],
+          "x-ms-enum": {
+            "name": "supportedCloudEnum",
+            "modelAsString": true
+          },
+          "x-ms-client-default": "AWS"
+        },
+        "severity": {
+          "description": "The severity to relate to the assessments generated by this assessment automation.",
+          "type": "string",
+          "enum": [
+            "High",
+            "Medium",
+            "Low"
+          ],
+          "x-ms-enum": {
+            "name": "severityEnum",
+            "modelAsString": true
+          },
+          "x-ms-client-default": "Low"
+        },
+        "displayName": {
+          "description": "The display name of the assessments generated by this assessment automation.",
+          "type": "string"
+        },
+        "description": {
+          "description": "The description to relate to the assessments generated by this assessment automation.",
+          "type": "string"
+        },
+        "remediationDescription": {
+          "description": "The remediation description to relate to the assessments generated by this assessment automation.",
+          "type": "string"
+        },
+        "assessmentKey": {
+          "description": "The assessment metadata key used when an assessment is generated for this assessment automation.",
+          "type": "string"
+        }
+      }
+    },
+    "customAssessmentAutomationRequestProperties": {
+      "type": "object",
+      "description": "describes the Custom Assessment Automation properties",
+      "properties": {
+        "compressedQuery": {
+          "description": "Base 64 encoded KQL query representing the assessment automation results required.",
+          "type": "string"
+        },
+        "supportedCloud": {
+          "description": "Relevant cloud for the custom assessment automation.",
+          "type": "string",
+          "enum": [
+            "AWS",
+            "GCP"
+          ],
+          "x-ms-enum": {
+            "name": "supportedCloudEnum",
+            "modelAsString": true
+          },
+          "x-ms-client-default": "AWS"
+        },
+        "severity": {
+          "description": "The severity to relate to the assessments generated by this assessment automation.",
+          "type": "string",
+          "enum": [
+            "High",
+            "Medium",
+            "Low"
+          ],
+          "x-ms-enum": {
+            "name": "severityEnum",
+            "modelAsString": true
+          },
+          "x-ms-client-default": "Low"
+        },
+        "displayName": {
+          "description": "The display name of the assessments generated by this assessment automation.",
+          "type": "string"
+        },
+        "description": {
+          "description": "The description to relate to the assessments generated by this assessment automation.",
+          "type": "string"
+        },
+        "remediationDescription": {
+          "description": "The remediation description to relate to the assessments generated by this assessment automation.",
+          "type": "string"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "customAssessmentAutomationName": {
+      "name": "customAssessmentAutomationName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the Custom Assessment Automation.",
+      "x-ms-parameter-location": "method"
+    },
+    "customAssessmentAutomationBody": {
+      "name": "customAssessmentAutomationBody",
+      "in": "body",
+      "description": "Custom Assessment Automation body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/customAssessmentAutomationRequest"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/customEntityStoreAssignment.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/customEntityStoreAssignment.json
new file mode 100644
index 000000000..5aedaab3a
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/customEntityStoreAssignment.json
@@ -0,0 +1,351 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2021-07-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments/{customEntityStoreAssignmentName}": {
+      "get": {
+        "summary": "Gets a custom entity store assignment",
+        "description": "Gets a single custom entity store assignment by name for the provided subscription and resource group.",
+        "tags": [
+          "customEntityStoreAssignments"
+        ],
+        "operationId": "CustomEntityStoreAssignments_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/customEntityStoreAssignmentName"
+          }
+        ],
+        "x-ms-examples": {
+          "Get a custom entity store assignment": {
+            "$ref": "./examples/CustomEntityStoreAssignments/customEntityStoreAssignmentGet_example.json"
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/CustomEntityStoreAssignment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "summary": "Creates a custom entity store assignment",
+        "description": "Creates a custom entity store assignment for the provided subscription, if not already exists.",
+        "tags": [
+          "customEntityStoreAssignments"
+        ],
+        "operationId": "CustomEntityStoreAssignments_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/customEntityStoreAssignmentName"
+          },
+          {
+            "$ref": "#/parameters/customEntityStoreAssignmentRequestBody"
+          }
+        ],
+        "x-ms-examples": {
+          "Create a custom entity store assignment": {
+            "$ref": "./examples/CustomEntityStoreAssignments/customEntityStoreAssignmentCreate_example.json"
+          }
+        },
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/CustomEntityStoreAssignment"
+            }
+          },
+          "200": {
+            "description": "OK - Updated",
+            "schema": {
+              "$ref": "#/definitions/CustomEntityStoreAssignment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "summary": "Deleted a custom entity store assignment",
+        "description": "Delete a custom entity store assignment by name for a provided subscription",
+        "tags": [
+          "customEntityStoreAssignments"
+        ],
+        "operationId": "CustomEntityStoreAssignments_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/customEntityStoreAssignmentName"
+          }
+        ],
+        "x-ms-examples": {
+          "Delete a custom entity store assignment": {
+            "$ref": "./examples/CustomEntityStoreAssignments/customEntityStoreAssignmentDelete_example.json"
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK - Custom Entity Store Assignment was deleted"
+          },
+          "204": {
+            "description": "No Content - Custom Entity Store Assignment does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.Security/customEntityStoreAssignments": {
+      "get": {
+        "summary": "List custom entity store assignments in a subscription and a resource group",
+        "description": "List custom entity store assignments by a provided subscription and resource group",
+        "tags": [
+          "customEntityStoreAssignments"
+        ],
+        "operationId": "CustomEntityStoreAssignments_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "x-ms-examples": {
+          "List custom entity store assignments in a subscription and a resource group": {
+            "$ref": "./examples/CustomEntityStoreAssignments/customEntityStoreAssignmentListByResourceGroup_example.json"
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK - Returns a collection of custom entity store assignments",
+            "schema": {
+              "$ref": "#/definitions/CustomEntityStoreAssignmentsListResult"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/customEntityStoreAssignments": {
+      "get": {
+        "summary": "List custom entity store assignments in a subscription",
+        "description": "List custom entity store assignments by provided subscription",
+        "tags": [
+          "customEntityStoreAssignments"
+        ],
+        "operationId": "CustomEntityStoreAssignments_ListBySubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "x-ms-examples": {
+          "List custom entity store assignments in a subscription": {
+            "$ref": "./examples/CustomEntityStoreAssignments/customEntityStoreAssignmentListBySubscription_example.json"
+          }
+        },
+        "responses": {
+          "200": {
+            "description": "OK - Returns a collection of custom entity store assignments",
+            "schema": {
+              "$ref": "#/definitions/CustomEntityStoreAssignmentsListResult"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    }
+  },
+  "definitions": {
+    "CustomEntityStoreAssignmentsListResult": {
+      "type": "object",
+      "description": "A list of custom entity store assignments",
+      "properties": {
+        "value": {
+          "description": "Collection of custom entity store assignments",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/CustomEntityStoreAssignment"
+          }
+        },
+        "nextLink": {
+          "description": "The link used to get the next page of operations.",
+          "type": "string"
+        }
+      }
+    },
+    "CustomEntityStoreAssignment": {
+      "type": "object",
+      "description": "Custom entity store assignment",
+      "properties": {
+        "systemData": {
+          "readOnly": true,
+          "type": "object",
+          "description": "Azure Resource Manager metadata containing createdBy and modifiedBy information.",
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "describes custom entity store assignment properties.",
+          "$ref": "#/definitions/CustomEntityStoreAssignmentProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "CustomEntityStoreAssignmentProperties": {
+      "type": "object",
+      "description": "describes the custom entity store assignment properties",
+      "properties": {
+        "principal": {
+          "description": "The principal assigned with entity store. Format of principal is: [AAD type]=[PrincipalObjectId];[TenantId]",
+          "type": "string"
+        },
+        "entityStoreDatabaseLink": {
+          "description": "The link to entity store database.",
+          "type": "string"
+        }
+      }
+    },
+    "CustomEntityStoreAssignmentRequest": {
+      "type": "object",
+      "description": "describes the custom entity store assignment request",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/CustomEntityStoreAssignmentRequestProperties"
+        }
+      }
+    },
+    "CustomEntityStoreAssignmentRequestProperties": {
+      "type": "object",
+      "description": "describes properties of custom entity store assignment request",
+      "properties": {
+        "principal": {
+          "description": "The principal assigned with entity store. If not provided, will use caller principal. Format of principal is: [AAD type]=[PrincipalObjectId];[TenantId]",
+          "type": "string"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "customEntityStoreAssignmentName": {
+      "name": "customEntityStoreAssignmentName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the custom entity store assignment. Generated name is GUID.",
+      "x-ms-parameter-location": "method"
+    },
+    "customEntityStoreAssignmentRequestBody": {
+      "name": "customEntityStoreAssignmentRequestBody",
+      "in": "body",
+      "description": "Custom entity store assignment body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/CustomEntityStoreAssignmentRequest"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/securityConnectors.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/securityConnectors.json
new file mode 100644
index 000000000..667d5c13b
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-07-01-preview/securityConnectors.json
@@ -0,0 +1,597 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2021-07-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityConnectors": {
+      "get": {
+        "x-ms-examples": {
+          "List all security connectors of a specified subscription": {
+            "$ref": "./examples/SecurityConnectors/GetSecurityConnectorsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Lists all the security connectors in the specified subscription. Use the 'nextLink' property in the response to get the next page of security connectors for the specified subscription.",
+        "operationId": "SecurityConnectors_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnectorsList"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors": {
+      "get": {
+        "x-ms-examples": {
+          "List all security connectors of a specified resource group": {
+            "$ref": "./examples/SecurityConnectors/GetSecurityConnectorsResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Lists all the security connectors in the specified resource group. Use the 'nextLink' property in the response to get the next page of security connectors for the specified resource group.",
+        "operationId": "SecurityConnectors_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnectorsList"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}": {
+      "get": {
+        "x-ms-examples": {
+          "Retrieve a security connector": {
+            "$ref": "./examples/SecurityConnectors/GetSecurityConnectorResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Retrieves details of a specific security connector",
+        "operationId": "SecurityConnectors_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnector"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create or update a security connector": {
+            "$ref": "./examples/SecurityConnectors/PutSecurityConnector_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Creates or updates a security connector. If a security connector is already created and a subsequent request is issued for the same security connector id, then it will be updated.",
+        "operationId": "SecurityConnectors_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorInBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnector"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnector"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "patch": {
+        "x-ms-examples": {
+          "Update a security connector": {
+            "$ref": "./examples/SecurityConnectors/PatchSecurityConnector_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Updates a security connector",
+        "operationId": "SecurityConnectors_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorInBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnector"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security connector": {
+            "$ref": "./examples/SecurityConnectors/DeleteSecurityConnector_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "operationId": "SecurityConnectors_Delete",
+        "description": "Deletes a security connector.",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "The resource was deleted successfully"
+          },
+          "204": {
+            "description": "NoContent"
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityConnectorsList": {
+      "type": "object",
+      "description": "List of security connectors response.",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "The list of security connectors under the given scope.",
+          "items": {
+            "$ref": "#/definitions/SecurityConnector"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityConnector": {
+      "type": "object",
+      "description": "The security connector resource.",
+      "properties": {
+        "systemData": {
+          "readOnly": true,
+          "type": "object",
+          "description": "Azure Resource Manager metadata containing createdBy and modifiedBy information.",
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security connector data",
+          "$ref": "#/definitions/SecurityConnectorProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/TrackedResource"
+        }
+      ]
+    },
+    "SecurityConnectorProperties": {
+      "type": "object",
+      "description": "A set of properties that defines the security connector configuration.",
+      "properties": {
+        "hierarchyIdentifier": {
+          "type": "string",
+          "description": "The multi cloud resource identifier (account id in case of AWS connector)."
+        },
+        "cloudName": {
+          "type": "string",
+          "description": "The multi cloud resource's cloud name.",
+          "enum": [
+            "Azure",
+            "AWS",
+            "GCP"
+          ],
+          "x-ms-enum": {
+            "name": "cloudName",
+            "modelAsString": true
+          }
+        },
+        "offerings": {
+          "type": "array",
+          "description": "A collection of offerings for the security connector.",
+          "items": {
+            "$ref": "#/definitions/cloudOffering"
+          }
+        },
+        "organizationalData": {
+          "type": "object",
+          "description": "The multi cloud account's organizational data",
+          "properties": {
+            "organizationMembershipType": {
+              "type": "string",
+              "description": "The multi cloud account's membership type in the organization",
+              "enum": [
+                "Member",
+                "Organization"
+              ],
+              "x-ms-enum": {
+                "name": "organizationMembershipType",
+                "modelAsString": true
+              }
+            },
+            "parentHierarchyId": {
+              "type": "string",
+              "description": "If the multi cloud account is not of membership type organization, this will be the ID of the account's parent"
+            },
+            "stacksetName": {
+              "type": "string",
+              "description": "If the multi cloud account is of membership type organization, this will be the name of the onboarding stackset"
+            },
+            "excludedAccountIds": {
+              "type": "array",
+              "description": "If the multi cloud account is of membership type organization, list of accounts excluded from offering",
+              "items": {
+                "type": "string",
+                "description": "account IDs"
+              }
+            }
+          }
+        }
+      }
+    },
+    "cloudOffering": {
+      "type": "object",
+      "description": "The security offering details",
+      "discriminator": "offeringType",
+      "required": [
+        "offeringType"
+      ],
+      "properties": {
+        "offeringType": {
+          "type": "string",
+          "description": "The type of the security offering.",
+          "enum": [
+            "CspmMonitorAws",
+            "DefenderForContainersAws",
+            "DefenderForServersAws",
+            "InformationProtectionAws"
+          ],
+          "x-ms-enum": {
+            "name": "OfferingType",
+            "modelAsString": true
+          }
+        },
+        "description": {
+          "type": "string",
+          "description": "The offering description.",
+          "readOnly": true
+        }
+      }
+    },
+    "cspmMonitorAwsOffering": {
+      "type": "object",
+      "description": "The CSPM monitoring for AWS offering configurations",
+      "x-ms-discriminator-value": "CspmMonitorAws",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "nativeCloudConnection": {
+          "type": "object",
+          "description": "The native cloud connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        }
+      }
+    },
+    "defenderForContainersAwsOffering": {
+      "type": "object",
+      "description": "The Defender for Containers AWS offering configurations",
+      "x-ms-discriminator-value": "DefenderForContainersAws",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "kubernetesService": {
+          "type": "object",
+          "description": "The kubernetes service connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "kubernetesScubaReader": {
+          "type": "object",
+          "description": "The kubernetes to scuba connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "cloudWatchToKinesis": {
+          "type": "object",
+          "description": "The cloudwatch to kinesis connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "kinesisToS3": {
+          "type": "object",
+          "description": "The kinesis to s3 connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        }
+      }
+    },
+    "defenderForServersAwsOffering": {
+      "type": "object",
+      "description": "The Defender for Servers AWS offering configurations",
+      "x-ms-discriminator-value": "DefenderForServersAws",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "defenderForServers": {
+          "type": "object",
+          "description": "The Defender for servers connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "arcAutoProvisioning": {
+          "type": "object",
+          "description": "The ARC autoprovisioning configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is arc auto provisioning enabled"
+            },
+            "servicePrincipalSecretMetadata": {
+              "type": "object",
+              "description": "Metadata of Service Principal secret for autoprovisioning",
+              "properties": {
+                "expiryDate": {
+                  "type": "string",
+                  "description": "expiration date of service principal secret"
+                },
+                "parameterStoreRegion": {
+                  "type": "string",
+                  "description": "region of parameter store where secret is kept"
+                },
+                "parameterNameInStore": {
+                  "type": "string",
+                  "description": "name of secret resource in parameter store"
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "informationProtectionAwsOffering": {
+      "type": "object",
+      "description": "The information protection for AWS offering configurations",
+      "x-ms-discriminator-value": "InformationProtectionAws",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "informationProtection": {
+          "type": "object",
+          "description": "The native cloud connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "securityConnectorName": {
+      "name": "securityConnectorName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The security connector name.",
+      "x-ms-parameter-location": "method"
+    },
+    "securityConnectorInBody": {
+      "name": "securityConnector",
+      "in": "body",
+      "required": true,
+      "description": "The security connector resource",
+      "schema": {
+        "$ref": "#/definitions/SecurityConnector"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-10-01-preview/mdeOnboardings.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-10-01-preview/mdeOnboardings.json
new file mode 100644
index 000000000..ddb73e3cb
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2021-10-01-preview/mdeOnboardings.json
@@ -0,0 +1,156 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2021-10-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/mdeOnboardings": {
+      "get": {
+        "x-ms-examples": {
+          "The configuration or data needed to onboard the machine to MDE": {
+            "$ref": "./examples/MdeOnboardings/ListMdeOnboardings_example.json"
+          }
+        },
+        "tags": [
+          "MdeOnboarding"
+        ],
+        "description": "The configuration or data needed to onboard the machine to MDE",
+        "operationId": "MdeOnboardings_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/MdeOnboardingDataList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/mdeOnboardings/default": {
+      "get": {
+        "x-ms-examples": {
+          "The default configuration or data needed to onboard the machine to MDE": {
+            "$ref": "./examples/MdeOnboardings/GetMdeOnboardings_example.json"
+          }
+        },
+        "tags": [
+          "MdeOnboarding"
+        ],
+        "description": "The default configuration or data needed to onboard the machine to MDE",
+        "operationId": "MdeOnboardings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/MdeOnboardingData"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "MdeOnboardingDataProperties": {
+      "type": "object",
+      "properties": {
+        "onboardingPackageWindows": {
+          "format": "byte",
+          "type": "string",
+          "description": "The onboarding package used to onboard Windows machines to MDE, coded in base64. This can also be used for onboarding using the dedicated VM Extension"
+        },
+        "onboardingPackageLinux": {
+          "format": "byte",
+          "type": "string",
+          "description": "The onboarding package used to onboard Linux machines to MDE, coded in base64. This can also be used for onboarding using the dedicated VM Extension"
+        }
+      },
+      "description": "Properties of the MDE configuration or data parameter needed to onboard the machine to MDE"
+    },
+    "MdeOnboardingData": {
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/MdeOnboardingDataProperties"
+        }
+      },
+      "description": "The resource of the configuration or data needed to onboard the machine to MDE"
+    },
+    "MdeOnboardingDataList": {
+      "type": "object",
+      "description": "List of all MDE onboarding data resources",
+      "properties": {
+        "value": {
+          "description": "List of the resources of the configuration or data needed to onboard the machine to MDE",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/MdeOnboardingData"
+          }
+        }
+      }
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/governanceAssignments.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/governanceAssignments.json
new file mode 100644
index 000000000..54b61b687
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/governanceAssignments.json
@@ -0,0 +1,369 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2022-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/governanceAssignments": {
+      "get": {
+        "x-ms-examples": {
+          "List governance assignments": {
+            "$ref": "./examples/GovernanceAssignments/ListGovernanceAssignments_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceAssignments"
+        ],
+        "description": "Get governance assignments on all of your resources inside a scope",
+        "operationId": "GovernanceAssignments_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/GovernanceAssignmentsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{scope}/providers/Microsoft.Security/assessments/{assessmentName}/governanceAssignments/{assignmentKey}": {
+      "get": {
+        "x-ms-examples": {
+          "Get governanceAssignment by specific governanceAssignmentKey": {
+            "$ref": "./examples/GovernanceAssignments/GetGovernanceAssignment_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceAssignments"
+        ],
+        "description": "Get a specific governanceAssignment for the requested scope by AssignmentKey",
+        "operationId": "GovernanceAssignments_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/AssignmentKey"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/GovernanceAssignment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create Governance assignment": {
+            "$ref": "./examples/GovernanceAssignments/PutGovernanceAssignment_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceAssignments"
+        ],
+        "description": "Creates or updates a governance assignment on the given subscription.",
+        "operationId": "GovernanceAssignments_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/AssignmentKey"
+          },
+          {
+            "$ref": "#/parameters/GovernanceAssignmentBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Updated",
+            "schema": {
+              "$ref": "#/definitions/GovernanceAssignment"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/GovernanceAssignment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete security assignment": {
+            "$ref": "./examples/GovernanceAssignments/DeleteGovernanceAssignment_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceAssignments"
+        ],
+        "description": "Delete a GovernanceAssignment over a given scope",
+        "operationId": "GovernanceAssignments_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/AssignmentKey"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Governance assignment was deleted"
+          },
+          "204": {
+            "description": "No Content - Governance assignment does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed"
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "GovernanceAssignmentsList": {
+      "type": "object",
+      "description": "Page of a governance assignments list",
+      "properties": {
+        "value": {
+          "description": "Collection of governance assignments in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/GovernanceAssignment"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page"
+        }
+      }
+    },
+    "GovernanceAssignment": {
+      "type": "object",
+      "description": "Governance assignment over a given scope",
+      "properties": {
+        "properties": {
+          "description": "The properties of a governance assignment",
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/GovernanceAssignmentProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "GovernanceAssignmentProperties": {
+      "type": "object",
+      "description": "Describes properties of an governance assignment",
+      "properties": {
+        "owner": {
+          "description": "The Owner for the governance assignment - e.g. user@contoso.com - see example",
+          "type": "string"
+        },
+        "remediationDueDate": {
+          "type": "string",
+          "format": "date-time",
+          "description": "The remediation due-date - after this date Secure Score will be affected (in case of  active grace-period)"
+        },
+        "remediationEta": {
+          "description": "The ETA (estimated time of arrival) for remediation (optional), see example",
+          "$ref": "#/definitions/RemediationEta"
+        },
+        "isGracePeriod": {
+          "description": "Defines whether there is a grace period on the governance assignment",
+          "type": "boolean"
+        },
+        "governanceEmailNotification": {
+          "description": "The email notifications settings for the governance rule, states whether to disable notifications for mangers and owners",
+          "$ref": "#/definitions/GovernanceEmailNotification"
+        },
+        "additionalData": {
+          "description": "The additional data for the governance assignment - e.g. links to ticket (optional), see example",
+          "$ref": "#/definitions/GovernanceAssignmentAdditionalData"
+        }
+      },
+      "required": [
+        "remediationDueDate"
+      ]
+    },
+    "GovernanceEmailNotification": {
+      "type": "object",
+      "description": "The governance email weekly notification configuration.",
+      "properties": {
+        "disableManagerEmailNotification": {
+          "description": "Exclude manager from weekly email notification.",
+          "type": "boolean"
+        },
+        "disableOwnerEmailNotification": {
+          "description": "Exclude  owner from weekly email notification.",
+          "type": "boolean"
+        }
+      }
+    },
+    "GovernanceAssignmentAdditionalData": {
+      "type": "object",
+      "description": "Describe the additional data of governance assignment - optional",
+      "properties": {
+        "ticketNumber": {
+          "description": "Ticket number associated with this governance assignment",
+          "type": "integer",
+          "format": "int32",
+          "minimum": 0
+        },
+        "ticketLink": {
+          "description": "Ticket link associated with this governance assignment - for example: https://snow.com",
+          "type": "string"
+        },
+        "ticketStatus": {
+          "description": "The ticket status associated with this governance assignment - for example: Active",
+          "type": "string"
+        }
+      }
+    },
+    "RemediationEta": {
+      "type": "object",
+      "description": "The ETA (estimated time of arrival) for remediation",
+      "properties": {
+        "eta": {
+          "description": "ETA for remediation.",
+          "type": "string",
+          "format": "date-time"
+        },
+        "justification": {
+          "description": "Justification for change of Eta.",
+          "type": "string"
+        }
+      },
+      "required": [
+        "eta",
+        "justification"
+      ]
+    }
+  },
+  "parameters": {
+    "AssignmentKey": {
+      "name": "assignmentKey",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The governance assignment key - the assessment key of the required governance assignment",
+      "x-ms-parameter-location": "method"
+    },
+    "AssessmentName": {
+      "name": "assessmentName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "pattern": "^[-\\w\\._\\(\\)]+$",
+      "description": "The Assessment Key - A unique key for the assessment type",
+      "x-ms-parameter-location": "method"
+    },
+    "GovernanceAssignmentBody": {
+      "name": "governanceAssignment",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/GovernanceAssignment"
+      },
+      "description": "Governance assignment over a subscription scope",
+      "x-ms-parameter-location": "method"
+    },
+    "Scope": {
+      "name": "scope",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The scope of the Governance assignments. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/governanceRules.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/governanceRules.json
new file mode 100644
index 000000000..10e93a4e8
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2022-01-01-preview/governanceRules.json
@@ -0,0 +1,714 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2022-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/governanceRules": {
+      "get": {
+        "x-ms-examples": {
+          "List governance rules by subscription scope": {
+            "$ref": "./examples/GovernanceRules/ListBySubscriptionGovernanceRules_example.json"
+          },
+          "List governance rules by security connector scope": {
+            "$ref": "./examples/GovernanceRules/ListBySecurityConnectorGovernanceRules_example.json"
+          },
+          "List governance rules by management group scope": {
+            "$ref": "./examples/GovernanceRules/ListByManagementGroupGovernanceRules_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceRules"
+        ],
+        "description": "Get a list of all relevant governance rules over a scope",
+        "operationId": "GovernanceRules_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/GovernanceRuleList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a governance rule over subscription scope": {
+            "$ref": "./examples/GovernanceRules/GetGovernanceRule_example.json"
+          },
+          "Get a governance rule over security connector scope": {
+            "$ref": "./examples/GovernanceRules/GetSecurityConnectorGovernanceRule_example.json"
+          },
+          "Get a governance rule over management group scope": {
+            "$ref": "./examples/GovernanceRules/GetManagementGroupGovernanceRule_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceRules"
+        ],
+        "description": "Get a specific governance rule for the requested scope by ruleId",
+        "operationId": "GovernanceRules_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/RuleId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/GovernanceRule"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create or update governance rule over subscription scope": {
+            "$ref": "./examples/GovernanceRules/PutGovernanceRule_example.json"
+          },
+          "Create or update governance rule over security connector scope": {
+            "$ref": "./examples/GovernanceRules/PutSecurityConnectorGovernanceRule_example.json"
+          },
+          "Create or update governance rule over management group scope": {
+            "$ref": "./examples/GovernanceRules/PutManagementGroupGovernanceRule_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceRules"
+        ],
+        "description": "Creates or updates a governance rule over a given scope",
+        "operationId": "GovernanceRules_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/RuleId"
+          },
+          {
+            "$ref": "#/parameters/GovernanceRuleBody"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/GovernanceRule"
+            }
+          },
+          "200": {
+            "description": "OK - Updated",
+            "schema": {
+              "$ref": "#/definitions/GovernanceRule"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a Governance rule over subscription scope": {
+            "$ref": "./examples/GovernanceRules/DeleteGovernanceRule_example.json"
+          },
+          "Delete a Governance rule over security connector scope": {
+            "$ref": "./examples/GovernanceRules/DeleteSecurityConnectorGovernanceRule_example.json"
+          },
+          "Delete a Governance rule over management group scope": {
+            "$ref": "./examples/GovernanceRules/DeleteManagementGroupGovernanceRule_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceRules"
+        ],
+        "description": "Delete a Governance rule over a given scope",
+        "operationId": "GovernanceRules_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/RuleId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Governance rule was deleted"
+          },
+          "202": {
+            "description": "Accepted - The operation still in progress",
+            "headers": {
+              "location": {
+                "type": "string",
+                "description": "Location URL for the deletion status"
+              }
+            }
+          },
+          "204": {
+            "description": "No Content - Governance rule does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed"
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "location"
+        }
+      }
+    },
+    "/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}/execute": {
+      "post": {
+        "x-ms-examples": {
+          "Execute Governance rule over subscription scope": {
+            "$ref": "./examples/GovernanceRules/PostGovernanceRule_example.json"
+          },
+          "Execute governance rule over security connector scope": {
+            "$ref": "./examples/GovernanceRules/PostSecurityConnectorGovernanceRule_example.json"
+          },
+          "Execute governance rule over management group scope": {
+            "$ref": "./examples/GovernanceRules/PostManagementGroupGovernanceRule_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceRules"
+        ],
+        "description": "Execute a governance rule",
+        "operationId": "GovernanceRules_Execute",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/RuleId"
+          },
+          {
+            "$ref": "#/parameters/ExecuteGovernanceRuleBody"
+          }
+        ],
+        "responses": {
+          "202": {
+            "description": "Accepted",
+            "headers": {
+              "location": {
+                "type": "string",
+                "description": "Location URL for the execution status"
+              }
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "location"
+        }
+      }
+    },
+    "/{scope}/providers/Microsoft.Security/governanceRules/{ruleId}/operationResults/{operationId}": {
+      "get": {
+        "x-ms-examples": {
+          "Get governance rules long run operation result over subscription": {
+            "$ref": "./examples/GovernanceRules/GetGovernanceRuleExecuteStatus_example.json"
+          },
+          "Get governance rules long run operation result over security connector": {
+            "$ref": "./examples/GovernanceRules/GetSecurityConnectorGovernanceRuleExecuteStatus_example.json"
+          },
+          "Get governance rules long run operation result over management group": {
+            "$ref": "./examples/GovernanceRules/GetManagementGroupGovernanceRuleExecuteStatus_example.json"
+          }
+        },
+        "tags": [
+          "GovernanceRules"
+        ],
+        "description": "Get governance rules long run operation result for the requested scope by ruleId and operationId",
+        "operationId": "GovernanceRules_OperationResults",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/Scope"
+          },
+          {
+            "$ref": "#/parameters/RuleId"
+          },
+          {
+            "$ref": "#/parameters/OperationId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - The operation completed",
+            "schema": {
+              "$ref": "#/definitions/OperationResult"
+            }
+          },
+          "202": {
+            "description": "Accepted - The operation still in progress",
+            "headers": {
+              "location": {
+                "type": "string",
+                "description": "Location URL for the execution status"
+              }
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "GovernanceRuleList": {
+      "type": "object",
+      "description": "Page of a governance rules list",
+      "properties": {
+        "value": {
+          "description": "Collection of governance rules in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/GovernanceRule"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page"
+        }
+      }
+    },
+    "GovernanceRule": {
+      "type": "object",
+      "description": "Governance rule over a given scope",
+      "properties": {
+        "properties": {
+          "description": "Properties of a governance rule",
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/GovernanceRuleProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "GovernanceRuleProperties": {
+      "type": "object",
+      "description": "Describes properties of an governance rule",
+      "properties": {
+        "tenantId": {
+          "description": "The tenantId (GUID)",
+          "readOnly": true,
+          "type": "string"
+        },
+        "displayName": {
+          "description": "Display name of the governance rule",
+          "type": "string"
+        },
+        "description": {
+          "description": "Description of the governance rule",
+          "type": "string"
+        },
+        "remediationTimeframe": {
+          "type": "string",
+          "description": "Governance rule remediation timeframe - this is the time that will affect on the grace-period duration e.g. 7.00:00:00 - means 7 days",
+          "pattern": "^[0-9]+\\.[0-9]{2}:[0-9]{2}:[0-9]{2}$"
+        },
+        "isGracePeriod": {
+          "description": "Defines whether there is a grace period on the governance rule",
+          "type": "boolean"
+        },
+        "rulePriority": {
+          "description": "The governance rule priority, priority to the lower number. Rules with the same priority on the same scope will not be allowed",
+          "type": "integer",
+          "format": "int32",
+          "minimum": 0,
+          "maximum": 1000
+        },
+        "isDisabled": {
+          "description": "Defines whether the rule is active/inactive",
+          "type": "boolean"
+        },
+        "ruleType": {
+          "type": "string",
+          "description": "The rule type of the governance rule, defines the source of the rule e.g. Integrated",
+          "enum": [
+            "Integrated",
+            "ServiceNow"
+          ],
+          "x-ms-enum": {
+            "name": "GovernanceRuleType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Integrated",
+                "description": "The source of the rule type definition is integrated"
+              },
+              {
+                "value": "ServiceNow",
+                "description": "The source of the rule type definition is ServiceNow"
+              }
+            ]
+          }
+        },
+        "sourceResourceType": {
+          "type": "string",
+          "description": "The governance rule source, what the rule affects, e.g. Assessments",
+          "enum": [
+            "Assessments"
+          ],
+          "x-ms-enum": {
+            "name": "GovernanceRuleSourceResourceType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Assessments",
+                "description": "The source of the governance rule is assessments"
+              }
+            ]
+          }
+        },
+        "excludedScopes": {
+          "type": "array",
+          "description": "Excluded scopes, filter out the descendants of the scope (on management scopes)",
+          "items": {
+            "description": "The excluded scope",
+            "type": "string"
+          },
+          "x-ms-identifiers": []
+        },
+        "conditionSets": {
+          "type": "array",
+          "description": "The governance rule conditionSets - see examples",
+          "items": {
+            "$ref": "#/definitions/GovernanceRuleConditionSets"
+          },
+          "x-ms-identifiers": []
+        },
+        "includeMemberScopes": {
+          "type": "boolean",
+          "description": "Defines whether the rule is management scope rule (master connector as a single scope or management scope)"
+        },
+        "ownerSource": {
+          "description": "The owner source for the governance rule - e.g. Manually by user@contoso.com - see example",
+          "$ref": "#/definitions/GovernanceRuleOwnerSource"
+        },
+        "governanceEmailNotification": {
+          "description": "The email notifications settings for the governance rule, states whether to disable notifications for mangers and owners",
+          "$ref": "#/definitions/GovernanceRuleEmailNotification"
+        },
+        "metadata": {
+          "$ref": "#/definitions/GovernanceRuleMetadata"
+        }
+      },
+      "required": [
+        "displayName",
+        "rulePriority",
+        "ruleType",
+        "sourceResourceType",
+        "conditionSets",
+        "ownerSource"
+      ]
+    },
+    "GovernanceRuleOwnerSource": {
+      "type": "object",
+      "description": "Describe the owner source of governance rule",
+      "properties": {
+        "type": {
+          "type": "string",
+          "description": "The owner type for the governance rule owner source",
+          "enum": [
+            "ByTag",
+            "Manually"
+          ],
+          "x-ms-enum": {
+            "name": "GovernanceRuleOwnerSourceType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "ByTag",
+                "description": "The rule source type defined using resource tag"
+              },
+              {
+                "value": "Manually",
+                "description": "The rule source type defined manually"
+              }
+            ]
+          }
+        },
+        "value": {
+          "description": "The source value e.g. tag key like owner name or email address",
+          "type": "string"
+        }
+      }
+    },
+    "GovernanceRuleConditionSets": {
+      "type": "object",
+      "description": "List of governance rule's condition sets - OR between ConditionSets, AND between conditions in a set",
+      "items": {
+        "$ref": "#/definitions/Conditions"
+      }
+    },
+    "Conditions": {
+      "type": "array",
+      "description": "Governance rule's conditions",
+      "items": {
+        "$ref": "#/definitions/Condition"
+      },
+      "x-ms-identifiers": []
+    },
+    "Condition": {
+      "type": "object",
+      "description": "Governance rule's condition",
+      "properties": {
+        "property": {
+          "description": "The governance rule Condition's Property, e.g. Severity or AssessmentKey, see examples",
+          "type": "string"
+        },
+        "value": {
+          "description": "The governance rule Condition's Value like severity Low, High or assessments keys, see examples",
+          "type": "string"
+        },
+        "operator": {
+          "type": "string",
+          "description": "The governance rule Condition's Operator, for example Equals for severity or In for list of assessments, see examples",
+          "enum": [
+            "Equals",
+            "In"
+          ],
+          "x-ms-enum": {
+            "name": "GovernanceRuleConditionOperator",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Equals",
+                "description": "Checks that the string value of the data defined in Property equals the given value - exact fit"
+              },
+              {
+                "value": "In",
+                "description": "Checks that the string value of the data defined in Property equals any of the given values (exact fit)"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "ExecuteGovernanceRuleParams": {
+      "type": "object",
+      "description": "Governance rule execution parameters",
+      "properties": {
+        "override": {
+          "description": "Describe if governance rule should be override",
+          "type": "boolean"
+        }
+      }
+    },
+    "GovernanceRuleEmailNotification": {
+      "type": "object",
+      "description": "The governance email weekly notification configuration",
+      "properties": {
+        "disableManagerEmailNotification": {
+          "description": "Defines whether manager email notifications are disabled",
+          "type": "boolean"
+        },
+        "disableOwnerEmailNotification": {
+          "description": "Defines whether owner email notifications are disabled",
+          "type": "boolean"
+        }
+      }
+    },
+    "GovernanceRuleMetadata": {
+      "type": "object",
+      "description": "The governance rule metadata",
+      "properties": {
+        "createdBy": {
+          "description": "Governance rule Created by object id (GUID)",
+          "type": "string",
+          "readOnly": true
+        },
+        "createdOn": {
+          "description": "Governance rule creation date",
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true
+        },
+        "updatedBy": {
+          "description": "Governance rule last updated by object id (GUID)",
+          "type": "string",
+          "readOnly": true
+        },
+        "updatedOn": {
+          "description": "Governance rule last update date",
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true
+        }
+      }
+    },
+    "OperationResult": {
+      "type": "object",
+      "description": "Long run operation status of governance rule over a given scope",
+      "properties": {
+        "status": {
+          "type": "string",
+          "description": "The status of the long run operation result of governance rule",
+          "readOnly": true,
+          "enum": [
+            "Succeeded",
+            "Failed",
+            "Canceled"
+          ],
+          "x-ms-enum": {
+            "name": "OperationResult",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Succeeded",
+                "description": "The operation succeeded"
+              },
+              {
+                "value": "Failed",
+                "description": "The operation failed"
+              },
+              {
+                "value": "Canceled",
+                "description": "The operation canceled"
+              }
+            ]
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "RuleId": {
+      "name": "ruleId",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The governance rule key - unique key for the standard governance rule (GUID)",
+      "x-ms-parameter-location": "method"
+    },
+    "GovernanceRuleBody": {
+      "name": "governanceRule",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/GovernanceRule"
+      },
+      "description": "Governance rule over a given scope",
+      "x-ms-parameter-location": "method"
+    },
+    "ExecuteGovernanceRuleBody": {
+      "name": "ExecuteGovernanceRuleParams",
+      "in": "body",
+      "schema": {
+        "$ref": "#/definitions/ExecuteGovernanceRuleParams"
+      },
+      "description": "Execute governance rule over a given scope",
+      "x-ms-parameter-location": "method"
+    },
+    "Scope": {
+      "name": "scope",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The scope of the Governance rules. Valid scopes are: management group (format: 'providers/Microsoft.Management/managementGroups/{managementGroup}'), subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'",
+      "x-ms-parameter-location": "method"
+    },
+    "OperationId": {
+      "name": "operationId",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The governance rule long running operation unique key",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2022-07-01-preview/applications.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2022-07-01-preview/applications.json
new file mode 100644
index 000000000..5e34c8114
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2022-07-01-preview/applications.json
@@ -0,0 +1,542 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2022-07-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/applications": {
+      "get": {
+        "x-ms-examples": {
+          "List applications security by subscription level scope": {
+            "$ref": "./examples/Applications/ListBySubscriptionApplications_example.json"
+          }
+        },
+        "tags": [
+          "Applications"
+        ],
+        "description": "Get a list of all relevant applications over a subscription level scope",
+        "operationId": "Applications_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ApplicationsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/applications/{applicationId}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security application by specific applicationId": {
+            "$ref": "./examples/Applications/GetApplication_example.json"
+          }
+        },
+        "tags": [
+          "Applications"
+        ],
+        "description": "Get a specific application for the requested scope by applicationId",
+        "operationId": "Application_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/ApplicationId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Application"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create application": {
+            "$ref": "./examples/Applications/PutApplication_example.json"
+          }
+        },
+        "tags": [
+          "Applications"
+        ],
+        "description": "Creates or update a security application on the given subscription.",
+        "operationId": "Application_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/ApplicationId"
+          },
+          {
+            "$ref": "#/parameters/ApplicationBody"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/Application"
+            }
+          },
+          "200": {
+            "description": "OK - Updated",
+            "schema": {
+              "$ref": "#/definitions/Application"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete security Application": {
+            "$ref": "./examples/Applications/DeleteApplication_example.json"
+          }
+        },
+        "tags": [
+          "Applications"
+        ],
+        "description": "Delete an Application over a given scope",
+        "operationId": "Application_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/ApplicationId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Application was deleted"
+          },
+          "204": {
+            "description": "No Content - Application does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/providers/Microsoft.Security/applications": {
+      "get": {
+        "x-ms-examples": {
+          "List security applications by security connector level scope": {
+            "$ref": "./examples/Applications/ListBySecurityConnectorApplications_example.json"
+          }
+        },
+        "tags": [
+          "Applications"
+        ],
+        "description": "Get a list of all relevant applications over a security connector level scope",
+        "operationId": "SecurityConnectorApplications_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ApplicationsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/providers/Microsoft.Security/applications/{applicationId}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security applications by specific applicationId": {
+            "$ref": "./examples/Applications/GetSecurityConnectorApplication_example.json"
+          }
+        },
+        "tags": [
+          "Applications"
+        ],
+        "description": "Get a specific application for the requested scope by applicationId",
+        "operationId": "SecurityConnectorApplication_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/ApplicationId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Application"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create Application": {
+            "$ref": "./examples/Applications/PutSecurityConnectorApplication_example.json"
+          }
+        },
+        "tags": [
+          "Applications"
+        ],
+        "description": "Creates or update a security Application on the given security connector.",
+        "operationId": "SecurityConnectorApplication_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/ApplicationId"
+          },
+          {
+            "$ref": "#/parameters/ApplicationBody"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/Application"
+            }
+          },
+          "200": {
+            "description": "OK - Updated",
+            "schema": {
+              "$ref": "#/definitions/Application"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete security Application": {
+            "$ref": "./examples/Applications/DeleteSecurityConnectorApplication_example.json"
+          }
+        },
+        "tags": [
+          "Applications"
+        ],
+        "description": "Delete an Application over a given scope",
+        "operationId": "SecurityConnectorApplication_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/ApplicationId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Application was deleted"
+          },
+          "204": {
+            "description": "No Content - Application does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed"
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ApplicationsList": {
+      "type": "object",
+      "description": "Page of a security applications list",
+      "properties": {
+        "value": {
+          "description": "Collection of applications in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Application"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page"
+        }
+      }
+    },
+    "Application": {
+      "type": "object",
+      "description": "Security Application over a given scope",
+      "properties": {
+        "properties": {
+          "description": "Properties of a security application",
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/ApplicationProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "ApplicationProperties": {
+      "type": "object",
+      "description": "Describes properties of an application",
+      "properties": {
+        "displayName": {
+          "description": "display name of the application",
+          "type": "string"
+        },
+        "description": {
+          "description": "description of the application",
+          "type": "string"
+        },
+        "sourceResourceType": {
+          "type": "string",
+          "description": "The application source, what it affects, e.g. Assessments",
+          "enum": [
+            "Assessments"
+          ],
+          "x-ms-enum": {
+            "name": "ApplicationSourceResourceType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Assessments",
+                "description": "The source of the application is assessments"
+              }
+            ]
+          }
+        },
+        "conditionSets": {
+          "type": "array",
+          "description": "The application conditionSets - see examples",
+          "items": {
+            "$ref": "#/definitions/ApplicationConditionSets"
+          },
+          "x-ms-identifiers": []
+        }
+      },
+      "required": [
+        "sourceResourceType",
+        "conditionSets"
+      ]
+    },
+    "ApplicationConditionSets": {
+      "type": "object",
+      "description": "List of application's condition sets - OR between ConditionSets, AND between conditions in a set",
+      "items": {
+        "$ref": "#/definitions/ApplicationConditions"
+      }
+    },
+    "ApplicationConditions": {
+      "type": "array",
+      "description": "Application's conditions",
+      "items": {
+        "$ref": "#/definitions/ApplicationCondition"
+      },
+      "x-ms-identifiers": []
+    },
+    "ApplicationCondition": {
+      "type": "object",
+      "description": "Application's condition",
+      "properties": {
+        "property": {
+          "description": "The application Condition's Property, e.g. ID, see examples",
+          "type": "string"
+        },
+        "value": {
+          "description": "The application Condition's Value like IDs that contain some string, see examples",
+          "type": "string"
+        },
+        "operator": {
+          "type": "string",
+          "description": "The application Condition's Operator, for example Contains for id or In for list of possible IDs, see examples",
+          "enum": [
+            "Contains",
+            "Equals",
+            "In"
+          ],
+          "x-ms-enum": {
+            "name": "ApplicationConditionOperator",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Contains",
+                "description": "Checks that the string value of the data defined in Property contains the given value"
+              },
+              {
+                "value": "Equals",
+                "description": "Checks that the string value of the data defined in Property equals the given value"
+              },
+              {
+                "value": "In",
+                "description": "Checks that the string value of the data defined in Property equals any of the given values (exact fit)"
+              }
+            ]
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ApplicationId": {
+      "name": "applicationId",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The security Application key - unique key for the standard application",
+      "x-ms-parameter-location": "method"
+    },
+    "ApplicationBody": {
+      "name": "application",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/Application"
+      },
+      "description": "Application over a subscription scope",
+      "x-ms-parameter-location": "method"
+    },
+    "SecurityConnectorName": {
+      "name": "securityConnectorName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The security connector name.",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-01-01-preview/securityOperators.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-01-01-preview/securityOperators.json
new file mode 100644
index 000000000..8c6addd33
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-01-01-preview/securityOperators.json
@@ -0,0 +1,265 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2023-01-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/pricings/{pricingName}/securityOperators": {
+      "get": {
+        "x-ms-examples": {
+          "List SecurityOperators": {
+            "$ref": "./examples/SecurityOperators/ListSecurityOperators_example.json"
+          }
+        },
+        "tags": [
+          "SecurityOperators"
+        ],
+        "description": "Lists Microsoft Defender for Cloud securityOperators in the subscription.",
+        "operationId": "SecurityOperators_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/PricingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityOperatorList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/pricings/{pricingName}/securityOperators/{securityOperatorName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a specific security operator by scope and securityOperatorName": {
+            "$ref": "./examples/SecurityOperators/GetSecurityOperatorByName_example.json"
+          }
+        },
+        "tags": [
+          "SecurityOperators"
+        ],
+        "description": "Get a specific security operator for the requested scope.",
+        "operationId": "SecurityOperators_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/PricingName"
+          },
+          {
+            "$ref": "#/parameters/SecurityOperatorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityOperator"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create a security operator on the given scope": {
+            "$ref": "./examples/SecurityOperators/PutSecurityOperatorByName_example.json"
+          }
+        },
+        "tags": [
+          "SecurityOperators"
+        ],
+        "description": "Creates Microsoft Defender for Cloud security operator on the given scope.",
+        "operationId": "SecurityOperators_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/PricingName"
+          },
+          {
+            "$ref": "#/parameters/SecurityOperatorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful request to put Security Operator.",
+            "schema": {
+              "$ref": "#/definitions/SecurityOperator"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete SecurityOperator on subscription": {
+            "$ref": "./examples/SecurityOperators/DeleteSecurityOperatorByName_example.json"
+          }
+        },
+        "tags": [
+          "SecurityOperators"
+        ],
+        "description": "Delete Microsoft Defender for Cloud securityOperator in the subscription.",
+        "operationId": "SecurityOperators_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/PricingName"
+          },
+          {
+            "$ref": "#/parameters/SecurityOperatorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Security Operator was deleted"
+          },
+          "204": {
+            "description": "No Content - Security Operator does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityOperatorList": {
+      "type": "object",
+      "description": "List of SecurityOperator response.",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of SecurityOperator configurations",
+          "items": {
+            "$ref": "#/definitions/SecurityOperator"
+          }
+        }
+      }
+    },
+    "SecurityOperator": {
+      "type": "object",
+      "description": "Security operator under a given subscription and pricing",
+      "properties": {
+        "identity": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/Identity"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    }
+  },
+  "parameters": {
+    "PricingName": {
+      "name": "pricingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "name of the pricing configuration",
+      "pattern": "^[a-zA-Z][a-zA-Z0-9_]+$",
+      "minLength": 3,
+      "maxLength": 63,
+      "x-ms-parameter-location": "method"
+    },
+    "SecurityOperatorName": {
+      "name": "securityOperatorName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "name of the securityOperator",
+      "pattern": "^[a-zA-Z][a-zA-Z0-9_]+$",
+      "minLength": 3,
+      "maxLength": 63,
+      "x-ms-parameter-location": "method"
+    },
+    "SecurityOperator": {
+      "name": "SecurityOperator",
+      "in": "body",
+      "required": true,
+      "description": "SecurityOperator object",
+      "schema": {
+        "$ref": "#/definitions/SecurityOperator"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/healthReports.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/healthReports.json
new file mode 100644
index 000000000..15ab9ed73
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/healthReports.json
@@ -0,0 +1,356 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2023-02-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/healthReports": {
+      "get": {
+        "x-ms-examples": {
+          "List health reports": {
+            "$ref": "./examples/HealthReports/ListHealthReports_example.json"
+          }
+        },
+        "tags": [
+          "HealthReports"
+        ],
+        "description": "Get a list of all health reports inside a scope. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'",
+        "operationId": "HealthReports_List",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ScopeParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/HealthReportsList"
+            }
+          },
+          "default": {
+            "description": "Common error response for all Azure Resource Manager APIs to return error details for failed operations.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/healthReports/{healthReportName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get health report of resource": {
+            "$ref": "./examples/HealthReports/GetHealthReport_example.json"
+          }
+        },
+        "tags": [
+          "HealthReports"
+        ],
+        "description": "Get health report of resource",
+        "operationId": "HealthReport_Get",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/HealthReportName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/HealthReport"
+            }
+          },
+          "default": {
+            "description": "Common error response for all Azure Resource Manager APIs to return error details for failed operations.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "HealthReportsList": {
+      "type": "object",
+      "description": "Page of health reports list",
+      "properties": {
+        "value": {
+          "description": "Collection of health reports in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/HealthReport"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page"
+        }
+      }
+    },
+    "HealthReport": {
+      "type": "object",
+      "description": "The health report resource",
+      "properties": {
+        "properties": {
+          "description": "Properties of a health report",
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/HealthReportProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "HealthReportProperties": {
+      "type": "object",
+      "description": "Describes properties of the health report",
+      "properties": {
+        "resourceDetails": {
+          "$ref": "#/definitions/resourceDetails"
+        },
+        "environmentDetails": {
+          "$ref": "#/definitions/environmentDetails"
+        },
+        "healthDataClassification": {
+          "$ref": "#/definitions/healthDataClassification"
+        },
+        "status": {
+          "$ref": "#/definitions/status"
+        },
+        "affectedDefendersPlans": {
+          "type": "array",
+          "description": "The affected defenders plans by unhealthy report",
+          "items": {
+            "type": "string",
+            "description": "plan name"
+          }
+        },
+        "issues": {
+          "type": "array",
+          "description": "A collection of the issues in the report",
+          "items": {
+            "$ref": "#/definitions/issue"
+          },
+          "x-ms-identifiers": []
+        }
+      }
+    },
+    "issue": {
+      "type": "object",
+      "description": "The issue that caused the resource to by unhealthy",
+      "required": [
+        "issueKey"
+      ],
+      "properties": {
+        "issueKey": {
+          "description": "The unique issue key",
+          "type": "string"
+        },
+        "issueName": {
+          "type": "string",
+          "description": "The issue name"
+        },
+        "securityValues": {
+          "type": "array",
+          "description": "The affected security values that MDC offers that will be affected by the issue, for example: recommendations, alerts, etc",
+          "items": {
+            "type": "string",
+            "description": "security values"
+          }
+        },
+        "issueDescription": {
+          "type": "string",
+          "description": "The issue description"
+        },
+        "remediationSteps": {
+          "type": "string",
+          "description": "Human readable description of what you should do to mitigate this health issue"
+        },
+        "remediationScript": {
+          "type": "string",
+          "description": "The remediation script to solve this issue"
+        },
+        "issueAdditionalData": {
+          "type": "object",
+          "description": "Additional data for the given issue. The additional data depends on the issue type",
+          "additionalProperties": {
+            "type": "string"
+          }
+        }
+      }
+    },
+    "environmentDetails": {
+      "type": "object",
+      "description": "The environment details of the resource",
+      "properties": {
+        "nativeResourceId": {
+          "description": "The native resource id of the resource (in case of Azure - the resource Id, in case of MC - the native resource id)",
+          "type": "string"
+        },
+        "environmentHierarchyId": {
+          "description": "The hierarchy id of the connector (in case of Azure - the subscription Id, in case of MC - the hierarchyId id)",
+          "type": "string"
+        },
+        "organizationalHierarchyId": {
+          "description": "The organizational hierarchy id of the connector (in case of Azure - the subscription Id, in case of MC - the organizational hierarchyId id)",
+          "type": "string"
+        },
+        "subscriptionId": {
+          "description": "The subscription Id",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The tenant Id",
+          "type": "string"
+        }
+      }
+    },
+    "healthDataClassification": {
+      "type": "object",
+      "description": "The classification of the health report",
+      "properties": {
+        "component": {
+          "type": "string",
+          "description": "The component describes the name of the agent/service that scans the issue"
+        },
+        "scenario": {
+          "type": "string",
+          "description": "The scenario describes the health scenario issue of the component"
+        },
+        "scope": {
+          "type": "string",
+          "description": "The resource scope of the health report",
+          "enum": [
+            "Connectors",
+            "Clusters",
+            "VirtualMachines",
+            "Unknown"
+          ],
+          "x-ms-enum": {
+            "name": "scopeName",
+            "modelAsString": true
+          }
+        }
+      }
+    },
+    "status": {
+      "type": "object",
+      "description": "The status of the health report",
+      "properties": {
+        "code": {
+          "type": "string",
+          "description": "The status of the health report",
+          "enum": [
+            "Healthy",
+            "NotHealthy",
+            "NotApplicable"
+          ],
+          "x-ms-enum": {
+            "name": "statusName",
+            "modelAsString": true
+          }
+        },
+        "statusChangeDate": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "The date of when the status of the health report was changed in the last time"
+        },
+        "firstEvaluationDate": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The date of when the resource of the health report was scanned in the first time"
+        }
+      }
+    },
+    "resourceDetails": {
+      "type": "object",
+      "description": "The resource details of the health report",
+      "properties": {
+        "source": {
+          "type": "string",
+          "description": "The status of the health report",
+          "enum": [
+            "Aws",
+            "Gcp",
+            "Azure"
+          ],
+          "x-ms-enum": {
+            "name": "source",
+            "modelAsString": true
+          }
+        },
+        "id": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The azure id of the resource"
+        },
+        "connectorId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The id of the connector"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "HealthReportName": {
+      "name": "healthReportName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "pattern": "[{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$",
+      "description": "The health report Key - Unique key for the health report type",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsBaselineRuleOperations.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsBaselineRuleOperations.json
new file mode 100644
index 000000000..38966d492
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsBaselineRuleOperations.json
@@ -0,0 +1,412 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "version": "2023-02-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "paths": {
+    "/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/baselineRules/{ruleId}": {
+      "put": {
+        "tags": [
+          "Sql Vulnerability Assessment Baseline Rules"
+        ],
+        "summary": "Creates a Baseline for a rule in a database. Will overwrite any previously existing results.",
+        "operationId": "SqlVulnerabilityAssessmentBaselineRules_CreateOrUpdate",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "in": "path",
+            "name": "ruleId",
+            "description": "The rule Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "workspaceId",
+            "description": "The workspace Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "api-version",
+            "description": "The api version.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "in": "body",
+            "name": "body",
+            "description": "The baseline results for this rule.",
+            "schema": {
+              "$ref": "#/definitions/RuleResultsInput"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successfully set the vulnerability assessment rule baseline.",
+            "schema": {
+              "$ref": "#/definitions/RuleResults"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Create a baseline": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsBaselineRuleOperations/ArcMachineBaselineRules_Put.json"
+          },
+          "Create a baseline using the latest scan results": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsBaselineRuleOperations/ArcMachineBaselineRules_PutLatest.json"
+          }
+        }
+      },
+      "get": {
+        "tags": [
+          "Sql Vulnerability Assessment Baseline Rules"
+        ],
+        "summary": "Gets the results for a given rule in the Baseline.",
+        "operationId": "SqlVulnerabilityAssessmentBaselineRules_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "in": "path",
+            "name": "ruleId",
+            "description": "The rule Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "workspaceId",
+            "description": "The workspace Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "api-version",
+            "description": "The api version.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successfully got the vulnerability assessment rule baseline.",
+            "schema": {
+              "$ref": "#/definitions/RuleResults"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get the baseline": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsBaselineRuleOperations/ArcMachineBaselineRules_Get.json"
+          }
+        }
+      },
+      "delete": {
+        "tags": [
+          "Sql Vulnerability Assessment Baseline Rules"
+        ],
+        "summary": "Deletes a rule from the Baseline of a given database.",
+        "operationId": "SqlVulnerabilityAssessmentBaselineRules_Delete",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "in": "path",
+            "name": "ruleId",
+            "description": "The rule Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "workspaceId",
+            "description": "The workspace Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "api-version",
+            "description": "The api version.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successfully removed the database vulnerability assessment rule baseline."
+          },
+          "204": {
+            "description": "Rule baseline doesn't exist."
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Delete the baseline": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsBaselineRuleOperations/ArcMachineBaselineRules_Delete.json"
+          }
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/baselineRules": {
+      "get": {
+        "tags": [
+          "Sql Vulnerability Assessment Baseline Rules"
+        ],
+        "summary": "Gets the results for all rules in the Baseline.",
+        "operationId": "SqlVulnerabilityAssessmentBaselineRules_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "in": "query",
+            "name": "workspaceId",
+            "description": "The workspace Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "api-version",
+            "description": "The api version.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successfully removed the database vulnerability assessment rule baseline.",
+            "schema": {
+              "$ref": "#/definitions/RulesResults"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "List baseline for all rules": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsBaselineRuleOperations/ArcMachineBaselineRules_List.json"
+          }
+        }
+      },
+      "post": {
+        "tags": [
+          "Sql Vulnerability Assessment Baseline Rules"
+        ],
+        "summary": "Add a list of baseline rules. Will overwrite any previously existing results (for all rules).",
+        "operationId": "SqlVulnerabilityAssessmentBaselineRules_Add",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "in": "query",
+            "name": "workspaceId",
+            "description": "The workspace Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "api-version",
+            "description": "The api version.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "in": "body",
+            "name": "body",
+            "description": "The baseline rules.",
+            "schema": {
+              "$ref": "#/definitions/RulesResultsInput"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successfully removed the database vulnerability assessment rule baseline.",
+            "schema": {
+              "$ref": "#/definitions/RulesResults"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Create a baseline for all rules": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsBaselineRuleOperations/ArcMachineBaselineRules_Add.json"
+          },
+          "Create a baseline for all rules using the latest scan results": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsBaselineRuleOperations/ArcMachineBaselineRules_AddLatest.json"
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "RuleResultsInput": {
+      "description": "Rule results input.",
+      "type": "object",
+      "properties": {
+        "latestScan": {
+          "description": "Take results from latest scan.",
+          "type": "boolean"
+        },
+        "results": {
+          "description": "Expected results to be inserted into the baseline.\r\nLeave this field empty it LatestScan == true.",
+          "type": "array",
+          "items": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            }
+          }
+        }
+      }
+    },
+    "RuleResultsProperties": {
+      "description": "Rule results properties.",
+      "type": "object",
+      "properties": {
+        "results": {
+          "description": "Expected results in the baseline.",
+          "type": "array",
+          "items": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            }
+          }
+        }
+      }
+    },
+    "RuleResults": {
+      "description": "Rule results.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/RuleResultsProperties"
+        }
+      }
+    },
+    "RulesResults": {
+      "description": "A list of rules results.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "List of rule results.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/RuleResults"
+          }
+        }
+      }
+    },
+    "RulesResultsInput": {
+      "description": "Rules results input.",
+      "type": "object",
+      "properties": {
+        "latestScan": {
+          "description": "Take results from latest scan.",
+          "type": "boolean"
+        },
+        "results": {
+          "description": "Expected results to be inserted into the baseline.\r\nLeave this field empty it LatestScan == true.",
+          "type": "object",
+          "additionalProperties": {
+            "type": "array",
+            "items": {
+              "type": "array",
+              "items": {
+                "type": "string"
+              }
+            }
+          }
+        }
+      }
+    }
+  },
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "flow": "implicit",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      },
+      "description": "Azure Active Directory OAuth2 Flow"
+    }
+  },
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ]
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanOperations.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanOperations.json
new file mode 100644
index 000000000..2d87ac0ea
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanOperations.json
@@ -0,0 +1,297 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "version": "2023-02-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "paths": {
+    "/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/{scanId}": {
+      "get": {
+        "tags": [
+          "Sql Vulnerability Assessment Scans"
+        ],
+        "summary": "Gets the scan details of a single scan record.",
+        "operationId": "SqlVulnerabilityAssessmentScans_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "in": "path",
+            "name": "scanId",
+            "description": "The scan Id. Type 'latest' to get the scan record for the latest scan.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "workspaceId",
+            "description": "The workspace Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "api-version",
+            "description": "The api version.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Returns the scan record details.",
+            "schema": {
+              "$ref": "#/definitions/Scan"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get scan details of a scan record": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentScanOperations/ArcMachineScans_Get.json"
+          },
+          "Get scan details of the latest scan record": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentScanOperations/ArcMachineScans_GetLatest.json"
+          }
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans": {
+      "get": {
+        "tags": [
+          "Sql Vulnerability Assessment Scans"
+        ],
+        "summary": "Gets a list of scan records.",
+        "operationId": "SqlVulnerabilityAssessmentScans_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "in": "query",
+            "name": "workspaceId",
+            "description": "The workspace Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "api-version",
+            "description": "The api version.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Returns the list of scan records.",
+            "schema": {
+              "$ref": "#/definitions/Scans"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "List scan details": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentScanOperations/ArcMachineScans_List.json"
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ScanTriggerType": {
+      "description": "The scan trigger type.",
+      "enum": [
+        "OnDemand",
+        "Recurring"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "ScanTriggerType",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "OnDemand",
+            "description": "OnDemand"
+          },
+          {
+            "value": "Recurring",
+            "description": "Recurring"
+          }
+        ]
+      }
+    },
+    "ScanState": {
+      "description": "The scan status.",
+      "enum": [
+        "Failed",
+        "FailedToRun",
+        "InProgress",
+        "Passed"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "ScanState",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "Failed",
+            "description": "Failed"
+          },
+          {
+            "value": "FailedToRun",
+            "description": "FailedToRun"
+          },
+          {
+            "value": "InProgress",
+            "description": "InProgress"
+          },
+          {
+            "value": "Passed",
+            "description": "Passed"
+          }
+        ]
+      }
+    },
+    "ScanProperties": {
+      "description": "A vulnerability assessment scan record properties.",
+      "type": "object",
+      "properties": {
+        "triggerType": {
+          "$ref": "#/definitions/ScanTriggerType"
+        },
+        "state": {
+          "$ref": "#/definitions/ScanState"
+        },
+        "server": {
+          "description": "The server name.",
+          "type": "string"
+        },
+        "database": {
+          "description": "The database name.",
+          "type": "string"
+        },
+        "sqlVersion": {
+          "description": "The SQL version.",
+          "type": "string"
+        },
+        "startTime": {
+          "format": "date-time",
+          "description": "The scan start time (UTC).",
+          "type": "string"
+        },
+        "endTime": {
+          "format": "date-time",
+          "description": "Scan results are valid until end time (UTC).",
+          "type": "string"
+        },
+        "highSeverityFailedRulesCount": {
+          "format": "int32",
+          "description": "The number of failed rules with high severity.",
+          "type": "integer"
+        },
+        "mediumSeverityFailedRulesCount": {
+          "format": "int32",
+          "description": "The number of failed rules with medium severity.",
+          "type": "integer"
+        },
+        "lowSeverityFailedRulesCount": {
+          "format": "int32",
+          "description": "The number of failed rules with low severity.",
+          "type": "integer"
+        },
+        "totalPassedRulesCount": {
+          "format": "int32",
+          "description": "The number of total passed rules.",
+          "type": "integer"
+        },
+        "totalFailedRulesCount": {
+          "format": "int32",
+          "description": "The number of total failed rules.",
+          "type": "integer"
+        },
+        "totalRulesCount": {
+          "format": "int32",
+          "description": "The number of total rules assessed.",
+          "type": "integer"
+        },
+        "isBaselineApplied": {
+          "description": "Baseline created for this database, and has one or more rules.",
+          "type": "boolean"
+        },
+        "lastScanTime": {
+          "format": "date-time",
+          "description": "Last scan time.",
+          "type": "string"
+        }
+      }
+    },
+    "Scan": {
+      "description": "A vulnerability assessment scan record.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/ScanProperties"
+        }
+      }
+    },
+    "Scans": {
+      "description": "A list of vulnerability assessment scan records.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "List of vulnerability assessment scan records.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Scan"
+          }
+        }
+      }
+    }
+  },
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "flow": "implicit",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      },
+      "description": "Azure Active Directory OAuth2 Flow"
+    }
+  },
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ]
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanResultsOperations.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanResultsOperations.json
new file mode 100644
index 000000000..2c5f94148
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanResultsOperations.json
@@ -0,0 +1,480 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "version": "2023-02-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "paths": {
+    "/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/{scanId}/scanResults/{scanResultId}": {
+      "get": {
+        "tags": [
+          "Sql Vulnerability Assessment Scan Results"
+        ],
+        "summary": "Gets the scan results of a single rule in a scan record.",
+        "operationId": "SqlVulnerabilityAssessmentScanResults_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "in": "path",
+            "name": "scanId",
+            "description": "The scan Id. Type 'latest' to get the scan results for the latest scan.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "path",
+            "name": "scanResultId",
+            "description": "The rule Id of the results.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "workspaceId",
+            "description": "The workspace Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "api-version",
+            "description": "The api version.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Returns the scan results.",
+            "schema": {
+              "$ref": "#/definitions/ScanResult"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get scan details of a scan record": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_Get.json"
+          },
+          "Get scan details of the latest scan record": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_GetLatest.json"
+          }
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/sqlVulnerabilityAssessments/default/scans/{scanId}/scanResults": {
+      "get": {
+        "tags": [
+          "Sql Vulnerability Assessment Scan Results"
+        ],
+        "summary": "Gets a list of scan results for a single scan record.",
+        "operationId": "SqlVulnerabilityAssessmentScanResults_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "in": "path",
+            "name": "scanId",
+            "description": "The scan Id. Type 'latest' to get the scan results for the latest scan.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "workspaceId",
+            "description": "The workspace Id.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "in": "query",
+            "name": "api-version",
+            "description": "The api version.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Returns the list of scan results.",
+            "schema": {
+              "$ref": "#/definitions/ScanResults"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "List scan results": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_List.json"
+          },
+          "List scan results of the latest scan": {
+            "$ref": "./examples/sqlVulnerabilityAssessmentsScanResultsOperations/ArcMachineScanResults_ListLatest.json"
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "RuleStatus": {
+      "description": "The rule result status.",
+      "enum": [
+        "NonFinding",
+        "Finding",
+        "InternalError"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "RuleStatus",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "NonFinding",
+            "description": "NonFinding"
+          },
+          {
+            "value": "Finding",
+            "description": "Finding"
+          },
+          {
+            "value": "InternalError",
+            "description": "InternalError"
+          }
+        ]
+      }
+    },
+    "Remediation": {
+      "description": "Remediation details.",
+      "type": "object",
+      "properties": {
+        "description": {
+          "description": "Remediation description.",
+          "type": "string"
+        },
+        "scripts": {
+          "description": "Remediation script.",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "automated": {
+          "description": "Is remediation automated.",
+          "type": "boolean"
+        },
+        "portalLink": {
+          "description": "Optional link to remediate in Azure Portal.",
+          "type": "string"
+        }
+      }
+    },
+    "Baseline": {
+      "description": "Baseline details.",
+      "type": "object",
+      "properties": {
+        "expectedResults": {
+          "description": "Expected results.",
+          "type": "array",
+          "items": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            }
+          }
+        },
+        "updatedTime": {
+          "format": "date-time",
+          "description": "Baseline update time (UTC).",
+          "type": "string"
+        }
+      }
+    },
+    "BaselineAdjustedResult": {
+      "description": "The rule result adjusted with baseline.",
+      "type": "object",
+      "properties": {
+        "baseline": {
+          "$ref": "#/definitions/Baseline"
+        },
+        "status": {
+          "$ref": "#/definitions/RuleStatus"
+        },
+        "resultsNotInBaseline": {
+          "description": "Results the are not in baseline.",
+          "type": "array",
+          "items": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            }
+          }
+        },
+        "resultsOnlyInBaseline": {
+          "description": "Results the are in baseline.",
+          "type": "array",
+          "items": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            }
+          }
+        }
+      }
+    },
+    "RuleSeverity": {
+      "description": "The rule severity.",
+      "enum": [
+        "High",
+        "Medium",
+        "Low",
+        "Informational",
+        "Obsolete"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "RuleSeverity",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "High",
+            "description": "High"
+          },
+          {
+            "value": "Medium",
+            "description": "Medium"
+          },
+          {
+            "value": "Low",
+            "description": "Low"
+          },
+          {
+            "value": "Informational",
+            "description": "Informational"
+          },
+          {
+            "value": "Obsolete",
+            "description": "Obsolete"
+          }
+        ]
+      }
+    },
+    "RuleType": {
+      "description": "The rule type.",
+      "enum": [
+        "Binary",
+        "BaselineExpected",
+        "PositiveList",
+        "NegativeList"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "RuleType",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "Binary",
+            "description": "Binary"
+          },
+          {
+            "value": "BaselineExpected",
+            "description": "BaselineExpected"
+          },
+          {
+            "value": "PositiveList",
+            "description": "PositiveList"
+          },
+          {
+            "value": "NegativeList",
+            "description": "NegativeList"
+          }
+        ]
+      }
+    },
+    "QueryCheck": {
+      "description": "The rule query details.",
+      "type": "object",
+      "properties": {
+        "query": {
+          "description": "The rule query.",
+          "type": "string"
+        },
+        "expectedResult": {
+          "description": "Expected result.",
+          "type": "array",
+          "items": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            }
+          }
+        },
+        "columnNames": {
+          "description": "Column names of expected result.",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        }
+      }
+    },
+    "BenchmarkReference": {
+      "description": "The benchmark references.",
+      "type": "object",
+      "properties": {
+        "benchmark": {
+          "description": "The benchmark name.",
+          "type": "string"
+        },
+        "reference": {
+          "description": "The benchmark reference.",
+          "type": "string"
+        }
+      }
+    },
+    "VaRule": {
+      "description": "vulnerability assessment rule metadata details.",
+      "type": "object",
+      "properties": {
+        "ruleId": {
+          "description": "The rule Id.",
+          "type": "string"
+        },
+        "severity": {
+          "$ref": "#/definitions/RuleSeverity"
+        },
+        "category": {
+          "description": "The rule category.",
+          "type": "string"
+        },
+        "ruleType": {
+          "$ref": "#/definitions/RuleType"
+        },
+        "title": {
+          "description": "The rule title.",
+          "type": "string"
+        },
+        "description": {
+          "description": "The rule description.",
+          "type": "string"
+        },
+        "rationale": {
+          "description": "The rule rationale.",
+          "type": "string"
+        },
+        "queryCheck": {
+          "$ref": "#/definitions/QueryCheck"
+        },
+        "benchmarkReferences": {
+          "description": "The benchmark references.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/BenchmarkReference"
+          }
+        }
+      }
+    },
+    "ScanResultProperties": {
+      "description": "A vulnerability assessment scan result properties for a single rule.",
+      "type": "object",
+      "properties": {
+        "ruleId": {
+          "description": "The rule Id.",
+          "type": "string"
+        },
+        "status": {
+          "$ref": "#/definitions/RuleStatus"
+        },
+        "isTrimmed": {
+          "description": "Indicated whether the results specified here are trimmed.",
+          "type": "boolean"
+        },
+        "queryResults": {
+          "description": "The results of the query that was run.",
+          "type": "array",
+          "items": {
+            "type": "array",
+            "items": {
+              "type": "string"
+            }
+          }
+        },
+        "remediation": {
+          "$ref": "#/definitions/Remediation"
+        },
+        "baselineAdjustedResult": {
+          "$ref": "#/definitions/BaselineAdjustedResult"
+        },
+        "ruleMetadata": {
+          "$ref": "#/definitions/VaRule"
+        }
+      }
+    },
+    "ScanResult": {
+      "description": "A vulnerability assessment scan result for a single rule.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/ScanResultProperties"
+        }
+      }
+    },
+    "ScanResults": {
+      "description": "A list of vulnerability assessment scan results.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "List of vulnerability assessment scan results.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ScanResult"
+          }
+        }
+      }
+    }
+  },
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "flow": "implicit",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      },
+      "description": "Azure Active Directory OAuth2 Flow"
+    }
+  },
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ]
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-15-preview/sensitivitySettings.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-15-preview/sensitivitySettings.json
new file mode 100644
index 000000000..ef8c6ffee
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-02-15-preview/sensitivitySettings.json
@@ -0,0 +1,328 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Data Sensitivity Settings",
+    "description": "API spec for Microsoft.Security Data Sensitivity Settings",
+    "version": "2023-02-15-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/providers/Microsoft.Security/sensitivitySettings/current": {
+      "put": {
+        "tags": [
+          "sensitivitySettings"
+        ],
+        "description": "Create or update data sensitivity settings for sensitive data discovery",
+        "operationId": "SensitivitySettings_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "in": "body",
+            "name": "sensitivitySettings",
+            "description": "The data sensitivity settings to update",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/UpdateSensitivitySettingsRequest"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Success of the sensitivity settings update",
+            "schema": {
+              "$ref": "#/definitions/GetSensitivitySettingsResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Update sensitivity settings": {
+            "$ref": "./examples/SensitivitySettings/PutSensitivitySettings_example.json"
+          }
+        }
+      },
+      "get": {
+        "tags": [
+          "sensitivitySettings"
+        ],
+        "description": "Gets data sensitivity settings for sensitive data discovery",
+        "operationId": "SensitivitySettings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Success of the sensitivity settings get",
+            "schema": {
+              "$ref": "#/definitions/GetSensitivitySettingsResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get sensitivity settings": {
+            "$ref": "./examples/SensitivitySettings/GetSensitivitySettings_example.json"
+          }
+        }
+      }
+    },
+    "/providers/Microsoft.Security/sensitivitySettings": {
+      "get": {
+        "description": "Gets a list with a single sensitivity settings resource",
+        "operationId": "SensitivitySettings_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Success of the sensitivity settings list get",
+            "schema": {
+              "$ref": "#/definitions/GetSensitivitySettingsListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get sensitivity settings list": {
+            "$ref": "./examples/SensitivitySettings/GetSensitivitySettingsList_example.json"
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SensitiveInfoTypesIds": {
+      "description": "List of selected sensitive info types' IDs.",
+      "type": "array",
+      "items": {
+        "type": "string",
+        "format": "uuid"
+      }
+    },
+    "Label": {
+      "description": "Microsoft information protection sensitivity label",
+      "type": "object",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "The display name of the label"
+        },
+        "id": {
+          "type": "string",
+          "description": "The ID of the label",
+          "format": "uuid"
+        },
+        "order": {
+          "type": "number",
+          "description": "Labels are ordered by sensitivity level. The higher the order of the label, the more sensitive it is."
+        }
+      }
+    },
+    "GetSensitivitySettingsResponse": {
+      "x-ms-azure-resource": true,
+      "type": "object",
+      "description": "Data sensitivity settings for sensitive data discovery",
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "The ID of the sensitivity settings",
+          "readOnly": true
+        },
+        "type": {
+          "type": "string",
+          "description": "The type of the sensitivity settings",
+          "readOnly": true
+        },
+        "name": {
+          "type": "string",
+          "description": "The name of the sensitivity settings",
+          "readOnly": true
+        },
+        "properties": {
+          "type": "object",
+          "description": "The sensitivity settings properties",
+          "properties": {
+            "sensitiveInfoTypesIds": {
+              "$ref": "#/definitions/SensitiveInfoTypesIds"
+            },
+            "sensitivityThresholdLabelOrder": {
+              "type": "number",
+              "description": "The order of the sensitivity threshold label. Any label at or above this order will be considered sensitive. If set to -1, sensitivity by labels is turned off"
+            },
+            "sensitivityThresholdLabelId": {
+              "type": "string",
+              "description": "The id of the sensitivity threshold label. Any label at or above this rank will be considered sensitive.",
+              "format": "uuid"
+            },
+            "mipInformation": {
+              "description": "Microsoft information protection built-in and custom information types, labels, and integration status.",
+              "type": "object",
+              "properties": {
+                "mipIntegrationStatus": {
+                  "$ref": "#/definitions/MipIntegrationStatus"
+                },
+                "labels": {
+                  "$ref": "#/definitions/Labels"
+                },
+                "customInfoTypes": {
+                  "description": "List of custom user-defined information types",
+                  "type": "array",
+                  "items": {
+                    "$ref": "#/definitions/InfoType"
+                  }
+                },
+                "builtInInfoTypes": {
+                  "description": "List of pre-configured sensitive information types",
+                  "type": "array",
+                  "items": {
+                    "$ref": "#/definitions/BuiltInInfoType"
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    },
+    "GetSensitivitySettingsListResponse": {
+      "type": "object",
+      "description": "A list with a single sensitivity settings resource",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/GetSensitivitySettingsResponse"
+          }
+        }
+      }
+    },
+    "UpdateSensitivitySettingsRequest": {
+      "description": "Request to update data sensitivity settings for sensitive data discovery",
+      "type": "object",
+      "properties": {
+        "sensitiveInfoTypesIds": {
+          "$ref": "#/definitions/SensitiveInfoTypesIds"
+        },
+        "sensitivityThresholdLabelOrder": {
+          "type": "number",
+          "description": "The order of the sensitivity threshold label. Any label at or above this order will be considered sensitive. If set to -1, sensitivity by labels is turned off"
+        },
+        "sensitivityThresholdLabelId": {
+          "type": "string",
+          "description": "The id of the sensitivity threshold label. Any label at or above this rank will be considered sensitive.",
+          "format": "uuid"
+        }
+      },
+      "required": [
+        "sensitiveInfoTypesIds"
+      ]
+    },
+    "BuiltInInfoType": {
+      "description": "Pre-configured sensitive information type",
+      "type": "object",
+      "properties": {
+        "name": {
+          "description": "Display name of the info type",
+          "type": "string"
+        },
+        "id": {
+          "description": "Id of the info type",
+          "type": "string",
+          "format": "uuid"
+        },
+        "type": {
+          "description": "Category of the built-in info type",
+          "type": "string"
+        }
+      }
+    },
+    "InfoType": {
+      "type": "object",
+      "description": "Custom user-defined information type",
+      "properties": {
+        "name": {
+          "description": "Display name of the info type",
+          "type": "string"
+        },
+        "id": {
+          "description": "Id of the info type",
+          "type": "string",
+          "format": "uuid"
+        },
+        "description": {
+          "description": "Description of the info type",
+          "type": "string"
+        }
+      }
+    },
+    "MipIntegrationStatus": {
+      "type": "string",
+      "description": "Microsoft information protection integration status",
+      "enum": [
+        "Ok",
+        "noConsent",
+        "noAutoLabelingRules",
+        "noMipLabels"
+      ],
+      "x-ms-enum": {
+        "name": "MipIntegrationStatus",
+        "modelAsString": true
+      }
+    },
+    "Labels": {
+      "description": "List of Microsoft information protection sensitivity labels",
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/Label"
+      }
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/healthReports.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/healthReports.json
new file mode 100644
index 000000000..225dcda16
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-05-01-preview/healthReports.json
@@ -0,0 +1,373 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2023-05-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/healthReports": {
+      "get": {
+        "x-ms-examples": {
+          "List health reports": {
+            "$ref": "./examples/HealthReports/ListHealthReports_example.json"
+          }
+        },
+        "tags": [
+          "HealthReports"
+        ],
+        "description": "Get a list of all health reports inside a scope. Valid scopes are: subscription (format: 'subscriptions/{subscriptionId}'), or security connector (format: 'subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName})'",
+        "operationId": "HealthReports_List",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ScopeParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/HealthReportsList"
+            }
+          },
+          "default": {
+            "description": "Common error response for all Azure Resource Manager APIs to return error details for failed operations.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/healthReports/{healthReportName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get health report of resource": {
+            "$ref": "./examples/HealthReports/GetHealthReports_example.json"
+          }
+        },
+        "tags": [
+          "HealthReports"
+        ],
+        "description": "Get health report of resource",
+        "operationId": "HealthReports_Get",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/HealthReportName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/HealthReport"
+            }
+          },
+          "default": {
+            "description": "Common error response for all Azure Resource Manager APIs to return error details for failed operations.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "HealthReportsList": {
+      "type": "object",
+      "description": "Page of health reports list",
+      "properties": {
+        "value": {
+          "description": "Collection of health reports in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/HealthReport"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page"
+        }
+      }
+    },
+    "HealthReport": {
+      "type": "object",
+      "description": "The health report resource",
+      "properties": {
+        "properties": {
+          "description": "Properties of a health report",
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/HealthReportProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "HealthReportProperties": {
+      "type": "object",
+      "description": "Describes properties of the health report",
+      "properties": {
+        "resourceDetails": {
+          "$ref": "#/definitions/resourceDetails"
+        },
+        "environmentDetails": {
+          "$ref": "#/definitions/environmentDetails"
+        },
+        "healthDataClassification": {
+          "$ref": "#/definitions/healthDataClassification"
+        },
+        "status": {
+          "$ref": "#/definitions/status"
+        },
+        "affectedDefendersPlans": {
+          "type": "array",
+          "description": "The affected defenders plans by unhealthy report",
+          "items": {
+            "type": "string",
+            "description": "plan name"
+          }
+        },
+        "affectedDefendersSubPlans": {
+          "type": "array",
+          "description": "The affected defenders sub plans by unhealthy report",
+          "items": {
+            "type": "string",
+            "description": "sub plan name"
+          }
+        },
+        "reportAdditionalData": {
+          "type": "object",
+          "description": "Additional data for the given health report, this field can include more details on the resource and the health scenario.",
+          "readOnly": true,
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "issues": {
+          "type": "array",
+          "description": "A collection of the issues in the report",
+          "items": {
+            "$ref": "#/definitions/issue"
+          },
+          "x-ms-identifiers": []
+        }
+      }
+    },
+    "issue": {
+      "type": "object",
+      "description": "The issue that caused the resource to by unhealthy",
+      "required": [
+        "issueKey"
+      ],
+      "properties": {
+        "issueKey": {
+          "description": "The unique issue key",
+          "type": "string"
+        },
+        "issueName": {
+          "type": "string",
+          "description": "The issue name"
+        },
+        "securityValues": {
+          "type": "array",
+          "description": "The affected security values that MDC offers that will be affected by the issue, for example: recommendations, alerts, etc",
+          "items": {
+            "type": "string",
+            "description": "security values"
+          }
+        },
+        "issueDescription": {
+          "type": "string",
+          "description": "The issue description"
+        },
+        "remediationSteps": {
+          "type": "string",
+          "description": "Human readable description of what you should do to mitigate this health issue"
+        },
+        "remediationScript": {
+          "type": "string",
+          "description": "The remediation script to solve this issue"
+        },
+        "issueAdditionalData": {
+          "type": "object",
+          "description": "Additional data for the given issue. The additional data depends on the issue type",
+          "additionalProperties": {
+            "type": "string"
+          }
+        }
+      }
+    },
+    "environmentDetails": {
+      "type": "object",
+      "description": "The environment details of the resource",
+      "properties": {
+        "nativeResourceId": {
+          "description": "The native resource id of the resource (in case of Azure - the resource Id, in case of MC - the native resource id)",
+          "type": "string"
+        },
+        "environmentHierarchyId": {
+          "description": "The hierarchy id of the connector (in case of Azure - the subscription Id, in case of MC - the hierarchyId id)",
+          "type": "string"
+        },
+        "organizationalHierarchyId": {
+          "description": "The organizational hierarchy id of the connector (in case of Azure - the subscription Id, in case of MC - the organizational hierarchyId id)",
+          "type": "string"
+        },
+        "subscriptionId": {
+          "description": "The subscription Id",
+          "type": "string"
+        },
+        "tenantId": {
+          "description": "The tenant Id",
+          "type": "string"
+        }
+      }
+    },
+    "healthDataClassification": {
+      "type": "object",
+      "description": "The classification of the health report",
+      "properties": {
+        "component": {
+          "type": "string",
+          "description": "The component describes the name of the agent/service that scans the issue"
+        },
+        "scenario": {
+          "type": "string",
+          "description": "The scenario describes the health scenario issue of the component"
+        },
+        "scope": {
+          "type": "string",
+          "description": "The resource scope of the health report"
+        }
+      }
+    },
+    "status": {
+      "type": "object",
+      "description": "The status of the health report",
+      "properties": {
+        "code": {
+          "type": "string",
+          "description": "The status of the health report",
+          "enum": [
+            "Healthy",
+            "NotHealthy",
+            "NotApplicable"
+          ],
+          "x-ms-enum": {
+            "name": "statusName",
+            "modelAsString": true
+          }
+        },
+        "reason": {
+          "type": "string",
+          "description": "The reason of the given status",
+          "readOnly": true
+        },
+        "lastScannedDate": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "The date of when the resource was scanned in the last time"
+        },
+        "statusChangeDate": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "The date of when the status of the health report was changed in the last time"
+        },
+        "firstEvaluationDate": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The date of when the resource of the health report was scanned in the first time"
+        }
+      }
+    },
+    "resourceDetails": {
+      "type": "object",
+      "description": "The resource details of the health report",
+      "properties": {
+        "source": {
+          "type": "string",
+          "description": "The status of the health report",
+          "enum": [
+            "Aws",
+            "Gcp",
+            "Azure"
+          ],
+          "x-ms-enum": {
+            "name": "source",
+            "modelAsString": true
+          }
+        },
+        "id": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The azure id of the resource"
+        },
+        "connectorId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The id of the connector"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "HealthReportName": {
+      "name": "healthReportName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "pattern": "[{]?[0-9a-fA-F]{8}-(?:[0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}[}]?$",
+      "description": "The health report Key - Unique key for the health report type",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/automations.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/automations.json
new file mode 100644
index 000000000..24ed13d90
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/automations.json
@@ -0,0 +1,786 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2023-12-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/automations": {
+      "get": {
+        "x-ms-examples": {
+          "List all security automations of a specified subscription": {
+            "$ref": "./examples/Automations/GetAutomationsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Lists all the security automations in the specified subscription. Use the 'nextLink' property in the response to get the next page of security automations for the specified subscription.",
+        "operationId": "Automations_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AutomationList"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations": {
+      "get": {
+        "x-ms-examples": {
+          "List all security automations of a specified resource group": {
+            "$ref": "./examples/Automations/GetAutomationsResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Lists all the security automations in the specified resource group. Use the 'nextLink' property in the response to get the next page of security automations for the specified resource group.",
+        "operationId": "Automations_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AutomationList"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}": {
+      "get": {
+        "x-ms-examples": {
+          "Retrieve a security automation": {
+            "$ref": "./examples/Automations/GetAutomationResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Retrieves information about the model of a security automation.",
+        "operationId": "Automations_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/AutomationName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Automation"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create or update a security automation for all assessments (including all severities)": {
+            "$ref": "./examples/Automations/PutAutomationAllAssessments_example.json"
+          },
+          "Create or update a security automation for all high severity assessments": {
+            "$ref": "./examples/Automations/PutAutomationHighSeverityAssessments_example.json"
+          },
+          "Disable or enable a security automation": {
+            "$ref": "./examples/Automations/PutDisableAutomation_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Creates or updates a security automation. If a security automation is already created and a subsequent request is issued for the same automation id, then it will be updated.",
+        "operationId": "Automations_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/AutomationName"
+          },
+          {
+            "$ref": "#/parameters/AutomationInBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Automation"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/Automation"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "patch": {
+        "x-ms-examples": {
+          "Update a security automation": {
+            "$ref": "./examples/Automations/PatchAutomation_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Updates a security automation",
+        "operationId": "Automations_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/AutomationName"
+          },
+          {
+            "$ref": "#/parameters/AutomationUpdateInBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Automation"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security automation": {
+            "$ref": "./examples/Automations/DeleteAutomation_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "operationId": "Automations_Delete",
+        "description": "Deletes a security automation.",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/AutomationName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "NoContent"
+          },
+          "200": {
+            "description": "Automation deleted"
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/automations/{automationName}/validate": {
+      "post": {
+        "x-ms-examples": {
+          "Validate the security automation model before create or update": {
+            "$ref": "./examples/Automations/ValidateAutomation_example.json"
+          }
+        },
+        "tags": [
+          "Automations"
+        ],
+        "description": "Validates the security automation model before create or update. Any validation errors are returned to the client.",
+        "operationId": "Automations_Validate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/AutomationName"
+          },
+          {
+            "$ref": "#/parameters/AutomationInBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AutomationValidationStatus"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AutomationList": {
+      "type": "object",
+      "description": "List of security automations response.",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "The list of security automations under the given scope.",
+          "items": {
+            "$ref": "#/definitions/Automation"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "Automation": {
+      "type": "object",
+      "description": "The security automation resource.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security automation data",
+          "$ref": "#/definitions/AutomationProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/TrackedResource"
+        }
+      ]
+    },
+    "AutomationUpdateModel": {
+      "type": "object",
+      "description": "The update model of security automation resource.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security automation data",
+          "$ref": "#/definitions/AutomationProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Tags"
+        }
+      ]
+    },
+    "AutomationProperties": {
+      "type": "object",
+      "description": "A set of properties that defines the behavior of the automation configuration. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas.",
+      "properties": {
+        "description": {
+          "type": "string",
+          "description": "The security automation description."
+        },
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Indicates whether the security automation is enabled."
+        },
+        "scopes": {
+          "type": "array",
+          "description": "A collection of scopes on which the security automations logic is applied. Supported scopes are the subscription itself or a resource group under that subscription. The automation will only apply on defined scopes.",
+          "items": {
+            "$ref": "#/definitions/AutomationScope"
+          },
+          "x-ms-identifiers": []
+        },
+        "sources": {
+          "type": "array",
+          "description": "A collection of the source event types which evaluate the security automation set of rules.",
+          "items": {
+            "$ref": "#/definitions/AutomationSource"
+          },
+          "x-ms-identifiers": []
+        },
+        "actions": {
+          "type": "array",
+          "description": "A collection of the actions which are triggered if all the configured rules evaluations, within at least one rule set, are true.",
+          "items": {
+            "$ref": "#/definitions/AutomationAction"
+          },
+          "x-ms-identifiers": []
+        }
+      }
+    },
+    "AutomationSource": {
+      "type": "object",
+      "description": "The source event types which evaluate the security automation set of rules. For example - security alerts and security assessments. To learn more about the supported security events data models schemas - please visit https://aka.ms/ASCAutomationSchemas.",
+      "properties": {
+        "eventSource": {
+          "type": "string",
+          "description": "A valid event source type.",
+          "enum": [
+            "Assessments",
+            "AssessmentsSnapshot",
+            "SubAssessments",
+            "SubAssessmentsSnapshot",
+            "Alerts",
+            "SecureScores",
+            "SecureScoresSnapshot",
+            "SecureScoreControls",
+            "SecureScoreControlsSnapshot",
+            "RegulatoryComplianceAssessment",
+            "RegulatoryComplianceAssessmentSnapshot",
+            "AttackPaths",
+            "AttackPathsSnapshot"
+          ],
+          "x-ms-enum": {
+            "name": "EventSource",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Assessments"
+              },
+              {
+                "value": "AssessmentsSnapshot"
+              },
+              {
+                "value": "SubAssessments"
+              },
+              {
+                "value": "SubAssessmentsSnapshot"
+              },
+              {
+                "value": "Alerts"
+              },
+              {
+                "value": "SecureScores"
+              },
+              {
+                "value": "SecureScoresSnapshot"
+              },
+              {
+                "value": "SecureScoreControls"
+              },
+              {
+                "value": "SecureScoreControlsSnapshot"
+              },
+              {
+                "value": "RegulatoryComplianceAssessment"
+              },
+              {
+                "value": "RegulatoryComplianceAssessmentSnapshot"
+              },
+              {
+                "value": "AttackPaths"
+              },
+              {
+                "value": "AttackPathsSnapshot"
+              }
+            ]
+          }
+        },
+        "ruleSets": {
+          "type": "array",
+          "description": "A set of rules which evaluate upon event interception. A logical disjunction is applied between defined rule sets (logical 'or').",
+          "items": {
+            "$ref": "#/definitions/AutomationRuleSet"
+          },
+          "x-ms-identifiers": []
+        }
+      }
+    },
+    "AutomationScope": {
+      "type": "object",
+      "description": "A single automation scope.",
+      "properties": {
+        "description": {
+          "type": "string",
+          "description": "The resources scope description."
+        },
+        "scopePath": {
+          "type": "string",
+          "description": "The resources scope path. Can be the subscription on which the automation is defined on or a resource group under that subscription (fully qualified Azure resource IDs)."
+        }
+      }
+    },
+    "AutomationAction": {
+      "type": "object",
+      "description": "The action that should be triggered.",
+      "discriminator": "actionType",
+      "required": [
+        "actionType"
+      ],
+      "properties": {
+        "actionType": {
+          "type": "string",
+          "description": "The type of the action that will be triggered by the Automation",
+          "enum": [
+            "LogicApp",
+            "EventHub",
+            "Workspace"
+          ],
+          "x-ms-enum": {
+            "name": "ActionType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "LogicApp"
+              },
+              {
+                "value": "EventHub"
+              },
+              {
+                "value": "Workspace"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AutomationActionLogicApp": {
+      "type": "object",
+      "description": "The logic app action that should be triggered. To learn more about Microsoft Defender for Cloud's Workflow Automation capabilities, visit https://aka.ms/ASCWorkflowAutomationLearnMore",
+      "x-ms-discriminator-value": "LogicApp",
+      "allOf": [
+        {
+          "readOnly": true,
+          "$ref": "#/definitions/AutomationAction"
+        }
+      ],
+      "properties": {
+        "logicAppResourceId": {
+          "type": "string",
+          "description": "The triggered Logic App Azure Resource ID. This can also reside on other subscriptions, given that you have permissions to trigger the Logic App"
+        },
+        "uri": {
+          "type": "string",
+          "description": "The Logic App trigger URI endpoint (it will not be included in any response).",
+          "format": "uri"
+        }
+      }
+    },
+    "AutomationActionEventHub": {
+      "type": "object",
+      "description": "The target Event Hub to which event data will be exported. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore",
+      "x-ms-discriminator-value": "EventHub",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AutomationAction"
+        }
+      ],
+      "properties": {
+        "eventHubResourceId": {
+          "type": "string",
+          "description": "The target Event Hub Azure Resource ID."
+        },
+        "sasPolicyName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The target Event Hub SAS policy name."
+        },
+        "connectionString": {
+          "type": "string",
+          "description": "The target Event Hub connection string (it will not be included in any response)."
+        },
+        "isTrustedServiceEnabled": {
+          "type": "boolean",
+          "description": "Indicates whether the trusted service is enabled or not."
+        }
+      }
+    },
+    "AutomationActionWorkspace": {
+      "type": "object",
+      "description": "The Log Analytics Workspace to which event data will be exported. Security alerts data will reside in the 'SecurityAlert' table and the assessments data will reside in the 'SecurityRecommendation' table (under the 'Security'/'SecurityCenterFree' solutions). Note that in order to view the data in the workspace, the Security Center Log Analytics free/standard solution needs to be enabled on that workspace. To learn more about Microsoft Defender for Cloud continuous export capabilities, visit https://aka.ms/ASCExportLearnMore",
+      "x-ms-discriminator-value": "Workspace",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AutomationAction"
+        }
+      ],
+      "properties": {
+        "workspaceResourceId": {
+          "type": "string",
+          "description": "The fully qualified Log Analytics Workspace Azure Resource ID."
+        }
+      }
+    },
+    "AutomationRuleSet": {
+      "type": "object",
+      "description": "A rule set which evaluates all its rules upon an event interception. Only when all the included rules in the rule set will be evaluated as 'true', will the event trigger the defined actions. ",
+      "properties": {
+        "rules": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AutomationTriggeringRule"
+          },
+          "x-ms-identifiers": []
+        }
+      }
+    },
+    "AutomationTriggeringRule": {
+      "type": "object",
+      "description": "A rule which is evaluated upon event interception. The rule is configured by comparing a specific value from the event model to an expected value. This comparison is done by using one of the supported operators set.",
+      "properties": {
+        "propertyJPath": {
+          "type": "string",
+          "description": "The JPath of the entity model property that should be checked."
+        },
+        "propertyType": {
+          "type": "string",
+          "description": "The data type of the compared operands (string, integer, floating point number or a boolean [true/false]]",
+          "enum": [
+            "String",
+            "Integer",
+            "Number",
+            "Boolean"
+          ],
+          "x-ms-enum": {
+            "name": "PropertyType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "String"
+              },
+              {
+                "value": "Integer"
+              },
+              {
+                "value": "Number"
+              },
+              {
+                "value": "Boolean"
+              }
+            ]
+          }
+        },
+        "expectedValue": {
+          "type": "string",
+          "description": "The expected value."
+        },
+        "operator": {
+          "type": "string",
+          "description": "A valid comparer operator to use. A case-insensitive comparison will be applied for String PropertyType.",
+          "enum": [
+            "Equals",
+            "GreaterThan",
+            "GreaterThanOrEqualTo",
+            "LesserThan",
+            "LesserThanOrEqualTo",
+            "NotEquals",
+            "Contains",
+            "StartsWith",
+            "EndsWith"
+          ],
+          "x-ms-enum": {
+            "name": "Operator",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Equals",
+                "description": "Applies for decimal and non-decimal operands"
+              },
+              {
+                "value": "GreaterThan",
+                "description": "Applies only for decimal operands"
+              },
+              {
+                "value": "GreaterThanOrEqualTo",
+                "description": "Applies only for decimal operands"
+              },
+              {
+                "value": "LesserThan",
+                "description": "Applies only for decimal operands"
+              },
+              {
+                "value": "LesserThanOrEqualTo",
+                "description": "Applies only for decimal operands"
+              },
+              {
+                "value": "NotEquals",
+                "description": "Applies  for decimal and non-decimal operands"
+              },
+              {
+                "value": "Contains",
+                "description": "Applies only for non-decimal operands"
+              },
+              {
+                "value": "StartsWith",
+                "description": "Applies only for non-decimal operands"
+              },
+              {
+                "value": "EndsWith",
+                "description": "Applies only for non-decimal operands"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AutomationValidationStatus": {
+      "type": "object",
+      "description": "The security automation model state property bag.",
+      "properties": {
+        "isValid": {
+          "type": "boolean",
+          "description": "Indicates whether the model is valid or not."
+        },
+        "message": {
+          "type": "string",
+          "description": "The validation message."
+        }
+      }
+    }
+  },
+  "parameters": {
+    "AutomationName": {
+      "name": "automationName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The security automation name.",
+      "x-ms-parameter-location": "method"
+    },
+    "AutomationInBody": {
+      "name": "Automation",
+      "in": "body",
+      "required": true,
+      "description": "The security automation resource",
+      "schema": {
+        "$ref": "#/definitions/Automation"
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "AutomationUpdateInBody": {
+      "name": "Automation",
+      "in": "body",
+      "required": true,
+      "description": "The update model of security automation resource",
+      "schema": {
+        "$ref": "#/definitions/AutomationUpdateModel"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/securityContacts.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/securityContacts.json
new file mode 100644
index 000000000..4e06c8f23
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2023-12-01-preview/securityContacts.json
@@ -0,0 +1,504 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2023-12-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts": {
+      "get": {
+        "x-ms-examples": {
+          "List security contact data": {
+            "$ref": "./examples/SecurityContacts/GetSecurityContactsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "List all security contact configurations for the subscription",
+        "operationId": "SecurityContacts_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContactList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityContacts/{securityContactName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a security contact": {
+            "$ref": "./examples/SecurityContacts/GetSecurityContact_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Get Default Security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContact"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create security contact data": {
+            "$ref": "./examples/SecurityContacts/CreateSecurityContact_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Create security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          },
+          {
+            "$ref": "#/parameters/SecurityContact"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/SecurityContact"
+            }
+          },
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityContact"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Deletes a security contact data": {
+            "$ref": "./examples/SecurityContacts/DeleteSecurityContact_example.json"
+          }
+        },
+        "tags": [
+          "Security Contacts"
+        ],
+        "description": "Delete security contact configurations for the subscription",
+        "operationId": "SecurityContacts_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityContactName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Security contact deleted"
+          },
+          "204": {
+            "description": "Security contact was not found"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityContactList": {
+      "type": "object",
+      "description": "List of security contacts response",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "description": "List of security contacts",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityContact"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityContact": {
+      "type": "object",
+      "description": "Contact details and configurations for notifications coming from Microsoft Defender for Cloud.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security contact data",
+          "$ref": "#/definitions/SecurityContactProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityContactProperties": {
+      "type": "object",
+      "description": "Describes security contact properties",
+      "properties": {
+        "emails": {
+          "type": "string",
+          "description": "List of email addresses which will get notifications from Microsoft Defender for Cloud by the configurations defined in this security contact."
+        },
+        "phone": {
+          "type": "string",
+          "description": "The security contact's phone number"
+        },
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Indicates whether the security contact is enabled."
+        },
+        "notificationsSources": {
+          "type": "array",
+          "description": "A collection of sources types which evaluate the email notification.",
+          "items": {
+            "$ref": "#/definitions/NotificationsSource"
+          },
+          "x-ms-identifiers": []
+        },
+        "notificationsByRole": {
+          "type": "object",
+          "description": "Defines whether to send email notifications from Microsoft Defender for Cloud to persons with specific RBAC roles on the subscription.",
+          "properties": {
+            "state": {
+              "type": "string",
+              "description": "Defines whether to send email notifications from AMicrosoft Defender for Cloud to persons with specific RBAC roles on the subscription.",
+              "enum": [
+                "On",
+                "Off"
+              ],
+              "x-ms-enum": {
+                "name": "state",
+                "modelAsString": true,
+                "values": [
+                  {
+                    "value": "On",
+                    "description": "Send notification on new alerts to the subscription's admins"
+                  },
+                  {
+                    "value": "Off",
+                    "description": "Don't send notification on new alerts to the subscription's admins"
+                  }
+                ]
+              }
+            },
+            "roles": {
+              "type": "array",
+              "description": "Defines which RBAC roles will get email notifications from Microsoft Defender for Cloud. List of allowed RBAC roles: ",
+              "items": {
+                "$ref": "#/definitions/SecurityContactRole"
+              }
+            }
+          }
+        }
+      }
+    },
+    "NotificationsSource": {
+      "type": "object",
+      "description": "A valid notification source type",
+      "discriminator": "sourceType",
+      "required": [
+        "sourceType"
+      ],
+      "properties": {
+        "sourceType": {
+          "type": "string",
+          "description": "The source type that will trigger the notification",
+          "enum": [
+            "Alert",
+            "AttackPath"
+          ],
+          "x-ms-enum": {
+            "name": "sourceType",
+            "modelAsString": true
+          }
+        }
+      }
+    },
+    "NotificationsSourceAlert": {
+      "type": "object",
+      "description": "Alert notification source",
+      "x-ms-discriminator-value": "Alert",
+      "allOf": [
+        {
+          "$ref": "#/definitions/NotificationsSource"
+        }
+      ],
+      "properties": {
+        "minimalSeverity": {
+          "type": "object",
+          "$ref": "#/definitions/MinimalSeverity",
+          "description": ""
+        }
+      }
+    },
+    "MinimalSeverity": {
+      "type": "string",
+      "description": "Defines the minimal alert severity which will be sent as email notifications",
+      "enum": [
+        "High",
+        "Medium",
+        "Low"
+      ],
+      "x-ms-enum": {
+        "name": "minimalSeverity",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "High",
+            "description": "Get notifications on new alerts with High severity"
+          },
+          {
+            "value": "Medium",
+            "description": "Get notifications on new alerts with Medium or High severity"
+          },
+          {
+            "value": "Low",
+            "description": "Get notifications on new alerts with Low, Medium or High severity"
+          }
+        ]
+      }
+    },
+    "NotificationsSourceAttackPath": {
+      "type": "object",
+      "description": "Attack path notification source",
+      "x-ms-discriminator-value": "AttackPath",
+      "allOf": [
+        {
+          "$ref": "#/definitions/NotificationsSource"
+        }
+      ],
+      "properties": {
+        "minimalRiskLevel": {
+          "type": "object",
+          "$ref": "#/definitions/MinimalRiskLevel",
+          "description": "Defines the minimal attach path risk level which will be sent as email notifications"
+        }
+      }
+    },
+    "MinimalRiskLevel": {
+      "type": "string",
+      "description": "Defines the minimal attack path risk level which will be sent as email notifications",
+      "enum": [
+        "Critical",
+        "High",
+        "Medium",
+        "Low"
+      ],
+      "x-ms-enum": {
+        "name": "minimalRiskLevel",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "Critical",
+            "description": "Get notifications on new attack paths with Critical risk level"
+          },
+          {
+            "value": "High",
+            "description": "Get notifications on new attack paths with High or Critical risk level"
+          },
+          {
+            "value": "Medium",
+            "description": "Get notifications on new attach paths with Medium, High or Critical risk level"
+          },
+          {
+            "value": "Low",
+            "description": "Get notifications on new attach paths with Low, Medium, High or Critical risk level"
+          }
+        ]
+      }
+    },
+    "State": {
+      "type": "string",
+      "description": "Defines if email notifications will be sent about new security events",
+      "enum": [
+        "On",
+        "Off"
+      ],
+      "x-ms-enum": {
+        "name": "state",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "On",
+            "description": "Get notifications on new events"
+          },
+          {
+            "value": "Off",
+            "description": "Don't get notifications on new events"
+          }
+        ]
+      }
+    },
+    "SecurityContactRole": {
+      "type": "string",
+      "description": "A possible role to configure sending security notification alerts to",
+      "enum": [
+        "AccountAdmin",
+        "ServiceAdmin",
+        "Owner",
+        "Contributor"
+      ],
+      "x-ms-enum": {
+        "name": "securityContactRole",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "AccountAdmin",
+            "description": "If enabled, send notification on new alerts to the account admins"
+          },
+          {
+            "value": "ServiceAdmin",
+            "description": "If enabled, send notification on new alerts to the service admins"
+          },
+          {
+            "value": "Owner",
+            "description": "If enabled, send notification on new alerts to the subscription owners"
+          },
+          {
+            "value": "Contributor",
+            "description": "If enabled, send notification on new alerts to the subscription contributors"
+          }
+        ]
+      }
+    }
+  },
+  "parameters": {
+    "SecurityContactName": {
+      "name": "securityContactName",
+      "type": "string",
+      "enum": [
+        "default"
+      ],
+      "x-ms-enum": {
+        "name": "securityContactName",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "default",
+            "description": "The single applicable name of the security contact object"
+          }
+        ]
+      },
+      "in": "path",
+      "required": true,
+      "pattern": "^(default)$",
+      "minLength": 7,
+      "maxLength": 7,
+      "description": "Name of the security contact object",
+      "x-ms-parameter-location": "method"
+    },
+    "SecurityContact": {
+      "name": "securityContact",
+      "in": "body",
+      "required": true,
+      "description": "Security contact object",
+      "schema": {
+        "$ref": "#/definitions/SecurityContact"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-05-15-preview/securityConnectorsDevOps.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-05-15-preview/securityConnectorsDevOps.json
new file mode 100644
index 000000000..e2e0e66b1
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-05-15-preview/securityConnectorsDevOps.json
@@ -0,0 +1,3246 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft.Security",
+    "description": "REST APIs for Defender for DevOps",
+    "version": "2024-05-15-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/listAvailableAzureDevOpsOrgs": {
+      "post": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of all Azure DevOps organizations accessible by the user token consumed by the connector.",
+        "operationId": "AzureDevOpsOrgs_ListAvailable",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides list of Azure DevOps organization details",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsOrgListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "ListAvailable_AzureDevOpsOrgs": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListAvailableAzureDevOpsOrgs_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of Azure DevOps organizations onboarded to the connector.",
+        "operationId": "AzureDevOpsOrgs_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides a list of Azure DevOps organization details",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsOrgListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_AzureDevOpsOrgs": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListAzureDevOpsOrgs_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a monitored Azure DevOps organization resource.",
+        "operationId": "AzureDevOpsOrgs_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides Azure DevOps organization details",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsOrg"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_AzureDevOpsOrgs": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetAzureDevOpsOrgs_example.json"
+          }
+        }
+      },
+      "put": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Creates or updates monitored Azure DevOps organization details.",
+        "operationId": "AzureDevOpsOrgs_CreateOrUpdate",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "azureDevOpsOrg",
+            "description": "The Azure DevOps organization resource payload.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsOrg"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Creates or updates monitored Azure DevOps organization details",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsOrg"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsOrg"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "CreateOrUpdate_AzureDevOpsOrgs": {
+            "$ref": "./examples/SecurityConnectorsDevOps/CreateOrUpdateAzureDevOpsOrgs_example.json"
+          }
+        }
+      },
+      "patch": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Updates monitored Azure DevOps organization details.",
+        "operationId": "AzureDevOpsOrgs_Update",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "azureDevOpsOrg",
+            "description": "The Azure DevOps organization resource payload.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsOrg"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsOrg"
+            }
+          },
+          "202": {
+            "description": "Accepted",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsOrg"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "Update_AzureDevOpsOrgs": {
+            "$ref": "./examples/SecurityConnectorsDevOps/UpdateAzureDevOpsOrgs_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of Azure DevOps projects onboarded to the connector.",
+        "operationId": "AzureDevOpsProjects_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides a list of Azure DevOps project details",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsProjectListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_AzureDevOpsProjects": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListAzureDevOpsProjects_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a monitored Azure DevOps project resource.",
+        "operationId": "AzureDevOpsProjects_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "#/parameters/ProjectName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides Azure DevOps project details",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsProject"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_AzureDevOpsProjects": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetAzureDevOpsProjects_example.json"
+          }
+        }
+      },
+      "put": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Creates or updates a monitored Azure DevOps project resource.",
+        "operationId": "AzureDevOpsProjects_CreateOrUpdate",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "#/parameters/ProjectName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "azureDevOpsProject",
+            "description": "The Azure DevOps project resource payload.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsProject"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Creates or updates a monitored Azure DevOps project resource",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsProject"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsProject"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "CreateOrUpdate_AzureDevOpsProjects": {
+            "$ref": "./examples/SecurityConnectorsDevOps/CreateOrUpdateAzureDevOpsProjects_example.json"
+          }
+        }
+      },
+      "patch": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Updates a monitored Azure DevOps project resource.",
+        "operationId": "AzureDevOpsProjects_Update",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "#/parameters/ProjectName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "azureDevOpsProject",
+            "description": "The Azure DevOps project resource payload.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsProject"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsProject"
+            }
+          },
+          "202": {
+            "description": "Accepted",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsProject"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "Update_AzureDevOpsProjects": {
+            "$ref": "./examples/SecurityConnectorsDevOps/UpdateAzureDevOpsProjects_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}/repos": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of Azure DevOps repositories onboarded to the connector.",
+        "operationId": "AzureDevOpsRepos_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "#/parameters/ProjectName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides a list of Azure DevOps repository details",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsRepositoryListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_AzureDevOpsRepos": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListAzureDevOpsRepos_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/azureDevOpsOrgs/{orgName}/projects/{projectName}/repos/{repoName}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a monitored Azure DevOps repository resource.",
+        "operationId": "AzureDevOpsRepos_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "#/parameters/ProjectName"
+          },
+          {
+            "$ref": "#/parameters/RepoName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides Azure DevOps repository details",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsRepository"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_AzureDevOpsRepos": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetAzureDevOpsRepos_example.json"
+          }
+        }
+      },
+      "put": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Creates or updates a monitored Azure DevOps repository resource.",
+        "operationId": "AzureDevOpsRepos_CreateOrUpdate",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "#/parameters/ProjectName"
+          },
+          {
+            "$ref": "#/parameters/RepoName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "azureDevOpsRepository",
+            "description": "The Azure DevOps repository resource payload.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsRepository"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Creates or updates a monitored Azure DevOps repository resource",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsRepository"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsRepository"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "CreateOrUpdate_AzureDevOpsRepos": {
+            "$ref": "./examples/SecurityConnectorsDevOps/CreateOrUpdateAzureDevOpsRepos_example.json"
+          }
+        }
+      },
+      "patch": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Updates a monitored Azure DevOps repository resource.",
+        "operationId": "AzureDevOpsRepos_Update",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OrgName"
+          },
+          {
+            "$ref": "#/parameters/ProjectName"
+          },
+          {
+            "$ref": "#/parameters/RepoName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "azureDevOpsRepository",
+            "description": "The Azure DevOps repository resource payload.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsRepository"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsRepository"
+            }
+          },
+          "202": {
+            "description": "Accepted",
+            "schema": {
+              "$ref": "#/definitions/AzureDevOpsRepository"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "Update_AzureDevOpsRepos": {
+            "$ref": "./examples/SecurityConnectorsDevOps/UpdateAzureDevOpsRepos_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "List DevOps Configurations.",
+        "operationId": "DevOpsConfigurations_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DevOpsConfigurationListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_DevOpsConfigurations": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListDevOpsConfigurations_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Gets a DevOps Configuration.",
+        "operationId": "DevOpsConfigurations_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DevOpsConfiguration"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_DevOpsConfigurations": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetDevOpsConfigurations_example.json"
+          },
+          "Get_DevOpsConfigurations_WithCapabilities": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetDevOpsConfigurationsWithCapabilities_example.json"
+          }
+        }
+      },
+      "put": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Creates or updates a DevOps Configuration.",
+        "operationId": "DevOpsConfigurations_CreateOrUpdate",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "devOpsConfiguration",
+            "description": "The DevOps configuration resource payload.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/DevOpsConfiguration"
+            }
+          }
+        ],
+        "responses": {
+          "202": {
+            "description": "Accepted",
+            "schema": {
+              "$ref": "#/definitions/DevOpsConfiguration"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/DevOpsConfiguration"
+            }
+          },
+          "200": {
+            "description": "Creates or updates a DevOps Configuration",
+            "schema": {
+              "$ref": "#/definitions/DevOpsConfiguration"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "CreateOrUpdate_DevOpsConfigurations_OnboardCurrentAndFuture": {
+            "$ref": "./examples/SecurityConnectorsDevOps/CreateOrUpdateDevOpsConfigurationsOnboardCurrentAndFuture_example.json"
+          },
+          "CreateOrUpdate_DevOpsConfigurations_OnboardCurrentOnly": {
+            "$ref": "./examples/SecurityConnectorsDevOps/CreateOrUpdateDevOpsConfigurationsOnboardCurrentOnly_example.json"
+          },
+          "CreateOrUpdate_DevOpsConfigurations_OnboardSelected": {
+            "$ref": "./examples/SecurityConnectorsDevOps/CreateOrUpdateDevOpsConfigurationsOnboardSelected_example.json"
+          }
+        }
+      },
+      "patch": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Updates a DevOps Configuration.",
+        "operationId": "DevOpsConfigurations_Update",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "devOpsConfiguration",
+            "description": "The DevOps configuration resource payload.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/DevOpsConfiguration"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DevOpsConfiguration"
+            }
+          },
+          "202": {
+            "description": "Accepted",
+            "schema": {
+              "$ref": "#/definitions/DevOpsConfiguration"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "Update_DevOpsConfigurations": {
+            "$ref": "./examples/SecurityConnectorsDevOps/UpdateDevOpsConfigurations_example.json"
+          }
+        }
+      },
+      "delete": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Deletes a DevOps Connector.",
+        "operationId": "DevOpsConfigurations_Delete",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "202": {
+            "description": "Accepted"
+          },
+          "204": {
+            "description": "NoContent"
+          },
+          "200": {
+            "description": "OK"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-examples": {
+          "Delete_DevOpsConfigurations": {
+            "$ref": "./examples/SecurityConnectorsDevOps/DeleteDevOpsConfigurations_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policies": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of DevOps Policies.",
+        "operationId": "DevOpsPolicies_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/DevOpsPolicyType"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides a list of DevOps Policies.",
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicyListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_DevOpsPolicies": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListDevOpsPolicies_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policies/{policyName}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a DevOps Policy.",
+        "operationId": "DevOpsPolicies_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/PolicyName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides DevOps Policy details.",
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicy"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_DevOpsPolicies": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetDevOpsPolicies_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policyAssignments": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of DevOps Policy Assignments.",
+        "operationId": "DevOpsPolicyAssignments_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/DevOpsPolicyType"
+          },
+          {
+            "$ref": "#/parameters/ResourceId"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides a list of DevOps Policy Assignments.",
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicyAssignmentListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_DevOpsPolicyAssignments": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListDevOpsPolicyAssignments_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/policyAssignments/{policyAssignmentId}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a DevOps Policy Assignment Resource.",
+        "operationId": "DevOpsPolicyAssignments_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/PolicyAssignmentId"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides DevOps Policy Assignment details.",
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicyAssignment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_DevOpsPolicyAssignments": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetDevOpsPolicyAssignments_example.json"
+          }
+        }
+      },
+      "put": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Creates or updates a DevOps Policy Assignment Resource.",
+        "operationId": "DevOpsPolicyAssignments_CreateOrUpdate",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/PolicyAssignmentId"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "devOpsPolicyAssignment",
+            "description": "The DevOps Policy Assignment.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicyAssignment"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Creates or updates a DevOps Policy Assignment.",
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicyAssignment"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicyAssignment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "CreateOrUpdate_DevOpsPolicyAssignments": {
+            "$ref": "./examples/SecurityConnectorsDevOps/CreateOrUpdateDevOpsPolicyAssignments_example.json"
+          }
+        }
+      },
+      "patch": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Updates a DevOps Policy Assignment Resource.",
+        "operationId": "DevOpsPolicyAssignments_Update",
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/PolicyAssignmentId"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "in": "body",
+            "name": "devOpsPolicyAssignment",
+            "description": "The DevOps Policy Assignment.",
+            "required": true,
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicyAssignment"
+            }
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Updates a DevOps Policy Assignment.",
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicyAssignment"
+            }
+          },
+          "202": {
+            "description": "Accepted",
+            "schema": {
+              "$ref": "#/definitions/DevOpsPolicyAssignment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "azure-async-operation"
+        },
+        "x-ms-examples": {
+          "Update_DevOpsPolicyAssignments": {
+            "$ref": "./examples/SecurityConnectorsDevOps/UpdateDevOpsPolicyAssignments_example.json"
+          }
+        }
+      },
+      "delete": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Deletes a DevOps Policy Assignment Resource.",
+        "operationId": "DevOpsPolicyAssignments_Delete",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/PolicyAssignmentId"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "202": {
+            "description": "Accepted"
+          },
+          "204": {
+            "description": "NoContent"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-examples": {
+          "Delete_DevOpsPolicyAssignments": {
+            "$ref": "./examples/SecurityConnectorsDevOps/DeleteDevOpsPolicyAssignments_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/listAvailableGitHubOwners": {
+      "post": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of all GitHub owners accessible by the user token consumed by the connector.",
+        "operationId": "GitHubOwners_ListAvailable",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides list of GitHub owner resources",
+            "schema": {
+              "$ref": "#/definitions/GitHubOwnerListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "ListAvailable_GitHubOwners": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListAvailableGitHubOwners_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitHubOwners": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of GitHub owners onboarded to the connector.",
+        "operationId": "GitHubOwners_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides list of GitHub owner resources",
+            "schema": {
+              "$ref": "#/definitions/GitHubOwnerListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_GitHubOwners": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListGitHubOwners_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitHubOwners/{ownerName}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a monitored GitHub owner.",
+        "operationId": "GitHubOwners_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OwnerName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides GitHub owner details",
+            "schema": {
+              "$ref": "#/definitions/GitHubOwner"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_GitHubOwners": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetGitHubOwners_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitHubOwners/{ownerName}/repos": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of GitHub repositories onboarded to the connector.",
+        "operationId": "GitHubRepos_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OwnerName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides list of GitHub repository resources",
+            "schema": {
+              "$ref": "#/definitions/GitHubRepositoryListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_GitHubRepos": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListGitHubRepos_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitHubOwners/{ownerName}/repos/{repoName}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a monitored GitHub repository.",
+        "operationId": "GitHubRepos_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OwnerName"
+          },
+          {
+            "$ref": "#/parameters/RepoName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides GitHub repository details",
+            "schema": {
+              "$ref": "#/definitions/GitHubRepository"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_GitHubRepos": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetGitHubRepos_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/listAvailableGitLabGroups": {
+      "post": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of all GitLab groups accessible by the user token consumed by the connector.",
+        "operationId": "GitLabGroups_ListAvailable",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides a list of GitLab Group details",
+            "schema": {
+              "$ref": "#/definitions/GitLabGroupListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "ListAvailable_GitLabGroups": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListAvailableGitLabGroups_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitLabGroups": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a list of GitLab groups onboarded to the connector.",
+        "operationId": "GitLabGroups_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides a list of GitLab Group details",
+            "schema": {
+              "$ref": "#/definitions/GitLabGroupListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_GitLabGroups": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListGitLabGroups_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitLabGroups/{groupFQName}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a monitored GitLab Group resource for a given fully-qualified name.",
+        "operationId": "GitLabGroups_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/GroupFQName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides GitLab Group details",
+            "schema": {
+              "$ref": "#/definitions/GitLabGroup"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_GitLabGroups": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetGitLabGroups_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitLabGroups/{groupFQName}/listSubgroups": {
+      "post": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Gets nested subgroups of given GitLab Group which are onboarded to the connector.",
+        "operationId": "GitLabSubgroups_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/GroupFQName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides a list of GitLab Group details for subgroups",
+            "schema": {
+              "$ref": "#/definitions/GitLabGroupListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "List_GitLabSubgroups": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListGitLabSubgroups_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitLabGroups/{groupFQName}/projects": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Gets a list of GitLab projects that are directly owned by given group and onboarded to the connector.",
+        "operationId": "GitLabProjects_List",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/GroupFQName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides a list of GitLab Project details",
+            "schema": {
+              "$ref": "#/definitions/GitLabProjectListResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        },
+        "x-ms-examples": {
+          "List_GitLabProjects": {
+            "$ref": "./examples/SecurityConnectorsDevOps/ListGitLabProjects_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/gitLabGroups/{groupFQName}/projects/{projectName}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Returns a monitored GitLab Project resource for a given fully-qualified group name and project name.",
+        "operationId": "GitLabProjects_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/GroupFQName"
+          },
+          {
+            "$ref": "#/parameters/ProjectName"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Provides GitLab Project details",
+            "schema": {
+              "$ref": "#/definitions/GitLabProject"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_GitLabProjects": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetGitLabProjects_example.json"
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}/devops/default/operationResults/{operationResultId}": {
+      "get": {
+        "tags": [
+          "DevOps"
+        ],
+        "summary": "Get devops long running operation result.",
+        "operationId": "DevOpsOperationResults_Get",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/SecurityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/OperationResultId"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v2/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/OperationStatusResult"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-examples": {
+          "Get_DevOpsOperationResults_Succeeded": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetDevOpsOperationResultsSucceeded_example.json"
+          },
+          "Get_DevOpsOperationResults_Failed": {
+            "$ref": "./examples/SecurityConnectorsDevOps/GetDevOpsOperationResultsFailed_example.json"
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ActionableRemediation": {
+      "description": "Configuration payload for PR Annotations.",
+      "type": "object",
+      "properties": {
+        "state": {
+          "$ref": "#/definitions/ActionableRemediationState"
+        },
+        "categoryConfigurations": {
+          "description": "Gets or sets list of categories and severity levels.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/CategoryConfiguration"
+          },
+          "x-ms-identifiers": []
+        },
+        "branchConfiguration": {
+          "$ref": "#/definitions/TargetBranchConfiguration"
+        },
+        "inheritFromParentState": {
+          "$ref": "#/definitions/InheritFromParentState"
+        }
+      }
+    },
+    "ActionableRemediationState": {
+      "description": "ActionableRemediation Setting.\r\nNone - the setting was never set.\r\nEnabled - ActionableRemediation is enabled.\r\nDisabled - ActionableRemediation is disabled.",
+      "enum": [
+        "None",
+        "Disabled",
+        "Enabled"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "ActionableRemediationState",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "AnnotateDefaultBranchState": {
+      "description": "Configuration of PR Annotations on default branch.\r\n\r\nEnabled - PR Annotations are enabled on the resource's default branch.\r\nDisabled - PR Annotations are disabled on the resource's default branch.",
+      "enum": [
+        "Disabled",
+        "Enabled"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "AnnotateDefaultBranchState",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "Authorization": {
+      "description": "Authorization payload.",
+      "type": "object",
+      "properties": {
+        "code": {
+          "description": "Gets or sets one-time OAuth code to exchange for refresh and access tokens.\r\n\r\nOnly used during PUT/PATCH operations. The secret is cleared during GET.",
+          "type": "string",
+          "example": "00000000000000000000.",
+          "x-ms-secret": true
+        }
+      }
+    },
+    "AutoDiscovery": {
+      "description": "AutoDiscovery states.",
+      "enum": [
+        "Disabled",
+        "Enabled",
+        "NotApplicable"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "AutoDiscovery",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "AzureDevOpsOrg": {
+      "description": "Azure DevOps Organization resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/AzureDevOpsOrgProperties"
+        }
+      }
+    },
+    "AzureDevOpsOrgListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AzureDevOpsOrg"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "AzureDevOpsOrgProperties": {
+      "description": "Azure DevOps Organization properties.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "onboardingState": {
+          "$ref": "#/definitions/OnboardingState"
+        },
+        "actionableRemediation": {
+          "$ref": "#/definitions/ActionableRemediation"
+        }
+      }
+    },
+    "AzureDevOpsOrganizationConfiguration": {
+      "description": "AzureDevOps Org Inventory Configuration.",
+      "type": "object",
+      "properties": {
+        "autoDiscovery": {
+          "$ref": "#/definitions/AutoDiscovery"
+        },
+        "projectConfigs": {
+          "description": "AzureDevOps Project Inventory Configuration.\r\nDictionary of AzureDevOps project name to desired project configuration.\r\nIf AutoDiscovery is Enabled, this field should be empty or null.",
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/AzureDevOpsProjectConfiguration"
+          },
+          "x-nullable": true
+        }
+      }
+    },
+    "AzureDevOpsProject": {
+      "description": "Azure DevOps Project resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/AzureDevOpsProjectProperties"
+        }
+      }
+    },
+    "AzureDevOpsProjectConfiguration": {
+      "description": "AzureDevOps Project Inventory Configuration.",
+      "type": "object",
+      "properties": {
+        "autoDiscovery": {
+          "$ref": "#/definitions/AutoDiscovery"
+        },
+        "repositoryConfigs": {
+          "description": "AzureDevOps Repository Inventory Configuration.\r\nDictionary of AzureDevOps repository name to desired repository configuration.\r\nIf AutoDiscovery is Enabled, this field should be null or empty.",
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/BaseResourceConfiguration"
+          },
+          "x-nullable": true
+        }
+      }
+    },
+    "AzureDevOpsProjectListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AzureDevOpsProject"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "AzureDevOpsProjectProperties": {
+      "description": "Azure DevOps Project properties.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "parentOrgName": {
+          "description": "Gets or sets parent Azure DevOps Organization name.",
+          "type": "string"
+        },
+        "projectId": {
+          "description": "Gets or sets Azure DevOps Project id.",
+          "type": "string",
+          "readOnly": true
+        },
+        "onboardingState": {
+          "$ref": "#/definitions/OnboardingState"
+        },
+        "actionableRemediation": {
+          "$ref": "#/definitions/ActionableRemediation"
+        }
+      }
+    },
+    "AzureDevOpsRepository": {
+      "description": "Azure DevOps Repository resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/AzureDevOpsRepositoryProperties"
+        }
+      }
+    },
+    "AzureDevOpsRepositoryListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/AzureDevOpsRepository"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "AzureDevOpsRepositoryProperties": {
+      "description": "Azure DevOps Repository properties.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "parentOrgName": {
+          "description": "Gets or sets parent Azure DevOps Organization name.",
+          "type": "string"
+        },
+        "parentProjectName": {
+          "description": "Gets or sets parent Azure DevOps Project name.",
+          "type": "string"
+        },
+        "repoId": {
+          "description": "Gets or sets Azure DevOps Repository id.",
+          "type": "string",
+          "readOnly": true
+        },
+        "repoUrl": {
+          "description": "Gets or sets Azure DevOps Repository url.",
+          "type": "string",
+          "readOnly": true
+        },
+        "visibility": {
+          "description": "Gets or sets Azure DevOps repository visibility, whether it is public or private etc.",
+          "type": "string",
+          "readOnly": true
+        },
+        "onboardingState": {
+          "$ref": "#/definitions/OnboardingState"
+        },
+        "actionableRemediation": {
+          "$ref": "#/definitions/ActionableRemediation"
+        }
+      }
+    },
+    "BaseResourceConfiguration": {
+      "description": "Base Resource Inventory configuration changes.",
+      "type": "object",
+      "properties": {
+        "desiredOnboardingState": {
+          "$ref": "#/definitions/DesiredOnboardingState"
+        }
+      }
+    },
+    "CategoryConfiguration": {
+      "description": "Severity level per category configuration for PR Annotations.",
+      "type": "object",
+      "properties": {
+        "minimumSeverityLevel": {
+          "description": "Gets or sets minimum severity level for a given category.",
+          "type": "string"
+        },
+        "category": {
+          "$ref": "#/definitions/RuleCategory"
+        }
+      }
+    },
+    "DescendantBehavior": {
+      "description": "The behavior of a policy on descendant resources.",
+      "enum": [
+        "Unknown",
+        "Override",
+        "FallBack"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "DescendantBehavior",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "DesiredOnboardingState": {
+      "description": "Onboarding states.",
+      "enum": [
+        "Disabled",
+        "Enabled"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "DesiredOnboardingState",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "DevOpsCapability": {
+      "description": "Details about DevOps capability.",
+      "type": "object",
+      "properties": {
+        "name": {
+          "description": "Gets the name of the DevOps capability.",
+          "type": "string",
+          "readOnly": true
+        },
+        "value": {
+          "description": "Gets the value of the DevOps capability.",
+          "type": "string",
+          "readOnly": true
+        }
+      }
+    },
+    "DevOpsConfiguration": {
+      "description": "DevOps Configuration resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/DevOpsConfigurationProperties"
+        }
+      }
+    },
+    "DevOpsConfigurationListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/DevOpsConfiguration"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "DevOpsConfigurationProperties": {
+      "description": "DevOps Configuration properties.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "authorization": {
+          "$ref": "#/definitions/Authorization"
+        },
+        "autoDiscovery": {
+          "$ref": "#/definitions/AutoDiscovery"
+        },
+        "topLevelInventoryList": {
+          "description": "List of top-level inventory to select when AutoDiscovery is disabled.\r\nThis field is ignored when AutoDiscovery is enabled.",
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
+        },
+        "capabilities": {
+          "description": "List of capabilities assigned to the DevOps configuration during the discovery process.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/DevOpsCapability"
+          },
+          "x-ms-identifiers": [],
+          "readOnly": true
+        }
+      }
+    },
+    "DevOpsPolicy": {
+      "description": "DevOps Policy Resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/DevOpsPolicyProperties"
+        }
+      }
+    },
+    "DevOpsPolicyAssignment": {
+      "description": "DevOps Policy assignment resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/DevOpsPolicyAssignmentProperties"
+        }
+      }
+    },
+    "DevOpsPolicyAssignmentListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/DevOpsPolicyAssignment"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "DevOpsPolicyAssignmentProperties": {
+      "description": "Properties of the DevOps policy assignment resource.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "resourceId": {
+          "description": "Gets or sets the Azure resource id.",
+          "type": "string",
+          "format": "arm-id"
+        },
+        "descendantBehavior": {
+          "$ref": "#/definitions/DescendantBehavior"
+        },
+        "policy": {
+          "$ref": "#/definitions/DevOpsPolicyDescriptor"
+        },
+        "assignedAt": {
+          "format": "date-time",
+          "description": "Gets or sets time when the assignment was created in UTC.",
+          "type": "string"
+        }
+      }
+    },
+    "DevOpsPolicyDescriptor": {
+      "description": "Condensed information to identify a DevOps Policy resource.",
+      "type": "object",
+      "properties": {
+        "policyName": {
+          "description": "Gets or sets the policy name.",
+          "type": "string"
+        },
+        "policyId": {
+          "description": "Gets or sets the policy GUID.",
+          "type": "string"
+        },
+        "policyVersion": {
+          "description": "Gets or sets the version.",
+          "type": "string"
+        },
+        "policyType": {
+          "$ref": "#/definitions/DevOpsPolicyType"
+        }
+      }
+    },
+    "DevOpsPolicyListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/DevOpsPolicy"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "DevOpsPolicyProperties": {
+      "description": "Policy DevOps Resource properties that contain the full definition of a DevOps policy resource.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "source": {
+          "$ref": "#/definitions/DevOpsPolicySource"
+        },
+        "policyId": {
+          "description": "Gets the policy resource GUID.",
+          "type": "string",
+          "readOnly": true,
+          "format": "uuid"
+        },
+        "webUrl": {
+          "description": "Gets the web URL.",
+          "type": "string",
+          "readOnly": true,
+          "format": "url"
+        },
+        "version": {
+          "description": "Gets or sets the semantic version.",
+          "type": "string"
+        },
+        "type": {
+          "$ref": "#/definitions/DevOpsPolicyType"
+        },
+        "content": {
+          "description": "Gets or sets the policy definition content JSON string.",
+          "type": "string"
+        }
+      }
+    },
+    "DevOpsPolicySource": {
+      "description": "DevOps Policy creation sources.",
+      "enum": [
+        "Unknown",
+        "BuiltIn",
+        "UserDefined"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "DevOpsPolicySource",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "DevOpsPolicyType": {
+      "description": "DevOps Policy resource types.",
+      "enum": [
+        "Unknown",
+        "Pipeline"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "DevOpsPolicyType",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "DevOpsProvisioningState": {
+      "description": "The provisioning state of the resource.\r\n\r\nPending - Provisioning pending.\r\nFailed - Provisioning failed.\r\nSucceeded - Successful provisioning.\r\nCanceled - Provisioning canceled.\r\nPendingDeletion - Deletion pending.\r\nDeletionSuccess - Deletion successful.\r\nDeletionFailure - Deletion failure.",
+      "enum": [
+        "Succeeded",
+        "Failed",
+        "Canceled",
+        "Pending",
+        "PendingDeletion",
+        "DeletionSuccess",
+        "DeletionFailure"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "DevOpsProvisioningState",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      },
+      "readOnly": true
+    },
+    "GitHubOwner": {
+      "description": "GitHub Owner resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/GitHubOwnerProperties"
+        }
+      }
+    },
+    "GitHubOwnerConfiguration": {
+      "description": "GitHub Owner Inventory Configuration.",
+      "type": "object",
+      "properties": {
+        "autoDiscovery": {
+          "$ref": "#/definitions/AutoDiscovery"
+        },
+        "repositoryConfigs": {
+          "description": "GitHub Repository Inventory Configuration.\r\nDictionary of GitHub repository name to desired repository configuration.\r\nIf AutoDiscovery is Enabled, this field should be null or empty.",
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/BaseResourceConfiguration"
+          },
+          "x-nullable": true
+        }
+      }
+    },
+    "GitHubOwnerListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/GitHubOwner"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "GitHubOwnerProperties": {
+      "description": "GitHub Owner properties.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "ownerUrl": {
+          "description": "Gets or sets GitHub Owner url.",
+          "type": "string",
+          "readOnly": true
+        },
+        "gitHubInternalId": {
+          "description": "Gets or sets internal GitHub id.",
+          "type": "string",
+          "readOnly": true
+        },
+        "onboardingState": {
+          "$ref": "#/definitions/OnboardingState"
+        }
+      }
+    },
+    "GitHubRepository": {
+      "description": "GitHub Repository resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/GitHubRepositoryProperties"
+        }
+      }
+    },
+    "GitHubRepositoryListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/GitHubRepository"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "GitHubRepositoryProperties": {
+      "description": "GitHub Repository properties.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "repoId": {
+          "description": "Gets or sets GitHub Repository id.\r\n\r\nThis is a numeric id defined by Github.\r\nEg: \"123456\".",
+          "type": "string",
+          "readOnly": true
+        },
+        "repoName": {
+          "description": "Gets or sets GitHub Repository name.\r\nEg: \"new-repo-1\".",
+          "type": "string",
+          "readOnly": true
+        },
+        "repoFullName": {
+          "description": "Gets or sets GitHub Full Name.\r\nRepository name, prefixed with Owner name.\r\nEg: \"my-org/new-repo-1\".",
+          "type": "string",
+          "readOnly": true
+        },
+        "onboardingState": {
+          "$ref": "#/definitions/OnboardingState"
+        },
+        "repoUrl": {
+          "description": "Gets or sets GitHub Repository url.",
+          "type": "string",
+          "readOnly": true
+        },
+        "parentOwnerName": {
+          "description": "Gets or sets parent GitHub Owner name.",
+          "type": "string"
+        }
+      }
+    },
+    "GitLabGroup": {
+      "description": "GitLab Group resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/GitLabGroupProperties"
+        }
+      }
+    },
+    "GitLabGroupConfiguration": {
+      "description": "GitLab Group Inventory Configuration.",
+      "type": "object",
+      "properties": {
+        "autoDiscovery": {
+          "$ref": "#/definitions/AutoDiscovery"
+        },
+        "projectConfigs": {
+          "description": "GitLab Project Inventory Configuration.\r\nDictionary of GitLab fully-qualified project name to desired project configuration.\r\nIf AutoDiscovery is Enabled, this field should be null or empty.",
+          "type": "object",
+          "additionalProperties": {
+            "$ref": "#/definitions/BaseResourceConfiguration"
+          },
+          "x-nullable": true
+        }
+      }
+    },
+    "GitLabGroupListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/GitLabGroup"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "GitLabGroupProperties": {
+      "description": "GitLab Group properties.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "fullyQualifiedName": {
+          "description": "Gets or sets the fully-qualified name of the Group object.\r\n\r\nThis contains the entire namespace hierarchy where namespaces are separated by the '$' character.",
+          "type": "string",
+          "readOnly": true
+        },
+        "fullyQualifiedFriendlyName": {
+          "description": "Gets or sets the human readable fully-qualified name of the Group object.\r\n\r\nThis contains the entire namespace hierarchy as seen on GitLab UI where namespaces are separated by the '/' character.",
+          "type": "string",
+          "readOnly": true
+        },
+        "url": {
+          "description": "Gets or sets the url of the GitLab Group.",
+          "type": "string",
+          "readOnly": true
+        },
+        "onboardingState": {
+          "$ref": "#/definitions/OnboardingState"
+        }
+      }
+    },
+    "GitLabProject": {
+      "description": "GitLab Project resource.",
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/ProxyResource"
+        }
+      ],
+      "properties": {
+        "systemData": {
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "$ref": "#/definitions/GitLabProjectProperties"
+        }
+      }
+    },
+    "GitLabProjectListResponse": {
+      "description": "List of RP resources which supports pagination.",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Gets or sets list of resources.",
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/GitLabProject"
+          },
+          "x-ms-identifiers": []
+        },
+        "nextLink": {
+          "description": "Gets or sets next link to scroll over the results.",
+          "type": "string"
+        }
+      }
+    },
+    "GitLabProjectProperties": {
+      "description": "GitLab Project properties.",
+      "type": "object",
+      "properties": {
+        "provisioningStatusMessage": {
+          "description": "Gets the resource status message.",
+          "type": "string",
+          "example": "Resource onboarded successful.",
+          "readOnly": true
+        },
+        "provisioningStatusUpdateTimeUtc": {
+          "format": "date-time",
+          "description": "Gets the time when resource was last checked.",
+          "type": "string",
+          "readOnly": true
+        },
+        "provisioningState": {
+          "$ref": "#/definitions/DevOpsProvisioningState"
+        },
+        "fullyQualifiedName": {
+          "description": "Gets or sets the fully-qualified name of the project object.\r\n\r\nThis contains the entire hierarchy where entities are separated by the '$' character.",
+          "type": "string",
+          "readOnly": true
+        },
+        "fullyQualifiedFriendlyName": {
+          "description": "Gets or sets the human readable fully-qualified name of the Project object.\r\n\r\nThis contains the entire namespace hierarchy as seen on GitLab UI where entities are separated by the '/' character.",
+          "type": "string",
+          "readOnly": true
+        },
+        "fullyQualifiedParentGroupName": {
+          "description": "Gets or sets the fully-qualified name of the project's parent group object.\r\n\r\nThis contains the entire hierarchy where namespaces are separated by the '$' character.",
+          "type": "string",
+          "readOnly": true
+        },
+        "url": {
+          "description": "Gets or sets the url of the GitLab Project.",
+          "type": "string",
+          "readOnly": true
+        },
+        "onboardingState": {
+          "$ref": "#/definitions/OnboardingState"
+        }
+      }
+    },
+    "InheritFromParentState": {
+      "description": "Update Settings.\r\n\r\nEnabled - Resource should inherit configurations from parent.\r\nDisabled - Resource should not inherit configurations from parent.",
+      "enum": [
+        "Disabled",
+        "Enabled"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "InheritFromParentState",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "OnboardingState": {
+      "description": "Details about resource onboarding status across all connectors.\r\n\r\nOnboardedByOtherConnector - this resource has already been onboarded to another connector. This is only applicable to top-level resources.\r\nOnboarded - this resource has already been onboarded by the specified connector.\r\nNotOnboarded - this resource has not been onboarded to any connector.\r\nNotApplicable - the onboarding state is not applicable to the current endpoint.",
+      "enum": [
+        "NotApplicable",
+        "OnboardedByOtherConnector",
+        "Onboarded",
+        "NotOnboarded"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "OnboardingState",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "RuleCategory": {
+      "description": "Rule categories.\r\nCode - code scanning results.\r\nArtifact scanning results.\r\nDependencies scanning results.\r\nIaC results.\r\nSecrets scanning results.\r\nContainer scanning results.",
+      "enum": [
+        "Code",
+        "Artifacts",
+        "Dependencies",
+        "Secrets",
+        "IaC",
+        "Containers"
+      ],
+      "type": "string",
+      "x-ms-enum": {
+        "name": "RuleCategory",
+        "modelAsString": true,
+        "modelAsExtensible": true
+      }
+    },
+    "TargetBranchConfiguration": {
+      "description": "Repository branch configuration for PR Annotations.",
+      "type": "object",
+      "properties": {
+        "branchNames": {
+          "description": "Gets or sets branches that should have annotations.",
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "x-ms-identifiers": []
+        },
+        "annotateDefaultBranch": {
+          "$ref": "#/definitions/AnnotateDefaultBranchState"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "SecurityConnectorName": {
+      "in": "path",
+      "name": "securityConnectorName",
+      "description": "The security connector name.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "OrgName": {
+      "in": "path",
+      "name": "orgName",
+      "description": "The Azure DevOps organization name.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "ProjectName": {
+      "in": "path",
+      "name": "projectName",
+      "description": "The project name.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "RepoName": {
+      "in": "path",
+      "name": "repoName",
+      "description": "The repository name.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "DevOpsPolicyType": {
+      "in": "query",
+      "name": "devOpsPolicyType",
+      "description": "Optional filter for listing the policies.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "PolicyName": {
+      "in": "path",
+      "name": "policyName",
+      "description": "The policy name.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "ResourceId": {
+      "in": "query",
+      "name": "resourceId",
+      "description": "Optional filter for listing the assignments of a specific resource.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "PolicyAssignmentId": {
+      "in": "path",
+      "name": "policyAssignmentId",
+      "description": "The policy assignment Id.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "OwnerName": {
+      "in": "path",
+      "name": "ownerName",
+      "description": "The GitHub owner name.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "GroupFQName": {
+      "in": "path",
+      "name": "groupFQName",
+      "description": "The GitLab group fully-qualified name.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "OperationResultId": {
+      "in": "path",
+      "name": "operationResultId",
+      "description": "The operation result Id.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  },
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "flow": "implicit",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      },
+      "description": "Azure Active Directory OAuth2 Flow"
+    }
+  },
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ]
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-08-01-preview/securityConnectors.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-08-01-preview/securityConnectors.json
new file mode 100644
index 000000000..b064af24a
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-08-01-preview/securityConnectors.json
@@ -0,0 +1,1785 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2024-08-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securityConnectors": {
+      "get": {
+        "x-ms-examples": {
+          "List all security connectors of a specified subscription": {
+            "$ref": "./examples/SecurityConnectors/GetSecurityConnectorsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Lists all the security connectors in the specified subscription. Use the 'nextLink' property in the response to get the next page of security connectors for the specified subscription.",
+        "operationId": "SecurityConnectors_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnectorsList"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors": {
+      "get": {
+        "x-ms-examples": {
+          "List all security connectors of a specified resource group": {
+            "$ref": "./examples/SecurityConnectors/GetSecurityConnectorsResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Lists all the security connectors in the specified resource group. Use the 'nextLink' property in the response to get the next page of security connectors for the specified resource group.",
+        "operationId": "SecurityConnectors_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnectorsList"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/securityConnectors/{securityConnectorName}": {
+      "get": {
+        "x-ms-examples": {
+          "Retrieve a security connector": {
+            "$ref": "./examples/SecurityConnectors/GetSecurityConnectorSingleResource_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Retrieves details of a specific security connector",
+        "operationId": "SecurityConnectors_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnector"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create or update a security connector": {
+            "$ref": "./examples/SecurityConnectors/PutSecurityConnector_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Creates or updates a security connector. If a security connector is already created and a subsequent request is issued for the same security connector id, then it will be updated.",
+        "operationId": "SecurityConnectors_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorInBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnector"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnector"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "patch": {
+        "x-ms-examples": {
+          "Update a security connector": {
+            "$ref": "./examples/SecurityConnectors/PatchSecurityConnector_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "description": "Updates a security connector",
+        "operationId": "SecurityConnectors_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorInBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityConnector"
+            }
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security connector": {
+            "$ref": "./examples/SecurityConnectors/DeleteSecurityConnector_example.json"
+          }
+        },
+        "tags": [
+          "SecurityConnectors"
+        ],
+        "operationId": "SecurityConnectors_Delete",
+        "description": "Deletes a security connector.",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/securityConnectorName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "The resource was deleted successfully"
+          },
+          "204": {
+            "description": "NoContent"
+          },
+          "default": {
+            "description": "Error response that describes why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityConnectorsList": {
+      "type": "object",
+      "description": "List of security connectors response.",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "The list of security connectors under the given scope.",
+          "items": {
+            "$ref": "#/definitions/SecurityConnector"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityConnector": {
+      "type": "object",
+      "description": "The security connector resource.",
+      "properties": {
+        "systemData": {
+          "readOnly": true,
+          "type": "object",
+          "description": "Azure Resource Manager metadata containing createdBy and modifiedBy information.",
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        },
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security connector data",
+          "$ref": "#/definitions/SecurityConnectorProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/TrackedResource"
+        }
+      ]
+    },
+    "SecurityConnectorProperties": {
+      "type": "object",
+      "description": "A set of properties that defines the security connector configuration.",
+      "properties": {
+        "hierarchyIdentifier": {
+          "type": "string",
+          "description": "The multi cloud resource identifier (account id in case of AWS connector, project number in case of GCP connector)."
+        },
+        "hierarchyIdentifierTrialEndDate": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "The date on which the trial period will end, if applicable. Trial period exists for 30 days after upgrading to payed offerings."
+        },
+        "environmentName": {
+          "type": "string",
+          "description": "The multi cloud resource's cloud name.",
+          "enum": [
+            "Azure",
+            "AWS",
+            "GCP",
+            "Github",
+            "AzureDevOps",
+            "GitLab",
+            "DockerHub",
+            "JFrog"
+          ],
+          "x-ms-enum": {
+            "name": "cloudName",
+            "modelAsString": true
+          }
+        },
+        "offerings": {
+          "type": "array",
+          "description": "A collection of offerings for the security connector.",
+          "items": {
+            "$ref": "#/definitions/cloudOffering"
+          },
+          "x-ms-identifiers": []
+        },
+        "environmentData": {
+          "type": "object",
+          "description": "The security connector environment data.",
+          "$ref": "#/definitions/EnvironmentData"
+        }
+      }
+    },
+    "EnvironmentData": {
+      "type": "object",
+      "description": "The security connector environment data.",
+      "discriminator": "environmentType",
+      "required": [
+        "environmentType"
+      ],
+      "properties": {
+        "environmentType": {
+          "type": "string",
+          "description": "The type of the environment data.",
+          "enum": [
+            "AwsAccount",
+            "GcpProject",
+            "GithubScope",
+            "AzureDevOpsScope",
+            "GitlabScope",
+            "DockerHubOrganization",
+            "JFrogArtifactory"
+          ],
+          "x-ms-enum": {
+            "name": "environmentType",
+            "modelAsString": true
+          }
+        }
+      }
+    },
+    "AwsEnvironmentData": {
+      "type": "object",
+      "description": "The AWS connector environment data",
+      "x-ms-discriminator-value": "AwsAccount",
+      "allOf": [
+        {
+          "$ref": "#/definitions/EnvironmentData"
+        }
+      ],
+      "properties": {
+        "organizationalData": {
+          "type": "object",
+          "description": "The AWS account's organizational data",
+          "$ref": "#/definitions/AwsOrganizationalData"
+        },
+        "regions": {
+          "type": "array",
+          "description": "list of regions to scan",
+          "items": {
+            "type": "string",
+            "description": "AWS regions names"
+          }
+        },
+        "accountName": {
+          "type": "string",
+          "description": "The AWS account name",
+          "readOnly": true
+        },
+        "scanInterval": {
+          "type": "integer",
+          "format": "int64",
+          "description": "Scan interval in hours (value should be between 1-hour to 24-hours)"
+        }
+      }
+    },
+    "AwsOrganizationalData": {
+      "type": "object",
+      "description": "The AWS organization data",
+      "discriminator": "organizationMembershipType",
+      "required": [
+        "organizationMembershipType"
+      ],
+      "properties": {
+        "organizationMembershipType": {
+          "type": "string",
+          "description": "The multi cloud account's membership type in the organization",
+          "enum": [
+            "Member",
+            "Organization"
+          ],
+          "x-ms-enum": {
+            "name": "organizationMembershipType",
+            "modelAsString": true
+          }
+        }
+      }
+    },
+    "AwsOrganizationalDataMaster": {
+      "type": "object",
+      "description": "The AWS organization data for the master account",
+      "x-ms-discriminator-value": "Organization",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AwsOrganizationalData"
+        }
+      ],
+      "properties": {
+        "stacksetName": {
+          "type": "string",
+          "description": "If the multi cloud account is of membership type organization, this will be the name of the onboarding stackset"
+        },
+        "excludedAccountIds": {
+          "type": "array",
+          "description": "If the multi cloud account is of membership type organization, list of accounts excluded from offering",
+          "items": {
+            "type": "string",
+            "description": "account IDs"
+          }
+        }
+      }
+    },
+    "AwsOrganizationalDataMember": {
+      "type": "object",
+      "description": "The AWS organization data for the member account",
+      "x-ms-discriminator-value": "Member",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AwsOrganizationalData"
+        }
+      ],
+      "properties": {
+        "parentHierarchyId": {
+          "type": "string",
+          "description": "If the multi cloud account is not of membership type organization, this will be the ID of the account's parent"
+        }
+      }
+    },
+    "GcpProjectEnvironmentData": {
+      "type": "object",
+      "description": "The GCP project connector environment data",
+      "x-ms-discriminator-value": "GcpProject",
+      "allOf": [
+        {
+          "$ref": "#/definitions/EnvironmentData"
+        }
+      ],
+      "properties": {
+        "organizationalData": {
+          "type": "object",
+          "description": "The Gcp project's organizational data",
+          "$ref": "#/definitions/GcpOrganizationalData"
+        },
+        "projectDetails": {
+          "type": "object",
+          "description": "The Gcp project's details",
+          "$ref": "#/definitions/GcpProjectDetails"
+        },
+        "scanInterval": {
+          "type": "integer",
+          "format": "int64",
+          "description": "Scan interval in hours (value should be between 1-hour to 24-hours)"
+        }
+      }
+    },
+    "GcpProjectDetails": {
+      "type": "object",
+      "description": "The details about the project represented by the security connector",
+      "properties": {
+        "projectNumber": {
+          "type": "string",
+          "description": "The unique GCP Project number"
+        },
+        "projectId": {
+          "type": "string",
+          "description": "The GCP Project id"
+        },
+        "workloadIdentityPoolId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The GCP workload identity federation pool id"
+        },
+        "projectName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "GCP project name"
+        }
+      }
+    },
+    "GcpOrganizationalData": {
+      "type": "object",
+      "description": "The gcpOrganization data",
+      "discriminator": "organizationMembershipType",
+      "required": [
+        "organizationMembershipType"
+      ],
+      "properties": {
+        "organizationMembershipType": {
+          "type": "string",
+          "description": "The multi cloud account's membership type in the organization",
+          "enum": [
+            "Member",
+            "Organization"
+          ],
+          "x-ms-enum": {
+            "name": "organizationMembershipType",
+            "modelAsString": true
+          }
+        }
+      }
+    },
+    "GcpOrganizationalDataOrganization": {
+      "type": "object",
+      "description": "The gcpOrganization data for the parent account",
+      "x-ms-discriminator-value": "Organization",
+      "allOf": [
+        {
+          "$ref": "#/definitions/GcpOrganizationalData"
+        }
+      ],
+      "properties": {
+        "excludedProjectNumbers": {
+          "type": "array",
+          "description": "If the multi cloud account is of membership type organization, list of accounts excluded from offering",
+          "items": {
+            "type": "string",
+            "description": "account IDs"
+          }
+        },
+        "serviceAccountEmailAddress": {
+          "type": "string",
+          "description": "The service account email address which represents the organization level permissions container."
+        },
+        "workloadIdentityProviderId": {
+          "type": "string",
+          "description": "The GCP workload identity provider id which represents the permissions required to auto provision security connectors"
+        },
+        "organizationName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "GCP organization name"
+        }
+      }
+    },
+    "GcpOrganizationalDataMember": {
+      "type": "object",
+      "description": "The gcpOrganization data for the member account",
+      "x-ms-discriminator-value": "Member",
+      "allOf": [
+        {
+          "$ref": "#/definitions/GcpOrganizationalData"
+        }
+      ],
+      "properties": {
+        "parentHierarchyId": {
+          "type": "string",
+          "description": "If the multi cloud account is not of membership type organization, this will be the ID of the project's parent"
+        },
+        "managementProjectNumber": {
+          "type": "string",
+          "description": "The GCP management project number from organizational onboarding"
+        }
+      }
+    },
+    "GithubScopeEnvironmentData": {
+      "type": "object",
+      "description": "The github scope connector's environment data",
+      "x-ms-discriminator-value": "GithubScope",
+      "allOf": [
+        {
+          "$ref": "#/definitions/EnvironmentData"
+        }
+      ],
+      "properties": {}
+    },
+    "AzureDevOpsScopeEnvironmentData": {
+      "type": "object",
+      "description": "The AzureDevOps scope connector's environment data",
+      "x-ms-discriminator-value": "AzureDevOpsScope",
+      "allOf": [
+        {
+          "$ref": "#/definitions/EnvironmentData"
+        }
+      ],
+      "properties": {}
+    },
+    "GitlabScopeEnvironmentData": {
+      "type": "object",
+      "description": "The GitLab scope connector's environment data",
+      "x-ms-discriminator-value": "GitlabScope",
+      "allOf": [
+        {
+          "$ref": "#/definitions/EnvironmentData"
+        }
+      ],
+      "properties": {}
+    },
+    "DockerHubEnvironmentData": {
+      "type": "object",
+      "description": "The Docker Hub connector environment data",
+      "x-ms-discriminator-value": "DockerHubOrganization",
+      "allOf": [
+        {
+          "$ref": "#/definitions/EnvironmentData"
+        }
+      ],
+      "properties": {
+        "authentication": {
+          "type": "object",
+          "description": "The Docker Hub organization authentication details",
+          "$ref": "#/definitions/Authentication"
+        },
+        "scanInterval": {
+          "type": "integer",
+          "format": "int64",
+          "description": "Scan interval in hours (value should be between 1-hour to 24-hours)"
+        }
+      }
+    },
+    "Authentication": {
+      "type": "object",
+      "description": "The environment authentication details",
+      "discriminator": "authenticationType",
+      "required": [
+        "authenticationType"
+      ],
+      "properties": {
+        "authenticationType": {
+          "type": "string",
+          "description": "The authentication type",
+          "enum": [
+            "AccessToken"
+          ],
+          "x-ms-enum": {
+            "name": "authenticationType",
+            "modelAsString": true
+          }
+        }
+      }
+    },
+    "AccessTokenAuthentication": {
+      "type": "object",
+      "description": "The environment authentication details",
+      "x-ms-discriminator-value": "AccessToken",
+      "allOf": [
+        {
+          "$ref": "#/definitions/Authentication"
+        }
+      ],
+      "properties": {
+        "username": {
+          "type": "string",
+          "description": "The user name that will be used while authenticating with the onboarded environment"
+        },
+        "accessToken": {
+          "type": "string",
+          "description": "The access token that will be used while authenticating with the onboarded environment"
+        }
+      }
+    },
+    "JFrogEnvironmentData": {
+      "type": "object",
+      "description": "The JFrog Artifactory connector environment data",
+      "x-ms-discriminator-value": "JFrogArtifactory",
+      "allOf": [
+        {
+          "$ref": "#/definitions/EnvironmentData"
+        }
+      ],
+      "properties": {
+        "scanInterval": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Scan interval in hours (value should be between 1-hour to 24-hours)",
+          "minimum": 1,
+          "maximum": 24
+        }
+      }
+    },
+    "cloudOffering": {
+      "type": "object",
+      "description": "The security offering details",
+      "discriminator": "offeringType",
+      "required": [
+        "offeringType"
+      ],
+      "properties": {
+        "offeringType": {
+          "type": "string",
+          "description": "The type of the security offering.",
+          "enum": [
+            "CspmMonitorAws",
+            "DefenderForContainersAws",
+            "DefenderForServersAws",
+            "DefenderForDatabasesAws",
+            "CspmMonitorGcp",
+            "CspmMonitorGithub",
+            "CspmMonitorAzureDevOps",
+            "DefenderForServersGcp",
+            "DefenderForContainersGcp",
+            "DefenderForDatabasesGcp",
+            "DefenderCspmAws",
+            "DefenderCspmGcp",
+            "CspmMonitorGitLab",
+            "CspmMonitorDockerHub",
+            "DefenderForContainersDockerHub",
+            "DefenderCspmDockerHub",
+            "CspmMonitorJFrog",
+            "DefenderForContainersJFrog",
+            "DefenderCspmJFrog"
+          ],
+          "x-ms-enum": {
+            "name": "offeringType",
+            "modelAsString": true
+          }
+        },
+        "description": {
+          "type": "string",
+          "description": "The offering description.",
+          "readOnly": true
+        }
+      }
+    },
+    "cspmMonitorAwsOffering": {
+      "type": "object",
+      "description": "The CSPM monitoring for AWS offering",
+      "x-ms-discriminator-value": "CspmMonitorAws",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "nativeCloudConnection": {
+          "type": "object",
+          "description": "The native cloud connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        }
+      }
+    },
+    "defenderForContainersAwsOffering": {
+      "type": "object",
+      "description": "The Defender for Containers AWS offering",
+      "x-ms-discriminator-value": "DefenderForContainersAws",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "kubernetesService": {
+          "type": "object",
+          "description": "The kubernetes service connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature used for provisioning resources"
+            }
+          }
+        },
+        "kubernetesDataCollection": {
+          "type": "object",
+          "description": "The kubernetes data collection connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature used for reading data"
+            }
+          }
+        },
+        "cloudWatchToKinesis": {
+          "type": "object",
+          "description": "The cloudwatch to kinesis connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS used by CloudWatch to transfer data into Kinesis"
+            }
+          }
+        },
+        "kinesisToS3": {
+          "type": "object",
+          "description": "The kinesis to s3 connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS used by Kinesis to transfer data into S3"
+            }
+          }
+        },
+        "enableAuditLogsAutoProvisioning": {
+          "type": "boolean",
+          "description": "Is audit logs data collection enabled"
+        },
+        "enableDefenderAgentAutoProvisioning": {
+          "type": "boolean",
+          "description": "Is Microsoft Defender for Cloud Kubernetes agent auto provisioning enabled"
+        },
+        "enablePolicyAgentAutoProvisioning": {
+          "type": "boolean",
+          "description": "Is Policy Kubernetes agent auto provisioning enabled"
+        },
+        "kubeAuditRetentionTime": {
+          "type": "integer",
+          "format": "int64",
+          "description": "The retention time in days of kube audit logs set on the CloudWatch log group"
+        },
+        "dataCollectionExternalId": {
+          "type": "string",
+          "description": "The externalId used by the data reader to prevent the confused deputy attack"
+        },
+        "mdcContainersImageAssessment": {
+          "type": "object",
+          "description": "The Microsoft Defender container image assessment configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender container image assessment enabled"
+            },
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "mdcContainersAgentlessDiscoveryK8s": {
+          "type": "object",
+          "description": "The Microsoft Defender container agentless discovery K8s configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender container agentless discovery K8s enabled"
+            },
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "vmScanners": {
+          "type": "object",
+          "description": "The Microsoft Defender for Container K8s VM host scanning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/vmScannersAws"
+            }
+          ],
+          "properties": {}
+        }
+      }
+    },
+    "defenderForServersAwsOffering": {
+      "type": "object",
+      "description": "The Defender for Servers AWS offering",
+      "x-ms-discriminator-value": "DefenderForServersAws",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "defenderForServers": {
+          "type": "object",
+          "description": "The Defender for servers connection configuration",
+          "properties": {
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "arcAutoProvisioning": {
+          "type": "object",
+          "description": "The ARC autoprovisioning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/arcAutoProvisioningAws"
+            }
+          ],
+          "properties": {}
+        },
+        "vaAutoProvisioning": {
+          "type": "object",
+          "description": "The Vulnerability Assessment autoprovisioning configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Vulnerability Assessment auto provisioning enabled"
+            },
+            "configuration": {
+              "type": "object",
+              "description": "configuration for Vulnerability Assessment autoprovisioning",
+              "properties": {
+                "type": {
+                  "type": "string",
+                  "description": "The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys'",
+                  "enum": [
+                    "Qualys",
+                    "TVM"
+                  ],
+                  "x-ms-enum": {
+                    "name": "type",
+                    "modelAsString": true
+                  }
+                }
+              }
+            }
+          }
+        },
+        "mdeAutoProvisioning": {
+          "type": "object",
+          "description": "The Microsoft Defender for Endpoint autoprovisioning configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender for Endpoint auto provisioning enabled"
+            },
+            "configuration": {
+              "type": "object",
+              "description": "configuration for Microsoft Defender for Endpoint autoprovisioning",
+              "properties": {}
+            }
+          }
+        },
+        "subPlan": {
+          "type": "object",
+          "description": "configuration for the servers offering subPlan",
+          "properties": {
+            "type": {
+              "type": "string",
+              "description": "The available sub plans",
+              "enum": [
+                "P1",
+                "P2"
+              ],
+              "x-ms-enum": {
+                "name": "subPlan",
+                "modelAsString": true
+              }
+            }
+          }
+        },
+        "vmScanners": {
+          "type": "object",
+          "description": "The Microsoft Defender for Server VM scanning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/vmScannersAws"
+            }
+          ],
+          "properties": {}
+        }
+      }
+    },
+    "defenderFoDatabasesAwsOffering": {
+      "type": "object",
+      "description": "The Defender for Databases AWS offering",
+      "x-ms-discriminator-value": "DefenderForDatabasesAws",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "arcAutoProvisioning": {
+          "type": "object",
+          "description": "The ARC autoprovisioning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/arcAutoProvisioningAws"
+            }
+          ],
+          "properties": {}
+        },
+        "rds": {
+          "type": "object",
+          "description": "The RDS configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is RDS protection enabled"
+            },
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "databasesDspm": {
+          "type": "object",
+          "description": "The databases data security posture management (DSPM) configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is databases data security posture management (DSPM) protection enabled"
+            },
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        }
+      }
+    },
+    "cspmMonitorGcpOffering": {
+      "type": "object",
+      "description": "The CSPM monitoring for GCP offering",
+      "x-ms-discriminator-value": "CspmMonitorGcp",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "nativeCloudConnection": {
+          "type": "object",
+          "description": "The native cloud connection configuration",
+          "properties": {
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The GCP workload identity provider id for the offering"
+            },
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for this offering"
+            }
+          }
+        }
+      }
+    },
+    "defenderForServersGcpOffering": {
+      "type": "object",
+      "description": "The Defender for Servers GCP offering configurations",
+      "x-ms-discriminator-value": "DefenderForServersGcp",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "defenderForServers": {
+          "type": "object",
+          "description": "The Defender for servers connection configuration",
+          "properties": {
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The workload identity provider id in GCP for this feature"
+            },
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for this feature"
+            }
+          }
+        },
+        "arcAutoProvisioning": {
+          "type": "object",
+          "description": "The ARC autoprovisioning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/arcAutoProvisioningGcp"
+            }
+          ],
+          "properties": {}
+        },
+        "vaAutoProvisioning": {
+          "type": "object",
+          "description": "The Vulnerability Assessment autoprovisioning configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Vulnerability Assessment auto provisioning enabled"
+            },
+            "configuration": {
+              "type": "object",
+              "description": "configuration for Vulnerability Assessment autoprovisioning",
+              "properties": {
+                "type": {
+                  "type": "string",
+                  "description": "The Vulnerability Assessment solution to be provisioned. Can be either 'TVM' or 'Qualys'",
+                  "enum": [
+                    "Qualys",
+                    "TVM"
+                  ],
+                  "x-ms-enum": {
+                    "name": "type",
+                    "modelAsString": true
+                  }
+                }
+              }
+            }
+          }
+        },
+        "mdeAutoProvisioning": {
+          "type": "object",
+          "description": "The Microsoft Defender for Endpoint autoprovisioning configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender for Endpoint auto provisioning enabled"
+            },
+            "configuration": {
+              "type": "object",
+              "description": "configuration for Microsoft Defender for Endpoint autoprovisioning",
+              "properties": {}
+            }
+          }
+        },
+        "subPlan": {
+          "type": "object",
+          "description": "configuration for the servers offering subPlan",
+          "properties": {
+            "type": {
+              "type": "string",
+              "description": "The available sub plans",
+              "enum": [
+                "P1",
+                "P2"
+              ],
+              "x-ms-enum": {
+                "name": "subPlan",
+                "modelAsString": true
+              }
+            }
+          }
+        },
+        "vmScanners": {
+          "type": "object",
+          "description": "The Microsoft Defender for Server VM scanning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/vmScannersGcp"
+            }
+          ],
+          "properties": {}
+        }
+      }
+    },
+    "defenderForDatabasesGcpOffering": {
+      "type": "object",
+      "description": "The Defender for Databases GCP offering configurations",
+      "x-ms-discriminator-value": "DefenderForDatabasesGcp",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "arcAutoProvisioning": {
+          "type": "object",
+          "description": "The ARC autoprovisioning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/arcAutoProvisioningGcp"
+            }
+          ],
+          "properties": {}
+        },
+        "defenderForDatabasesArcAutoProvisioning": {
+          "type": "object",
+          "description": "The native cloud connection configuration",
+          "properties": {
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for this offering"
+            },
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The GCP workload identity provider id for this offering"
+            }
+          }
+        }
+      }
+    },
+    "defenderForContainersGcpOffering": {
+      "type": "object",
+      "description": "The containers GCP offering",
+      "x-ms-discriminator-value": "DefenderForContainersGcp",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "nativeCloudConnection": {
+          "type": "object",
+          "description": "The native cloud connection configuration",
+          "properties": {
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for this offering"
+            },
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The GCP workload identity provider id for this offering"
+            }
+          }
+        },
+        "dataPipelineNativeCloudConnection": {
+          "type": "object",
+          "description": "The native cloud connection configuration",
+          "properties": {
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The data collection service account email address in GCP for this offering"
+            },
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The data collection GCP workload identity provider id for this offering"
+            }
+          }
+        },
+        "enableAuditLogsAutoProvisioning": {
+          "type": "boolean",
+          "description": "Is audit logs data collection enabled"
+        },
+        "enableDefenderAgentAutoProvisioning": {
+          "type": "boolean",
+          "description": "Is Microsoft Defender for Cloud Kubernetes agent auto provisioning enabled"
+        },
+        "enablePolicyAgentAutoProvisioning": {
+          "type": "boolean",
+          "description": "Is Policy Kubernetes agent auto provisioning enabled"
+        },
+        "mdcContainersImageAssessment": {
+          "type": "object",
+          "description": "The Microsoft Defender Container image assessment configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender container image assessment enabled"
+            },
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The workload identity provider id in GCP for this feature"
+            },
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for this feature"
+            }
+          }
+        },
+        "mdcContainersAgentlessDiscoveryK8s": {
+          "type": "object",
+          "description": "The Microsoft Defender Container agentless discovery configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender container agentless discovery enabled"
+            },
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The workload identity provider id in GCP for this feature"
+            },
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for this feature"
+            }
+          }
+        },
+        "vmScanners": {
+          "type": "object",
+          "description": "The Microsoft Defender for Container K8s VM host scanning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/vmScannersGcp"
+            }
+          ],
+          "properties": {}
+        }
+      }
+    },
+    "cspmMonitorGithubOffering": {
+      "type": "object",
+      "description": "The CSPM monitoring for github offering",
+      "x-ms-discriminator-value": "CspmMonitorGithub",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {}
+    },
+    "cspmMonitorAzureDevOpsOffering": {
+      "type": "object",
+      "description": "The CSPM monitoring for AzureDevOps offering",
+      "x-ms-discriminator-value": "CspmMonitorAzureDevOps",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {}
+    },
+    "defenderCspmAwsOffering": {
+      "type": "object",
+      "description": "The CSPM P1 for AWS offering",
+      "x-ms-discriminator-value": "DefenderCspmAws",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "vmScanners": {
+          "type": "object",
+          "description": "The Microsoft Defender for CSPM offering VM scanning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/vmScannersAws"
+            }
+          ],
+          "properties": {}
+        },
+        "dataSensitivityDiscovery": {
+          "type": "object",
+          "description": "The Microsoft Defender Data Sensitivity discovery configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender Data Sensitivity discovery enabled"
+            },
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "databasesDspm": {
+          "type": "object",
+          "description": "The databases DSPM configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is databases DSPM protection enabled"
+            },
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "ciem": {
+          "type": "object",
+          "description": "Defenders CSPM Permissions Management offering configurations",
+          "properties": {
+            "ciemDiscovery": {
+              "type": "object",
+              "description": "Defender CSPM Permissions Management discovery configuration",
+              "properties": {
+                "cloudRoleArn": {
+                  "type": "string",
+                  "description": "The cloud role ARN in AWS for Permissions Management discovery"
+                }
+              }
+            },
+            "ciemOidc": {
+              "type": "object",
+              "description": "AWS Defender CSPM Permissions Management OIDC (open id connect) connection configurations",
+              "properties": {
+                "cloudRoleArn": {
+                  "type": "string",
+                  "description": "The cloud role ARN in AWS for Permissions Management used for oidc connection"
+                },
+                "azureActiveDirectoryAppName": {
+                  "type": "string",
+                  "description": "the azure active directory app name used of authenticating against AWS"
+                }
+              }
+            }
+          }
+        },
+        "mdcContainersImageAssessment": {
+          "type": "object",
+          "description": "The Microsoft Defender container image assessment configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender container image assessment enabled"
+            },
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        },
+        "mdcContainersAgentlessDiscoveryK8s": {
+          "type": "object",
+          "description": "The Microsoft Defender container agentless discovery K8s configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender container agentless discovery K8s enabled"
+            },
+            "cloudRoleArn": {
+              "type": "string",
+              "description": "The cloud role ARN in AWS for this feature"
+            }
+          }
+        }
+      }
+    },
+    "defenderCspmGcpOffering": {
+      "type": "object",
+      "description": "The CSPM P1 for GCP offering",
+      "x-ms-discriminator-value": "DefenderCspmGcp",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "ciemDiscovery": {
+          "type": "object",
+          "description": "GCP Defenders CSPM Permissions Management OIDC (Open ID connect) connection configurations",
+          "properties": {
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The GCP workload identity provider id for Permissions Management offering"
+            },
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for Permissions Management offering"
+            },
+            "azureActiveDirectoryAppName": {
+              "type": "string",
+              "description": "the azure active directory app name used of authenticating against GCP workload identity federation"
+            }
+          }
+        },
+        "vmScanners": {
+          "type": "object",
+          "description": "The Microsoft Defender for CSPM VM scanning configuration",
+          "allOf": [
+            {
+              "$ref": "#/definitions/vmScannersGcp"
+            }
+          ],
+          "properties": {}
+        },
+        "dataSensitivityDiscovery": {
+          "type": "object",
+          "description": "The Microsoft Defender Data Sensitivity discovery configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender Data Sensitivity discovery enabled"
+            },
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The workload identity provider id in GCP for this feature"
+            },
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for this feature"
+            }
+          }
+        },
+        "mdcContainersImageAssessment": {
+          "type": "object",
+          "description": "The Microsoft Defender Container image assessment configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender container image assessment enabled"
+            },
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The workload identity provider id in GCP for this feature"
+            },
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for this feature"
+            }
+          }
+        },
+        "mdcContainersAgentlessDiscoveryK8s": {
+          "type": "object",
+          "description": "The Microsoft Defender Container agentless discovery configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender container agentless discovery enabled"
+            },
+            "workloadIdentityProviderId": {
+              "type": "string",
+              "description": "The workload identity provider id in GCP for this feature"
+            },
+            "serviceAccountEmailAddress": {
+              "type": "string",
+              "description": "The service account email address in GCP for this feature"
+            }
+          }
+        }
+      }
+    },
+    "cspmMonitorGitLabOffering": {
+      "type": "object",
+      "description": "The CSPM (Cloud security posture management) monitoring for gitlab offering",
+      "x-ms-discriminator-value": "CspmMonitorGitLab",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {}
+    },
+    "cspmMonitorDockerHubOffering": {
+      "type": "object",
+      "description": "The CSPM (Cloud security posture management) monitoring for Docker Hub offering",
+      "x-ms-discriminator-value": "CspmMonitorDockerHub",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {}
+    },
+    "defenderForContainersDockerHubOffering": {
+      "type": "object",
+      "description": "The Defender for containers Docker Hub offering configurations",
+      "x-ms-discriminator-value": "DefenderForContainersDockerHub",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {}
+    },
+    "defenderCspmDockerHubOffering": {
+      "type": "object",
+      "description": "The Defender for CSPM Docker Hub offering configurations",
+      "x-ms-discriminator-value": "DefenderCspmDockerHub",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {}
+    },
+    "cspmMonitorJFrogOffering": {
+      "type": "object",
+      "description": "The CSPM (Cloud security posture management) monitoring for JFrog Artifactory offering",
+      "x-ms-discriminator-value": "CspmMonitorJFrog",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ]
+    },
+    "defenderForContainersJFrogOffering": {
+      "type": "object",
+      "description": "The Defender for Containers for JFrog Artifactory offering",
+      "x-ms-discriminator-value": "DefenderForContainersJFrog",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ]
+    },
+    "defenderCspmJFrogOffering": {
+      "type": "object",
+      "description": "The CSPM P1 for JFrog Artifactory offering",
+      "x-ms-discriminator-value": "DefenderCspmJFrog",
+      "allOf": [
+        {
+          "$ref": "#/definitions/cloudOffering"
+        }
+      ],
+      "properties": {
+        "mdcContainersImageAssessment": {
+          "type": "object",
+          "description": "The Microsoft Defender Container image assessment configuration",
+          "properties": {
+            "enabled": {
+              "type": "boolean",
+              "description": "Is Microsoft Defender container image assessment enabled"
+            }
+          }
+        }
+      }
+    },
+    "vmScannersBase": {
+      "type": "object",
+      "description": "A VM scanning configuration for a security offering of a given environment",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Is VM scanning enabled"
+        },
+        "configuration": {
+          "type": "object",
+          "description": "Configuration for VM scanning",
+          "properties": {
+            "scanningMode": {
+              "type": "string",
+              "description": "The scanning mode for the VM scan.",
+              "enum": [
+                "Default"
+              ],
+              "x-ms-enum": {
+                "name": "scanningMode",
+                "modelAsString": true
+              }
+            },
+            "exclusionTags": {
+              "type": "object",
+              "additionalProperties": {
+                "type": "string"
+              },
+              "description": "Tags that indicates that a resource should not be scanned"
+            }
+          }
+        }
+      }
+    },
+    "vmScannersGcp": {
+      "type": "object",
+      "description": "A VM scanning configuration for a security offering of a GCP environment",
+      "properties": {},
+      "allOf": [
+        {
+          "$ref": "#/definitions/vmScannersBase"
+        }
+      ]
+    },
+    "vmScannersAws": {
+      "type": "object",
+      "description": "A VM scanning configuration for a security offering of a Aws environment",
+      "properties": {
+        "cloudRoleArn": {
+          "type": "string",
+          "description": "The cloud role ARN in AWS for this feature"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/vmScannersBase"
+        }
+      ]
+    },
+    "arcAutoProvisioning": {
+      "type": "object",
+      "description": "The ARC autoprovisioning configuration",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Is arc auto provisioning enabled"
+        },
+        "configuration": {
+          "type": "object",
+          "description": "Configuration for servers Arc auto provisioning for a given environment",
+          "properties": {
+            "proxy": {
+              "type": "string",
+              "description": "Optional HTTP proxy endpoint to use for the Arc agent"
+            },
+            "privateLinkScope": {
+              "type": "string",
+              "description": "Optional Arc private link scope resource id to link the Arc agent"
+            }
+          }
+        }
+      }
+    },
+    "arcAutoProvisioningGcp": {
+      "type": "object",
+      "description": "The ARC autoprovisioning configuration for an GCP environment",
+      "properties": {},
+      "allOf": [
+        {
+          "$ref": "#/definitions/arcAutoProvisioning"
+        }
+      ]
+    },
+    "arcAutoProvisioningAws": {
+      "type": "object",
+      "description": "The ARC autoprovisioning configuration for an AWS environment",
+      "properties": {
+        "cloudRoleArn": {
+          "type": "string",
+          "description": "The cloud role ARN in AWS for this feature"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/arcAutoProvisioning"
+        }
+      ]
+    }
+  },
+  "parameters": {
+    "securityConnectorName": {
+      "name": "securityConnectorName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The security connector name.",
+      "x-ms-parameter-location": "method"
+    },
+    "securityConnectorInBody": {
+      "name": "securityConnector",
+      "in": "body",
+      "required": true,
+      "description": "The security connector resource",
+      "schema": {
+        "$ref": "#/definitions/SecurityConnector"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-10-01-preview/defenderForStorageSettings.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-10-01-preview/defenderForStorageSettings.json
new file mode 100644
index 000000000..20ebdd1df
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-10-01-preview/defenderForStorageSettings.json
@@ -0,0 +1,476 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2024-10-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{resourceId}/providers/Microsoft.Security/defenderForStorageSettings/{settingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Gets the Defender for Storage settings for the specified resource.": {
+            "$ref": "./examples/DefenderForStorage/GetDefenderForStorageSettings_example.json"
+          }
+        },
+        "tags": [
+          "DefenderForStorage"
+        ],
+        "description": "Gets the Defender for Storage settings for the specified storage account.",
+        "operationId": "DefenderForStorage_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DefenderForStorageSettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful request to get Defender for Storage settings.",
+            "schema": {
+              "$ref": "#/definitions/DefenderForStorageSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Creates or updates the Defender for Storage settings on a specified resource.": {
+            "$ref": "./examples/DefenderForStorage/PutDefenderForStorageSettings_example.json"
+          }
+        },
+        "tags": [
+          "DefenderForStorage"
+        ],
+        "description": "Creates or updates the Defender for Storage settings on a specified storage account.",
+        "operationId": "DefenderForStorage_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DefenderForStorageSettingName"
+          },
+          {
+            "$ref": "#/parameters/DefenderForStorageSetting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful request to create or update Defender for Storage settings.",
+            "schema": {
+              "$ref": "#/definitions/DefenderForStorageSetting"
+            }
+          },
+          "201": {
+            "description": "Request to  create or update Defender for Storage settings partially succeeded.",
+            "schema": {
+              "$ref": "#/definitions/DefenderForStorageSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/defenderForStorageSettings/{settingName}/startMalwareScan": {
+      "post": {
+        "x-ms-examples": {
+          "Initiate a Defender for Storage malware scan for the specified storage account.": {
+            "$ref": "./examples/DefenderForStorage/StartMalwareScan_example.json"
+          }
+        },
+        "tags": [
+          "DefenderForStorage",
+          "Antimalware",
+          "Scan"
+        ],
+        "description": "Initiate a Defender for Storage malware scan for the specified storage account.",
+        "operationId": "DefenderForStorage_StartMalwareScan",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DefenderForStorageSettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "The status of the malware scan operation.",
+            "schema": {
+              "$ref": "#/definitions/MalwareScan"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/defenderForStorageSettings/{settingName}/malwareScans/{scanId}/cancelMalwareScan": {
+      "post": {
+        "x-ms-examples": {
+          "Cancel a Defender for Storage malware scan for the specified storage resource.": {
+            "$ref": "./examples/DefenderForStorage/CancelMalwareScan_example.json"
+          }
+        },
+        "tags": [
+          "DefenderForStorage",
+          "Antimalware",
+          "Scan"
+        ],
+        "description": "Cancels a Defender for Storage malware scan for the specified storage account.",
+        "operationId": "DefenderForStorage_CancelMalwareScan",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DefenderForStorageSettingName"
+          },
+          {
+            "$ref": "#/parameters/ScanId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "The status of the malware scan operation.",
+            "schema": {
+              "$ref": "#/definitions/MalwareScan"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/defenderForStorageSettings/{settingName}/malwareScans/{scanId}": {
+      "get": {
+        "x-ms-examples": {
+          "Gets the Defender for Storage malware scan for the specified storage resource.": {
+            "$ref": "./examples/DefenderForStorage/GetMalwareScan_example.json"
+          }
+        },
+        "tags": [
+          "DefenderForStorage",
+          "Antimalware",
+          "Scan"
+        ],
+        "description": "Gets the Defender for Storage malware scan for the specified storage resource.",
+        "operationId": "DefenderForStorage_GetMalwareScan",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DefenderForStorageSettingName"
+          },
+          {
+            "$ref": "#/parameters/ScanId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "The state of the malware scan operation.",
+            "schema": {
+              "$ref": "#/definitions/MalwareScan"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "DefenderForStorageSetting": {
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/DefenderForStorageSettingProperties"
+        }
+      },
+      "description": "The Defender for Storage resource."
+    },
+    "DefenderForStorageSettingProperties": {
+      "type": "object",
+      "properties": {
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Indicates whether Defender for Storage is enabled on this storage account."
+        },
+        "malwareScanning": {
+          "$ref": "#/definitions/MalwareScanningProperties"
+        },
+        "sensitiveDataDiscovery": {
+          "$ref": "#/definitions/SensitiveDataDiscoveryProperties"
+        },
+        "overrideSubscriptionLevelSettings": {
+          "type": "boolean",
+          "description": "Indicates whether the settings defined for this storage account should override the settings defined for the subscription."
+        }
+      },
+      "description": "Defender for Storage resource properties."
+    },
+    "MalwareScanningProperties": {
+      "type": "object",
+      "properties": {
+        "onUpload": {
+          "$ref": "#/definitions/OnUploadProperties"
+        },
+        "scanResultsEventGridTopicResourceId": {
+          "type": "string",
+          "description": "Optional. Resource id of an Event Grid Topic to send scan results to."
+        },
+        "operationStatus": {
+          "type": "object",
+          "$ref": "#/definitions/OperationStatus",
+          "readOnly": true,
+          "description": "Upon failure or partial success. Additional data describing Malware Scanning enable/disable operation."
+        }
+      },
+      "description": "Properties of Malware Scanning."
+    },
+    "OnUploadProperties": {
+      "type": "object",
+      "properties": {
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Indicates whether On Upload malware scanning should be enabled."
+        },
+        "capGBPerMonth": {
+          "type": "integer",
+          "format": "int32",
+          "description": "Defines the max GB to be scanned per Month. Set to -1 if no capping is needed."
+        }
+      },
+      "description": "Properties of On Upload malware scanning."
+    },
+    "SensitiveDataDiscoveryProperties": {
+      "type": "object",
+      "properties": {
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Indicates whether Sensitive Data Discovery should be enabled."
+        },
+        "operationStatus": {
+          "type": "object",
+          "$ref": "#/definitions/OperationStatus",
+          "readOnly": true,
+          "description": "Upon failure or partial success. Additional data describing Sensitive Data Discovery enable/disable operation."
+        }
+      },
+      "description": "Properties of Sensitive Data Discovery."
+    },
+    "OperationStatus": {
+      "type": "object",
+      "description": "A status describing the success/failure of the enablement/disablement operation.",
+      "properties": {
+        "code": {
+          "type": "string",
+          "description": "The operation status code."
+        },
+        "message": {
+          "type": "string",
+          "description": "Additional information regarding the success/failure of the operation."
+        }
+      }
+    },
+    "MalwareScan": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/MalwareScanProperties"
+        }
+      },
+      "description": "Describes the state of a malware scan operation."
+    },
+    "MalwareScanProperties": {
+      "type": "object",
+      "properties": {
+        "scanId": {
+          "type": "string",
+          "description": "The identifier of the scan."
+        },
+        "scanStatus": {
+          "type": "string",
+          "description": "A status code of the scan operation."
+        },
+        "scanStatusMessage": {
+          "type": "string",
+          "description": "A description of the status of the scan."
+        },
+        "scanStartTime": {
+          "type": "string",
+          "description": "The time at which the scan had been initiated."
+        },
+        "scanEndTime": {
+          "type": "string",
+          "description": "The time at which the scan has ended. Only available for a scan which has terminated."
+        },
+        "scanSummary": {
+          "type": "object",
+          "$ref": "#/definitions/ScanSummary",
+          "description": "A summary of the scan results."
+        }
+      }
+    },
+    "ScanSummary": {
+      "type": "object",
+      "description": "A summary of the scan results.",
+      "properties": {
+        "blobs": {
+          "type": "object",
+          "$ref": "#/definitions/BlobsScanSummary",
+          "description": "A summary of the scan results of the blobs that were scanned."
+        },
+        "estimatedScanCostUSD": {
+          "type": "number",
+          "format": "double",
+          "description": "The estimated cost of the scan. Only available for a scan which has terminated."
+        }
+      }
+    },
+    "BlobsScanSummary": {
+      "type": "object",
+      "description": "A summary of the scan results of the blobs that were scanned.",
+      "properties": {
+        "totalBlobsScanned": {
+          "type": "integer",
+          "format": "int64",
+          "description": "The total number of blobs that were scanned."
+        },
+        "maliciousBlobsCount": {
+          "type": "integer",
+          "format": "int64",
+          "description": "The number of malicious blobs that were detected during the scan."
+        },
+        "skippedBlobsCount": {
+          "type": "integer",
+          "format": "int64",
+          "description": "The number of blobs that were skipped."
+        },
+        "scannedBlobsInGB": {
+          "type": "number",
+          "format": "double",
+          "description": "The number of gigabytes of data that were scanned."
+        }
+      }
+    }
+  },
+  "parameters": {
+    "DefenderForStorageSettingName": {
+      "name": "settingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "pattern": "^[a-z][a-z0-9]*$",
+      "enum": [
+        "current"
+      ],
+      "x-ms-enum": {
+        "name": "settingName",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "current",
+            "description": "Name of the Defender for Storage Settings name."
+          }
+        ]
+      },
+      "description": "Defender for Storage setting name.",
+      "x-ms-parameter-location": "method"
+    },
+    "DefenderForStorageSetting": {
+      "name": "defenderForStorageSetting",
+      "in": "body",
+      "required": true,
+      "description": "Defender for Storage Settings",
+      "schema": {
+        "$ref": "#/definitions/DefenderForStorageSetting"
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "ScanId": {
+      "name": "scanId",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "pattern": "^(latest|[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12})$",
+      "description": "The identifier of the scan. Can be either 'latest' or a GUID.",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-10-01-preview/operations.json b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-10-01-preview/operations.json
new file mode 100644
index 000000000..27ad6fe10
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/preview/2024-10-01-preview/operations.json
@@ -0,0 +1,74 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2024-10-01-preview"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/providers/Microsoft.Security/operations": {
+      "get": {
+        "x-ms-examples": {
+          "List the operations for the Microsoft.Security (Microsoft Defender for Cloud) resource provider": {
+            "$ref": "./examples/Operations/ListOperations_example.json"
+          }
+        },
+        "tags": [
+          "Operations"
+        ],
+        "description": "Exposes all available operations for discovery purposes.",
+        "operationId": "Operations_List",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v6/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v6/types.json#/definitions/OperationListResult"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v6/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2017-08-01/complianceResults.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2017-08-01/complianceResults.json
new file mode 100644
index 000000000..2786ba3f8
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2017-08-01/complianceResults.json
@@ -0,0 +1,203 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2017-08-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/complianceResults": {
+      "get": {
+        "x-ms-examples": {
+          "Get compliance results on subscription": {
+            "$ref": "./examples/ComplianceResults/ListComplianceResults_example.json"
+          }
+        },
+        "tags": [
+          "Compliance Results"
+        ],
+        "description": "Security compliance results in the subscription",
+        "operationId": "ComplianceResults_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ComplianceResultList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/complianceResults/{complianceResultName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get compliance results on subscription": {
+            "$ref": "./examples/ComplianceResults/GetComplianceResults_example.json"
+          }
+        },
+        "tags": [
+          "Compliance Results"
+        ],
+        "description": "Security Compliance Result",
+        "operationId": "ComplianceResults_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/ComplianceResultName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ComplianceResult"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ComplianceResultList": {
+      "description": "List of compliance results response",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of compliance results",
+          "items": {
+            "$ref": "#/definitions/ComplianceResult"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "ComplianceResult": {
+      "type": "object",
+      "description": "a compliance result",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Compliance result data",
+          "$ref": "#/definitions/ComplianceResultProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "ComplianceResultProperties": {
+      "type": "object",
+      "description": "Compliance result data",
+      "properties": {
+        "resourceStatus": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The status of the resource regarding a single assessment",
+          "enum": [
+            "Healthy",
+            "NotApplicable",
+            "OffByPolicy",
+            "NotHealthy"
+          ],
+          "x-ms-enum": {
+            "name": "resourceStatus",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Healthy",
+                "description": "This assessment on the resource is healthy"
+              },
+              {
+                "value": "NotApplicable",
+                "description": "This assessment is not applicable to this resource"
+              },
+              {
+                "value": "OffByPolicy",
+                "description": "This assessment is turned off by policy on this subscription"
+              },
+              {
+                "value": "NotHealthy",
+                "description": "This assessment on the resource is not healthy"
+              }
+            ]
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ComplianceResultName": {
+      "name": "complianceResultName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "name of the desired assessment compliance result",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-01-01/advancedThreatProtectionSettings.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-01-01/advancedThreatProtectionSettings.json
new file mode 100644
index 000000000..3b2a598e1
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-01-01/advancedThreatProtectionSettings.json
@@ -0,0 +1,170 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{resourceId}/providers/Microsoft.Security/advancedThreatProtectionSettings/{settingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Gets the Advanced Threat Protection settings for the specified resource.": {
+            "$ref": "./examples/AdvancedThreatProtection/GetAdvancedThreatProtectionSettings_example.json"
+          }
+        },
+        "tags": [
+          "AdvancedThreatProtection"
+        ],
+        "description": "Gets the Advanced Threat Protection settings for the specified resource.",
+        "operationId": "AdvancedThreatProtection_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AdvancedThreatProtectionSettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful request to get Advanced Threat Protection settings.",
+            "schema": {
+              "$ref": "#/definitions/AdvancedThreatProtectionSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Creates or updates the Advanced Threat Protection settings on a specified resource.": {
+            "$ref": "./examples/AdvancedThreatProtection/PutAdvancedThreatProtectionSettings_example.json"
+          }
+        },
+        "tags": [
+          "AdvancedThreatProtection"
+        ],
+        "description": "Creates or updates the Advanced Threat Protection settings on a specified resource.",
+        "operationId": "AdvancedThreatProtection_Create",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AdvancedThreatProtectionSettingName"
+          },
+          {
+            "$ref": "#/parameters/AdvancedThreatProtectionSetting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful request to put Advanced Threat Protection settings.",
+            "schema": {
+              "$ref": "#/definitions/AdvancedThreatProtectionSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AdvancedThreatProtectionProperties": {
+      "properties": {
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Indicates whether Advanced Threat Protection is enabled."
+        }
+      },
+      "description": "The Advanced Threat Protection settings."
+    },
+    "AdvancedThreatProtectionSetting": {
+      "type": "object",
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/AdvancedThreatProtectionProperties"
+        }
+      },
+      "description": "The Advanced Threat Protection resource."
+    }
+  },
+  "parameters": {
+    "AdvancedThreatProtectionSettingName": {
+      "name": "settingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "enum": [
+        "current"
+      ],
+      "x-ms-enum": {
+        "name": "AdvancedThreatProtectionSettingName",
+        "modelAsString": false
+      },
+      "description": "Advanced Threat Protection setting name.",
+      "x-ms-parameter-location": "method"
+    },
+    "AdvancedThreatProtectionSetting": {
+      "name": "advancedThreatProtectionSetting",
+      "in": "body",
+      "required": true,
+      "description": "Advanced Threat Protection Settings",
+      "schema": {
+        "$ref": "#/definitions/AdvancedThreatProtectionSetting"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-01-01/alerts.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-01-01/alerts.json
new file mode 100644
index 000000000..cc3894b37
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-01-01/alerts.json
@@ -0,0 +1,775 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a subscription": {
+            "$ref": "./examples/Alerts/GetAlertsSubscription_example.json"
+          },
+          "Get security alerts, that were affected by auto dismiss rule, on a subscription": {
+            "$ref": "./examples/Alerts/GetAlertsSubscriptionWithAutoDismissRule_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the subscription",
+        "operationId": "Alerts_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/ODataFilter"
+          },
+          {
+            "$ref": "#/parameters/ODataSelect"
+          },
+          {
+            "$ref": "#/parameters/ODataExpand"
+          },
+          {
+            "$ref": "#/parameters/AutoDismissRuleName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a resource group": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroup_example.json"
+          },
+          "Get security alerts, that should be dismissed by auto dismiss rule, on a resource group": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroupWithAutoDismissRule_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the resource group",
+        "operationId": "Alerts_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/ODataFilter"
+          },
+          {
+            "$ref": "#/parameters/ODataSelect"
+          },
+          {
+            "$ref": "#/parameters/ODataExpand"
+          },
+          {
+            "$ref": "#/parameters/AutoDismissRuleName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsSubscriptionsLocation_example.json"
+          },
+          "Get security alerts, that should be dismissed by auto dismiss rule, on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsSubscriptionsLocationWithAutoDismissRule_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the subscription that are stored in a specific location",
+        "operationId": "Alerts_ListSubscriptionLevelAlertsByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/ODataFilter"
+          },
+          {
+            "$ref": "#/parameters/ODataSelect"
+          },
+          {
+            "$ref": "#/parameters/ODataExpand"
+          },
+          {
+            "$ref": "#/parameters/AutoDismissRuleName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroupLocation_example.json"
+          },
+          "Get security alerts, that should be dismissed by auto dismiss rule, on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroupLocationWithAutoDismissRule_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the resource group that are stored in a specific location",
+        "operationId": "Alerts_ListResourceGroupLevelAlertsByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/ODataFilter"
+          },
+          {
+            "$ref": "#/parameters/ODataSelect"
+          },
+          {
+            "$ref": "#/parameters/ODataExpand"
+          },
+          {
+            "$ref": "#/parameters/AutoDismissRuleName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alert on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Get an alert that is associated with a subscription",
+        "operationId": "Alerts_GetSubscriptionLevelAlert",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Alert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alert on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Get an alert that is associated a resource group or a resource in a resource group",
+        "operationId": "Alerts_GetResourceGroupLevelAlerts",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Alert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelAlertStateToDismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/reactivate": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelAlertStateToReactivate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelAlertStateToDismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/reactivate": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelAlertStateToReactivate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AlertList": {
+      "type": "object",
+      "description": "List of security alerts",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Alert"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "Alert": {
+      "type": "object",
+      "description": "Security alert",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/AlertProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "AlertProperties": {
+      "type": "object",
+      "description": "describes security alert properties.",
+      "properties": {
+        "state": {
+          "readOnly": true,
+          "type": "string",
+          "description": "State of the alert (Active, Dismissed etc.)"
+        },
+        "reportedTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The time the incident was reported to Microsoft.Security in UTC"
+        },
+        "vendorName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the vendor that discovered the incident"
+        },
+        "alertName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the alert type"
+        },
+        "alertDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the alert type"
+        },
+        "detectedTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The time the incident was detected by the vendor"
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the incident and what it means"
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Recommended steps to reradiate the incident"
+        },
+        "actionTaken": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The action that was taken as a response to the alert (Active, Blocked etc.)"
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Estimated severity of this alert"
+        },
+        "compromisedEntity": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The entity that the incident happened on"
+        },
+        "associatedResource": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure resource ID of the associated resource"
+        },
+        "extendedProperties": {
+          "$ref": "#/definitions/AlertExtendedProperties"
+        },
+        "systemSource": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The type of the alerted resource (Azure, Non-Azure)"
+        },
+        "canBeInvestigated": {
+          "readOnly": true,
+          "type": "boolean",
+          "description": "Whether this alert can be investigated with Azure Security Center"
+        },
+        "isIncident": {
+          "readOnly": true,
+          "type": "boolean",
+          "description": "Whether this alert is for incident type or not (otherwise - single alert)"
+        },
+        "entities": {
+          "type": "array",
+          "description": "objects that are related to this alerts",
+          "items": {
+            "$ref": "#/definitions/AlertEntity"
+          }
+        },
+        "confidenceScore": {
+          "readOnly": true,
+          "type": "number",
+          "format": "float",
+          "minimum": 0,
+          "maximum": 1,
+          "description": "level of confidence we have on the alert"
+        },
+        "confidenceReasons": {
+          "type": "array",
+          "description": "reasons the alert got the confidenceScore value",
+          "items": {
+            "$ref": "#/definitions/AlertConfidenceReason"
+          }
+        },
+        "subscriptionId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure subscription ID of the resource that had the security alert or the subscription ID of the workspace that this resource reports to"
+        },
+        "instanceId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Instance ID of the alert."
+        },
+        "workspaceArmId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure resource ID of the workspace that the alert was reported to."
+        },
+        "correlationKey": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Alerts with the same CorrelationKey will be grouped together in Ibiza."
+        }
+      }
+    },
+    "AlertConfidenceReason": {
+      "type": "object",
+      "description": "Factors that increase our confidence that the alert is a true positive",
+      "properties": {
+        "type": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Type of confidence factor"
+        },
+        "reason": {
+          "readOnly": true,
+          "type": "string",
+          "description": "description of the confidence reason"
+        }
+      }
+    },
+    "AlertEntity": {
+      "type": "object",
+      "additionalProperties": true,
+      "description": "Changing set of properties depending on the entity type.",
+      "properties": {
+        "type": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Type of entity"
+        }
+      }
+    },
+    "AlertExtendedProperties": {
+      "type": "object",
+      "additionalProperties": true,
+      "description": "Changing set of properties depending on the alert type."
+    }
+  },
+  "parameters": {
+    "ODataFilter": {
+      "name": "$filter",
+      "in": "query",
+      "required": false,
+      "type": "string",
+      "description": "OData filter. Optional.",
+      "x-ms-parameter-location": "method"
+    },
+    "ODataSelect": {
+      "name": "$select",
+      "in": "query",
+      "required": false,
+      "type": "string",
+      "description": "OData select. Optional.",
+      "x-ms-parameter-location": "method"
+    },
+    "ODataExpand": {
+      "name": "$expand",
+      "in": "query",
+      "required": false,
+      "type": "string",
+      "description": "OData expand. Optional.",
+      "x-ms-parameter-location": "method"
+    },
+    "AlertName": {
+      "name": "alertName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the alert object",
+      "x-ms-parameter-location": "method"
+    },
+    "AutoDismissRuleName": {
+      "name": "autoDismissRuleName",
+      "in": "query",
+      "type": "string",
+      "description": "The name of an existing auto dismiss rule. Use it to simulate the rule on existing alerts and get the alerts that would have been dismissed if the rule was enabled when the alert was created",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-01-01/settings.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-01-01/settings.json
new file mode 100644
index 000000000..6e8bdee81
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-01-01/settings.json
@@ -0,0 +1,265 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2019-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings": {
+      "get": {
+        "x-ms-examples": {
+          "Get settings of subscription": {
+            "$ref": "./examples/Settings/GetSettings_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "Settings about different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SettingsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings/{settingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a setting on subscription": {
+            "$ref": "./examples/Settings/GetSetting_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "Settings of different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Setting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Update a setting for subscription": {
+            "$ref": "./examples/Settings/UpdateSetting_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "updating settings about different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SettingName"
+          },
+          {
+            "$ref": "#/parameters/Setting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Setting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SettingsList": {
+      "type": "object",
+      "description": "Subscription settings list.",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "The settings list.",
+          "items": {
+            "$ref": "#/definitions/Setting"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "DataExportSettings": {
+      "type": "object",
+      "description": "Represents a data export setting",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Data export setting data",
+          "$ref": "#/definitions/DataExportSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/Setting"
+        }
+      ],
+      "x-ms-discriminator-value": "DataExportSettings"
+    },
+    "Setting": {
+      "type": "object",
+      "description": "The kind of the security setting",
+      "properties": {
+        "kind": {
+          "type": "string",
+          "description": "the kind of the settings string (DataExportSettings)",
+          "enum": [
+            "DataExportSettings",
+            "AlertSuppressionSetting"
+          ],
+          "x-ms-enum": {
+            "name": "SettingKind",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "DataExportSettings"
+              },
+              {
+                "value": "AlertSuppressionSetting"
+              }
+            ]
+          }
+        }
+      },
+      "discriminator": "kind",
+      "required": [
+        "kind"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "DataExportSettingProperties": {
+      "type": "object",
+      "description": "The data export setting properties",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Is the data export setting is enabled"
+        }
+      },
+      "required": [
+        "enabled"
+      ]
+    }
+  },
+  "parameters": {
+    "SettingName": {
+      "name": "settingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of setting: (MCAS/WDATP)",
+      "enum": [
+        "MCAS",
+        "WDATP"
+      ],
+      "x-ms-parameter-location": "method"
+    },
+    "Setting": {
+      "name": "setting",
+      "in": "body",
+      "required": true,
+      "description": "Setting object",
+      "schema": {
+        "$ref": "#/definitions/Setting"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/deviceSecurityGroups.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/deviceSecurityGroups.json
new file mode 100644
index 000000000..bec45112f
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/deviceSecurityGroups.json
@@ -0,0 +1,643 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-08-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups": {
+      "get": {
+        "x-ms-examples": {
+          "List all device security groups for the specified IoT Hub resource": {
+            "$ref": "./examples/DeviceSecurityGroups/ListDeviceSecurityGroups_example.json"
+          }
+        },
+        "tags": [
+          "DeviceSecurityGroups"
+        ],
+        "description": "Use this method get the list of device security groups for the specified IoT Hub resource.",
+        "operationId": "DeviceSecurityGroups_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DeviceSecurityGroupList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/deviceSecurityGroups/{deviceSecurityGroupName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a device security group for the specified IoT Hub resource": {
+            "$ref": "./examples/DeviceSecurityGroups/GetDeviceSecurityGroups_example.json"
+          }
+        },
+        "tags": [
+          "DeviceSecurityGroups"
+        ],
+        "description": "Use this method to get the device security group for the specified IoT Hub resource.",
+        "operationId": "DeviceSecurityGroups_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DeviceSecurityGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successful request to get device security group.",
+            "schema": {
+              "$ref": "#/definitions/DeviceSecurityGroup"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create or update a device security group for the specified IoT hub resource": {
+            "$ref": "./examples/DeviceSecurityGroups/PutDeviceSecurityGroups_example.json"
+          }
+        },
+        "tags": [
+          "DeviceSecurityGroups"
+        ],
+        "description": "Use this method to creates or updates the device security group on a specified IoT Hub resource.",
+        "operationId": "DeviceSecurityGroups_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DeviceSecurityGroupName"
+          },
+          {
+            "$ref": "#/parameters/DeviceSecurityGroup"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Security group was updated.",
+            "schema": {
+              "$ref": "#/definitions/DeviceSecurityGroup"
+            }
+          },
+          "201": {
+            "description": "Security group was created.",
+            "schema": {
+              "$ref": "#/definitions/DeviceSecurityGroup"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a device security group for the specified IoT Hub resource": {
+            "$ref": "./examples/DeviceSecurityGroups/DeleteDeviceSecurityGroups_example.json"
+          }
+        },
+        "tags": [
+          "DeviceSecurityGroups"
+        ],
+        "description": "User this method to deletes the device security group.",
+        "operationId": "DeviceSecurityGroups_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/DeviceSecurityGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Device security group has been deleted."
+          },
+          "204": {
+            "description": "Device security group does not exist."
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "DeviceSecurityGroupList": {
+      "type": "object",
+      "readOnly": true,
+      "description": "List of device security groups",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of device security group objects",
+          "items": {
+            "$ref": "#/definitions/DeviceSecurityGroup"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "DeviceSecurityGroup": {
+      "type": "object",
+      "description": "The device security group resource",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Device Security group data",
+          "$ref": "#/definitions/DeviceSecurityGroupProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "DeviceSecurityGroupProperties": {
+      "type": "object",
+      "description": "describes properties of a security group.",
+      "properties": {
+        "thresholdRules": {
+          "type": "array",
+          "description": "The list of custom alert threshold rules.",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/ThresholdCustomAlertRule"
+          }
+        },
+        "timeWindowRules": {
+          "type": "array",
+          "description": "The list of custom alert time-window rules.",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/TimeWindowCustomAlertRule"
+          }
+        },
+        "allowlistRules": {
+          "type": "array",
+          "description": "The allow-list custom alert rules.",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/AllowlistCustomAlertRule"
+          }
+        },
+        "denylistRules": {
+          "type": "array",
+          "description": "The deny-list custom alert rules.",
+          "items": {
+            "type": "object",
+            "$ref": "#/definitions/DenylistCustomAlertRule"
+          }
+        }
+      }
+    },
+    "CustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule.",
+      "discriminator": "ruleType",
+      "properties": {
+        "displayName": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The display name of the custom alert."
+        },
+        "description": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The description of the custom alert."
+        },
+        "isEnabled": {
+          "type": "boolean",
+          "description": "Status of the custom alert."
+        },
+        "ruleType": {
+          "type": "string",
+          "description": "The type of the custom alert rule."
+        }
+      },
+      "required": [
+        "isEnabled",
+        "ruleType"
+      ]
+    },
+    "ListCustomAlertRule": {
+      "type": "object",
+      "description": "A List custom alert rule.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/CustomAlertRule"
+        }
+      ],
+      "properties": {
+        "valueType": {
+          "type": "string",
+          "description": "The value type of the items in the list.",
+          "enum": [
+            "IpCidr",
+            "String"
+          ],
+          "readOnly": true,
+          "x-ms-enum": {
+            "name": "valueType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "IpCidr",
+                "description": "An IP range in CIDR format (e.g. '192.168.0.1/8')."
+              },
+              {
+                "value": "String",
+                "description": "Any string value."
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AllowlistCustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule that checks if a value (depends on the custom alert type) is allowed.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ListCustomAlertRule"
+        }
+      ],
+      "properties": {
+        "allowlistValues": {
+          "type": "array",
+          "description": "The values to allow. The format of the values depends on the rule type.",
+          "items": {
+            "type": "string"
+          }
+        }
+      },
+      "required": [
+        "allowlistValues"
+      ]
+    },
+    "ConnectionToIpNotAllowed": {
+      "type": "object",
+      "description": "Outbound connection to an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AllowlistCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "ConnectionFromIpNotAllowed": {
+      "type": "object",
+      "description": "Inbound connection from an ip that isn't allowed. Allow list consists of ipv4 or ipv6 range in CIDR notation.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AllowlistCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "LocalUserNotAllowed": {
+      "type": "object",
+      "description": "Login by a local user that isn't allowed. Allow list consists of login names to allow.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AllowlistCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "ProcessNotAllowed": {
+      "type": "object",
+      "description": "Execution of a process that isn't allowed. Allow list consists of process names to allow.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/AllowlistCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "DenylistCustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule that checks if a value (depends on the custom alert type) is denied.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ListCustomAlertRule"
+        }
+      ],
+      "properties": {
+        "denylistValues": {
+          "type": "array",
+          "description": "The values to deny. The format of the values depends on the rule type.",
+          "items": {
+            "type": "string"
+          }
+        }
+      },
+      "required": [
+        "denylistValues"
+      ]
+    },
+    "ThresholdCustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule that checks if a value (depends on the custom alert type) is within the given range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/CustomAlertRule"
+        }
+      ],
+      "properties": {
+        "minThreshold": {
+          "type": "integer",
+          "format": "int32",
+          "description": "The minimum threshold."
+        },
+        "maxThreshold": {
+          "type": "integer",
+          "format": "int32",
+          "description": "The maximum threshold."
+        }
+      },
+      "required": [
+        "minThreshold",
+        "maxThreshold"
+      ]
+    },
+    "TimeWindowCustomAlertRule": {
+      "type": "object",
+      "description": "A custom alert rule that checks if the number of activities (depends on the custom alert type) in a time window is within the given range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ThresholdCustomAlertRule"
+        }
+      ],
+      "properties": {
+        "timeWindowSize": {
+          "type": "string",
+          "description": "The time window size in iso8601 format.",
+          "format": "duration"
+        }
+      },
+      "required": [
+        "timeWindowSize"
+      ]
+    },
+    "ActiveConnectionsNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of active connections is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "AmqpC2DMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of cloud to device messages (AMQP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "MqttC2DMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of cloud to device messages (MQTT protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "HttpC2DMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of cloud to device messages (HTTP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "AmqpC2DRejectedMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of rejected cloud to device messages (AMQP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "MqttC2DRejectedMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of rejected cloud to device messages (MQTT protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "HttpC2DRejectedMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of rejected cloud to device messages (HTTP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "AmqpD2CMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of device to cloud messages (AMQP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "MqttD2CMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of device to cloud messages (MQTT protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "HttpD2CMessagesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of device to cloud messages (HTTP protocol) is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "DirectMethodInvokesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of direct method invokes is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "FailedLocalLoginsNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of failed local logins is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "FileUploadsNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of file uploads is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "QueuePurgesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of device queue purges is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "TwinUpdatesNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of twin updates is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    },
+    "UnauthorizedOperationsNotInAllowedRange": {
+      "type": "object",
+      "description": "Number of unauthorized operations is not in allowed range.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/TimeWindowCustomAlertRule"
+        }
+      ],
+      "properties": {}
+    }
+  },
+  "parameters": {
+    "DeviceSecurityGroupName": {
+      "name": "deviceSecurityGroupName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The name of the device security group. Note that the name of the device security group is case insensitive.",
+      "x-ms-parameter-location": "method"
+    },
+    "DeviceSecurityGroup": {
+      "name": "deviceSecurityGroup",
+      "in": "body",
+      "required": true,
+      "description": "Security group object.",
+      "schema": {
+        "$ref": "#/definitions/DeviceSecurityGroup"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotAlertTypes.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotAlertTypes.json
new file mode 100644
index 000000000..8dbda6e51
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotAlertTypes.json
@@ -0,0 +1,329 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-08-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotAlertTypes": {
+      "get": {
+        "x-ms-examples": {
+          "Get IoT Alert Types": {
+            "$ref": "./examples/IotAlertTypes/GetIoTAlertTypeList.json"
+          }
+        },
+        "tags": [
+          "IoT Security Alert Types"
+        ],
+        "description": "List IoT alert types",
+        "operationId": "IotAlertTypes_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IotAlertTypeList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotAlertTypes/{iotAlertTypeName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get IoT Alert Type": {
+            "$ref": "./examples/IotAlertTypes/GetIoTAlertType.json"
+          }
+        },
+        "tags": [
+          "IoT Security Alert Types"
+        ],
+        "operationId": "IotAlertTypes_Get",
+        "description": "Get IoT alert type",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "in": "path",
+            "name": "iotAlertTypeName",
+            "required": true,
+            "type": "string",
+            "description": "Name of the alert type"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "IoT alert type",
+            "schema": {
+              "$ref": "#/definitions/IotAlertType"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "IotAlertTypeList": {
+      "type": "object",
+      "description": "List of alert types",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List data",
+          "items": {
+            "$ref": "#/definitions/IotAlertType"
+          }
+        }
+      }
+    },
+    "IotAlertType": {
+      "type": "object",
+      "description": "IoT alert type.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Alert type properties",
+          "$ref": "#/definitions/IotAlertTypeProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "IotAlertTypeProperties": {
+      "type": "object",
+      "description": "IoT alert type information.",
+      "properties": {
+        "alertDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "example": "Privileged container detected",
+          "description": "The display name of the alert"
+        },
+        "severity": {
+          "readOnly": true,
+          "type": "string",
+          "example": "Medium",
+          "description": "The severity of the alert",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "alertSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the suspected vulnerability and meaning.",
+          "example": "Machine logs indicate that a privileged Docker container is running. A privileged container has full access to host  resources. If compromised, a malicious actor can use the privileged container to gain access to the host machine."
+        },
+        "providerName": {
+          "readOnly": true,
+          "type": "string",
+          "example": "IoTSecurity",
+          "description": "The name of the alert provider or internal partner"
+        },
+        "productName": {
+          "readOnly": true,
+          "type": "string",
+          "example": "Azure Security Center for IoT",
+          "description": "The name of the product which published this alert"
+        },
+        "productComponentName": {
+          "readOnly": true,
+          "type": "string",
+          "example": "IoT Hub",
+          "description": "The name of a component inside the product which generated the alert"
+        },
+        "vendorName": {
+          "readOnly": true,
+          "type": "string",
+          "example": "Microsoft",
+          "description": "The name of the vendor that raise the alert"
+        },
+        "intent": {
+          "readOnly": true,
+          "type": "string",
+          "example": "Exploitation,Execution",
+          "description": "Kill chain related intent behind the alert. Could contain multiple enum values (separated by commas)",
+          "enum": [
+            "Unknown",
+            "PreAttack",
+            "InitialAccess",
+            "Persistence",
+            "PrivilegeEscalation",
+            "DefenseEvasion",
+            "CredentialAccess",
+            "Discovery",
+            "LateralMovement",
+            "Execution",
+            "Collection",
+            "Exfiltration",
+            "CommandAndControl",
+            "Impact",
+            "Probing",
+            "Exploitation"
+          ],
+          "x-ms-enum": {
+            "name": "alertIntent",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Unknown"
+              },
+              {
+                "value": "PreAttack"
+              },
+              {
+                "value": "InitialAccess"
+              },
+              {
+                "value": "Persistence"
+              },
+              {
+                "value": "PrivilegeEscalation"
+              },
+              {
+                "value": "DefenseEvasion"
+              },
+              {
+                "value": "CredentialAccess"
+              },
+              {
+                "value": "Discovery"
+              },
+              {
+                "value": "LateralMovement"
+              },
+              {
+                "value": "Execution"
+              },
+              {
+                "value": "Collection"
+              },
+              {
+                "value": "Exfiltration"
+              },
+              {
+                "value": "CommandAndControl"
+              },
+              {
+                "value": "Impact"
+              },
+              {
+                "value": "Probing"
+              },
+              {
+                "value": "Exploitation"
+              }
+            ]
+          }
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "description": "Manual action items to take to remediate the alert",
+          "type": "array",
+          "items": {
+            "type": "string",
+            "example": "If the container doesn't need to run in privileged mode, remove the privileges from the container."
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "SolutionName": {
+      "name": "solutionName",
+      "in": "path",
+      "required": true,
+      "description": "The name of the IoT Security solution.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotAlerts.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotAlerts.json
new file mode 100644
index 000000000..80edda405
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotAlerts.json
@@ -0,0 +1,291 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-08-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotAlerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get IoT Alerts": {
+            "$ref": "./examples/IotAlerts/GetIoTAlertList.json"
+          }
+        },
+        "tags": [
+          "IoT Security Alerts"
+        ],
+        "description": "List IoT alerts",
+        "operationId": "IotAlerts_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "in": "query",
+            "name": "startTimeUtc>",
+            "x-ms-client-name": "minStartTimeUtc",
+            "required": false,
+            "type": "string",
+            "description": "Filter by minimum startTimeUtc (ISO 8601 format)"
+          },
+          {
+            "in": "query",
+            "name": "startTimeUtc<",
+            "x-ms-client-name": "maxStartTimeUtc",
+            "required": false,
+            "type": "string",
+            "description": "Filter by maximum startTimeUtc (ISO 8601 format)"
+          },
+          {
+            "in": "query",
+            "name": "alertType",
+            "required": false,
+            "type": "string",
+            "description": "Filter by alert type"
+          },
+          {
+            "in": "query",
+            "name": "compromisedEntity",
+            "required": false,
+            "type": "string",
+            "description": "Filter by compromised device"
+          },
+          {
+            "in": "query",
+            "name": "$limit",
+            "required": false,
+            "type": "integer",
+            "format": "int32",
+            "description": "Limit the number of items returned in a single page"
+          },
+          {
+            "in": "query",
+            "name": "$skipToken",
+            "required": false,
+            "type": "string",
+            "description": "Skip token used for pagination"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IotAlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotAlerts/{iotAlertId}": {
+      "get": {
+        "x-ms-examples": {
+          "Get IoT Alert": {
+            "$ref": "./examples/IotAlerts/GetIoTAlert.json"
+          }
+        },
+        "tags": [
+          "IoT Security Alerts"
+        ],
+        "operationId": "IotAlerts_Get",
+        "description": "Get IoT alert",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "in": "path",
+            "name": "iotAlertId",
+            "required": true,
+            "type": "string",
+            "description": "Id of the alert"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "IoT alert",
+            "schema": {
+              "$ref": "#/definitions/IotAlert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "IotAlertList": {
+      "description": "List of IoT alerts",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "List data",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/IotAlert"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "When available, follow the URI to get the next page of data"
+        },
+        "totalCount": {
+          "readOnly": true,
+          "format": "int32",
+          "type": "integer",
+          "description": "Total count of alerts that conforms with the given filter options (not affected by page size)"
+        }
+      }
+    },
+    "IotAlert": {
+      "type": "object",
+      "description": "IoT alert",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Alert properties",
+          "$ref": "#/definitions/IotAlertProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "IotAlertProperties": {
+      "type": "object",
+      "description": "IoT alert properties",
+      "properties": {
+        "systemAlertId": {
+          "description": "Holds the product canonical identifier of the alert within the scope of a product",
+          "readOnly": true,
+          "type": "string",
+          "example": "903e76ff-17eb-4bac-ac8a-2bc31ab68fd8"
+        },
+        "compromisedEntity": {
+          "description": "Display name of the main entity being reported on",
+          "readOnly": true,
+          "type": "string",
+          "example": "device-1"
+        },
+        "alertType": {
+          "description": "The type name of the alert",
+          "readOnly": true,
+          "type": "string",
+          "example": "IoT_PrivilegedContainer"
+        },
+        "startTimeUtc": {
+          "description": "The impact start time of the alert (the time of the first event or activity included in the alert)",
+          "readOnly": true,
+          "type": "string",
+          "example": "2020-05-13T06:32:25Z"
+        },
+        "endTimeUtc": {
+          "description": "The impact end time of the alert (the time of the last event or activity included in the alert)",
+          "readOnly": true,
+          "type": "string",
+          "example": "2020-05-13T06:32:25Z"
+        },
+        "entities": {
+          "description": "A list of entities related to the alert",
+          "type": "array",
+          "items": {
+            "type": "object"
+          },
+          "example": [
+            {
+              "$id": "1",
+              "CommandLine": "docker run --privileged",
+              "Type": "process"
+            }
+          ]
+        },
+        "extendedProperties": {
+          "type": "object",
+          "description": "A bag of fields which extends the alert information",
+          "example": {
+            "CommandLine": "docker run --privileged",
+            "User Name": "aUser",
+            "UserId": "",
+            "ParentProcessId": 1593,
+            "DeviceId": "device-1"
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "SolutionName": {
+      "name": "solutionName",
+      "in": "path",
+      "required": true,
+      "description": "The name of the IoT Security solution.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotRecommendationTypes.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotRecommendationTypes.json
new file mode 100644
index 000000000..e4d95b007
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotRecommendationTypes.json
@@ -0,0 +1,269 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-08-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotRecommendationTypes": {
+      "get": {
+        "x-ms-examples": {
+          "Get IoT Recommendation Types": {
+            "$ref": "./examples/IotRecommendationTypes/GetIoTRecommendationTypeList.json"
+          }
+        },
+        "tags": [
+          "IoT Security Recommendation Types"
+        ],
+        "description": "List IoT recommendation types",
+        "operationId": "IotRecommendationTypes_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IotRecommendationTypeList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotRecommendationTypes/{iotRecommendationTypeName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get IoT Recommendation Type": {
+            "$ref": "./examples/IotRecommendationTypes/GetIoTRecommendationType.json"
+          }
+        },
+        "tags": [
+          "IoT Security Recommendation Types"
+        ],
+        "operationId": "IotRecommendationTypes_Get",
+        "description": "Get IoT recommendation type",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "in": "path",
+            "name": "iotRecommendationTypeName",
+            "required": true,
+            "type": "string",
+            "description": "Name of the recommendation type"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "IoT recommendation type",
+            "schema": {
+              "$ref": "#/definitions/IotRecommendationType"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "IotRecommendationTypeList": {
+      "type": "object",
+      "description": "List of recommendation types",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List data",
+          "items": {
+            "$ref": "#/definitions/IotRecommendationType"
+          }
+        }
+      }
+    },
+    "IotRecommendationType": {
+      "type": "object",
+      "description": "IoT recommendation type.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Recommendation type properties",
+          "$ref": "#/definitions/IotRecommendationTypeProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "IotRecommendationTypeProperties": {
+      "type": "object",
+      "description": "IoT recommendation type information.",
+      "properties": {
+        "recommendationDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "example": "TLS cipher suite upgrade needed",
+          "description": "The display name of the recommendation"
+        },
+        "severity": {
+          "readOnly": true,
+          "type": "string",
+          "example": "Medium",
+          "description": "The severity of the recommendation",
+          "enum": [
+            "Unknown",
+            "NotApplicable",
+            "Healthy",
+            "OffByPolicy",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "recommendationSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Unknown"
+              },
+              {
+                "value": "NotApplicable"
+              },
+              {
+                "value": "Healthy"
+              },
+              {
+                "value": "OffByPolicy"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the suspected vulnerability and meaning.",
+          "example": "Insecure TLS configurations detected. Immediate TLS cipher suite upgrade recommended."
+        },
+        "productName": {
+          "readOnly": true,
+          "type": "string",
+          "example": "Azure Security Center for IoT",
+          "description": "The name of the product which published this recommendation"
+        },
+        "productComponentName": {
+          "readOnly": true,
+          "type": "string",
+          "example": "IoT Hub",
+          "description": "The name of a component inside the product which generated the recommendation"
+        },
+        "vendorName": {
+          "readOnly": true,
+          "type": "string",
+          "example": "Microsoft",
+          "description": "The name of the vendor that raised the recommendation"
+        },
+        "control": {
+          "readOnly": true,
+          "type": "string",
+          "example": "Communication between device and IoT Hub is not optimized",
+          "description": "The name of the recommendation's control category "
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "description": "Manual action items to take to resolve the recommendation",
+          "type": "array",
+          "items": {
+            "type": "string",
+            "example": "Upgrade your TLS cipher suite to a secure configuration. See the Guide to TLS Standards Compliance for more information."
+          }
+        },
+        "dataSource": {
+          "readOnly": true,
+          "description": "The alert's data source",
+          "type": "string",
+          "example": "IoT Hub"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "SolutionName": {
+      "name": "solutionName",
+      "in": "path",
+      "required": true,
+      "description": "The name of the IoT Security solution.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotRecommendations.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotRecommendations.json
new file mode 100644
index 000000000..4b2400840
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotRecommendations.json
@@ -0,0 +1,250 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-08-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotRecommendations": {
+      "get": {
+        "x-ms-examples": {
+          "Get IoT Recommendations": {
+            "$ref": "./examples/IotRecommendations/GetIoTRecommendationList.json"
+          }
+        },
+        "tags": [
+          "IoT Security Recommendations"
+        ],
+        "description": "List IoT recommendations",
+        "operationId": "IotRecommendations_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "in": "query",
+            "name": "recommendationType",
+            "required": false,
+            "type": "string",
+            "description": "Filter by recommendation type"
+          },
+          {
+            "in": "query",
+            "name": "deviceId",
+            "required": false,
+            "type": "string",
+            "description": "Filter by device id"
+          },
+          {
+            "in": "query",
+            "name": "$limit",
+            "required": false,
+            "type": "integer",
+            "format": "int32",
+            "description": "Limit the number of items returned in a single page"
+          },
+          {
+            "in": "query",
+            "name": "$skipToken",
+            "required": false,
+            "type": "string",
+            "description": "Skip token used for pagination"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IotRecommendationList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/iotRecommendations/{iotRecommendationId}": {
+      "get": {
+        "x-ms-examples": {
+          "Get IoT Recommendation": {
+            "$ref": "./examples/IotRecommendations/GetIoTRecommendation.json"
+          }
+        },
+        "tags": [
+          "IoT Security Recommendations"
+        ],
+        "operationId": "IotRecommendations_Get",
+        "description": "Get IoT recommendation",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "in": "path",
+            "name": "iotRecommendationId",
+            "required": true,
+            "type": "string",
+            "description": "Id of the recommendation"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "IoT recommendation",
+            "schema": {
+              "$ref": "#/definitions/IotRecommendation"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "IotRecommendationList": {
+      "description": "List of IoT recommendations",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "List data",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/IotRecommendation"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "When available, follow the URI to get the next page of data"
+        },
+        "totalCount": {
+          "readOnly": true,
+          "format": "int32",
+          "type": "integer",
+          "description": "Total count of recommendations that conforms with the given filter options (not affected by page size)"
+        }
+      }
+    },
+    "IotRecommendation": {
+      "type": "object",
+      "description": "IoT recommendation",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Recommendation properties",
+          "$ref": "#/definitions/IotRecommendationProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "IotRecommendationProperties": {
+      "type": "object",
+      "description": "IoT recommendation properties",
+      "properties": {
+        "deviceId": {
+          "description": "Identifier of the device being reported on",
+          "readOnly": true,
+          "type": "string",
+          "example": "device-1"
+        },
+        "recommendationType": {
+          "description": "The type name of the recommendation",
+          "readOnly": true,
+          "type": "string",
+          "example": "IoT_PrivilegedContainer"
+        },
+        "discoveredTimeUtc": {
+          "description": "The discovery time of the recommendation",
+          "readOnly": true,
+          "type": "string",
+          "example": "2020-05-13T06:32:25Z"
+        },
+        "recommendationAdditionalData": {
+          "type": "object",
+          "description": "A bag of fields which extends the recommendation information",
+          "example": {
+            "SnapshotId": "48519d58-4e35-46cd-aed5-6251af95ed50",
+            "TotalFailedRules": "7",
+            "TotalRulesFailedDuoToError": "1",
+            "TotalInformationalFailedRules": "2",
+            "TotalCriticalFailedRules": "3",
+            "TotalWarningFailedRules": "1"
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "SolutionName": {
+      "name": "solutionName",
+      "in": "path",
+      "required": true,
+      "description": "The name of the IoT Security solution.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotSecuritySolutionAnalytics.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotSecuritySolutionAnalytics.json
new file mode 100644
index 000000000..f57eaa3a0
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotSecuritySolutionAnalytics.json
@@ -0,0 +1,914 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-08-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solution Analytics": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityAnalyticsList.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solution Analytics"
+        ],
+        "description": "Use this method to get IoT security Analytics metrics in an array.",
+        "operationId": "IotSecuritySolutionAnalytics_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionAnalyticsModelList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default": {
+      "get": {
+        "x-ms-examples": {
+          "Get Security Solution Analytics": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityAnalytics.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solution Analytics"
+        ],
+        "description": "Use this method to get IoT Security Analytics metrics.",
+        "operationId": "IotSecuritySolutionAnalytics_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionAnalyticsModel"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get the aggregated alert list of yours IoT Security solution": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityAggregatedAlertList.json"
+          }
+        },
+        "tags": [
+          "Aggregated Alert"
+        ],
+        "description": "Use this method to get the aggregated alert list of yours IoT Security solution.",
+        "operationId": "IotSecuritySolutionsAnalyticsAggregatedAlert_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "name": "$top",
+            "in": "query",
+            "description": "Number of results to retrieve.",
+            "required": false,
+            "type": "integer",
+            "format": "int32"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecurityAggregatedAlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts/{aggregatedAlertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get the aggregated security analytics alert of yours IoT Security solution. This aggregation is performed by alert name": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityAggregatedAlert.json"
+          }
+        },
+        "tags": [
+          "Aggregated Alert"
+        ],
+        "description": "Use this method to get a single the aggregated alert of yours IoT Security solution. This aggregation is performed by alert name.",
+        "operationId": "IotSecuritySolutionsAnalyticsAggregatedAlert_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/AggregatedAlertName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecurityAggregatedAlert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedAlerts/{aggregatedAlertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Dismiss an aggregated IoT Security Solution Alert": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/PostIoTSecuritySolutionsSecurityAggregatedAlertDismiss.json"
+          }
+        },
+        "tags": [
+          "Aggregated Alert"
+        ],
+        "description": "Use this method to dismiss an aggregated IoT Security Solution Alert.",
+        "operationId": "IotSecuritySolutionsAnalyticsAggregatedAlert_Dismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/AggregatedAlertName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "This aggregate alert is permanently dismissed."
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedRecommendations/{aggregatedRecommendationName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get the aggregated security analytics recommendation of yours IoT Security solution": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityRecommendation.json"
+          }
+        },
+        "tags": [
+          "Aggregated Recommendation"
+        ],
+        "description": "Use this method to get the aggregated security analytics recommendation of yours IoT Security solution. This aggregation is performed by recommendation name.",
+        "operationId": "IotSecuritySolutionsAnalyticsRecommendation_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/AggregatedRecommendationName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecurityAggregatedRecommendation"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}/analyticsModels/default/aggregatedRecommendations": {
+      "get": {
+        "x-ms-examples": {
+          "Get the list of aggregated security analytics recommendations of yours IoT Security solution": {
+            "$ref": "./examples/IoTSecuritySolutionsAnalytics/GetIoTSecuritySolutionsSecurityRecommendationList.json"
+          }
+        },
+        "tags": [
+          "Aggregated Recommendation"
+        ],
+        "description": "Use this method to get the list of aggregated security analytics recommendations of yours IoT Security solution.",
+        "operationId": "IotSecuritySolutionsAnalyticsRecommendation_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "name": "$top",
+            "in": "query",
+            "description": "Number of results to retrieve.",
+            "required": false,
+            "type": "integer",
+            "format": "int32"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecurityAggregatedRecommendationList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    }
+  },
+  "definitions": {
+    "IoTSeverityMetrics": {
+      "type": "object",
+      "description": "IoT Security solution analytics severity metrics.",
+      "properties": {
+        "high": {
+          "type": "integer",
+          "format": "int64",
+          "description": "Count of high severity alerts/recommendations."
+        },
+        "medium": {
+          "type": "integer",
+          "format": "int64",
+          "description": "Count of medium severity alerts/recommendations."
+        },
+        "low": {
+          "type": "integer",
+          "format": "int64",
+          "description": "Count of low severity alerts/recommendations."
+        }
+      }
+    },
+    "IoTSecuritySolutionAnalyticsModel": {
+      "type": "object",
+      "description": "Security analytics of your IoT Security solution",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security Solution  Aggregated Alert data",
+          "$ref": "#/definitions/IoTSecuritySolutionAnalyticsModelProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "IoTSecuritySolutionAnalyticsModelProperties": {
+      "description": "Security analytics properties of your IoT Security solution",
+      "properties": {
+        "metrics": {
+          "type": "object",
+          "$ref": "#/definitions/IoTSeverityMetrics",
+          "description": "Security analytics of your IoT Security solution.",
+          "readOnly": true
+        },
+        "unhealthyDeviceCount": {
+          "type": "integer",
+          "format": "int64",
+          "readOnly": true,
+          "description": "Number of unhealthy devices within your IoT Security solution."
+        },
+        "devicesMetrics": {
+          "description": "List of device metrics by the aggregation date.",
+          "type": "array",
+          "readOnly": true,
+          "items": {
+            "properties": {
+              "date": {
+                "type": "string",
+                "format": "date-time",
+                "description": "Aggregation of IoT Security solution device alert metrics by date."
+              },
+              "devicesMetrics": {
+                "type": "object",
+                "$ref": "#/definitions/IoTSeverityMetrics",
+                "description": "Device alert count by severity."
+              }
+            }
+          }
+        },
+        "topAlertedDevices": {
+          "description": "List of the 3 devices with the most alerts.",
+          "type": "object",
+          "$ref": "#/definitions/IoTSecurityAlertedDevicesList"
+        },
+        "mostPrevalentDeviceAlerts": {
+          "description": "List of the 3 most prevalent device alerts.",
+          "type": "object",
+          "$ref": "#/definitions/IoTSecurityDeviceAlertsList"
+        },
+        "mostPrevalentDeviceRecommendations": {
+          "description": "List of the 3 most prevalent device recommendations.",
+          "type": "object",
+          "$ref": "#/definitions/IoTSecurityDeviceRecommendationsList"
+        }
+      }
+    },
+    "IoTSecuritySolutionAnalyticsModelList": {
+      "description": "List of Security analytics of your IoT Security solution",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of Security analytics of your IoT Security solution",
+          "items": {
+            "$ref": "#/definitions/IoTSecuritySolutionAnalyticsModel"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "When there is too much alert data for one page, use this URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecurityAggregatedAlertList": {
+      "description": "List of IoT Security solution aggregated alert data.",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of aggregated alerts data.",
+          "items": {
+            "$ref": "#/definitions/IoTSecurityAggregatedAlert"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "When there is too much alert data for one page, use this URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecurityAggregatedRecommendationList": {
+      "description": "List of IoT Security solution aggregated recommendations.",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of aggregated recommendations data.",
+          "items": {
+            "$ref": "#/definitions/IoTSecurityAggregatedRecommendation"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "When there is too much alert data for one page, use this URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecurityAlertedDevicesList": {
+      "description": "List of devices with open alerts including the count of alerts per device.",
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/IoTSecurityAlertedDevice"
+      }
+    },
+    "IoTSecurityDeviceAlertsList": {
+      "description": "List of alerts with the count of raised alerts",
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/IoTSecurityDeviceAlert"
+      }
+    },
+    "IoTSecurityDeviceRecommendationsList": {
+      "description": "List of aggregated recommendation data, per recommendation type, per device.",
+      "type": "array",
+      "items": {
+        "$ref": "#/definitions/IoTSecurityDeviceRecommendation"
+      }
+    },
+    "IoTSecurityAggregatedAlert": {
+      "type": "object",
+      "description": "Security Solution Aggregated Alert information",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "IoT Security solution aggregated alert details.",
+          "$ref": "#/definitions/IoTSecurityAggregatedAlertProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "#/definitions/TagsResource"
+        }
+      ]
+    },
+    "IoTSecurityAggregatedAlertProperties": {
+      "type": "object",
+      "description": "IoT Security solution aggregated alert details.",
+      "properties": {
+        "alertType": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the alert type."
+        },
+        "alertDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the alert type."
+        },
+        "aggregatedDateUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date",
+          "description": "Date of detection."
+        },
+        "vendorName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the organization that raised the alert."
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Assessed alert severity."
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Recommended steps for remediation."
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the suspected vulnerability and meaning."
+        },
+        "count": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "Number of alerts occurrences within the aggregated time window."
+        },
+        "effectedResourceType": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure resource ID of the resource that received the alerts."
+        },
+        "systemSource": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The type of the alerted resource (Azure, Non-Azure)."
+        },
+        "actionTaken": {
+          "readOnly": true,
+          "type": "string",
+          "description": "IoT Security solution alert response."
+        },
+        "logAnalyticsQuery": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Log analytics query for getting the list of affected devices/alerts."
+        },
+        "topDevicesList": {
+          "description": "10 devices with the highest number of occurrences of this alert type, on this day.",
+          "type": "array",
+          "readOnly": true,
+          "items": {
+            "properties": {
+              "deviceId": {
+                "readOnly": true,
+                "type": "string",
+                "description": "Name of the device."
+              },
+              "alertsCount": {
+                "readOnly": true,
+                "type": "integer",
+                "format": "int64",
+                "description": "Number of alerts raised for this device."
+              },
+              "lastOccurrence": {
+                "readOnly": true,
+                "type": "string",
+                "description": "Most recent time this alert was raised for this device, on this day."
+              }
+            }
+          }
+        }
+      }
+    },
+    "IoTSecurityAggregatedRecommendation": {
+      "type": "object",
+      "description": "IoT Security solution recommendation information.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security Solution data",
+          "$ref": "#/definitions/IoTSecurityAggregatedRecommendationProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "#/definitions/TagsResource"
+        }
+      ]
+    },
+    "IoTSecurityAggregatedRecommendationProperties": {
+      "type": "object",
+      "description": "IoT Security solution aggregated recommendation information",
+      "properties": {
+        "recommendationName": {
+          "type": "string",
+          "description": "Name of the recommendation."
+        },
+        "recommendationDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the recommendation type."
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the suspected vulnerability and meaning."
+        },
+        "recommendationTypeId": {
+          "description": "Recommendation-type GUID.",
+          "type": "string",
+          "readOnly": true
+        },
+        "detectedBy": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Name of the organization that made the recommendation."
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Recommended steps for remediation"
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Assessed recommendation severity."
+        },
+        "healthyDevices": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "Number of healthy devices within the IoT Security solution."
+        },
+        "unhealthyDeviceCount": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "Number of unhealthy devices within the IoT Security solution."
+        },
+        "logAnalyticsQuery": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Log analytics query for getting the list of affected devices/alerts."
+        }
+      }
+    },
+    "IoTSecurityAlertedDevice": {
+      "type": "object",
+      "description": "Statistical information about the number of alerts per device during last set number of days.",
+      "properties": {
+        "deviceId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Device identifier."
+        },
+        "alertsCount": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "Number of alerts raised for this device."
+        }
+      }
+    },
+    "IoTSecurityDeviceAlert": {
+      "type": "object",
+      "description": "Statistical information about the number of alerts per alert type during last set number of days",
+      "properties": {
+        "alertDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the alert"
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Assessed Alert severity."
+        },
+        "alertsCount": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "Number of alerts raised for this alert type."
+        }
+      }
+    },
+    "IoTSecurityDeviceRecommendation": {
+      "type": "object",
+      "description": "Statistical information about the number of recommendations per device, per recommendation type.",
+      "properties": {
+        "recommendationDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Display name of the recommendation."
+        },
+        "reportedSeverity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "reportedSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational"
+              },
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          },
+          "description": "Assessed recommendation severity."
+        },
+        "devicesCount": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "Number of devices with this recommendation."
+        }
+      }
+    },
+    "TagsResource": {
+      "properties": {
+        "tags": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Resource tags"
+        }
+      },
+      "description": "A container holding only the Tags for a resource, allowing the user to update the tags."
+    }
+  },
+  "parameters": {
+    "SolutionName": {
+      "name": "solutionName",
+      "in": "path",
+      "required": true,
+      "description": "The name of the IoT Security solution.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "AggregatedAlertName": {
+      "name": "aggregatedAlertName",
+      "in": "path",
+      "required": true,
+      "description": "Identifier of the aggregated alert.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "AggregatedRecommendationName": {
+      "name": "aggregatedRecommendationName",
+      "in": "path",
+      "required": true,
+      "description": "Name of the recommendation aggregated for this query.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotSecuritySolutions.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotSecuritySolutions.json
new file mode 100644
index 000000000..da3ac55cc
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2019-08-01/iotSecuritySolutions.json
@@ -0,0 +1,743 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2019-08-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/iotSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "List IoT Security solutions by subscription": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsList.json"
+          },
+          "List IoT Security solutions by IoT Hub": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHub.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solution"
+        ],
+        "description": "Use this method to get the list of IoT Security solutions by subscription.",
+        "operationId": "IotSecuritySolution_ListBySubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/FilterParam"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "List IoT Security solutions by resource group": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByRg.json"
+          },
+          "List IoT Security solutions by resource group and IoT Hub": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolutionsListByIotHubAndRg.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solution"
+        ],
+        "description": "Use this method to get the list IoT Security solutions organized by resource group.",
+        "operationId": "IotSecuritySolution_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/FilterParam"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/iotSecuritySolutions/{solutionName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a IoT security solution": {
+            "$ref": "./examples/IoTSecuritySolutions/GetIoTSecuritySolution.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solution"
+        ],
+        "description": "User this method to get details of a specific IoT Security solution based on solution name",
+        "operationId": "IotSecuritySolution_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionModel"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create or update a IoT security solution": {
+            "$ref": "./examples/IoTSecuritySolutions/CreateIoTSecuritySolution.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solution"
+        ],
+        "description": "Use this method to create or update yours IoT Security solution",
+        "operationId": "IotSecuritySolution_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/IotSecuritySolutionData"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Updated",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionModel"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionModel"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "patch": {
+        "x-ms-examples": {
+          "Use this method to update existing IoT Security solution": {
+            "$ref": "./examples/IoTSecuritySolutions/UpdateIoTSecuritySolution.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solution"
+        ],
+        "description": "Use this method to update existing IoT Security solution tags or user defined resources. To update other fields use the CreateOrUpdate method.",
+        "operationId": "IotSecuritySolution_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          },
+          {
+            "$ref": "#/parameters/UpdateIotSecuritySolution"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Updated",
+            "schema": {
+              "$ref": "#/definitions/IoTSecuritySolutionModel"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete an IoT security solution": {
+            "$ref": "./examples/IoTSecuritySolutions/DeleteIoTSecuritySolution.json"
+          }
+        },
+        "tags": [
+          "IoT Security Solution"
+        ],
+        "description": "Use this method to delete yours IoT Security solution",
+        "operationId": "IotSecuritySolution_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "#/parameters/SolutionName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Security Solution deleted."
+          },
+          "204": {
+            "description": "Security Solution does not exist."
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "TagsResource": {
+      "properties": {
+        "tags": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "string"
+          },
+          "description": "Resource tags"
+        }
+      },
+      "description": "A container holding only the Tags for a resource, allowing the user to update the tags."
+    },
+    "IoTSecuritySolutionsList": {
+      "description": "List of IoT Security solutions.",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of IoT Security solutions",
+          "items": {
+            "$ref": "#/definitions/IoTSecuritySolutionModel"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "IoTSecuritySolutionModel": {
+      "type": "object",
+      "description": "IoT Security solution configuration and resource information.",
+      "properties": {
+        "location": {
+          "type": "string",
+          "description": "The resource location."
+        },
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security Solution data",
+          "$ref": "#/definitions/IoTSecuritySolutionProperties"
+        },
+        "systemData": {
+          "readOnly": true,
+          "type": "object",
+          "description": "Azure Resource Manager metadata containing createdBy and modifiedBy information.",
+          "$ref": "../../../../../common-types/resource-management/v2/types.json#/definitions/systemData"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "#/definitions/TagsResource"
+        }
+      ]
+    },
+    "UpdateIoTSecuritySolutionProperties": {
+      "type": "object",
+      "description": "Update Security Solution setting data",
+      "properties": {
+        "userDefinedResources": {
+          "$ref": "#/definitions/UserDefinedResourcesProperties"
+        },
+        "recommendationsConfiguration": {
+          "$ref": "#/definitions/RecommendationConfigurationList"
+        }
+      }
+    },
+    "IoTSecuritySolutionProperties": {
+      "type": "object",
+      "description": "Security Solution setting data",
+      "properties": {
+        "workspace": {
+          "type": "string",
+          "description": "Workspace resource ID"
+        },
+        "displayName": {
+          "type": "string",
+          "description": "Resource display name."
+        },
+        "status": {
+          "type": "string",
+          "enum": [
+            "Enabled",
+            "Disabled"
+          ],
+          "default": "Enabled",
+          "description": "Status of the IoT Security solution.",
+          "x-ms-enum": {
+            "name": "SecuritySolutionStatus",
+            "modelAsString": true
+          }
+        },
+        "export": {
+          "type": "array",
+          "items": {
+            "enum": [
+              "RawEvents"
+            ],
+            "type": "string",
+            "x-ms-enum": {
+              "name": "ExportData",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "RawEvents",
+                  "description": "Agent raw events"
+                }
+              ]
+            }
+          },
+          "description": "List of additional options for exporting to workspace data."
+        },
+        "disabledDataSources": {
+          "type": "array",
+          "items": {
+            "enum": [
+              "TwinData"
+            ],
+            "type": "string",
+            "x-ms-enum": {
+              "name": "DataSource",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "TwinData",
+                  "description": "Devices twin data"
+                }
+              ]
+            }
+          },
+          "description": "Disabled data sources. Disabling these data sources compromises the system."
+        },
+        "iotHubs": {
+          "type": "array",
+          "description": "IoT Hub resource IDs",
+          "items": {
+            "type": "string"
+          }
+        },
+        "userDefinedResources": {
+          "$ref": "#/definitions/UserDefinedResourcesProperties"
+        },
+        "autoDiscoveredResources": {
+          "type": "array",
+          "description": "List of resources that were automatically discovered as relevant to the security solution.",
+          "items": {
+            "type": "string"
+          },
+          "readOnly": true
+        },
+        "recommendationsConfiguration": {
+          "$ref": "#/definitions/RecommendationConfigurationList"
+        },
+        "unmaskedIpLoggingStatus": {
+          "description": "Unmasked IP address logging status",
+          "type": "string",
+          "enum": [
+            "Disabled",
+            "Enabled"
+          ],
+          "default": "Disabled",
+          "x-ms-enum": {
+            "name": "UnmaskedIpLoggingStatus",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Disabled",
+                "description": "Unmasked IP logging is disabled"
+              },
+              {
+                "value": "Enabled",
+                "description": "Unmasked IP logging is enabled"
+              }
+            ]
+          }
+        },
+        "additionalWorkspaces": {
+          "type": "array",
+          "description": "List of additional workspaces",
+          "items": {
+            "$ref": "#/definitions/AdditionalWorkspacesProperties"
+          }
+        }
+      },
+      "required": [
+        "iotHubs",
+        "displayName"
+      ]
+    },
+    "UserDefinedResourcesProperties": {
+      "type": "object",
+      "description": "Properties of the IoT Security solution's user defined resources.",
+      "properties": {
+        "query": {
+          "type": "string",
+          "x-nullable": true,
+          "description": "Azure Resource Graph query which represents the security solution's user defined resources. Required to start with \"where type != \"Microsoft.Devices/IotHubs\"\""
+        },
+        "querySubscriptions": {
+          "type": "array",
+          "x-nullable": true,
+          "description": "List of Azure subscription ids on which the user defined resources query should be executed.",
+          "items": {
+            "type": "string",
+            "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"
+          }
+        }
+      },
+      "required": [
+        "query",
+        "querySubscriptions"
+      ]
+    },
+    "RecommendationConfigurationProperties": {
+      "type": "object",
+      "description": "The type of IoT Security recommendation.",
+      "properties": {
+        "recommendationType": {
+          "type": "string",
+          "description": "The type of IoT Security recommendation.",
+          "enum": [
+            "IoT_ACRAuthentication",
+            "IoT_AgentSendsUnutilizedMessages",
+            "IoT_Baseline",
+            "IoT_EdgeHubMemOptimize",
+            "IoT_EdgeLoggingOptions",
+            "IoT_InconsistentModuleSettings",
+            "IoT_InstallAgent",
+            "IoT_IPFilter_DenyAll",
+            "IoT_IPFilter_PermissiveRule",
+            "IoT_OpenPorts",
+            "IoT_PermissiveFirewallPolicy",
+            "IoT_PermissiveInputFirewallRules",
+            "IoT_PermissiveOutputFirewallRules",
+            "IoT_PrivilegedDockerOptions",
+            "IoT_SharedCredentials",
+            "IoT_VulnerableTLSCipherSuite"
+          ],
+          "x-ms-enum": {
+            "name": "RecommendationType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "IoT_ACRAuthentication",
+                "description": "Authentication schema used for pull an edge module from an ACR repository does not use Service Principal Authentication."
+              },
+              {
+                "value": "IoT_AgentSendsUnutilizedMessages",
+                "description": "IoT agent message size capacity is currently underutilized, causing an increase in the number of sent messages. Adjust message intervals for better utilization."
+              },
+              {
+                "value": "IoT_Baseline",
+                "description": "Identified security related system configuration issues."
+              },
+              {
+                "value": "IoT_EdgeHubMemOptimize",
+                "description": "You can optimize Edge Hub memory usage by turning off protocol heads for any protocols not used by Edge modules in your solution."
+              },
+              {
+                "value": "IoT_EdgeLoggingOptions",
+                "description": "Logging is disabled for this edge module."
+              },
+              {
+                "value": "IoT_InconsistentModuleSettings",
+                "description": "A minority within a device security group has inconsistent Edge Module settings with the rest of their group."
+              },
+              {
+                "value": "IoT_InstallAgent",
+                "description": "Install the Azure Security of Things Agent."
+              },
+              {
+                "value": "IoT_IPFilter_DenyAll",
+                "description": "IP Filter Configuration should have rules defined for allowed traffic and should deny all other traffic by default."
+              },
+              {
+                "value": "IoT_IPFilter_PermissiveRule",
+                "description": "An Allow IP Filter rules source IP range is too large. Overly permissive rules might expose your IoT hub to malicious intenders."
+              },
+              {
+                "value": "IoT_OpenPorts",
+                "description": "A listening endpoint was found on the device."
+              },
+              {
+                "value": "IoT_PermissiveFirewallPolicy",
+                "description": "An Allowed firewall policy was found (INPUT/OUTPUT). The policy should Deny all traffic by default and define rules to allow necessary communication to/from the device."
+              },
+              {
+                "value": "IoT_PermissiveInputFirewallRules",
+                "description": "A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports."
+              },
+              {
+                "value": "IoT_PermissiveOutputFirewallRules",
+                "description": "A rule in the firewall has been found that contains a permissive pattern for a wide range of IP addresses or Ports."
+              },
+              {
+                "value": "IoT_PrivilegedDockerOptions",
+                "description": "Edge module is configured to run in privileged mode, with extensive Linux capabilities or with host-level network access (send/receive data to host machine)."
+              },
+              {
+                "value": "IoT_SharedCredentials",
+                "description": "Same authentication credentials to the IoT Hub used by multiple devices. This could indicate an illegitimate device impersonating a legitimate device. It also exposes the risk of device impersonation by an attacker."
+              },
+              {
+                "value": "IoT_VulnerableTLSCipherSuite",
+                "description": "Insecure TLS configurations detected. Immediate upgrade recommended."
+              }
+            ]
+          }
+        },
+        "name": {
+          "type": "string",
+          "readOnly": true
+        },
+        "status": {
+          "type": "string",
+          "enum": [
+            "Disabled",
+            "Enabled"
+          ],
+          "default": "Enabled",
+          "description": "Recommendation status. When the recommendation status is disabled recommendations are not generated.",
+          "x-ms-enum": {
+            "name": "RecommendationConfigStatus",
+            "modelAsString": true
+          }
+        }
+      },
+      "required": [
+        "recommendationType",
+        "status"
+      ]
+    },
+    "RecommendationConfigurationList": {
+      "type": "array",
+      "description": "List of the configuration status for each recommendation type.",
+      "items": {
+        "$ref": "#/definitions/RecommendationConfigurationProperties"
+      }
+    },
+    "UpdateIotSecuritySolutionData": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Security Solution data",
+          "$ref": "#/definitions/UpdateIoTSecuritySolutionProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/TagsResource"
+        }
+      ]
+    },
+    "AdditionalWorkspacesProperties": {
+      "type": "object",
+      "description": "Properties of the additional workspaces.",
+      "properties": {
+        "workspace": {
+          "type": "string",
+          "description": "Workspace resource id"
+        },
+        "type": {
+          "type": "string",
+          "enum": [
+            "Sentinel"
+          ],
+          "default": "Sentinel",
+          "description": "Workspace type.",
+          "x-ms-enum": {
+            "name": "AdditionalWorkspaceType",
+            "modelAsString": true
+          }
+        },
+        "dataTypes": {
+          "type": "array",
+          "description": "List of data types sent to workspace",
+          "items": {
+            "type": "string",
+            "enum": [
+              "Alerts",
+              "RawEvents"
+            ],
+            "description": "Data types sent to workspace.",
+            "x-ms-enum": {
+              "name": "AdditionalWorkspaceDataType",
+              "modelAsString": true
+            }
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "SolutionName": {
+      "name": "solutionName",
+      "in": "path",
+      "required": true,
+      "description": "The name of the IoT Security solution.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "IotSecuritySolutionData": {
+      "name": "iotSecuritySolutionData",
+      "in": "body",
+      "required": true,
+      "description": "The security solution data",
+      "schema": {
+        "$ref": "#/definitions/IoTSecuritySolutionModel"
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "FilterParam": {
+      "name": "$filter",
+      "in": "query",
+      "required": false,
+      "description": "Filter the IoT Security solution with OData syntax. Supports filtering by iotHubs.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "UpdateIotSecuritySolution": {
+      "name": "updateIotSecuritySolutionData",
+      "in": "body",
+      "required": true,
+      "description": "The security solution data",
+      "x-ms-parameter-location": "method",
+      "schema": {
+        "$ref": "#/definitions/UpdateIotSecuritySolutionData"
+      }
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/SecuritySolutions.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/SecuritySolutions.json
new file mode 100644
index 000000000..0c1bbb667
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/SecuritySolutions.json
@@ -0,0 +1,238 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securitySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get security solutions": {
+            "$ref": "./examples/SecuritySolutions/GetSecuritySolutionsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "SecuritySolutions"
+        ],
+        "description": "Gets a list of Security Solutions for the subscription.",
+        "operationId": "SecuritySolutions_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecuritySolutionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/securitySolutions/{securitySolutionName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a security solution from a security data location": {
+            "$ref": "./examples/SecuritySolutions/GetSecuritySolutionsResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "SecuritySolutions"
+        ],
+        "description": "Gets a specific Security Solution.",
+        "operationId": "SecuritySolutions_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/SecuritySolutionName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecuritySolution"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecuritySolutionList": {
+      "type": "object",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecuritySolution"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecuritySolution": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecuritySolutionProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "SecuritySolutionProperties": {
+      "type": "object",
+      "properties": {
+        "securityFamily": {
+          "type": "string",
+          "description": "The security family of the security solution",
+          "enum": [
+            "Waf",
+            "Ngfw",
+            "SaasWaf",
+            "Va"
+          ],
+          "x-ms-enum": {
+            "name": "securityFamily",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Waf"
+              },
+              {
+                "value": "Ngfw"
+              },
+              {
+                "value": "SaasWaf"
+              },
+              {
+                "value": "Va"
+              }
+            ]
+          }
+        },
+        "provisioningState": {
+          "type": "string",
+          "description": "The security family provisioning State",
+          "enum": [
+            "Succeeded",
+            "Failed",
+            "Updating"
+          ],
+          "x-ms-enum": {
+            "name": "provisioningState",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Succeeded"
+              },
+              {
+                "value": "Failed"
+              },
+              {
+                "value": "Updating"
+              }
+            ]
+          }
+        },
+        "template": {
+          "type": "string",
+          "description": "The security solutions' template"
+        },
+        "protectionStatus": {
+          "type": "string",
+          "description": "The security solutions' status"
+        }
+      },
+      "required": [
+        "securityFamily",
+        "provisioningState",
+        "template",
+        "protectionStatus"
+      ]
+    }
+  },
+  "parameters": {
+    "SecuritySolutionName": {
+      "name": "securitySolutionName",
+      "type": "string",
+      "in": "path",
+      "required": true,
+      "description": "Name of security solution.",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/alerts.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/alerts.json
new file mode 100644
index 000000000..06a34779f
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/alerts.json
@@ -0,0 +1,966 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) alerts resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a subscription": {
+            "$ref": "./examples/Alerts/GetAlertsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the subscription",
+        "operationId": "Alerts_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a resource group": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the resource group",
+        "operationId": "Alerts_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsSubscriptionsLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the subscription that are stored in a specific location",
+        "operationId": "Alerts_ListSubscriptionLevelAlertsByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the resource group that are stored in a specific location",
+        "operationId": "Alerts_ListResourceGroupLevelAlertsByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alert on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Get an alert that is associated with a subscription",
+        "operationId": "Alerts_GetSubscriptionLevelAlert",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Alert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alert on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Get an alert that is associated a resource group or a resource in a resource group",
+        "operationId": "Alerts_GetResourceGroupLevelAlerts",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Alert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelAlertStateToDismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/resolve": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_resolve_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelStateToResolve",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/activate": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelAlertStateToReactivate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/resolve": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_resolve_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelStateToResolve",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelAlertStateToDismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/activate": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelAlertStateToReactivate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "Alert": {
+      "type": "object",
+      "description": "Security alert",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "describes security alert properties.",
+          "$ref": "#/definitions/AlertProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "AlertEntity": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "object"
+      },
+      "description": "Changing set of properties depending on the entity type.",
+      "properties": {
+        "type": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Type of entity"
+        }
+      }
+    },
+    "AlertExtendedLinks": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "string"
+      },
+      "description": "Links related to the alert"
+    },
+    "AlertExtendedProperties": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "string"
+      },
+      "description": "Custom properties for the alert."
+    },
+    "AlertList": {
+      "type": "object",
+      "description": "List of security alerts",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "describes security alert properties.",
+          "items": {
+            "$ref": "#/definitions/Alert"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "AlertProperties": {
+      "type": "object",
+      "description": "describes security alert properties.",
+      "properties": {
+        "alertType": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Unique identifier for the detection logic (all alert instances from the same detection logic will have the same alertType)."
+        },
+        "systemAlertId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Unique identifier for the alert."
+        },
+        "productComponentName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The name of Azure Security Center pricing tier which powering this alert. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-pricing"
+        },
+        "alertDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The display name of the alert."
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the suspicious activity that was detected."
+        },
+        "severity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "alertSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational",
+                "description": "Informational"
+              },
+              {
+                "value": "Low",
+                "description": "Low"
+              },
+              {
+                "value": "Medium",
+                "description": "Medium"
+              },
+              {
+                "value": "High",
+                "description": "High"
+              }
+            ]
+          },
+          "description": "The risk level of the threat that was detected. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-alerts-overview#how-are-alerts-classified."
+        },
+        "intent": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Unknown",
+            "PreAttack",
+            "InitialAccess",
+            "Persistence",
+            "PrivilegeEscalation",
+            "DefenseEvasion",
+            "CredentialAccess",
+            "Discovery",
+            "LateralMovement",
+            "Execution",
+            "Collection",
+            "Exfiltration",
+            "CommandAndControl",
+            "Impact",
+            "Probing",
+            "Exploitation"
+          ],
+          "x-ms-enum": {
+            "name": "intent",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Unknown",
+                "description": "Unknown"
+              },
+              {
+                "value": "PreAttack",
+                "description": "PreAttack could be either an attempt to access a certain resource regardless of a malicious intent, or a failed attempt to gain access to a target system to gather information prior to exploitation. This step is usually detected as an attempt, originating from outside the network, to scan the target system and find a way in.  Further details on the PreAttack stage can be read in [MITRE Pre-Att&ck matrix](https://attack.mitre.org/matrices/pre/)."
+              },
+              {
+                "value": "InitialAccess",
+                "description": "InitialAccess is the stage where an attacker manages to get foothold on the attacked resource."
+              },
+              {
+                "value": "Persistence",
+                "description": "Persistence is any access, action, or configuration change to a system that gives a threat actor a persistent presence on that system."
+              },
+              {
+                "value": "PrivilegeEscalation",
+                "description": "Privilege escalation is the result of actions that allow an adversary to obtain a higher level of permissions on a system or network."
+              },
+              {
+                "value": "DefenseEvasion",
+                "description": "Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses."
+              },
+              {
+                "value": "CredentialAccess",
+                "description": "Credential access represents techniques resulting in access to or control over system, domain, or service credentials that are used within an enterprise environment."
+              },
+              {
+                "value": "Discovery",
+                "description": "Discovery consists of techniques that allow the adversary to gain knowledge about the system and internal network."
+              },
+              {
+                "value": "LateralMovement",
+                "description": "Lateral movement consists of techniques that enable an adversary to access and control remote systems on a network and could, but does not necessarily, include execution of tools on remote systems."
+              },
+              {
+                "value": "Execution",
+                "description": "The execution tactic represents techniques that result in execution of adversary-controlled code on a local or remote system."
+              },
+              {
+                "value": "Collection",
+                "description": "Collection consists of techniques used to identify and gather information, such as sensitive files, from a target network prior to exfiltration."
+              },
+              {
+                "value": "Exfiltration",
+                "description": "Exfiltration refers to techniques and attributes that result or aid in the adversary removing files and information from a target network."
+              },
+              {
+                "value": "CommandAndControl",
+                "description": "The command and control tactic represents how adversaries communicate with systems under their control within a target network."
+              },
+              {
+                "value": "Impact",
+                "description": "Impact events primarily try to directly reduce the availability or integrity of a system, service, or network; including manipulation of data to impact a business or operational process."
+              },
+              {
+                "value": "Probing",
+                "description": "Probing could be either an attempt to access a certain resource regardless of a malicious intent, or a failed attempt to gain access to a target system to gather information prior to exploitation."
+              },
+              {
+                "value": "Exploitation",
+                "description": "Exploitation is the stage where an attacker manages to get a foothold on the attacked resource. This stage is relevant for compute hosts and resources such as user accounts, certificates etc."
+              }
+            ]
+          },
+          "description": "The kill chain related intent behind the alert. For list of supported values, and explanations of Azure Security Center's supported kill chain intents."
+        },
+        "startTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The UTC time of the first event or activity included in the alert in ISO8601 format."
+        },
+        "endTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The UTC time of the last event or activity included in the alert in ISO8601 format."
+        },
+        "resourceIdentifiers": {
+          "readOnly": true,
+          "type": "array",
+          "description": "The resource identifiers that can be used to direct the alert to the right product exposure group (tenant, workspace, subscription etc.). There can be multiple identifiers of different type per alert.",
+          "items": {
+            "$ref": "#/definitions/ResourceIdentifier"
+          }
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "type": "array",
+          "description": "Manual action items to take to remediate the alert.",
+          "items": {
+            "readOnly": true,
+            "type": "string"
+          }
+        },
+        "vendorName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The name of the vendor that raises the alert."
+        },
+        "status": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Active",
+            "Resolved",
+            "Dismissed"
+          ],
+          "x-ms-enum": {
+            "name": "alertStatus",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Active",
+                "description": "An alert which doesn't specify a value is assigned the status 'Active'"
+              },
+              {
+                "value": "Resolved",
+                "description": "Alert closed after handling"
+              },
+              {
+                "value": "Dismissed",
+                "description": "Alert dismissed as false positive"
+              }
+            ]
+          },
+          "description": "The life cycle status of the alert."
+        },
+        "extendedLinks": {
+          "readOnly": true,
+          "type": "array",
+          "description": "Links related to the alert",
+          "items": {
+            "$ref": "#/definitions/AlertExtendedLinks"
+          }
+        },
+        "alertUri": {
+          "readOnly": true,
+          "type": "string",
+          "description": "A direct link to the alert page in Azure Portal."
+        },
+        "timeGeneratedUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The UTC time the alert was generated in ISO8601 format."
+        },
+        "productName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The name of the product which published this alert (Azure Security Center, Azure ATP, Microsoft Defender ATP, O365 ATP, and so on)."
+        },
+        "processingEndTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The UTC processing end time of the alert in ISO8601 format."
+        },
+        "entities": {
+          "readOnly": true,
+          "type": "array",
+          "description": "A list of entities related to the alert.",
+          "items": {
+            "$ref": "#/definitions/AlertEntity"
+          }
+        },
+        "isIncident": {
+          "readOnly": true,
+          "type": "boolean",
+          "description": "This field determines whether the alert is an incident (a compound grouping of several alerts) or a single alert."
+        },
+        "correlationKey": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Key for corelating related alerts. Alerts with the same correlation key considered to be related."
+        },
+        "extendedProperties": {
+          "$ref": "#/definitions/AlertExtendedProperties",
+          "description": "Custom properties for the alert."
+        },
+        "compromisedEntity": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The display name of the resource most related to this alert."
+        }
+      }
+    },
+    "AzureResourceIdentifier": {
+      "type": "object",
+      "description": "Azure resource identifier.",
+      "x-ms-discriminator-value": "AzureResource",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ResourceIdentifier"
+        }
+      ],
+      "properties": {
+        "azureResourceId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "ARM resource identifier for the cloud resource being alerted on"
+        }
+      }
+    },
+    "LogAnalyticsIdentifier": {
+      "type": "object",
+      "description": "Represents a Log Analytics workspace scope identifier.",
+      "x-ms-discriminator-value": "LogAnalytics",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ResourceIdentifier"
+        }
+      ],
+      "properties": {
+        "workspaceId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The LogAnalytics workspace id that stores this alert."
+        },
+        "workspaceSubscriptionId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The azure subscription id for the LogAnalytics workspace storing this alert.",
+          "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"
+        },
+        "workspaceResourceGroup": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The azure resource group for the LogAnalytics workspace storing this alert"
+        },
+        "agentId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "(optional) The LogAnalytics agent id reporting the event that this alert is based on."
+        }
+      }
+    },
+    "ResourceIdentifier": {
+      "type": "object",
+      "description": "A resource identifier for an alert which can be used to direct the alert to the right product exposure group (tenant, workspace, subscription etc.).",
+      "discriminator": "type",
+      "required": [
+        "type"
+      ],
+      "properties": {
+        "type": {
+          "type": "string",
+          "description": "There can be multiple identifiers of different type per alert, this field specify the identifier type.",
+          "enum": [
+            "AzureResource",
+            "LogAnalytics"
+          ],
+          "x-ms-enum": {
+            "name": "ResourceIdentifierType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "AzureResource"
+              },
+              {
+                "value": "LogAnalytics"
+              }
+            ]
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "AlertName": {
+      "name": "alertName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the alert object",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/allowedConnections.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/allowedConnections.json
new file mode 100644
index 000000000..96e647301
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/allowedConnections.json
@@ -0,0 +1,297 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/allowedConnections": {
+      "get": {
+        "x-ms-examples": {
+          "Get allowed connections on a subscription": {
+            "$ref": "./examples/AllowedConnections/GetAllowedConnectionsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "AllowedConnections"
+        ],
+        "description": "Gets the list of all possible traffic between resources for the subscription",
+        "operationId": "AllowedConnections_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AllowedConnectionsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/allowedConnections": {
+      "get": {
+        "x-ms-examples": {
+          "Get allowed connections on a subscription from security data location": {
+            "$ref": "./examples/AllowedConnections/GetAllowedConnectionsSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "AllowedConnections"
+        ],
+        "description": "Gets the list of all possible traffic between resources for the subscription and location.",
+        "operationId": "AllowedConnections_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AllowedConnectionsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/allowedConnections/{connectionType}": {
+      "get": {
+        "x-ms-examples": {
+          "Get allowed connections": {
+            "$ref": "./examples/AllowedConnections/GetAllowedConnections_example.json"
+          }
+        },
+        "tags": [
+          "AllowedConnections"
+        ],
+        "description": "Gets the list of all possible traffic between resources for the subscription and location, based on connection type.",
+        "operationId": "AllowedConnections_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/ConnectionType"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AllowedConnectionsResource"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "AllowedConnectionsList": {
+      "type": "object",
+      "description": "List of all possible traffic between Azure resources",
+      "properties": {
+        "value": {
+          "type": "array",
+          "readOnly": true,
+          "items": {
+            "$ref": "#/definitions/AllowedConnectionsResource"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "AllowedConnectionsResource": {
+      "type": "object",
+      "description": "The resource whose properties describes the allowed traffic between Azure resources",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "readOnly": true,
+          "$ref": "#/definitions/AllowedConnectionsResourceProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "AllowedConnectionsResourceProperties": {
+      "type": "object",
+      "description": "Describes the allowed traffic between Azure resources",
+      "properties": {
+        "calculatedDateTime": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "The UTC time on which the allowed connections resource was calculated"
+        },
+        "connectableResources": {
+          "type": "array",
+          "readOnly": true,
+          "description": "List of connectable resources",
+          "items": {
+            "$ref": "#/definitions/ConnectableResource"
+          }
+        }
+      }
+    },
+    "ConnectableResource": {
+      "type": "object",
+      "description": "Describes the allowed inbound and outbound traffic of an Azure resource",
+      "properties": {
+        "id": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The Azure resource id"
+        },
+        "inboundConnectedResources": {
+          "type": "array",
+          "readOnly": true,
+          "description": "The list of Azure resources that the resource has inbound allowed connection from",
+          "items": {
+            "$ref": "#/definitions/ConnectedResource"
+          }
+        },
+        "outboundConnectedResources": {
+          "type": "array",
+          "readOnly": true,
+          "description": "The list of Azure resources that the resource has outbound allowed connection to",
+          "items": {
+            "$ref": "#/definitions/ConnectedResource"
+          }
+        }
+      }
+    },
+    "ConnectedResource": {
+      "type": "object",
+      "description": "Describes properties of a connected resource",
+      "properties": {
+        "connectedResourceId": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The Azure resource id of the connected resource"
+        },
+        "tcpPorts": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The allowed tcp ports"
+        },
+        "udpPorts": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The allowed udp ports"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ConnectionType": {
+      "name": "connectionType",
+      "type": "string",
+      "in": "path",
+      "description": "The type of allowed connections (Internal, External)",
+      "required": true,
+      "enum": [
+        "Internal",
+        "External"
+      ],
+      "x-ms-enum": {
+        "name": "connectionType",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "Internal"
+          },
+          {
+            "value": "External"
+          }
+        ]
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/assessmentMetadata.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/assessmentMetadata.json
new file mode 100644
index 000000000..e07ded24c
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/assessmentMetadata.json
@@ -0,0 +1,561 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/providers/Microsoft.Security/assessmentMetadata": {
+      "get": {
+        "x-ms-examples": {
+          "List security assessment metadata": {
+            "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on all assessment types",
+        "operationId": "AssessmentsMetadata_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadataList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security assessment metadata": {
+            "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on an assessment type",
+        "operationId": "AssessmentsMetadata_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadata"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata": {
+      "get": {
+        "x-ms-examples": {
+          "List security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on all assessment types in a specific subscription",
+        "operationId": "AssessmentsMetadata_ListBySubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadataList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on an assessment type in a specific subscription",
+        "operationId": "AssessmentsMetadata_GetInSubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadata"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Create metadata information on an assessment type in a specific subscription",
+        "operationId": "AssessmentsMetadata_CreateInSubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityAssessmentMetadata"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadata"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Delete metadata information on an assessment type in a specific subscription, will cause the deletion of all the assessments of that type in that subscription",
+        "operationId": "AssessmentsMetadata_DeleteInSubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityAssessmentMetadataList": {
+      "type": "object",
+      "description": "List of security assessment metadata",
+      "properties": {
+        "value": {
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityAssessmentMetadata"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityAssessmentMetadata": {
+      "type": "object",
+      "description": "Security assessment metadata",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityAssessmentMetadataProperties": {
+      "type": "object",
+      "description": "Describes properties of an assessment metadata.",
+      "properties": {
+        "displayName": {
+          "type": "string",
+          "description": "User friendly display name of the assessment"
+        },
+        "policyDefinitionId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure resource ID of the policy definition that turns this assessment calculation on"
+        },
+        "description": {
+          "type": "string",
+          "description": "Human readable description of the assessment"
+        },
+        "remediationDescription": {
+          "type": "string",
+          "description": "Human readable description of what you should do to mitigate this security issue"
+        },
+        "categories": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "description": "The categories of resource that is at risk when the assessment is unhealthy",
+            "enum": [
+              "Compute",
+              "Networking",
+              "Data",
+              "IdentityAndAccess",
+              "IoT"
+            ],
+            "x-ms-enum": {
+              "name": "categories",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "Compute"
+                },
+                {
+                  "value": "Networking"
+                },
+                {
+                  "value": "Data"
+                },
+                {
+                  "value": "IdentityAndAccess"
+                },
+                {
+                  "value": "IoT"
+                }
+              ]
+            }
+          }
+        },
+        "severity": {
+          "type": "string",
+          "description": "The severity level of the assessment",
+          "enum": [
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "severity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "userImpact": {
+          "type": "string",
+          "description": "The user impact of the assessment",
+          "enum": [
+            "Low",
+            "Moderate",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "userImpact",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Moderate"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "implementationEffort": {
+          "type": "string",
+          "description": "The implementation effort required to remediate this assessment",
+          "enum": [
+            "Low",
+            "Moderate",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "implementationEffort",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Moderate"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "threats": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "description": "Threats impact of the assessment",
+            "enum": [
+              "accountBreach",
+              "dataExfiltration",
+              "dataSpillage",
+              "maliciousInsider",
+              "elevationOfPrivilege",
+              "threatResistance",
+              "missingCoverage",
+              "denialOfService"
+            ],
+            "x-ms-enum": {
+              "name": "threats",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "accountBreach"
+                },
+                {
+                  "value": "dataExfiltration"
+                },
+                {
+                  "value": "dataSpillage"
+                },
+                {
+                  "value": "maliciousInsider"
+                },
+                {
+                  "value": "elevationOfPrivilege"
+                },
+                {
+                  "value": "threatResistance"
+                },
+                {
+                  "value": "missingCoverage"
+                },
+                {
+                  "value": "denialOfService"
+                }
+              ]
+            }
+          }
+        },
+        "preview": {
+          "type": "boolean",
+          "description": "True if this assessment is in preview release status"
+        },
+        "assessmentType": {
+          "type": "string",
+          "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition",
+          "enum": [
+            "BuiltIn",
+            "CustomPolicy",
+            "CustomerManaged",
+            "VerifiedPartner"
+          ],
+          "x-ms-enum": {
+            "name": "assessmentType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "BuiltIn",
+                "description": "Microsoft Defender for Cloud managed assessments"
+              },
+              {
+                "value": "CustomPolicy",
+                "description": "User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud"
+              },
+              {
+                "value": "CustomerManaged",
+                "description": "User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud"
+              },
+              {
+                "value": "VerifiedPartner",
+                "description": "An assessment that was created by a verified 3rd party if the user connected it to ASC"
+              }
+            ]
+          }
+        },
+        "partnerData": {
+          "$ref": "#/definitions/SecurityAssessmentMetadataPartnerData"
+        }
+      },
+      "required": [
+        "displayName",
+        "severity",
+        "assessmentType"
+      ]
+    },
+    "SecurityAssessmentMetadataPartnerData": {
+      "type": "object",
+      "description": "Describes the partner that created the assessment",
+      "properties": {
+        "partnerName": {
+          "type": "string",
+          "description": "Name of the company of the partner"
+        },
+        "productName": {
+          "type": "string",
+          "description": "Name of the product of the partner that created the assessment"
+        },
+        "secret": {
+          "type": "string",
+          "description": "Secret to authenticate the partner and verify it created the assessment - write only",
+          "x-ms-secret": true
+        }
+      },
+      "required": [
+        "partnerName",
+        "secret"
+      ]
+    }
+  },
+  "parameters": {
+    "AssessmentsMetadataName": {
+      "name": "assessmentMetadataName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The Assessment Key - Unique key for the assessment type",
+      "x-ms-parameter-location": "method"
+    },
+    "SecurityAssessmentMetadata": {
+      "name": "assessmentMetadata",
+      "in": "body",
+      "required": true,
+      "description": "AssessmentMetadata object",
+      "schema": {
+        "$ref": "#/definitions/SecurityAssessmentMetadata"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/assessments.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/assessments.json
new file mode 100644
index 000000000..bf567f20d
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/assessments.json
@@ -0,0 +1,399 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/assessments": {
+      "get": {
+        "x-ms-examples": {
+          "List security assessments": {
+            "$ref": "./examples/Assessments/ListAssessments_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Get security assessments on all your scanned resources inside a scope",
+        "operationId": "Assessments_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security recommendation task from security data location": {
+            "$ref": "./examples/Assessments/GetAssessment_example.json"
+          },
+          "Get security recommendation task from security data location with expand parameter": {
+            "$ref": "./examples/Assessments/GetAssessmentWithExpand_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Get a security assessment on your scanned resource",
+        "operationId": "Assessments_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/ExpandAssessments"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create security recommendation task on a resource": {
+            "$ref": "./examples/Assessments/PutAssessment_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Create a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+        "operationId": "Assessments_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/AssessmentBody"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessment"
+            }
+          },
+          "200": {
+            "description": "OK - Updated",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security recommendation task on a resource": {
+            "$ref": "./examples/Assessments/DeleteAssessment_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Delete a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+        "operationId": "Assessments_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Assessment was deleted"
+          },
+          "204": {
+            "description": "No Content - Assessment does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityAssessmentList": {
+      "type": "object",
+      "description": "Page of a security assessments list",
+      "properties": {
+        "value": {
+          "description": "Collection of security assessments in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityAssessment"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityAssessment": {
+      "type": "object",
+      "description": "Security assessment on a resource",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecurityAssessmentProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityAssessmentProperties": {
+      "type": "object",
+      "description": "Describes properties of an assessment.",
+      "properties": {
+        "resourceDetails": {
+          "$ref": "../../../common/v1/types.json#/definitions/ResourceDetails"
+        },
+        "displayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "User friendly display name of the assessment"
+        },
+        "status": {
+          "$ref": "#/definitions/AssessmentStatus"
+        },
+        "additionalData": {
+          "type": "object",
+          "description": "Additional data regarding the assessment",
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "links": {
+          "$ref": "#/definitions/AssessmentLinks"
+        },
+        "metadata": {
+          "$ref": "./assessmentMetadata.json#/definitions/SecurityAssessmentMetadataProperties"
+        },
+        "partnersData": {
+          "$ref": "#/definitions/SecurityAssessmentPartnerData"
+        }
+      },
+      "required": [
+        "resourceDetails",
+        "status"
+      ]
+    },
+    "SecurityAssessmentPartnerData": {
+      "type": "object",
+      "description": "Data regarding 3rd party partner integration",
+      "properties": {
+        "partnerName": {
+          "type": "string",
+          "description": "Name of the company of the partner"
+        },
+        "secret": {
+          "type": "string",
+          "description": "secret to authenticate the partner - write only",
+          "x-ms-secret": true
+        }
+      },
+      "required": [
+        "partnerName",
+        "secret"
+      ]
+    },
+    "AssessmentLinks": {
+      "type": "object",
+      "description": "Links relevant to the assessment",
+      "readOnly": true,
+      "properties": {
+        "azurePortalUri": {
+          "type": "string",
+          "description": "Link to assessment in Azure Portal",
+          "readOnly": true
+        }
+      }
+    },
+    "AssessmentStatus": {
+      "type": "object",
+      "description": "The result of the assessment",
+      "properties": {
+        "code": {
+          "type": "string",
+          "description": "Programmatic code for the status of the assessment",
+          "enum": [
+            "Healthy",
+            "Unhealthy",
+            "NotApplicable"
+          ],
+          "x-ms-enum": {
+            "name": "AssessmentStatusCode",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Healthy",
+                "description": "The resource is healthy"
+              },
+              {
+                "value": "Unhealthy",
+                "description": "The resource has a security issue that needs to be addressed"
+              },
+              {
+                "value": "NotApplicable",
+                "description": "Assessment for this resource did not happen"
+              }
+            ]
+          }
+        },
+        "cause": {
+          "type": "string",
+          "description": "Programmatic code for the cause of the assessment status"
+        },
+        "description": {
+          "type": "string",
+          "description": "Human readable description of the assessment status"
+        }
+      },
+      "required": [
+        "code"
+      ]
+    }
+  },
+  "parameters": {
+    "ExpandAssessments": {
+      "name": "$expand",
+      "in": "query",
+      "required": false,
+      "type": "string",
+      "description": "OData expand. Optional.",
+      "x-ms-parameter-location": "method",
+      "enum": [
+        "links",
+        "metadata"
+      ],
+      "x-ms-enum": {
+        "name": "ExpandEnum",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "links",
+            "description": "All links associated with an assessment"
+          },
+          {
+            "value": "metadata",
+            "description": "Assessment metadata"
+          }
+        ]
+      }
+    },
+    "AssessmentName": {
+      "name": "assessmentName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The Assessment Key - Unique key for the assessment type",
+      "x-ms-parameter-location": "method"
+    },
+    "AssessmentBody": {
+      "name": "assessment",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/SecurityAssessment"
+      },
+      "description": "Calculated assessment on a pre-defined assessment metadata",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/discoveredSecuritySolutions.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/discoveredSecuritySolutions.json
new file mode 100644
index 000000000..95ad090b1
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/discoveredSecuritySolutions.json
@@ -0,0 +1,263 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/discoveredSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get discovered security solutions": {
+            "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "DiscoveredSecuritySolutions"
+        ],
+        "description": "Gets a list of discovered Security Solutions for the subscription.",
+        "operationId": "DiscoveredSecuritySolutions_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DiscoveredSecuritySolutionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/discoveredSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get discovered security solutions from a security data location": {
+            "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionsSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "DiscoveredSecuritySolutions"
+        ],
+        "description": "Gets a list of discovered Security Solutions for the subscription and location.",
+        "operationId": "DiscoveredSecuritySolutions_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DiscoveredSecuritySolutionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/discoveredSecuritySolutions/{discoveredSecuritySolutionName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get discovered security solution from a security data location": {
+            "$ref": "./examples/DiscoveredSecuritySolutions/GetDiscoveredSecuritySolutionResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "DiscoveredSecuritySolutions"
+        ],
+        "description": "Gets a specific discovered Security Solution.",
+        "operationId": "DiscoveredSecuritySolutions_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/DiscoveredSecuritySolutionName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/DiscoveredSecuritySolution"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "DiscoveredSecuritySolutionList": {
+      "type": "object",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/DiscoveredSecuritySolution"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "DiscoveredSecuritySolution": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/DiscoveredSecuritySolutionProperties"
+        }
+      },
+      "required": [
+        "properties"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "DiscoveredSecuritySolutionProperties": {
+      "type": "object",
+      "properties": {
+        "securityFamily": {
+          "type": "string",
+          "description": "The security family of the discovered solution",
+          "enum": [
+            "Waf",
+            "Ngfw",
+            "SaasWaf",
+            "Va"
+          ],
+          "x-ms-enum": {
+            "name": "securityFamily",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Waf"
+              },
+              {
+                "value": "Ngfw"
+              },
+              {
+                "value": "SaasWaf"
+              },
+              {
+                "value": "Va"
+              }
+            ]
+          }
+        },
+        "offer": {
+          "type": "string",
+          "description": "The security solutions' image offer"
+        },
+        "publisher": {
+          "type": "string",
+          "description": "The security solutions' image publisher"
+        },
+        "sku": {
+          "type": "string",
+          "description": "The security solutions' image sku"
+        }
+      },
+      "required": [
+        "securityFamily",
+        "offer",
+        "publisher",
+        "sku"
+      ]
+    }
+  },
+  "parameters": {
+    "DiscoveredSecuritySolutionName": {
+      "name": "discoveredSecuritySolutionName",
+      "type": "string",
+      "in": "path",
+      "required": true,
+      "description": "Name of a discovered security solution.",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/externalSecuritySolutions.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/externalSecuritySolutions.json
new file mode 100644
index 000000000..2c393277d
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/externalSecuritySolutions.json
@@ -0,0 +1,388 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/externalSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get external security solutions on a subscription": {
+            "$ref": "./examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscription_example.json"
+          }
+        },
+        "description": "Gets a list of external security solutions for the subscription.",
+        "tags": [
+          "ExternalSecuritySolutions"
+        ],
+        "operationId": "ExternalSecuritySolutions_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ExternalSecuritySolutionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/ExternalSecuritySolutions": {
+      "get": {
+        "x-ms-examples": {
+          "Get external security solutions on a subscription from security data location": {
+            "$ref": "./examples/ExternalSecuritySolutions/GetExternalSecuritySolutionsSubscriptionLocation_example.json"
+          }
+        },
+        "description": "Gets a list of external Security Solutions for the subscription and location.",
+        "tags": [
+          "ExternalSecuritySolutions"
+        ],
+        "operationId": "ExternalSecuritySolutions_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ExternalSecuritySolutionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/ExternalSecuritySolutions/{externalSecuritySolutionsName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get external security solution": {
+            "$ref": "./examples/ExternalSecuritySolutions/GetExternalSecuritySolution_example.json"
+          }
+        },
+        "description": "Gets a specific external Security Solution.",
+        "tags": [
+          "ExternalSecuritySolutions"
+        ],
+        "operationId": "ExternalSecuritySolutions_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/ExternalSecuritySolutionsName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ExternalSecuritySolution"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ExternalSecuritySolutionList": {
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ExternalSecuritySolution"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "ExternalSecuritySolution": {
+      "type": "object",
+      "description": "Represents a security solution external to Microsoft Defender for Cloud which sends information to an OMS workspace and whose data is displayed by Microsoft Defender for Cloud.",
+      "required": [
+        "kind"
+      ],
+      "discriminator": "kind",
+      "properties": {},
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "#/definitions/ExternalSecuritySolutionKind"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "CefExternalSecuritySolution": {
+      "x-ms-discriminator-value": "CEF",
+      "type": "object",
+      "description": "Represents a security solution which sends CEF logs to an OMS workspace",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolution"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/CefSolutionProperties"
+        }
+      }
+    },
+    "AtaExternalSecuritySolution": {
+      "x-ms-discriminator-value": "ATA",
+      "type": "object",
+      "description": "Represents an ATA security solution which sends logs to an OMS workspace",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolution"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/AtaSolutionProperties"
+        }
+      }
+    },
+    "AadExternalSecuritySolution": {
+      "x-ms-discriminator-value": "AAD",
+      "type": "object",
+      "description": "Represents an AAD identity protection solution which sends logs to an OMS workspace.",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolution"
+        }
+      ],
+      "properties": {
+        "properties": {
+          "$ref": "#/definitions/AadSolutionProperties"
+        }
+      }
+    },
+    "ExternalSecuritySolutionKind": {
+      "type": "object",
+      "description": "Describes an Azure resource with kind",
+      "properties": {
+        "kind": {
+          "type": "string",
+          "description": "The kind of the external solution",
+          "enum": [
+            "CEF",
+            "ATA",
+            "AAD"
+          ],
+          "x-ms-enum": {
+            "name": "ExternalSecuritySolutionKind",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "CEF"
+              },
+              {
+                "value": "ATA"
+              },
+              {
+                "value": "AAD"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "ExternalSecuritySolutionProperties": {
+      "type": "object",
+      "description": "The solution properties (correspond to the solution kind)",
+      "additionalProperties": true,
+      "properties": {
+        "deviceVendor": {
+          "type": "string"
+        },
+        "deviceType": {
+          "type": "string"
+        },
+        "workspace": {
+          "$ref": "#/definitions/ConnectedWorkspace"
+        }
+      }
+    },
+    "ConnectedWorkspace": {
+      "type": "object",
+      "title": "Represents an OMS workspace to which the solution is connected",
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "Azure resource ID of the connected OMS workspace"
+        }
+      }
+    },
+    "AadConnectivityState": {
+      "type": "object",
+      "description": "Describes an Azure resource with kind",
+      "properties": {
+        "connectivityState": {
+          "type": "string",
+          "title": "The connectivity state of the external AAD solution ",
+          "enum": [
+            "Discovered",
+            "NotLicensed",
+            "Connected"
+          ],
+          "x-ms-enum": {
+            "name": "AadConnectivityState",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Discovered"
+              },
+              {
+                "value": "NotLicensed"
+              },
+              {
+                "value": "Connected"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AadSolutionProperties": {
+      "type": "object",
+      "title": "The external security solution properties for AAD solutions",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolutionProperties"
+        },
+        {
+          "$ref": "#/definitions/AadConnectivityState"
+        }
+      ]
+    },
+    "CefSolutionProperties": {
+      "type": "object",
+      "title": "The external security solution properties for CEF solutions",
+      "properties": {
+        "hostname": {
+          "type": "string"
+        },
+        "agent": {
+          "type": "string"
+        },
+        "lastEventReceived": {
+          "type": "string"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolutionProperties"
+        }
+      ]
+    },
+    "AtaSolutionProperties": {
+      "type": "object",
+      "title": "The external security solution properties for ATA solutions",
+      "properties": {
+        "lastEventReceived": {
+          "type": "string"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/ExternalSecuritySolutionProperties"
+        }
+      ]
+    }
+  },
+  "parameters": {
+    "ExternalSecuritySolutionsName": {
+      "name": "externalSecuritySolutionsName",
+      "in": "path",
+      "description": "Name of an external security solution.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/jitNetworkAccessPolicies.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/jitNetworkAccessPolicies.json
new file mode 100644
index 000000000..6c90a7960
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/jitNetworkAccessPolicies.json
@@ -0,0 +1,774 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/jitNetworkAccessPolicies": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policies on a subscription": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscription_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control.",
+        "operationId": "JitNetworkAccessPolicies_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPoliciesList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policies on a subscription from a security data location": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location",
+        "operationId": "JitNetworkAccessPolicies_ListByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPoliciesList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/jitNetworkAccessPolicies": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policies on a resource group": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location",
+        "operationId": "JitNetworkAccessPolicies_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPoliciesList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policies on a resource group from a security data location": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPoliciesResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location",
+        "operationId": "JitNetworkAccessPolicies_ListByResourceGroupAndRegion",
+        "produces": [
+          "application/json"
+        ],
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPoliciesList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get JIT network access policy": {
+            "$ref": "./examples/JitNetworkAccessPolicies/GetJitNetworkAccessPolicy_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Policies for protecting resources using Just-in-Time access control for the subscription, location",
+        "operationId": "JitNetworkAccessPolicies_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPolicy"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create JIT network access policy": {
+            "$ref": "./examples/JitNetworkAccessPolicies/CreateJitNetworkAccessPolicy_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Create a policy for protecting resources using Just-in-Time access control",
+        "operationId": "JitNetworkAccessPolicies_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicy"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessPolicy"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a JIT network access policy": {
+            "$ref": "./examples/JitNetworkAccessPolicies/DeleteJitNetworkAccessPolicy_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Delete a Just-in-Time access control policy.",
+        "operationId": "JitNetworkAccessPolicies_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Resource was deleted"
+          },
+          "204": {
+            "description": "No Content - Resource does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/jitNetworkAccessPolicies/{jitNetworkAccessPolicyName}/{jitNetworkAccessPolicyInitiateType}": {
+      "post": {
+        "x-ms-examples": {
+          "Initiate an action on a JIT network access policy": {
+            "$ref": "./examples/JitNetworkAccessPolicies/InitiateJitNetworkAccessPolicy_example.json"
+          }
+        },
+        "tags": [
+          "JitNetworkAccessPolicies"
+        ],
+        "description": "Initiate a JIT access from a specific Just-in-Time policy configuration.",
+        "operationId": "JitNetworkAccessPolicies_Initiate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyName"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyInitiateType"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/JitNetworkAccessPolicyInitiateRequest"
+          }
+        ],
+        "responses": {
+          "202": {
+            "description": "Accepted",
+            "schema": {
+              "$ref": "#/definitions/JitNetworkAccessRequest"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "JitNetworkAccessPoliciesList": {
+      "type": "object",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPolicy"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "JitNetworkAccessPolicy": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/JitNetworkAccessPolicyProperties"
+        }
+      },
+      "required": [
+        "properties"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Kind"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "JitNetworkAccessPolicyProperties": {
+      "type": "object",
+      "properties": {
+        "virtualMachines": {
+          "type": "array",
+          "description": "Configurations for Microsoft.Compute/virtualMachines resource type.",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPolicyVirtualMachine"
+          }
+        },
+        "requests": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessRequest"
+          }
+        },
+        "provisioningState": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Gets the provisioning state of the Just-in-Time policy."
+        }
+      },
+      "required": [
+        "virtualMachines"
+      ]
+    },
+    "JitNetworkAccessPolicyVirtualMachine": {
+      "type": "object",
+      "required": [
+        "id",
+        "ports"
+      ],
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "Resource ID of the virtual machine that is linked to this policy"
+        },
+        "ports": {
+          "type": "array",
+          "description": "Port configurations for the virtual machine",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPortRule"
+          }
+        },
+        "publicIpAddress": {
+          "type": "string",
+          "description": "Public IP address of the Azure Firewall that is linked to this policy, if applicable"
+        }
+      }
+    },
+    "JitNetworkAccessPortRule": {
+      "type": "object",
+      "properties": {
+        "number": {
+          "$ref": "#/definitions/PortNumber"
+        },
+        "protocol": {
+          "type": "string",
+          "enum": [
+            "TCP",
+            "UDP",
+            "*"
+          ],
+          "x-ms-enum": {
+            "name": "protocol",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "TCP"
+              },
+              {
+                "value": "UDP"
+              },
+              {
+                "value": "*",
+                "name": "All"
+              }
+            ]
+          }
+        },
+        "allowedSourceAddressPrefix": {
+          "type": "string",
+          "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+        },
+        "allowedSourceAddressPrefixes": {
+          "type": "array",
+          "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.",
+          "items": {
+            "type": "string",
+            "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+          }
+        },
+        "maxRequestAccessDuration": {
+          "type": "string",
+          "description": "Maximum duration requests can be made for. In ISO 8601 duration format. Minimum 5 minutes, maximum 1 day"
+        }
+      },
+      "required": [
+        "maxRequestAccessDuration",
+        "number",
+        "protocol"
+      ]
+    },
+    "JitNetworkAccessRequest": {
+      "type": "object",
+      "properties": {
+        "virtualMachines": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessRequestVirtualMachine"
+          }
+        },
+        "startTimeUtc": {
+          "type": "string",
+          "format": "date-time",
+          "description": "The start time of the request in UTC"
+        },
+        "requestor": {
+          "type": "string",
+          "description": "The identity of the person who made the request"
+        },
+        "justification": {
+          "type": "string",
+          "description": "The justification for making the initiate request"
+        }
+      },
+      "required": [
+        "requestor",
+        "startTimeUtc",
+        "virtualMachines"
+      ]
+    },
+    "JitNetworkAccessRequestVirtualMachine": {
+      "type": "object",
+      "required": [
+        "id",
+        "ports"
+      ],
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "Resource ID of the virtual machine that is linked to this policy"
+        },
+        "ports": {
+          "type": "array",
+          "description": "The ports that were opened for the virtual machine",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessRequestPort"
+          }
+        }
+      }
+    },
+    "JitNetworkAccessRequestPort": {
+      "type": "object",
+      "properties": {
+        "number": {
+          "$ref": "#/definitions/PortNumber"
+        },
+        "allowedSourceAddressPrefix": {
+          "type": "string",
+          "description": "Mutually exclusive with the \"allowedSourceAddressPrefixes\" parameter. Should be an IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\"."
+        },
+        "allowedSourceAddressPrefixes": {
+          "type": "array",
+          "description": "Mutually exclusive with the \"allowedSourceAddressPrefix\" parameter.",
+          "items": {
+            "description": "IP address or CIDR, for example \"192.168.0.3\" or \"192.168.0.0/16\".",
+            "type": "string"
+          }
+        },
+        "endTimeUtc": {
+          "type": "string",
+          "format": "date-time",
+          "description": "The date & time at which the request ends in UTC"
+        },
+        "status": {
+          "type": "string",
+          "description": "The status of the port",
+          "enum": [
+            "Revoked",
+            "Initiated"
+          ],
+          "x-ms-enum": {
+            "name": "status",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Revoked"
+              },
+              {
+                "value": "Initiated"
+              }
+            ]
+          }
+        },
+        "statusReason": {
+          "type": "string",
+          "description": "A description of why the `status` has its value",
+          "enum": [
+            "Expired",
+            "UserRequested",
+            "NewerRequestInitiated"
+          ],
+          "x-ms-enum": {
+            "name": "statusReason",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Expired"
+              },
+              {
+                "value": "UserRequested"
+              },
+              {
+                "value": "NewerRequestInitiated"
+              }
+            ]
+          }
+        },
+        "mappedPort": {
+          "type": "integer",
+          "description": "The port which is mapped to this port's `number` in the Azure Firewall, if applicable"
+        }
+      },
+      "required": [
+        "endTimeUtc",
+        "number",
+        "status",
+        "statusReason"
+      ]
+    },
+    "JitNetworkAccessPolicyInitiateRequest": {
+      "type": "object",
+      "properties": {
+        "virtualMachines": {
+          "type": "array",
+          "description": "A list of virtual machines & ports to open access for",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPolicyInitiateVirtualMachine"
+          }
+        },
+        "justification": {
+          "type": "string",
+          "description": "The justification for making the initiate request"
+        }
+      },
+      "required": [
+        "virtualMachines"
+      ]
+    },
+    "JitNetworkAccessPolicyInitiateVirtualMachine": {
+      "type": "object",
+      "properties": {
+        "id": {
+          "type": "string",
+          "description": "Resource ID of the virtual machine that is linked to this policy"
+        },
+        "ports": {
+          "type": "array",
+          "description": "The ports to open for the resource with the `id`",
+          "items": {
+            "$ref": "#/definitions/JitNetworkAccessPolicyInitiatePort"
+          }
+        }
+      },
+      "required": [
+        "id",
+        "ports"
+      ]
+    },
+    "JitNetworkAccessPolicyInitiatePort": {
+      "type": "object",
+      "properties": {
+        "number": {
+          "$ref": "#/definitions/PortNumber"
+        },
+        "allowedSourceAddressPrefix": {
+          "type": "string",
+          "description": "Source of the allowed traffic. If omitted, the request will be for the source IP address of the initiate request."
+        },
+        "endTimeUtc": {
+          "type": "string",
+          "format": "date-time",
+          "description": "The time to close the request in UTC"
+        }
+      },
+      "required": [
+        "endTimeUtc",
+        "number"
+      ]
+    },
+    "PortNumber": {
+      "type": "integer",
+      "minimum": 0,
+      "maximum": 65535
+    }
+  },
+  "parameters": {
+    "JitNetworkAccessPolicyName": {
+      "name": "jitNetworkAccessPolicyName",
+      "type": "string",
+      "in": "path",
+      "required": true,
+      "description": "Name of a Just-in-Time access configuration policy.",
+      "x-ms-parameter-location": "method"
+    },
+    "JitNetworkAccessPolicyInitiateType": {
+      "name": "jitNetworkAccessPolicyInitiateType",
+      "type": "string",
+      "in": "path",
+      "required": true,
+      "description": "Type of the action to do on the Just-in-Time access policy.",
+      "enum": [
+        "initiate"
+      ],
+      "x-ms-enum": {
+        "name": "JitNetworkAccessPolicyInitiateType",
+        "modelAsString": false
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "JitNetworkAccessPolicyInitiateRequest": {
+      "name": "body",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/JitNetworkAccessPolicyInitiateRequest"
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "JitNetworkAccessPolicy": {
+      "name": "body",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/JitNetworkAccessPolicy"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/secureScore.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/secureScore.json
new file mode 100644
index 000000000..7617deb83
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/secureScore.json
@@ -0,0 +1,622 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScores": {
+      "get": {
+        "x-ms-examples": {
+          "List secure scores": {
+            "$ref": "./examples/secureScores/ListSecureScores_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score"
+        ],
+        "description": "List secure scores for all your Microsoft Defender for Cloud initiatives within your current scope.",
+        "operationId": "SecureScores_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecureScoresList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScores/{secureScoreName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get single secure score": {
+            "$ref": "./examples/secureScores/GetSecureScoresSingle_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score"
+        ],
+        "description": "Get secure score for a specific Microsoft Defender for Cloud initiative within your current scope. For the ASC Default initiative, use 'ascScore'.",
+        "operationId": "SecureScores_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/secureScoreName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecureScoreItem"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScores/{secureScoreName}/secureScoreControls": {
+      "get": {
+        "x-ms-examples": {
+          "Get security controls and their current score for the specified initiative": {
+            "$ref": "./examples/secureScores/ListSecureScoreControlsForName_builtin_example.json"
+          },
+          "Get security controls and their current score for the specified initiative with the expand parameter": {
+            "$ref": "./examples/secureScores/ListSecureScoreControlsForNameWithExpand_builtin_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score"
+        ],
+        "description": "Get all security controls for a specific initiative within a scope",
+        "operationId": "SecureScoreControls_ListBySecureScore",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/secureScoreName"
+          },
+          {
+            "$ref": "#/parameters/ExpandControlsDefinition"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecureScoreControlList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScoreControls": {
+      "get": {
+        "x-ms-examples": {
+          "List all secure scores controls": {
+            "$ref": "./examples/secureScores/ListSecureScoreControls_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score Controls"
+        ],
+        "description": "Get all security controls within a scope",
+        "operationId": "SecureScoreControls_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/ExpandControlsDefinition"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecureScoreControlList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/providers/Microsoft.Security/secureScoreControlDefinitions": {
+      "get": {
+        "x-ms-examples": {
+          "List security controls definition": {
+            "$ref": "./examples/secureScoreControlDefinitions/ListSecureScoreControlDefinitions_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score Control Definitions"
+        ],
+        "description": "List the available security controls, their assessments, and the max score",
+        "operationId": "SecureScoreControlDefinitions_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/secureScoreControlDefinitionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/secureScoreControlDefinitions": {
+      "get": {
+        "x-ms-examples": {
+          "List security controls definition by subscription": {
+            "$ref": "./examples/secureScoreControlDefinitions/ListSecureScoreControlDefinitions_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Secure Score Control Definitions"
+        ],
+        "description": "For a specified subscription, list the available security controls, their assessments, and the max score",
+        "operationId": "SecureScoreControlDefinitions_ListBySubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/secureScoreControlDefinitionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecureScoresList": {
+      "type": "object",
+      "description": "List of secure scores",
+      "properties": {
+        "value": {
+          "description": "Collection of secure scores in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecureScoreItem"
+          }
+        },
+        "nextLink": {
+          "description": "The URI to fetch the next page.",
+          "readOnly": true,
+          "type": "string"
+        }
+      }
+    },
+    "SecureScoreItem": {
+      "description": "Secure score item data model",
+      "readOnly": true,
+      "type": "object",
+      "properties": {
+        "properties": {
+          "description": "Secure score item",
+          "readOnly": true,
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecureScoreItemProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecureScoreItemProperties": {
+      "description": "Describes properties of a calculated secure score.",
+      "readOnly": true,
+      "type": "object",
+      "properties": {
+        "displayName": {
+          "description": "The initiative’s name",
+          "readOnly": true,
+          "type": "string"
+        },
+        "score": {
+          "description": "score object",
+          "readOnly": true,
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/ScoreDetails"
+        },
+        "weight": {
+          "description": "The relative weight for each subscription. Used when calculating an aggregated secure score for multiple subscriptions.",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "minimum": 0,
+          "exclusiveMinimum": false
+        }
+      }
+    },
+    "ScoreDetails": {
+      "description": "Calculation result data",
+      "readOnly": true,
+      "type": "object",
+      "properties": {
+        "max": {
+          "description": "Maximum score available",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32",
+          "minimum": 0,
+          "exclusiveMinimum": false
+        },
+        "current": {
+          "description": "Current score",
+          "readOnly": true,
+          "type": "number",
+          "format": "double",
+          "minimum": 0.00,
+          "exclusiveMinimum": false
+        },
+        "percentage": {
+          "description": "Ratio of the current score divided by the maximum. Rounded to 4 digits after the decimal point",
+          "readOnly": true,
+          "type": "number",
+          "format": "double",
+          "minimum": 0.00,
+          "maximum": 1.00,
+          "exclusiveMinimum": false,
+          "exclusiveMaximum": false
+        }
+      }
+    },
+    "SecureScoreControlScore": {
+      "description": "Calculation result data",
+      "type": "object",
+      "properties": {
+        "max": {
+          "description": "Maximum control score (0..10)",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32",
+          "minimum": 0,
+          "maximum": 10,
+          "exclusiveMinimum": false
+        },
+        "current": {
+          "description": "Actual score for the control = (achieved points / total points) * max score. if total points is zeroed, the return number is 0.00",
+          "readOnly": true,
+          "type": "number",
+          "format": "double",
+          "minimum": 0.00,
+          "maximum": 10.00,
+          "exclusiveMinimum": false
+        },
+        "percentage": {
+          "description": "Ratio of the current score divided by the maximum. Rounded to 4 digits after the decimal point",
+          "readOnly": true,
+          "type": "number",
+          "format": "double",
+          "minimum": 0.00,
+          "maximum": 1.00,
+          "exclusiveMinimum": false,
+          "exclusiveMaximum": false
+        }
+      }
+    },
+    "SecureScoreControlList": {
+      "description": "List of security controls",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Collection of security controls in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecureScoreControlDetails"
+          }
+        },
+        "nextLink": {
+          "description": "The URI to fetch the next page.",
+          "readOnly": true,
+          "type": "string"
+        }
+      }
+    },
+    "SecureScoreControlDetails": {
+      "description": "Details of the security control, its score, and the health status of the relevant resources.",
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecureScoreControlScoreDetails"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecureScoreControlScoreDetails": {
+      "description": "Calculation result data in control level",
+      "type": "object",
+      "properties": {
+        "displayName": {
+          "description": "User friendly display name of the control",
+          "readOnly": true,
+          "type": "string"
+        },
+        "score": {
+          "description": "Actual score object for the control",
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/ScoreDetails"
+        },
+        "healthyResourceCount": {
+          "description": "Number of healthy resources in the control",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32"
+        },
+        "unhealthyResourceCount": {
+          "description": "Number of unhealthy resources in the control",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32"
+        },
+        "notApplicableResourceCount": {
+          "description": "Number of not applicable resources in the control",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32"
+        },
+        "weight": {
+          "description": "The relative weight for this specific control in each of your subscriptions. Used when calculating an aggregated score for this control across all of your subscriptions.",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "minimum": 0,
+          "exclusiveMinimum": false
+        },
+        "definition": {
+          "$ref": "#/definitions/SecureScoreControlDefinitionItem"
+        }
+      }
+    },
+    "secureScoreControlDefinitionList": {
+      "description": "List of security controls definition",
+      "type": "object",
+      "properties": {
+        "value": {
+          "description": "Collection of security controls definition in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecureScoreControlDefinitionItem"
+          }
+        },
+        "nextLink": {
+          "description": "The URI to fetch the next page.",
+          "readOnly": true,
+          "type": "string"
+        }
+      }
+    },
+    "SecureScoreControlDefinitionItem": {
+      "description": "Information about the security control.",
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecureScoreControlDefinitionItemProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecureScoreControlDefinitionItemProperties": {
+      "description": "Security Control Definition Properties.",
+      "type": "object",
+      "properties": {
+        "displayName": {
+          "description": "User friendly display name of the control",
+          "readOnly": true,
+          "type": "string"
+        },
+        "description": {
+          "description": "User friendly description of the control",
+          "readOnly": true,
+          "type": "string",
+          "maxLength": 256
+        },
+        "maxScore": {
+          "description": "Maximum control score (0..10)",
+          "readOnly": true,
+          "type": "integer",
+          "format": "int32",
+          "minimum": 0,
+          "maximum": 10,
+          "exclusiveMinimum": false
+        },
+        "source": {
+          "description": "Source object from which the control was created",
+          "readOnly": true,
+          "$ref": "#/definitions/SecureScoreControlDefinitionSource"
+        },
+        "assessmentDefinitions": {
+          "description": "Array of assessments metadata IDs that are included in this security control",
+          "readOnly": true,
+          "$ref": "../../../common/v1/types.json#/definitions/AzureResourceLinks"
+        }
+      }
+    },
+    "SecureScoreControlDefinitionSource": {
+      "description": "The type of the security control (For example, BuiltIn)",
+      "readOnly": true,
+      "type": "object",
+      "properties": {
+        "sourceType": {
+          "description": "The type of security control (for example, BuiltIn)",
+          "type": "string",
+          "enum": [
+            "BuiltIn",
+            "Custom"
+          ],
+          "x-ms-enum": {
+            "name": "controlType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "BuiltIn",
+                "description": "Microsoft Defender for Cloud managed assessments"
+              },
+              {
+                "value": "Custom",
+                "description": "Non Microsoft Defender for Cloud managed assessments"
+              }
+            ]
+          }
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ExpandControlsDefinition": {
+      "name": "$expand",
+      "in": "query",
+      "required": false,
+      "type": "string",
+      "description": "OData expand. Optional.",
+      "x-ms-parameter-location": "method",
+      "enum": [
+        "definition"
+      ],
+      "x-ms-enum": {
+        "name": "ExpandControlsEnum",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "definition",
+            "description": "Add definition object for each control"
+          }
+        ]
+      }
+    },
+    "secureScoreName": {
+      "name": "secureScoreName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The initiative name. For the ASC Default initiative, use 'ascScore' as in the sample request below.",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/securitySolutionsReferenceData.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/securitySolutionsReferenceData.json
new file mode 100644
index 000000000..dd7c61741
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/securitySolutionsReferenceData.json
@@ -0,0 +1,212 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/securitySolutionsReferenceData": {
+      "get": {
+        "x-ms-examples": {
+          "Get security solutions": {
+            "$ref": "./examples/SecuritySolutionsReferenceData/GetSecuritySolutionsReferenceDataSubscription_example.json"
+          }
+        },
+        "tags": [
+          "securitySolutionsReferenceData"
+        ],
+        "description": "Gets a list of all supported Security Solutions for the subscription.",
+        "operationId": "securitySolutionsReferenceData_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/securitySolutionsReferenceDataList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/securitySolutionsReferenceData": {
+      "get": {
+        "x-ms-examples": {
+          "Get security solutions from a security data location": {
+            "$ref": "./examples/SecuritySolutionsReferenceData/GetSecuritySolutionsReferenceDataSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "SecuritySolutionsReferenceData"
+        ],
+        "description": "Gets list of all supported Security Solutions for subscription and location.",
+        "operationId": "SecuritySolutionsReferenceData_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/securitySolutionsReferenceDataList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "securitySolutionsReferenceDataList": {
+      "type": "object",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/securitySolutionsReferenceData"
+          }
+        }
+      }
+    },
+    "securitySolutionsReferenceData": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/securitySolutionsReferenceDataProperties"
+        }
+      },
+      "required": [
+        "properties"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "securitySolutionsReferenceDataProperties": {
+      "type": "object",
+      "properties": {
+        "securityFamily": {
+          "type": "string",
+          "description": "The security family of the security solution",
+          "enum": [
+            "Waf",
+            "Ngfw",
+            "SaasWaf",
+            "Va"
+          ],
+          "x-ms-enum": {
+            "name": "securityFamily",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Waf"
+              },
+              {
+                "value": "Ngfw"
+              },
+              {
+                "value": "SaasWaf"
+              },
+              {
+                "value": "Va"
+              }
+            ]
+          }
+        },
+        "alertVendorName": {
+          "type": "string",
+          "description": "The security solutions' vendor name"
+        },
+        "packageInfoUrl": {
+          "type": "string",
+          "description": "The security solutions' package info url"
+        },
+        "productName": {
+          "type": "string",
+          "description": "The security solutions' product name"
+        },
+        "publisher": {
+          "type": "string",
+          "description": "The security solutions' publisher"
+        },
+        "publisherDisplayName": {
+          "type": "string",
+          "description": "The security solutions' publisher display name"
+        },
+        "template": {
+          "type": "string",
+          "description": "The security solutions' template"
+        }
+      },
+      "required": [
+        "securityFamily",
+        "alertVendorName",
+        "packageInfoUrl",
+        "productName",
+        "publisher",
+        "publisherDisplayName",
+        "template"
+      ]
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/serverVulnerabilityAssessments.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/serverVulnerabilityAssessments.json
new file mode 100644
index 000000000..4c5f76ebc
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/serverVulnerabilityAssessments.json
@@ -0,0 +1,370 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/serverVulnerabilityAssessments": {
+      "get": {
+        "x-ms-examples": {
+          "Get a list of server vulnerability assessments on a resource. Though this API returns a list, Currently Microsoft.Security only supports a single default type of server vulnerability assessment": {
+            "$ref": "./examples/ServerVulnerabilityAssessments/ListByExtendedResourceServerVulnerabilityAssessments_example.json"
+          }
+        },
+        "description": "Gets a list of server vulnerability assessment onboarding statuses on a given resource.",
+        "tags": [
+          "ServerVulnerabilityAssessments"
+        ],
+        "operationId": "ServerVulnerabilityAssessment_ListByExtendedResource",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "name": "resourceNamespace",
+            "in": "path",
+            "description": "The Namespace of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceType",
+            "in": "path",
+            "description": "The type of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceName",
+            "in": "path",
+            "description": "Name of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ServerVulnerabilityAssessmentsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceNamespace}/{resourceType}/{resourceName}/providers/Microsoft.Security/serverVulnerabilityAssessments/{serverVulnerabilityAssessment}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a server vulnerability assessments onboarding status on a resource. Currently Microsoft.Security only supports the single 'default' resource": {
+            "$ref": "./examples/ServerVulnerabilityAssessments/GetServerVulnerabilityAssessments_example.json"
+          }
+        },
+        "description": "Gets a server vulnerability assessment onboarding statuses on a given resource.",
+        "tags": [
+          "ServerVulnerabilityAssessments"
+        ],
+        "operationId": "ServerVulnerabilityAssessment_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "name": "resourceNamespace",
+            "in": "path",
+            "description": "The Namespace of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceType",
+            "in": "path",
+            "description": "The type of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceName",
+            "in": "path",
+            "description": "Name of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "serverVulnerabilityAssessment",
+            "in": "path",
+            "description": "ServerVulnerabilityAssessment status. only a 'default' value is supported.",
+            "required": true,
+            "type": "string",
+            "enum": [
+              "default"
+            ],
+            "x-ms-enum": {
+              "name": "ServerVulnerabilityAssessmentName",
+              "modelAsString": false
+            }
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ServerVulnerabilityAssessment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create a server vulnerability assessments on a resource. Only 'default' resource is supported. Once creating the resource, the server will be onboarded to vulnerability assessment by Microsoft.Security": {
+            "$ref": "./examples/ServerVulnerabilityAssessments/CreateServerVulnerabilityAssessments_example.json"
+          }
+        },
+        "description": "Creating a server vulnerability assessment on a resource, which will onboard a resource for having a vulnerability assessment on it",
+        "tags": [
+          "ServerVulnerabilityAssessment"
+        ],
+        "operationId": "ServerVulnerabilityAssessment_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "name": "resourceNamespace",
+            "in": "path",
+            "description": "The Namespace of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceType",
+            "in": "path",
+            "description": "The type of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceName",
+            "in": "path",
+            "description": "Name of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "serverVulnerabilityAssessment",
+            "in": "path",
+            "description": "ServerVulnerabilityAssessment status. only a 'default' value is supported.",
+            "required": true,
+            "type": "string",
+            "enum": [
+              "default"
+            ],
+            "x-ms-enum": {
+              "name": "ServerVulnerabilityAssessmentName",
+              "modelAsString": false
+            }
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "202": {
+            "description": "Accepted",
+            "schema": {
+              "$ref": "#/definitions/ServerVulnerabilityAssessment"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a server vulnerability assessments on a resource. Only 'default' resource is supported. Once deleting, Microsoft.Security will not provide vulnerability assessment findings on the resource.": {
+            "$ref": "./examples/ServerVulnerabilityAssessments/DeleteServerVulnerabilityAssessments_example.json"
+          }
+        },
+        "description": "Removing server vulnerability assessment from a resource.",
+        "tags": [
+          "ServerVulnerabilityAssessment"
+        ],
+        "operationId": "ServerVulnerabilityAssessment_Delete",
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "location"
+        },
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "name": "resourceNamespace",
+            "in": "path",
+            "description": "The Namespace of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceType",
+            "in": "path",
+            "description": "The type of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "resourceName",
+            "in": "path",
+            "description": "Name of the resource.",
+            "required": true,
+            "type": "string"
+          },
+          {
+            "name": "serverVulnerabilityAssessment",
+            "in": "path",
+            "description": "ServerVulnerabilityAssessment status. only a 'default' value is supported.",
+            "required": true,
+            "type": "string",
+            "enum": [
+              "default"
+            ],
+            "x-ms-enum": {
+              "name": "ServerVulnerabilityAssessmentName",
+              "modelAsString": false
+            }
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "202": {
+            "description": "Accepted - the asynchronous delete operation has started."
+          },
+          "200": {
+            "description": "OK - deleted successfully."
+          },
+          "204": {
+            "description": "No Content - the resource did not exist in the first place."
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ServerVulnerabilityAssessmentsList": {
+      "type": "object",
+      "description": "List of server vulnerability assessments",
+      "properties": {
+        "value": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ServerVulnerabilityAssessment"
+          }
+        }
+      }
+    },
+    "ServerVulnerabilityAssessment": {
+      "type": "object",
+      "description": "Describes the server vulnerability assessment details on a resource",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/ServerVulnerabilityAssessmentProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "ServerVulnerabilityAssessmentProperties": {
+      "type": "object",
+      "description": "describes ServerVulnerabilityAssessment properties.",
+      "properties": {
+        "provisioningState": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The provisioningState of the vulnerability assessment capability on the VM",
+          "enum": [
+            "Succeeded",
+            "Failed",
+            "Canceled",
+            "Provisioning",
+            "Deprovisioning"
+          ]
+        }
+      }
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/topologies.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/topologies.json
new file mode 100644
index 000000000..67ca80831
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2020-01-01/topologies.json
@@ -0,0 +1,301 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2020-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/topologies": {
+      "get": {
+        "x-ms-examples": {
+          "Get topology on a subscription": {
+            "$ref": "./examples/Topology/GetTopologySubscription_example.json"
+          }
+        },
+        "tags": [
+          "Topology"
+        ],
+        "description": "Gets a list that allows to build a topology view of a subscription.",
+        "operationId": "Topology_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/TopologyList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/topologies": {
+      "get": {
+        "x-ms-examples": {
+          "Get topology on a subscription from security data location": {
+            "$ref": "./examples/Topology/GetTopologySubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Topology"
+        ],
+        "description": "Gets a list that allows to build a topology view of a subscription and location.",
+        "operationId": "Topology_ListByHomeRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/TopologyList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/topologies/{topologyResourceName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get topology": {
+            "$ref": "./examples/Topology/GetTopology_example.json"
+          }
+        },
+        "tags": [
+          "Topology"
+        ],
+        "description": "Gets a specific topology component.",
+        "operationId": "Topology_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/TopologyResourceName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/TopologyResource"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "TopologyList": {
+      "type": "object",
+      "properties": {
+        "value": {
+          "type": "array",
+          "readOnly": true,
+          "items": {
+            "$ref": "#/definitions/TopologyResource"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "TopologyResource": {
+      "type": "object",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "readOnly": true,
+          "$ref": "#/definitions/TopologyResourceProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        },
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Location"
+        }
+      ]
+    },
+    "TopologyResourceProperties": {
+      "type": "object",
+      "properties": {
+        "calculatedDateTime": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "The UTC time on which the topology was calculated"
+        },
+        "topologyResources": {
+          "type": "array",
+          "readOnly": true,
+          "description": "Azure resources which are part of this topology resource",
+          "items": {
+            "$ref": "#/definitions/TopologySingleResource"
+          }
+        }
+      }
+    },
+    "TopologySingleResource": {
+      "type": "object",
+      "properties": {
+        "resourceId": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Azure resource id"
+        },
+        "severity": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The security severity of the resource"
+        },
+        "recommendationsExist": {
+          "type": "boolean",
+          "readOnly": true,
+          "description": "Indicates if the resource has security recommendations"
+        },
+        "networkZones": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Indicates the resource connectivity level to the Internet (InternetFacing, Internal ,etc.)"
+        },
+        "topologyScore": {
+          "type": "integer",
+          "readOnly": true,
+          "description": "Score of the resource based on its security severity"
+        },
+        "location": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The location of this resource"
+        },
+        "parents": {
+          "type": "array",
+          "readOnly": true,
+          "description": "Azure resources connected to this resource which are in higher level in the topology view",
+          "items": {
+            "$ref": "#/definitions/TopologySingleResourceParent"
+          }
+        },
+        "children": {
+          "type": "array",
+          "readOnly": true,
+          "description": "Azure resources connected to this resource which are in lower level in the topology view",
+          "items": {
+            "$ref": "#/definitions/TopologySingleResourceChild"
+          }
+        }
+      }
+    },
+    "TopologySingleResourceParent": {
+      "type": "object",
+      "properties": {
+        "resourceId": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Azure resource id which serves as parent resource in topology view"
+        }
+      }
+    },
+    "TopologySingleResourceChild": {
+      "type": "object",
+      "properties": {
+        "resourceId": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Azure resource id which serves as child resource in topology view"
+        }
+      }
+    }
+  },
+  "parameters": {
+    "TopologyResourceName": {
+      "name": "topologyResourceName",
+      "in": "path",
+      "description": "Name of a topology resources collection.",
+      "required": true,
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessmentMetadata.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessmentMetadata.json
new file mode 100644
index 000000000..51c9ff8f8
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessmentMetadata.json
@@ -0,0 +1,1109 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2021-06-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/providers/Microsoft.Security/assessmentMetadata": {
+      "get": {
+        "x-ms-examples": {
+          "List security assessment metadata": {
+            "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on all assessment types",
+        "operationId": "AssessmentsMetadata_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadataResponseList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security assessment metadata": {
+            "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on an assessment type",
+        "operationId": "AssessmentsMetadata_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata": {
+      "get": {
+        "x-ms-examples": {
+          "List security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/ListAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on all assessment types in a specific subscription",
+        "operationId": "AssessmentsMetadata_ListBySubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadataResponseList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/assessmentMetadata/{assessmentMetadataName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/GetAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Get metadata information on an assessment type in a specific subscription",
+        "operationId": "AssessmentsMetadata_GetInSubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/CreateAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Create metadata information on an assessment type in a specific subscription",
+        "operationId": "AssessmentsMetadata_CreateInSubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SecurityAssessmentMetadataResponse"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security assessment metadata for subscription": {
+            "$ref": "./examples/AssessmentsMetadata/DeleteAssessmentsMetadata_subscription_example.json"
+          }
+        },
+        "tags": [
+          "Assessments Metadata"
+        ],
+        "description": "Delete metadata information on an assessment type in a specific subscription, will cause the deletion of all the assessments of that type in that subscription",
+        "operationId": "AssessmentsMetadata_DeleteInSubscription",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "#/parameters/AssessmentsMetadataName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityAssessmentMetadataResponseList": {
+      "type": "object",
+      "description": "List of security assessment metadata",
+      "properties": {
+        "value": {
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityAssessmentMetadata": {
+      "type": "object",
+      "description": "Security assessment metadata",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityAssessmentMetadataResponse": {
+      "type": "object",
+      "description": "Security assessment metadata response",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecurityAssessmentMetadataPropertiesResponse"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityAssessmentMetadataProperties": {
+      "type": "object",
+      "description": "Describes properties of an assessment metadata.",
+      "properties": {
+        "displayName": {
+          "type": "string",
+          "description": "User friendly display name of the assessment"
+        },
+        "policyDefinitionId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Azure resource ID of the policy definition that turns this assessment calculation on"
+        },
+        "description": {
+          "type": "string",
+          "description": "Human readable description of the assessment"
+        },
+        "remediationDescription": {
+          "type": "string",
+          "description": "Human readable description of what you should do to mitigate this security issue"
+        },
+        "categories": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "description": "The categories of resource that is at risk when the assessment is unhealthy",
+            "enum": [
+              "Compute",
+              "Networking",
+              "Data",
+              "IdentityAndAccess",
+              "IoT"
+            ],
+            "x-ms-enum": {
+              "name": "categories",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "Compute"
+                },
+                {
+                  "value": "Networking"
+                },
+                {
+                  "value": "Data"
+                },
+                {
+                  "value": "IdentityAndAccess"
+                },
+                {
+                  "value": "IoT"
+                }
+              ]
+            }
+          }
+        },
+        "severity": {
+          "type": "string",
+          "description": "The severity level of the assessment",
+          "enum": [
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "severity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Medium"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "userImpact": {
+          "type": "string",
+          "description": "The user impact of the assessment",
+          "enum": [
+            "Low",
+            "Moderate",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "userImpact",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Moderate"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "implementationEffort": {
+          "type": "string",
+          "description": "The implementation effort required to remediate this assessment",
+          "enum": [
+            "Low",
+            "Moderate",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "implementationEffort",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Low"
+              },
+              {
+                "value": "Moderate"
+              },
+              {
+                "value": "High"
+              }
+            ]
+          }
+        },
+        "threats": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "description": "Threats impact of the assessment",
+            "enum": [
+              "accountBreach",
+              "dataExfiltration",
+              "dataSpillage",
+              "maliciousInsider",
+              "elevationOfPrivilege",
+              "threatResistance",
+              "missingCoverage",
+              "denialOfService"
+            ],
+            "x-ms-enum": {
+              "name": "threats",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "accountBreach"
+                },
+                {
+                  "value": "dataExfiltration"
+                },
+                {
+                  "value": "dataSpillage"
+                },
+                {
+                  "value": "maliciousInsider"
+                },
+                {
+                  "value": "elevationOfPrivilege"
+                },
+                {
+                  "value": "threatResistance"
+                },
+                {
+                  "value": "missingCoverage"
+                },
+                {
+                  "value": "denialOfService"
+                }
+              ]
+            }
+          }
+        },
+        "preview": {
+          "type": "boolean",
+          "description": "True if this assessment is in preview release status"
+        },
+        "assessmentType": {
+          "type": "string",
+          "description": "BuiltIn if the assessment based on built-in Azure Policy definition, Custom if the assessment based on custom Azure Policy definition",
+          "enum": [
+            "BuiltIn",
+            "CustomPolicy",
+            "CustomerManaged",
+            "VerifiedPartner"
+          ],
+          "x-ms-enum": {
+            "name": "assessmentType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "BuiltIn",
+                "description": "Microsoft Defender for Cloud managed assessments"
+              },
+              {
+                "value": "CustomPolicy",
+                "description": "User defined policies that are automatically ingested from Azure Policy to Microsoft Defender for Cloud"
+              },
+              {
+                "value": "CustomerManaged",
+                "description": "User assessments pushed directly by the user or other third party to Microsoft Defender for Cloud"
+              },
+              {
+                "value": "VerifiedPartner",
+                "description": "An assessment that was created by a verified 3rd party if the user connected it to ASC"
+              }
+            ]
+          }
+        },
+        "partnerData": {
+          "$ref": "#/definitions/SecurityAssessmentMetadataPartnerData"
+        }
+      },
+      "required": [
+        "displayName",
+        "severity",
+        "assessmentType"
+      ]
+    },
+    "SecurityAssessmentMetadataPartnerData": {
+      "type": "object",
+      "description": "Describes the partner that created the assessment",
+      "properties": {
+        "partnerName": {
+          "type": "string",
+          "description": "Name of the company of the partner"
+        },
+        "productName": {
+          "type": "string",
+          "description": "Name of the product of the partner that created the assessment"
+        },
+        "secret": {
+          "type": "string",
+          "description": "Secret to authenticate the partner and verify it created the assessment - write only",
+          "x-ms-secret": true
+        }
+      },
+      "required": [
+        "partnerName",
+        "secret"
+      ]
+    },
+    "SecurityAssessmentMetadataPropertiesResponse": {
+      "type": "object",
+      "description": "Describes properties of an assessment metadata response.",
+      "properties": {
+        "publishDates": {
+          "type": "object",
+          "properties": {
+            "GA": {
+              "type": "string",
+              "pattern": "^([0-9]{2}/){2}[0-9]{4}$"
+            },
+            "public": {
+              "type": "string",
+              "pattern": "^([0-9]{2}/){2}[0-9]{4}$"
+            }
+          },
+          "required": [
+            "public"
+          ]
+        },
+        "plannedDeprecationDate": {
+          "type": "string",
+          "pattern": "^[0-9]{2}/[0-9]{4}$"
+        },
+        "tactics": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "description": "Tactic of the assessment",
+            "enum": [
+              "Reconnaissance",
+              "Resource Development",
+              "Initial Access",
+              "Execution",
+              "Persistence",
+              "Privilege Escalation",
+              "Defense Evasion",
+              "Credential Access",
+              "Discovery",
+              "Lateral Movement",
+              "Collection",
+              "Command and Control",
+              "Exfiltration",
+              "Impact"
+            ],
+            "x-ms-enum": {
+              "name": "tactics",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "Reconnaissance"
+                },
+                {
+                  "value": "Resource Development"
+                },
+                {
+                  "value": "Initial Access"
+                },
+                {
+                  "value": "Execution"
+                },
+                {
+                  "value": "Persistence"
+                },
+                {
+                  "value": "Privilege Escalation"
+                },
+                {
+                  "value": "Defense Evasion"
+                },
+                {
+                  "value": "Credential Access"
+                },
+                {
+                  "value": "Discovery"
+                },
+                {
+                  "value": "Lateral Movement"
+                },
+                {
+                  "value": "Collection"
+                },
+                {
+                  "value": "Command and Control"
+                },
+                {
+                  "value": "Exfiltration"
+                },
+                {
+                  "value": "Impact"
+                }
+              ]
+            }
+          }
+        },
+        "techniques": {
+          "type": "array",
+          "items": {
+            "type": "string",
+            "description": "Techniques of the assessment",
+            "enum": [
+              "Abuse Elevation Control Mechanism",
+              "Access Token Manipulation",
+              "Account Discovery",
+              "Account Manipulation",
+              "Active Scanning",
+              "Application Layer Protocol",
+              "Audio Capture",
+              "Boot or Logon Autostart Execution",
+              "Boot or Logon Initialization Scripts",
+              "Brute Force",
+              "Cloud Infrastructure Discovery",
+              "Cloud Service Dashboard",
+              "Cloud Service Discovery",
+              "Command and Scripting Interpreter",
+              "Compromise Client Software Binary",
+              "Compromise Infrastructure",
+              "Container and Resource Discovery",
+              "Create Account",
+              "Create or Modify System Process",
+              "Credentials from Password Stores",
+              "Data Destruction",
+              "Data Encrypted for Impact",
+              "Data from Cloud Storage Object",
+              "Data from Configuration Repository",
+              "Data from Information Repositories",
+              "Data from Local System",
+              "Data Manipulation",
+              "Data Staged",
+              "Defacement",
+              "Deobfuscate/Decode Files or Information",
+              "Disk Wipe",
+              "Domain Trust Discovery",
+              "Drive-by Compromise",
+              "Dynamic Resolution",
+              "Endpoint Denial of Service",
+              "Event Triggered Execution",
+              "Exfiltration Over Alternative Protocol",
+              "Exploit Public-Facing Application",
+              "Exploitation for Client Execution",
+              "Exploitation for Credential Access",
+              "Exploitation for Defense Evasion",
+              "Exploitation for Privilege Escalation",
+              "Exploitation of Remote Services",
+              "External Remote Services",
+              "Fallback Channels",
+              "File and Directory Discovery",
+              "Gather Victim Network Information",
+              "Hide Artifacts",
+              "Hijack Execution Flow",
+              "Impair Defenses",
+              "Implant Container Image",
+              "Indicator Removal on Host",
+              "Indirect Command Execution",
+              "Ingress Tool Transfer",
+              "Input Capture",
+              "Inter-Process Communication",
+              "Lateral Tool Transfer",
+              "Man-in-the-Middle",
+              "Masquerading",
+              "Modify Authentication Process",
+              "Modify Registry",
+              "Network Denial of Service",
+              "Network Service Scanning",
+              "Network Sniffing",
+              "Non-Application Layer Protocol",
+              "Non-Standard Port",
+              "Obtain Capabilities",
+              "Obfuscated Files or Information",
+              "Office Application Startup",
+              "OS Credential Dumping",
+              "Permission Groups Discovery",
+              "Phishing",
+              "Pre-OS Boot",
+              "Process Discovery",
+              "Process Injection",
+              "Protocol Tunneling",
+              "Proxy",
+              "Query Registry",
+              "Remote Access Software",
+              "Remote Service Session Hijacking",
+              "Remote Services",
+              "Remote System Discovery",
+              "Resource Hijacking",
+              "Scheduled Task/Job",
+              "Screen Capture",
+              "Search Victim-Owned Websites",
+              "Server Software Component",
+              "Service Stop",
+              "Signed Binary Proxy Execution",
+              "Software Deployment Tools",
+              "SQL Stored Procedures",
+              "Steal or Forge Kerberos Tickets",
+              "Subvert Trust Controls",
+              "Supply Chain Compromise",
+              "System Information Discovery",
+              "Taint Shared Content",
+              "Traffic Signaling",
+              "Transfer Data to Cloud Account",
+              "Trusted Relationship",
+              "Unsecured Credentials",
+              "User Execution",
+              "Valid Accounts",
+              "Windows Management Instrumentation",
+              "File and Directory Permissions Modification"
+            ],
+            "x-ms-enum": {
+              "name": "techniques",
+              "modelAsString": true,
+              "values": [
+                {
+                  "value": "Abuse Elevation Control Mechanism"
+                },
+                {
+                  "value": "Access Token Manipulation"
+                },
+                {
+                  "value": "Account Discovery"
+                },
+                {
+                  "value": "Account Manipulation"
+                },
+                {
+                  "value": "Active Scanning"
+                },
+                {
+                  "value": "Application Layer Protocol"
+                },
+                {
+                  "value": "Audio Capture"
+                },
+                {
+                  "value": "Boot or Logon Autostart Execution"
+                },
+                {
+                  "value": "Boot or Logon Initialization Scripts"
+                },
+                {
+                  "value": "Brute Force"
+                },
+                {
+                  "value": "Cloud Infrastructure Discovery"
+                },
+                {
+                  "value": "Cloud Service Dashboard"
+                },
+                {
+                  "value": "Cloud Service Discovery"
+                },
+                {
+                  "value": "Command and Scripting Interpreter"
+                },
+                {
+                  "value": "Compromise Client Software Binary"
+                },
+                {
+                  "value": "Compromise Infrastructure"
+                },
+                {
+                  "value": "Container and Resource Discovery"
+                },
+                {
+                  "value": "Create Account"
+                },
+                {
+                  "value": "Create or Modify System Process"
+                },
+                {
+                  "value": "Credentials from Password Stores"
+                },
+                {
+                  "value": "Data Destruction"
+                },
+                {
+                  "value": "Data Encrypted for Impact"
+                },
+                {
+                  "value": "Data from Cloud Storage Object"
+                },
+                {
+                  "value": "Data from Configuration Repository"
+                },
+                {
+                  "value": "Data from Information Repositories"
+                },
+                {
+                  "value": "Data from Local System"
+                },
+                {
+                  "value": "Data Manipulation"
+                },
+                {
+                  "value": "Data Staged"
+                },
+                {
+                  "value": "Defacement"
+                },
+                {
+                  "value": "Deobfuscate/Decode Files or Information"
+                },
+                {
+                  "value": "Disk Wipe"
+                },
+                {
+                  "value": "Domain Trust Discovery"
+                },
+                {
+                  "value": "Drive-by Compromise"
+                },
+                {
+                  "value": "Dynamic Resolution"
+                },
+                {
+                  "value": "Endpoint Denial of Service"
+                },
+                {
+                  "value": "Event Triggered Execution"
+                },
+                {
+                  "value": "Exfiltration Over Alternative Protocol"
+                },
+                {
+                  "value": "Exploit Public-Facing Application"
+                },
+                {
+                  "value": "Exploitation for Client Execution"
+                },
+                {
+                  "value": "Exploitation for Credential Access"
+                },
+                {
+                  "value": "Exploitation for Defense Evasion"
+                },
+                {
+                  "value": "Exploitation for Privilege Escalation"
+                },
+                {
+                  "value": "Exploitation of Remote Services"
+                },
+                {
+                  "value": "External Remote Services"
+                },
+                {
+                  "value": "Fallback Channels"
+                },
+                {
+                  "value": "File and Directory Discovery"
+                },
+                {
+                  "value": "Gather Victim Network Information"
+                },
+                {
+                  "value": "Hide Artifacts"
+                },
+                {
+                  "value": "Hijack Execution Flow"
+                },
+                {
+                  "value": "Impair Defenses"
+                },
+                {
+                  "value": "Implant Container Image"
+                },
+                {
+                  "value": "Indicator Removal on Host"
+                },
+                {
+                  "value": "Indirect Command Execution"
+                },
+                {
+                  "value": "Ingress Tool Transfer"
+                },
+                {
+                  "value": "Input Capture"
+                },
+                {
+                  "value": "Inter-Process Communication"
+                },
+                {
+                  "value": "Lateral Tool Transfer"
+                },
+                {
+                  "value": "Man-in-the-Middle"
+                },
+                {
+                  "value": "Masquerading"
+                },
+                {
+                  "value": "Modify Authentication Process"
+                },
+                {
+                  "value": "Modify Registry"
+                },
+                {
+                  "value": "Network Denial of Service"
+                },
+                {
+                  "value": "Network Service Scanning"
+                },
+                {
+                  "value": "Network Sniffing"
+                },
+                {
+                  "value": "Non-Application Layer Protocol"
+                },
+                {
+                  "value": "Non-Standard Port"
+                },
+                {
+                  "value": "Obtain Capabilities"
+                },
+                {
+                  "value": "Obfuscated Files or Information"
+                },
+                {
+                  "value": "Office Application Startup"
+                },
+                {
+                  "value": "OS Credential Dumping"
+                },
+                {
+                  "value": "Permission Groups Discovery"
+                },
+                {
+                  "value": "Phishing"
+                },
+                {
+                  "value": "Pre-OS Boot"
+                },
+                {
+                  "value": "Process Discovery"
+                },
+                {
+                  "value": "Process Injection"
+                },
+                {
+                  "value": "Protocol Tunneling"
+                },
+                {
+                  "value": "Proxy"
+                },
+                {
+                  "value": "Query Registry"
+                },
+                {
+                  "value": "Remote Access Software"
+                },
+                {
+                  "value": "Remote Service Session Hijacking"
+                },
+                {
+                  "value": "Remote Services"
+                },
+                {
+                  "value": "Remote System Discovery"
+                },
+                {
+                  "value": "Resource Hijacking"
+                },
+                {
+                  "value": "Scheduled Task/Job"
+                },
+                {
+                  "value": "Screen Capture"
+                },
+                {
+                  "value": "Search Victim-Owned Websites"
+                },
+                {
+                  "value": "Server Software Component"
+                },
+                {
+                  "value": "Service Stop"
+                },
+                {
+                  "value": "Signed Binary Proxy Execution"
+                },
+                {
+                  "value": "Software Deployment Tools"
+                },
+                {
+                  "value": "SQL Stored Procedures"
+                },
+                {
+                  "value": "Steal or Forge Kerberos Tickets"
+                },
+                {
+                  "value": "Subvert Trust Controls"
+                },
+                {
+                  "value": "Supply Chain Compromise"
+                },
+                {
+                  "value": "System Information Discovery"
+                },
+                {
+                  "value": "Taint Shared Content"
+                },
+                {
+                  "value": "Traffic Signaling"
+                },
+                {
+                  "value": "Transfer Data to Cloud Account"
+                },
+                {
+                  "value": "Trusted Relationship"
+                },
+                {
+                  "value": "Unsecured Credentials"
+                },
+                {
+                  "value": "User Execution"
+                },
+                {
+                  "value": "Valid Accounts"
+                },
+                {
+                  "value": "Windows Management Instrumentation"
+                },
+                {
+                  "value": "File and Directory Permissions Modification"
+                }
+              ]
+            }
+          }
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/SecurityAssessmentMetadataProperties"
+        }
+      ]
+    }
+  },
+  "parameters": {
+    "AssessmentsMetadataName": {
+      "name": "assessmentMetadataName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The Assessment Key - Unique key for the assessment type",
+      "x-ms-parameter-location": "method"
+    },
+    "SecurityAssessmentMetadataResponse": {
+      "name": "assessmentMetadata",
+      "in": "body",
+      "required": true,
+      "description": "AssessmentMetadata object",
+      "schema": {
+        "$ref": "#/definitions/SecurityAssessmentMetadataResponse"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessments.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessments.json
new file mode 100644
index 000000000..58a60667e
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2021-06-01/assessments.json
@@ -0,0 +1,467 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2021-06-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scope}/providers/Microsoft.Security/assessments": {
+      "get": {
+        "x-ms-examples": {
+          "List security assessments": {
+            "$ref": "./examples/Assessments/ListAssessments_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Get security assessments on all your scanned resources inside a scope",
+        "operationId": "Assessments_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/Scope"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/{resourceId}/providers/Microsoft.Security/assessments/{assessmentName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security recommendation task from security data location": {
+            "$ref": "./examples/Assessments/GetAssessment_example.json"
+          },
+          "Get security recommendation task from security data location with expand parameter": {
+            "$ref": "./examples/Assessments/GetAssessmentWithExpand_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Get a security assessment on your scanned resource",
+        "operationId": "Assessments_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/ExpandAssessments"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Create security recommendation task on a resource": {
+            "$ref": "./examples/Assessments/PutAssessment_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Create a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+        "operationId": "Assessments_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          },
+          {
+            "$ref": "#/parameters/AssessmentBody"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentResponse"
+            }
+          },
+          "200": {
+            "description": "OK - Updated",
+            "schema": {
+              "$ref": "#/definitions/SecurityAssessmentResponse"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a security recommendation task on a resource": {
+            "$ref": "./examples/Assessments/DeleteAssessment_example.json"
+          }
+        },
+        "tags": [
+          "Assessments"
+        ],
+        "description": "Delete a security assessment on your resource. An assessment metadata that describes this assessment must be predefined with the same name before inserting the assessment result",
+        "operationId": "Assessments_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceId"
+          },
+          {
+            "$ref": "#/parameters/AssessmentName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Assessment was deleted"
+          },
+          "204": {
+            "description": "No Content - Assessment does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SecurityAssessmentList": {
+      "type": "object",
+      "description": "Page of a security assessments list",
+      "properties": {
+        "value": {
+          "description": "Collection of security assessments in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/SecurityAssessmentResponse"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "SecurityAssessment": {
+      "type": "object",
+      "description": "Security assessment on a resource",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecurityAssessmentProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityAssessmentResponse": {
+      "type": "object",
+      "description": "Security assessment on a resource - response format",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/SecurityAssessmentPropertiesResponse"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "SecurityAssessmentProperties": {
+      "type": "object",
+      "description": "Describes properties of an assessment.",
+      "properties": {
+        "status": {
+          "$ref": "#/definitions/AssessmentStatus"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/SecurityAssessmentPropertiesBase"
+        }
+      ],
+      "required": [
+        "status"
+      ]
+    },
+    "SecurityAssessmentPropertiesResponse": {
+      "type": "object",
+      "description": "Describes properties of an assessment.",
+      "properties": {
+        "status": {
+          "$ref": "#/definitions/AssessmentStatusResponse"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/SecurityAssessmentPropertiesBase"
+        }
+      ],
+      "required": [
+        "status"
+      ]
+    },
+    "SecurityAssessmentPropertiesBase": {
+      "type": "object",
+      "description": "Describes properties of an assessment.",
+      "properties": {
+        "resourceDetails": {
+          "$ref": "../../../common/v1/types.json#/definitions/ResourceDetails"
+        },
+        "displayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "User friendly display name of the assessment"
+        },
+        "additionalData": {
+          "type": "object",
+          "description": "Additional data regarding the assessment",
+          "additionalProperties": {
+            "type": "string"
+          }
+        },
+        "links": {
+          "$ref": "#/definitions/AssessmentLinks"
+        },
+        "metadata": {
+          "$ref": "./assessmentMetadata.json#/definitions/SecurityAssessmentMetadataProperties"
+        },
+        "partnersData": {
+          "$ref": "#/definitions/SecurityAssessmentPartnerData"
+        }
+      },
+      "required": [
+        "resourceDetails"
+      ]
+    },
+    "SecurityAssessmentPartnerData": {
+      "type": "object",
+      "description": "Data regarding 3rd party partner integration",
+      "properties": {
+        "partnerName": {
+          "type": "string",
+          "description": "Name of the company of the partner"
+        },
+        "secret": {
+          "type": "string",
+          "description": "secret to authenticate the partner - write only",
+          "x-ms-secret": true
+        }
+      },
+      "required": [
+        "partnerName",
+        "secret"
+      ]
+    },
+    "AssessmentLinks": {
+      "type": "object",
+      "description": "Links relevant to the assessment",
+      "readOnly": true,
+      "properties": {
+        "azurePortalUri": {
+          "type": "string",
+          "description": "Link to assessment in Azure Portal",
+          "readOnly": true
+        }
+      }
+    },
+    "AssessmentStatusResponse": {
+      "type": "object",
+      "description": "The result of the assessment",
+      "properties": {
+        "firstEvaluationDate": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The time that the assessment was created and first evaluated. Returned as UTC time in ISO 8601 format"
+        },
+        "statusChangeDate": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The time that the status of the assessment last changed. Returned as UTC time in ISO 8601 format"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/AssessmentStatus"
+        }
+      ]
+    },
+    "AssessmentStatus": {
+      "type": "object",
+      "description": "The result of the assessment",
+      "properties": {
+        "code": {
+          "type": "string",
+          "description": "Programmatic code for the status of the assessment",
+          "enum": [
+            "Healthy",
+            "Unhealthy",
+            "NotApplicable"
+          ],
+          "x-ms-enum": {
+            "name": "AssessmentStatusCode",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Healthy",
+                "description": "The resource is healthy"
+              },
+              {
+                "value": "Unhealthy",
+                "description": "The resource has a security issue that needs to be addressed"
+              },
+              {
+                "value": "NotApplicable",
+                "description": "Assessment for this resource did not happen"
+              }
+            ]
+          }
+        },
+        "cause": {
+          "type": "string",
+          "description": "Programmatic code for the cause of the assessment status"
+        },
+        "description": {
+          "type": "string",
+          "description": "Human readable description of the assessment status"
+        }
+      },
+      "required": [
+        "code"
+      ]
+    }
+  },
+  "parameters": {
+    "ExpandAssessments": {
+      "name": "$expand",
+      "in": "query",
+      "required": false,
+      "type": "string",
+      "description": "OData expand. Optional.",
+      "x-ms-parameter-location": "method",
+      "enum": [
+        "links",
+        "metadata"
+      ],
+      "x-ms-enum": {
+        "name": "ExpandEnum",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "links",
+            "description": "All links associated with an assessment"
+          },
+          {
+            "value": "metadata",
+            "description": "Assessment metadata"
+          }
+        ]
+      }
+    },
+    "AssessmentName": {
+      "name": "assessmentName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The Assessment Key - Unique key for the assessment type",
+      "x-ms-parameter-location": "method"
+    },
+    "AssessmentBody": {
+      "name": "assessment",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/SecurityAssessment"
+      },
+      "description": "Calculated assessment on a pre-defined assessment metadata",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2021-06-01/settings.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2021-06-01/settings.json
new file mode 100644
index 000000000..512722183
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2021-06-01/settings.json
@@ -0,0 +1,300 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2021-06-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings": {
+      "get": {
+        "x-ms-examples": {
+          "Get settings of subscription": {
+            "$ref": "./examples/Settings/GetSettings_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "Settings about different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SettingsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings/{settingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a setting on subscription": {
+            "$ref": "./examples/Settings/GetSetting_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "Settings of different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Setting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Update a setting for subscription": {
+            "$ref": "./examples/Settings/UpdateSetting_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "updating settings about different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SettingName"
+          },
+          {
+            "$ref": "#/parameters/Setting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Setting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SettingsList": {
+      "type": "object",
+      "description": "Subscription settings list.",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "The settings list.",
+          "items": {
+            "$ref": "#/definitions/Setting"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "DataExportSettings": {
+      "type": "object",
+      "description": "Represents a data export setting",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Data export setting data",
+          "$ref": "#/definitions/DataExportSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/Setting"
+        }
+      ],
+      "x-ms-discriminator-value": "DataExportSettings"
+    },
+    "AlertSyncSettings": {
+      "type": "object",
+      "description": "Represents an alert sync setting",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Alert sync setting data",
+          "$ref": "#/definitions/AlertSyncSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/Setting"
+        }
+      ],
+      "x-ms-discriminator-value": "AlertSyncSettings"
+    },
+    "Setting": {
+      "type": "object",
+      "description": "The kind of the security setting",
+      "properties": {
+        "kind": {
+          "type": "string",
+          "description": "the kind of the settings string",
+          "enum": [
+            "DataExportSettings",
+            "AlertSuppressionSetting",
+            "AlertSyncSettings"
+          ],
+          "x-ms-enum": {
+            "name": "SettingKind",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "DataExportSettings"
+              },
+              {
+                "value": "AlertSuppressionSetting"
+              },
+              {
+                "value": "AlertSyncSettings"
+              }
+            ]
+          }
+        }
+      },
+      "discriminator": "kind",
+      "required": [
+        "kind"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "DataExportSettingProperties": {
+      "type": "object",
+      "description": "The data export setting properties",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Is the data export setting enabled"
+        }
+      },
+      "required": [
+        "enabled"
+      ]
+    },
+    "AlertSyncSettingProperties": {
+      "type": "object",
+      "description": "The alert sync setting properties",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Is the alert sync setting enabled"
+        }
+      },
+      "required": [
+        "enabled"
+      ]
+    }
+  },
+  "parameters": {
+    "SettingName": {
+      "name": "settingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The name of the setting",
+      "enum": [
+        "MCAS",
+        "WDATP",
+        "Sentinel"
+      ],
+      "x-ms-parameter-location": "method"
+    },
+    "Setting": {
+      "name": "setting",
+      "in": "body",
+      "required": true,
+      "description": "Setting object",
+      "schema": {
+        "$ref": "#/definitions/Setting"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2022-01-01/alerts.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2022-01-01/alerts.json
new file mode 100644
index 000000000..a48b60130
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2022-01-01/alerts.json
@@ -0,0 +1,1250 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) alerts resource provider",
+    "version": "2022-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a subscription": {
+            "$ref": "./examples/Alerts/GetAlertsSubscription_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the subscription",
+        "operationId": "Alerts_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a resource group": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the resource group",
+        "operationId": "Alerts_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsSubscriptionsLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the subscription that are stored in a specific location",
+        "operationId": "Alerts_ListSubscriptionLevelByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alerts on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertsResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "List all the alerts that are associated with the resource group that are stored in a specific location",
+        "operationId": "Alerts_ListResourceGroupLevelByRegion",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/AlertList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alert on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertSubscriptionLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Get an alert that is associated with a subscription",
+        "operationId": "Alerts_GetSubscriptionLevel",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Alert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get security alert on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/GetAlertResourceGroupLocation_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Get an alert that is associated a resource group or a resource in a resource group",
+        "operationId": "Alerts_GetResourceGroupLevel",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Alert"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_dismiss_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelStateToDismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/resolve": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_resolve_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelStateToResolve",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/activate": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_activate_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelStateToActivate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/inProgress": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a subscription from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertSubscriptionLocation_inProgress_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateSubscriptionLevelStateToInProgress",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/resolve": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_resolve_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelStateToResolve",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/dismiss": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_dismiss_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelStateToDismiss",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/activate": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_activate_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelStateToActivate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/locations/{ascLocation}/alerts/{alertName}/inProgress": {
+      "post": {
+        "x-ms-examples": {
+          "Update security alert state on a resource group from a security data location": {
+            "$ref": "./examples/Alerts/UpdateAlertResourceGroupLocation_inProgress_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Update the alert's state",
+        "operationId": "Alerts_UpdateResourceGroupLevelStateToInProgress",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ResourceGroupName"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertName"
+          }
+        ],
+        "responses": {
+          "204": {
+            "description": "No Content"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/locations/{ascLocation}/alerts/default/simulate": {
+      "post": {
+        "x-ms-examples": {
+          "Simulate security alerts on a subscription": {
+            "$ref": "./examples/Alerts/SimulateAlerts_example.json"
+          }
+        },
+        "tags": [
+          "Alerts"
+        ],
+        "description": "Simulate security alerts",
+        "operationId": "Alerts_Simulate",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/AscLocation"
+          },
+          {
+            "$ref": "#/parameters/AlertSimulatorRequestBody"
+          }
+        ],
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "original-uri"
+        },
+        "responses": {
+          "202": {
+            "description": "Accepted"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "Alert": {
+      "type": "object",
+      "description": "Security alert",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "describes security alert properties.",
+          "$ref": "#/definitions/AlertProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "AlertEntity": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "object"
+      },
+      "description": "Changing set of properties depending on the entity type.",
+      "properties": {
+        "type": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Type of entity"
+        }
+      }
+    },
+    "AlertExtendedLinks": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "string"
+      },
+      "description": "Links related to the alert"
+    },
+    "AlertExtendedProperties": {
+      "type": "object",
+      "additionalProperties": {
+        "type": "string"
+      },
+      "description": "Custom properties for the alert."
+    },
+    "AlertList": {
+      "type": "object",
+      "description": "List of security alerts",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "describes security alert properties.",
+          "items": {
+            "$ref": "#/definitions/Alert"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "AlertProperties": {
+      "type": "object",
+      "description": "describes security alert properties.",
+      "properties": {
+        "version": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Schema version."
+        },
+        "alertType": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Unique identifier for the detection logic (all alert instances from the same detection logic will have the same alertType)."
+        },
+        "systemAlertId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Unique identifier for the alert."
+        },
+        "productComponentName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The name of Azure Security Center pricing tier which powering this alert. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-pricing"
+        },
+        "alertDisplayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The display name of the alert."
+        },
+        "description": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Description of the suspicious activity that was detected."
+        },
+        "severity": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Informational",
+            "Low",
+            "Medium",
+            "High"
+          ],
+          "x-ms-enum": {
+            "name": "alertSeverity",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Informational",
+                "description": "Informational"
+              },
+              {
+                "value": "Low",
+                "description": "Low"
+              },
+              {
+                "value": "Medium",
+                "description": "Medium"
+              },
+              {
+                "value": "High",
+                "description": "High"
+              }
+            ]
+          },
+          "description": "The risk level of the threat that was detected. Learn more: https://docs.microsoft.com/en-us/azure/security-center/security-center-alerts-overview#how-are-alerts-classified."
+        },
+        "intent": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Unknown",
+            "PreAttack",
+            "InitialAccess",
+            "Persistence",
+            "PrivilegeEscalation",
+            "DefenseEvasion",
+            "CredentialAccess",
+            "Discovery",
+            "LateralMovement",
+            "Execution",
+            "Collection",
+            "Exfiltration",
+            "CommandAndControl",
+            "Impact",
+            "Probing",
+            "Exploitation"
+          ],
+          "x-ms-enum": {
+            "name": "intent",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Unknown",
+                "description": "Unknown"
+              },
+              {
+                "value": "PreAttack",
+                "description": "PreAttack could be either an attempt to access a certain resource regardless of a malicious intent, or a failed attempt to gain access to a target system to gather information prior to exploitation. This step is usually detected as an attempt, originating from outside the network, to scan the target system and find a way in.  Further details on the PreAttack stage can be read in [MITRE Pre-Att&ck matrix](https://attack.mitre.org/matrices/pre/)."
+              },
+              {
+                "value": "InitialAccess",
+                "description": "InitialAccess is the stage where an attacker manages to get foothold on the attacked resource."
+              },
+              {
+                "value": "Persistence",
+                "description": "Persistence is any access, action, or configuration change to a system that gives a threat actor a persistent presence on that system."
+              },
+              {
+                "value": "PrivilegeEscalation",
+                "description": "Privilege escalation is the result of actions that allow an adversary to obtain a higher level of permissions on a system or network."
+              },
+              {
+                "value": "DefenseEvasion",
+                "description": "Defense evasion consists of techniques an adversary may use to evade detection or avoid other defenses."
+              },
+              {
+                "value": "CredentialAccess",
+                "description": "Credential access represents techniques resulting in access to or control over system, domain, or service credentials that are used within an enterprise environment."
+              },
+              {
+                "value": "Discovery",
+                "description": "Discovery consists of techniques that allow the adversary to gain knowledge about the system and internal network."
+              },
+              {
+                "value": "LateralMovement",
+                "description": "Lateral movement consists of techniques that enable an adversary to access and control remote systems on a network and could, but does not necessarily, include execution of tools on remote systems."
+              },
+              {
+                "value": "Execution",
+                "description": "The execution tactic represents techniques that result in execution of adversary-controlled code on a local or remote system."
+              },
+              {
+                "value": "Collection",
+                "description": "Collection consists of techniques used to identify and gather information, such as sensitive files, from a target network prior to exfiltration."
+              },
+              {
+                "value": "Exfiltration",
+                "description": "Exfiltration refers to techniques and attributes that result or aid in the adversary removing files and information from a target network."
+              },
+              {
+                "value": "CommandAndControl",
+                "description": "The command and control tactic represents how adversaries communicate with systems under their control within a target network."
+              },
+              {
+                "value": "Impact",
+                "description": "Impact events primarily try to directly reduce the availability or integrity of a system, service, or network; including manipulation of data to impact a business or operational process."
+              },
+              {
+                "value": "Probing",
+                "description": "Probing could be either an attempt to access a certain resource regardless of a malicious intent, or a failed attempt to gain access to a target system to gather information prior to exploitation."
+              },
+              {
+                "value": "Exploitation",
+                "description": "Exploitation is the stage where an attacker manages to get a foothold on the attacked resource. This stage is relevant for compute hosts and resources such as user accounts, certificates etc."
+              }
+            ]
+          },
+          "description": "The kill chain related intent behind the alert. For list of supported values, and explanations of Azure Security Center's supported kill chain intents."
+        },
+        "startTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The UTC time of the first event or activity included in the alert in ISO8601 format."
+        },
+        "endTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The UTC time of the last event or activity included in the alert in ISO8601 format."
+        },
+        "resourceIdentifiers": {
+          "readOnly": true,
+          "type": "array",
+          "description": "The resource identifiers that can be used to direct the alert to the right product exposure group (tenant, workspace, subscription etc.). There can be multiple identifiers of different type per alert.",
+          "items": {
+            "$ref": "#/definitions/ResourceIdentifier"
+          },
+          "x-ms-identifiers": []
+        },
+        "remediationSteps": {
+          "readOnly": true,
+          "type": "array",
+          "description": "Manual action items to take to remediate the alert.",
+          "items": {
+            "readOnly": true,
+            "type": "string"
+          }
+        },
+        "vendorName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The name of the vendor that raises the alert."
+        },
+        "status": {
+          "readOnly": true,
+          "type": "string",
+          "enum": [
+            "Active",
+            "InProgress",
+            "Resolved",
+            "Dismissed"
+          ],
+          "x-ms-enum": {
+            "name": "alertStatus",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Active",
+                "description": "An alert which doesn't specify a value is assigned the status 'Active'"
+              },
+              {
+                "value": "InProgress",
+                "description": "An alert which is in handling state"
+              },
+              {
+                "value": "Resolved",
+                "description": "Alert closed after handling"
+              },
+              {
+                "value": "Dismissed",
+                "description": "Alert dismissed as false positive"
+              }
+            ]
+          },
+          "description": "The life cycle status of the alert."
+        },
+        "extendedLinks": {
+          "readOnly": true,
+          "type": "array",
+          "description": "Links related to the alert",
+          "items": {
+            "$ref": "#/definitions/AlertExtendedLinks"
+          },
+          "x-ms-identifiers": []
+        },
+        "alertUri": {
+          "readOnly": true,
+          "type": "string",
+          "description": "A direct link to the alert page in Azure Portal."
+        },
+        "timeGeneratedUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The UTC time the alert was generated in ISO8601 format."
+        },
+        "productName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The name of the product which published this alert (Microsoft Sentinel, Microsoft Defender for Identity, Microsoft Defender for Endpoint, Microsoft Defender for Office, Microsoft Defender for Cloud Apps, and so on)."
+        },
+        "processingEndTimeUtc": {
+          "readOnly": true,
+          "type": "string",
+          "format": "date-time",
+          "description": "The UTC processing end time of the alert in ISO8601 format."
+        },
+        "entities": {
+          "readOnly": true,
+          "type": "array",
+          "description": "A list of entities related to the alert.",
+          "items": {
+            "$ref": "#/definitions/AlertEntity"
+          },
+          "x-ms-identifiers": []
+        },
+        "isIncident": {
+          "readOnly": true,
+          "type": "boolean",
+          "description": "This field determines whether the alert is an incident (a compound grouping of several alerts) or a single alert."
+        },
+        "correlationKey": {
+          "readOnly": true,
+          "type": "string",
+          "description": "Key for corelating related alerts. Alerts with the same correlation key considered to be related."
+        },
+        "extendedProperties": {
+          "$ref": "#/definitions/AlertExtendedProperties",
+          "description": "Custom properties for the alert."
+        },
+        "compromisedEntity": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The display name of the resource most related to this alert."
+        },
+        "techniques": {
+          "readOnly": true,
+          "type": "array",
+          "description": "kill chain related techniques behind the alert.",
+          "items": {
+            "readOnly": true,
+            "type": "string"
+          }
+        },
+        "subTechniques": {
+          "readOnly": true,
+          "type": "array",
+          "description": "Kill chain related sub-techniques behind the alert.",
+          "items": {
+            "readOnly": true,
+            "type": "string"
+          }
+        },
+        "supportingEvidence": {
+          "type": "object",
+          "additionalProperties": {
+            "type": "object"
+          },
+          "description": "Changing set of properties depending on the supportingEvidence type.",
+          "properties": {
+            "type": {
+              "readOnly": true,
+              "type": "string",
+              "description": "Type of the supportingEvidence"
+            }
+          }
+        }
+      }
+    },
+    "AzureResourceIdentifier": {
+      "type": "object",
+      "description": "Azure resource identifier.",
+      "x-ms-discriminator-value": "AzureResource",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ResourceIdentifier"
+        }
+      ],
+      "properties": {
+        "azureResourceId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "ARM resource identifier for the cloud resource being alerted on"
+        }
+      }
+    },
+    "LogAnalyticsIdentifier": {
+      "type": "object",
+      "description": "Represents a Log Analytics workspace scope identifier.",
+      "x-ms-discriminator-value": "LogAnalytics",
+      "allOf": [
+        {
+          "$ref": "#/definitions/ResourceIdentifier"
+        }
+      ],
+      "properties": {
+        "workspaceId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The LogAnalytics workspace id that stores this alert."
+        },
+        "workspaceSubscriptionId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The azure subscription id for the LogAnalytics workspace storing this alert.",
+          "pattern": "^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$"
+        },
+        "workspaceResourceGroup": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The azure resource group for the LogAnalytics workspace storing this alert"
+        },
+        "agentId": {
+          "readOnly": true,
+          "type": "string",
+          "description": "(optional) The LogAnalytics agent id reporting the event that this alert is based on."
+        }
+      }
+    },
+    "ResourceIdentifier": {
+      "type": "object",
+      "description": "A resource identifier for an alert which can be used to direct the alert to the right product exposure group (tenant, workspace, subscription etc.).",
+      "discriminator": "type",
+      "required": [
+        "type"
+      ],
+      "properties": {
+        "type": {
+          "type": "string",
+          "description": "There can be multiple identifiers of different type per alert, this field specify the identifier type.",
+          "enum": [
+            "AzureResource",
+            "LogAnalytics"
+          ],
+          "x-ms-enum": {
+            "name": "ResourceIdentifierType",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "AzureResource"
+              },
+              {
+                "value": "LogAnalytics"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AlertSimulatorRequestBody": {
+      "type": "object",
+      "description": "Alert Simulator request body.",
+      "properties": {
+        "properties": {
+          "description": "Alert Simulator request body data.",
+          "$ref": "#/definitions/AlertSimulatorRequestProperties"
+        }
+      }
+    },
+    "AlertSimulatorRequestProperties": {
+      "type": "object",
+      "description": "Describes properties of an alert simulation request",
+      "discriminator": "kind",
+      "required": [
+        "kind"
+      ],
+      "additionalProperties": true,
+      "properties": {
+        "kind": {
+          "type": "string",
+          "description": "The kind of alert simulation.",
+          "enum": [
+            "Bundles"
+          ],
+          "x-ms-enum": {
+            "name": "kind",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Bundles",
+                "description": "Simulate alerts according to bundles"
+              }
+            ]
+          }
+        }
+      }
+    },
+    "AlertSimulatorBundlesRequestProperties": {
+      "type": "object",
+      "description": "Simulate alerts according to this bundles.",
+      "x-ms-discriminator-value": "Bundles",
+      "properties": {
+        "bundles": {
+          "type": "array",
+          "description": "Bundles list.",
+          "items": {
+            "$ref": "#/definitions/BundleType"
+          }
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/AlertSimulatorRequestProperties"
+        }
+      ]
+    },
+    "BundleType": {
+      "type": "string",
+      "description": "Alert Simulator supported bundles.",
+      "enum": [
+        "AppServices",
+        "DNS",
+        "KeyVaults",
+        "KubernetesService",
+        "ResourceManager",
+        "SqlServers",
+        "StorageAccounts",
+        "VirtualMachines",
+        "CosmosDbs"
+      ],
+      "x-ms-enum": {
+        "name": "BundleType",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "AppServices"
+          },
+          {
+            "value": "DNS"
+          },
+          {
+            "value": "KeyVaults"
+          },
+          {
+            "value": "KubernetesService"
+          },
+          {
+            "value": "ResourceManager"
+          },
+          {
+            "value": "SqlServers"
+          },
+          {
+            "value": "StorageAccounts"
+          },
+          {
+            "value": "VirtualMachines"
+          },
+          {
+            "value": "CosmosDbs"
+          }
+        ]
+      }
+    }
+  },
+  "parameters": {
+    "AlertName": {
+      "name": "alertName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "Name of the alert object",
+      "x-ms-parameter-location": "method"
+    },
+    "AlertSimulatorRequestBody": {
+      "name": "alertSimulatorRequestBody",
+      "in": "body",
+      "required": true,
+      "description": "Alert Simulator Request Properties",
+      "schema": {
+        "$ref": "#/definitions/AlertSimulatorRequestBody"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2022-05-01/settings.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2022-05-01/settings.json
new file mode 100644
index 000000000..d3ded47b6
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2022-05-01/settings.json
@@ -0,0 +1,306 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2022-05-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings": {
+      "get": {
+        "x-ms-examples": {
+          "Get settings of subscription": {
+            "$ref": "./examples/Settings/GetSettings_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "Settings about different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/SettingsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/settings/{settingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get a setting on subscription": {
+            "$ref": "./examples/Settings/GetSetting_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "Settings of different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SettingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Setting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Update a setting for subscription": {
+            "$ref": "./examples/Settings/UpdateSetting_example.json"
+          }
+        },
+        "tags": [
+          "Settings"
+        ],
+        "description": "updating settings about different configurations in Microsoft Defender for Cloud",
+        "operationId": "Settings_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/SubscriptionId"
+          },
+          {
+            "$ref": "#/parameters/SettingName"
+          },
+          {
+            "$ref": "#/parameters/Setting"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Setting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "SettingsList": {
+      "type": "object",
+      "description": "Subscription settings list.",
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "The settings list.",
+          "items": {
+            "$ref": "#/definitions/Setting"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "DataExportSettings": {
+      "type": "object",
+      "description": "Represents a data export setting",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Data export setting data",
+          "$ref": "#/definitions/DataExportSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/Setting"
+        }
+      ],
+      "x-ms-discriminator-value": "DataExportSettings"
+    },
+    "AlertSyncSettings": {
+      "type": "object",
+      "description": "Represents an alert sync setting",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Alert sync setting data",
+          "$ref": "#/definitions/AlertSyncSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/Setting"
+        }
+      ],
+      "x-ms-discriminator-value": "AlertSyncSettings"
+    },
+    "Setting": {
+      "type": "object",
+      "description": "The kind of the security setting",
+      "properties": {
+        "kind": {
+          "type": "string",
+          "description": "the kind of the settings string",
+          "enum": [
+            "DataExportSettings",
+            "AlertSuppressionSetting",
+            "AlertSyncSettings"
+          ],
+          "x-ms-enum": {
+            "name": "SettingKind",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "DataExportSettings"
+              },
+              {
+                "value": "AlertSuppressionSetting"
+              },
+              {
+                "value": "AlertSyncSettings"
+              }
+            ]
+          }
+        }
+      },
+      "discriminator": "kind",
+      "required": [
+        "kind"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "DataExportSettingProperties": {
+      "type": "object",
+      "description": "The data export setting properties",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Is the data export setting enabled"
+        }
+      },
+      "required": [
+        "enabled"
+      ]
+    },
+    "AlertSyncSettingProperties": {
+      "type": "object",
+      "description": "The alert sync setting properties",
+      "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Is the alert sync setting enabled"
+        }
+      },
+      "required": [
+        "enabled"
+      ]
+    }
+  },
+  "parameters": {
+    "SettingName": {
+      "name": "settingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The name of the setting",
+      "enum": [
+        "MCAS",
+        "WDATP",
+        "WDATP_EXCLUDE_LINUX_PUBLIC_PREVIEW",
+        "WDATP_UNIFIED_SOLUTION",
+        "Sentinel"
+      ],
+      "x-ms-enum": {
+        "name": "SettingName",
+        "modelAsString": true
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "Setting": {
+      "name": "setting",
+      "in": "body",
+      "required": true,
+      "description": "Setting object",
+      "schema": {
+        "$ref": "#/definitions/Setting"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2023-05-01/ServerVulnerabilityAssessmentsSettings.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2023-05-01/ServerVulnerabilityAssessmentsSettings.json
new file mode 100644
index 000000000..8e297f9d5
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2023-05-01/ServerVulnerabilityAssessmentsSettings.json
@@ -0,0 +1,330 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Security Center",
+    "description": "API spec for Microsoft.Security (Azure Security Center) resource provider",
+    "version": "2023-05-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/serverVulnerabilityAssessmentsSettings": {
+      "get": {
+        "x-ms-examples": {
+          "List the server vulnerability assessments settings set on the subscription": {
+            "$ref": "./examples/ServerVulnerabilityAssessmentsSettings/ListServerVulnerabilityAssessmentsSettings_example.json"
+          }
+        },
+        "tags": [
+          "ServerVulnerabilityAssessmentsSettings"
+        ],
+        "description": "Get a list of all the server vulnerability assessments settings over a subscription level scope",
+        "operationId": "ServerVulnerabilityAssessmentsSettings_ListBySubscription",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ServerVulnerabilityAssessmentsSettingsList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/serverVulnerabilityAssessmentsSettings/{settingKind}": {
+      "get": {
+        "x-ms-examples": {
+          "Get the server vulnerability assessments setting of the kind settingKind that is set on the subscription": {
+            "$ref": "./examples/ServerVulnerabilityAssessmentsSettings/GetServerVulnerabilityAssessmentsSetting_example.json"
+          }
+        },
+        "tags": [
+          "ServerVulnerabilityAssessmentsSettings"
+        ],
+        "description": "Get a server vulnerability assessments setting of the requested kind, that is set on the subscription",
+        "operationId": "ServerVulnerabilityAssessmentsSettings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "#/parameters/SettingKind"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ServerVulnerabilityAssessmentsSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Set a server vulnerability assessments setting of the kind settingKind on the subscription": {
+            "$ref": "./examples/ServerVulnerabilityAssessmentsSettings/PutServerVulnerabilityAssessmentsSetting_example.json"
+          }
+        },
+        "tags": [
+          "ServerVulnerabilityAssessmentsSettings"
+        ],
+        "description": "Create or update a server vulnerability assessments setting of the requested kind on the subscription",
+        "operationId": "ServerVulnerabilityAssessmentsSettings_CreateOrUpdate",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "#/parameters/SettingKind"
+          },
+          {
+            "$ref": "#/parameters/SettingBody"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/ServerVulnerabilityAssessmentsSetting"
+            }
+          },
+          "201": {
+            "description": "Created",
+            "schema": {
+              "$ref": "#/definitions/ServerVulnerabilityAssessmentsSetting"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete the server vulnerability assessments setting of the kind settingKind from the subscription": {
+            "$ref": "./examples/ServerVulnerabilityAssessmentsSettings/DeleteServerVulnerabilityAssessmentsSetting_example.json"
+          }
+        },
+        "tags": [
+          "ServerVulnerabilityAssessmentsSettings"
+        ],
+        "description": "Delete the server vulnerability assessments setting of the requested kind from the subscription",
+        "operationId": "ServerVulnerabilityAssessmentsSettings_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "#/parameters/SettingKind"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK - Setting was deleted"
+          },
+          "204": {
+            "description": "No Content - Setting does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ServerVulnerabilityAssessmentsSettingsList": {
+      "type": "object",
+      "description": "A page of a server vulnerability assessments settings list",
+      "properties": {
+        "value": {
+          "description": "A collection of server vulnerability assessments settings in this page",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ServerVulnerabilityAssessmentsSetting"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page"
+        }
+      }
+    },
+    "ServerVulnerabilityAssessmentsSetting": {
+      "type": "object",
+      "description": "A base vulnerability assessments setting on servers in the defined scope.",
+      "properties": {
+        "kind": {
+          "description": "The kind of the server vulnerability assessments setting.",
+          "$ref": "#/definitions/ServerVulnerabilityAssessmentsSettingKind"
+        }
+      },
+      "discriminator": "kind",
+      "required": [
+        "kind"
+      ],
+      "allOf": [
+        {
+          "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "AzureServersSetting": {
+      "type": "object",
+      "description": "A vulnerability assessments setting on Azure servers in the defined scope.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "The vulnerability assessments setting properties on Azure servers in the defined scope.",
+          "$ref": "#/definitions/ServerVulnerabilityAssessmentsAzureSettingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "#/definitions/ServerVulnerabilityAssessmentsSetting"
+        }
+      ],
+      "x-ms-discriminator-value": "AzureServersSetting"
+    },
+    "ServerVulnerabilityAssessmentsAzureSettingProperties": {
+      "type": "object",
+      "description": "Describes the vulnerability assessments setting properties on Azure servers in the defined scope.",
+      "properties": {
+        "selectedProvider": {
+          "description": "The selected vulnerability assessments provider on Azure servers in the defined scope.",
+          "type": "string",
+          "enum": [
+            "MdeTvm"
+          ],
+          "x-ms-enum": {
+            "name": "ServerVulnerabilityAssessmentsAzureSettingSelectedProvider",
+            "modelAsString": true,
+            "values": [
+              {
+                "description": "Microsoft Defender for Endpoints threat and vulnerability management.",
+                "value": "MdeTvm"
+              }
+            ]
+          }
+        }
+      },
+      "required": [
+        "selectedProvider"
+      ]
+    },
+    "ServerVulnerabilityAssessmentsSettingKind": {
+      "type": "string",
+      "description": "The kind of the server vulnerability assessments setting",
+      "enum": [
+        "AzureServersSetting"
+      ],
+      "x-ms-enum": {
+        "name": "ServerVulnerabilityAssessmentsSettingKind",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "AzureServersSetting"
+          }
+        ]
+      }
+    }
+  },
+  "parameters": {
+    "SettingKind": {
+      "name": "settingKind",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The kind of the server vulnerability assessments setting",
+      "enum": [
+        "azureServersSetting"
+      ],
+      "x-ms-enum": {
+        "name": "ServerVulnerabilityAssessmentsSettingKindName",
+        "modelAsString": true,
+        "values": [
+          {
+            "value": "azureServersSetting"
+          }
+        ]
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "SettingBody": {
+      "name": "serverVulnerabilityAssessmentsSetting",
+      "in": "body",
+      "required": true,
+      "schema": {
+        "$ref": "#/definitions/ServerVulnerabilityAssessmentsSetting"
+      },
+      "description": "A server vulnerability assessments setting over a predefined scope",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2023-11-15/apiCollections.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2023-11-15/apiCollections.json
new file mode 100644
index 000000000..a4f66294c
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2023-11-15/apiCollections.json
@@ -0,0 +1,474 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2023-11-15"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/subscriptions/{subscriptionId}/providers/Microsoft.Security/apiCollections": {
+      "get": {
+        "x-ms-examples": {
+          "Gets a list of API collections within a subscription that have been onboarded to Microsoft Defender for APIs": {
+            "$ref": "./examples/ApiCollections/APICollections_ListBySubscription_example.json"
+          }
+        },
+        "tags": [
+          "D4APICollectionList"
+        ],
+        "description": "Gets a list of API collections within a subscription that have been onboarded to Microsoft Defender for APIs.",
+        "summary": "Gets a list of API collections within a subscription",
+        "operationId": "APICollections_ListBySubscription",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "This indicates a successful response. The response contains the list of API collections.",
+            "schema": {
+              "$ref": "#/definitions/ApiCollectionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Security/apiCollections": {
+      "get": {
+        "x-ms-examples": {
+          "Gets a list of API collections within a resource group that have been onboarded to Microsoft Defender for APIs": {
+            "$ref": "./examples/ApiCollections/APICollections_ListByResourceGroup_example.json"
+          }
+        },
+        "tags": [
+          "D4APICollectionList"
+        ],
+        "description": "Gets a list of API collections within a resource group that have been onboarded to Microsoft Defender for APIs.",
+        "summary": "Gets a list of API collections within a resource group",
+        "operationId": "APICollections_ListByResourceGroup",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "This indicates a successful response. The response contains the list of API collections.",
+            "schema": {
+              "$ref": "#/definitions/ApiCollectionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections": {
+      "get": {
+        "x-ms-examples": {
+          "Gets a list of Azure API Management APIs that have been onboarded to Microsoft Defender for APIs": {
+            "$ref": "./examples/ApiCollections/APICollections_ListByAzureApiManagementService_example.json"
+          }
+        },
+        "tags": [
+          "D4APICollectionList",
+          "APIMConfig"
+        ],
+        "description": "Gets a list of Azure API Management APIs that have been onboarded to Microsoft Defender for APIs. If an Azure API Management API is onboarded to Microsoft Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+        "summary": "Gets a list of onboarded Azure API Management APIs",
+        "operationId": "APICollections_ListByAzureApiManagementService",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/ApiManagementServiceNameParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "This indicates a successful response. The response contains the list of API collections.",
+            "schema": {
+              "$ref": "#/definitions/ApiCollectionList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-pageable": {
+          "nextLinkName": "nextLink"
+        }
+      }
+    },
+    "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ApiManagement/service/{serviceName}/providers/Microsoft.Security/apiCollections/{apiId}": {
+      "get": {
+        "x-ms-examples": {
+          "Gets an Azure API Management API if it has been onboarded to Microsoft Defender for APIs": {
+            "$ref": "./examples/ApiCollections/APICollections_GetByAzureApiManagementService_example.json"
+          }
+        },
+        "tags": [
+          "D4APICollection",
+          "APIMConfig"
+        ],
+        "description": "Gets an Azure API Management API if it has been onboarded to Microsoft Defender for APIs. If an Azure API Management API is onboarded to Microsoft Defender for APIs, the system will monitor the operations within the Azure API Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+        "summary": "Gets an onboarded Azure API Management API",
+        "operationId": "APICollections_GetByAzureApiManagementService",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/ApiManagementServiceNameParameter"
+          },
+          {
+            "$ref": "#/parameters/ApiManagementApiIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "This indicates a successful response. The response contains the properties of the API collection.",
+            "schema": {
+              "$ref": "#/definitions/ApiCollection"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Onboard an Azure API Management API to Microsoft Defender for APIs": {
+            "$ref": "./examples/ApiCollections/APICollections_OnboardAzureApiManagementApi_example.json"
+          }
+        },
+        "tags": [
+          "OnboardToD4API",
+          "APIMConfig"
+        ],
+        "description": "Onboard an Azure API Management API to Microsoft Defender for APIs. The system will start monitoring the operations within the Azure Management API for intrusive behaviors and provide alerts for attacks that have been detected.",
+        "summary": "Onboard an Azure API Management API to Microsoft Defender for APIs",
+        "operationId": "APICollections_OnboardAzureApiManagementApi",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/ApiManagementServiceNameParameter"
+          },
+          {
+            "$ref": "#/parameters/ApiManagementApiIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "This indicates a successful response for the create or update operation. The response contains the properties of the API collection.",
+            "schema": {
+              "$ref": "#/definitions/ApiCollection"
+            }
+          },
+          "201": {
+            "description": "This indicates a successful response for the create or update operation. The response contains the properties of the API collection.",
+            "headers": {
+              "Location": {
+                "type": "string"
+              }
+            },
+            "schema": {
+              "$ref": "#/definitions/ApiCollection"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        },
+        "x-ms-long-running-operation": true,
+        "x-ms-long-running-operation-options": {
+          "final-state-via": "location"
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Offboard an Azure API Management API from Microsoft Defender for APIs": {
+            "$ref": "./examples/ApiCollections/APICollections_OffboardAzureApiManagementApi_example.json"
+          }
+        },
+        "tags": [
+          "OffboardFromD4API",
+          "APIMConfig"
+        ],
+        "description": "Offboard an Azure API Management API from Microsoft Defender for APIs. The system will stop monitoring the operations within the Azure API Management API for intrusive behaviors.",
+        "summary": "Offboard an Azure API Management API from Microsoft Defender for APIs",
+        "operationId": "APICollections_OffboardAzureApiManagementApi",
+        "parameters": [
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/SubscriptionIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ResourceGroupNameParameter"
+          },
+          {
+            "$ref": "#/parameters/ApiManagementServiceNameParameter"
+          },
+          {
+            "$ref": "#/parameters/ApiManagementApiIdParameter"
+          },
+          {
+            "$ref": "../../../../../common-types/resource-management/v5/types.json#/parameters/ApiVersionParameter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "This indicates a successful response for the delete operation."
+          },
+          "204": {
+            "description": "This indicates a successful response for the delete operation."
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../../../common-types/resource-management/v5/types.json#/definitions/ErrorResponse"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "ApiCollectionList": {
+      "type": "object",
+      "description": "Page of a list of API collections as represented by Microsoft Defender for APIs.",
+      "properties": {
+        "value": {
+          "description": "API collections in this page.",
+          "readOnly": true,
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/ApiCollection"
+          }
+        },
+        "nextLink": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The URI to fetch the next page."
+        }
+      }
+    },
+    "ApiCollection": {
+      "type": "object",
+      "description": "An API collection as represented by Microsoft Defender for APIs.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "$ref": "#/definitions/ApiCollectionProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "ApiCollectionProperties": {
+      "type": "object",
+      "description": "Describes the properties of an API collection.",
+      "properties": {
+        "provisioningState": {
+          "type": "string",
+          "readOnly": true,
+          "description": "Gets the provisioning state of the API collection.",
+          "enum": [
+            "Succeeded",
+            "Failed",
+            "Canceled",
+            "InProgress"
+          ],
+          "x-ms-enum": {
+            "name": "ProvisioningState",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Succeeded"
+              },
+              {
+                "value": "Failed"
+              },
+              {
+                "value": "Canceled"
+              },
+              {
+                "value": "InProgress"
+              }
+            ]
+          }
+        },
+        "displayName": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The display name of the API collection."
+        },
+        "discoveredVia": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The resource Id of the resource from where this API collection was discovered.",
+          "format": "arm-id",
+          "x-ms-arm-id-details": {
+            "allowedResources": [
+              {
+                "type": "Microsoft.ApiManagement/service"
+              }
+            ]
+          }
+        },
+        "baseUrl": {
+          "readOnly": true,
+          "type": "string",
+          "format": "uri",
+          "description": "The base URI for this API collection. All endpoints of this API collection extend this base URI."
+        },
+        "numberOfApiEndpoints": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "The number of API endpoints discovered in this API collection."
+        },
+        "numberOfInactiveApiEndpoints": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "The number of API endpoints in this API collection that have not received any API traffic in the last 30 days."
+        },
+        "numberOfUnauthenticatedApiEndpoints": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "The number of API endpoints in this API collection that are unauthenticated."
+        },
+        "numberOfExternalApiEndpoints": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "The number of API endpoints in this API collection for which API traffic from the internet was observed."
+        },
+        "numberOfApiEndpointsWithSensitiveDataExposed": {
+          "readOnly": true,
+          "type": "integer",
+          "format": "int64",
+          "description": "The number of API endpoints in this API collection which are exposing sensitive data in their requests and/or responses."
+        },
+        "sensitivityLabel": {
+          "readOnly": true,
+          "type": "string",
+          "description": "The highest priority sensitivity label from Microsoft Purview in this API collection."
+        }
+      }
+    }
+  },
+  "parameters": {
+    "ApiManagementServiceNameParameter": {
+      "name": "serviceName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "The name of the API Management service.",
+      "minLength": 1,
+      "maxLength": 50,
+      "pattern": "^[a-zA-Z](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?$",
+      "x-ms-parameter-location": "method"
+    },
+    "ApiManagementApiIdParameter": {
+      "name": "apiId",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "API revision identifier. Must be unique in the API Management service instance. Non-current revision has ;rev=n as a suffix where n is the revision number.",
+      "minLength": 1,
+      "maxLength": 256,
+      "pattern": "^[^*#&+:<>?]+$",
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/Microsoft.Security/stable/2024-01-01/pricings.json b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2024-01-01/pricings.json
new file mode 100644
index 000000000..3b9328ffb
--- /dev/null
+++ b/swagger-specs/security/resource-manager/Microsoft.Security/stable/2024-01-01/pricings.json
@@ -0,0 +1,508 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "title": "Microsoft Defender for Cloud",
+    "description": "API spec for Microsoft.Security (Microsoft Defender for Cloud) resource provider",
+    "version": "2024-01-01"
+  },
+  "host": "management.azure.com",
+  "schemes": [
+    "https"
+  ],
+  "consumes": [
+    "application/json"
+  ],
+  "produces": [
+    "application/json"
+  ],
+  "security": [
+    {
+      "azure_auth": [
+        "user_impersonation"
+      ]
+    }
+  ],
+  "securityDefinitions": {
+    "azure_auth": {
+      "type": "oauth2",
+      "authorizationUrl": "https://login.microsoftonline.com/common/oauth2/authorize",
+      "flow": "implicit",
+      "description": "Azure Active Directory OAuth2 Flow",
+      "scopes": {
+        "user_impersonation": "impersonate your user account"
+      }
+    }
+  },
+  "paths": {
+    "/{scopeId}/providers/Microsoft.Security/pricings/{pricingName}": {
+      "get": {
+        "x-ms-examples": {
+          "Get pricings on subscription - VirtualMachines plan": {
+            "$ref": "./examples/Pricings/GetPricingByNameVirtualMachines_example.json"
+          },
+          "Get pricings on resource - VirtualMachines plan": {
+            "$ref": "./examples/Pricings/GetResourcePricingByNameVirtualMachines_example.json"
+          },
+          "Get pricings on subscription - Dns plan": {
+            "$ref": "./examples/Pricings/GetPricingByNameDns_example.json"
+          },
+          "Get pricings on subscription - StorageAccounts plan": {
+            "$ref": "./examples/Pricings/GetPricingByNameStorageAccounts_example.json"
+          },
+          "Get pricings on subscription - Containers plan": {
+            "$ref": "./examples/Pricings/GetPricingByNameContainers_example.json"
+          },
+          "Get pricings on subscription - CloudPosture plan": {
+            "$ref": "./examples/Pricings/GetPricingByNameCloudPosture_example.json"
+          }
+        },
+        "tags": [
+          "Pricings"
+        ],
+        "description": "Get the Defender plans pricing configurations of the selected scope (valid scopes are resource id or a subscription id). At the resource level, supported resource types are 'VirtualMachines, VMSS and ARC Machines'.",
+        "operationId": "Pricings_Get",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ScopeId"
+          },
+          {
+            "$ref": "#/parameters/PricingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/Pricing"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "put": {
+        "x-ms-examples": {
+          "Update pricing on subscription (example for CloudPosture plan)": {
+            "$ref": "./examples/Pricings/PutPricingByName_example.json"
+          },
+          "Update pricing on subscription (example for VirtualMachines plan)": {
+            "$ref": "./examples/Pricings/PutPricingVMsByName_example.json"
+          },
+          "Update pricing on resource (example for VirtualMachines plan)": {
+            "$ref": "./examples/Pricings/PutResourcePricingByNameVirtualMachines_example.json"
+          },
+          "Update pricing on subscription (example for CloudPosture plan) - partial success": {
+            "$ref": "./examples/Pricings/PutPricingByNamePartialSuccess_example.json"
+          }
+        },
+        "tags": [
+          "Pricings"
+        ],
+        "description": "Updates a provided Microsoft Defender for Cloud pricing configuration in the scope. Valid scopes are: subscription id or a specific resource id (Supported resources are: 'VirtualMachines, VMSS and ARC Machines' and only for plan='VirtualMachines' and subPlan='P1').",
+        "operationId": "Pricings_Update",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ScopeId"
+          },
+          {
+            "$ref": "#/parameters/PricingName"
+          },
+          {
+            "$ref": "#/parameters/Pricing"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successfully updated",
+            "schema": {
+              "$ref": "#/definitions/Pricing"
+            }
+          },
+          "201": {
+            "description": "Successfully created.",
+            "schema": {
+              "$ref": "#/definitions/Pricing"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      },
+      "delete": {
+        "x-ms-examples": {
+          "Delete a pricing on resource": {
+            "$ref": "./examples/Pricings/DeleteResourcePricing_example.json"
+          }
+        },
+        "tags": [
+          "Pricings"
+        ],
+        "description": "Deletes a provided Microsoft Defender for Cloud pricing configuration in a specific resource. Valid only for resource scope (Supported resources are: 'VirtualMachines, VMSS and ARC MachinesS').",
+        "operationId": "Pricings_Delete",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ScopeResourceId"
+          },
+          {
+            "$ref": "#/parameters/PricingName"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Successfully deleted the pricing configuration of the resource."
+          },
+          "204": {
+            "description": "No Content - Pricing does not exist"
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    },
+    "/{scopeId}/providers/Microsoft.Security/pricings": {
+      "get": {
+        "x-ms-examples": {
+          "Get pricings on subscription": {
+            "$ref": "./examples/Pricings/ListPricings_example.json"
+          },
+          "Get pricings on subscription with plans filter": {
+            "$ref": "./examples/Pricings/ListPricingsWithPlanFilter_example.json"
+          },
+          "Get pricings on resource": {
+            "$ref": "./examples/Pricings/ListResourcePricings_example.json"
+          }
+        },
+        "tags": [
+          "Pricings"
+        ],
+        "description": "Lists Microsoft Defender for Cloud pricing configurations of the scopeId, that match the optional given $filter. Valid scopes are: subscription id or a specific resource id (Supported resources are: 'VirtualMachines, VMSS and ARC Machines'). Valid $filter is: 'name in ({planName1},{planName2},...)'. If $filter is not provided, the unfiltered list will be returned. If '$filter=name in (planName1,planName2)' is provided, the returned list includes the pricings set for 'planName1' and 'planName2' only.",
+        "operationId": "Pricings_List",
+        "parameters": [
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ApiVersion"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ScopeId"
+          },
+          {
+            "$ref": "../../../common/v1/types.json#/parameters/ODataFilter"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "OK",
+            "schema": {
+              "$ref": "#/definitions/PricingList"
+            }
+          },
+          "default": {
+            "description": "Error response describing why the operation failed.",
+            "schema": {
+              "$ref": "../../../common/v1/types.json#/definitions/CloudError"
+            }
+          }
+        }
+      }
+    }
+  },
+  "definitions": {
+    "PricingList": {
+      "type": "object",
+      "description": "List of pricing configurations response.",
+      "required": [
+        "value"
+      ],
+      "properties": {
+        "value": {
+          "type": "array",
+          "description": "List of pricing configurations",
+          "items": {
+            "$ref": "#/definitions/Pricing"
+          }
+        }
+      }
+    },
+    "Pricing": {
+      "type": "object",
+      "description": "Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.",
+      "properties": {
+        "properties": {
+          "x-ms-client-flatten": true,
+          "description": "Pricing data",
+          "$ref": "#/definitions/PricingProperties"
+        }
+      },
+      "allOf": [
+        {
+          "$ref": "../../../common/v1/types.json#/definitions/Resource"
+        }
+      ]
+    },
+    "PricingProperties": {
+      "type": "object",
+      "description": "Pricing properties for the relevant scope",
+      "properties": {
+        "pricingTier": {
+          "type": "string",
+          "description": "Indicates whether the Defender plan is enabled on the selected scope. Microsoft Defender for Cloud is provided in two pricing tiers: free and standard. The standard tier offers advanced security capabilities, while the free tier offers basic security features.",
+          "enum": [
+            "Free",
+            "Standard"
+          ],
+          "x-ms-enum": {
+            "name": "pricingTier",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Free",
+                "description": "Get free Microsoft Defender for Cloud experience with basic security features"
+              },
+              {
+                "value": "Standard",
+                "description": "Get the standard Microsoft Defender for Cloud experience with advanced security features"
+              }
+            ]
+          }
+        },
+        "subPlan": {
+          "type": "string",
+          "description": "The sub-plan selected for a Standard pricing configuration, when more than one sub-plan is available. Each sub-plan enables a set of security features. When not specified, full plan is applied. For VirtualMachines plan, available sub plans are 'P1' & 'P2', where for resource level only 'P1' sub plan is supported."
+        },
+        "freeTrialRemainingTime": {
+          "type": "string",
+          "format": "duration",
+          "readOnly": true,
+          "description": "The duration left for the subscriptions free trial period - in ISO 8601 format (e.g. P3Y6M4DT12H30M5S)."
+        },
+        "enablementTime": {
+          "type": "string",
+          "format": "date-time",
+          "readOnly": true,
+          "description": "Optional. If `pricingTier` is `Standard` then this property holds the date of the last time the `pricingTier` was set to `Standard`, when available (e.g 2023-03-01T12:42:42.1921106Z)."
+        },
+        "enforce": {
+          "type": "string",
+          "description": "If set to \"False\", it allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited=\"False\"). If set to \"True\", it prevents overrides and forces this pricing configuration on all the descendants of this scope. This field is only available for subscription-level pricing.",
+          "enum": [
+            "False",
+            "True"
+          ],
+          "x-ms-enum": {
+            "name": "enforce",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "False",
+                "description": "Allows the descendants of this scope to override the pricing configuration set on this scope (allows setting inherited=\"False\")"
+              },
+              {
+                "value": "True",
+                "description": "Prevents overrides and forces the current scope's pricing configuration to all descendants"
+              }
+            ]
+          }
+        },
+        "inherited": {
+          "type": "string",
+          "readOnly": true,
+          "description": "\"inherited\" = \"True\" indicates that the current scope inherits its pricing configuration from its parent. The ID of the parent scope that provides the inherited configuration is displayed in the \"inheritedFrom\" field. On the other hand, \"inherited\" = \"False\" indicates that the current scope has its own pricing configuration explicitly set, and does not inherit from its parent. This field is read only and available only for resource-level pricing.",
+          "enum": [
+            "True",
+            "False"
+          ],
+          "x-ms-enum": {
+            "name": "inherited",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "True",
+                "description": "Indicates that the current scope is inheriting its pricing configuration from its parent"
+              },
+              {
+                "value": "False",
+                "description": "Indicates that the current scope sets its own pricing configuration and does not inherit it from its parent"
+              }
+            ]
+          }
+        },
+        "inheritedFrom": {
+          "type": "string",
+          "readOnly": true,
+          "description": "The id of the scope inherited from. \"Null\" if not inherited. This field is only available for resource-level pricing."
+        },
+        "resourcesCoverageStatus": {
+          "type": "string",
+          "readOnly": true,
+          "description": "This field is available for subscription-level only, and reflects the coverage status of the resources under the subscription. Please note: The \"pricingTier\" field reflects the plan status of the subscription. However, since the plan status can also be defined at the resource level, there might be misalignment between the subscription's plan status and the resource status. This field helps indicate the coverage status of the resources.",
+          "enum": [
+            "FullyCovered",
+            "PartiallyCovered",
+            "NotCovered"
+          ],
+          "x-ms-enum": {
+            "name": "resourcesCoverageStatus",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "FullyCovered",
+                "description": "This value indicates that all resources associated with the subscription have the Defender plan enabled."
+              },
+              {
+                "value": "PartiallyCovered",
+                "description": "This value indicates that some resources under the subscription have the Defender plan enabled, while others have it disabled. There is a mixed coverage status among resources."
+              },
+              {
+                "value": "NotCovered",
+                "description": "This value indicates that the Defender plan is disabled for all resources under the subscription. None of the resources are protected by the Defender plan."
+              }
+            ]
+          }
+        },
+        "extensions": {
+          "type": "array",
+          "items": {
+            "$ref": "#/definitions/Extension"
+          },
+          "description": "Optional. List of extensions offered under a plan.",
+          "x-ms-identifiers": []
+        },
+        "deprecated": {
+          "type": "boolean",
+          "readOnly": true,
+          "description": "Optional. True if the plan is deprecated. If there are replacing plans they will appear in `replacedBy` property"
+        },
+        "replacedBy": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          },
+          "readOnly": true,
+          "description": "Optional. List of plans that replace this plan. This property exists only if this plan is deprecated."
+        }
+      },
+      "required": [
+        "pricingTier"
+      ]
+    },
+    "Extension": {
+      "type": "object",
+      "description": "A plan's extension properties",
+      "properties": {
+        "name": {
+          "type": "string",
+          "description": "The extension name. Supported values are: <br><br>**AgentlessDiscoveryForKubernetes** - Provides zero footprint, API-based discovery of Kubernetes clusters, their configurations and deployments. The collected data is used to create a contextualized security graph for Kubernetes clusters, provide risk hunting capabilities, and visualize risks and threats to  Kubernetes environments and workloads.<br>Available for CloudPosture plan and Containers plan.<br><br>**OnUploadMalwareScanning** - Limits the GB to be scanned per month for each storage account within the subscription. Once this limit reached on a given storage account, Blobs won't be scanned during current calendar month.<br>Available for StorageAccounts plan (DefenderForStorageV2 sub plans).<br><br>**SensitiveDataDiscovery** - Sensitive data discovery identifies Blob storage container with sensitive data such as credentials, credit cards, and more, to help prioritize and investigate security events.<br>Available for StorageAccounts plan (DefenderForStorageV2 sub plan) and CloudPosture plan.<br><br>**ContainerRegistriesVulnerabilityAssessments** - Provides vulnerability management for images stored in your container registries.<br>Available for CloudPosture plan and Containers plan.<br><br>**MdeDesignatedSubscription** - Direct onboarding is a seamless integration between Defender for Endpoint and Defender for Cloud that doesn’t require extra software deployment on your servers. The onboarded resources will be presented under a designated Azure Subscription you configure<br>Available for VirtualMachines plan (P1 and P2 sub plans).<br><br>**AgentlessVmScanning** - Scans your machines for installed software, vulnerabilities, malware and secret scanning without relying on agents or impacting machine performance. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/concept-agentless-data-collection.<br>Available for CloudPosture plan, VirtualMachines plan (P2 sub plan) and Containers plan.<br><br>**EntraPermissionsManagement** - Permissions Management provides Cloud Infrastructure Entitlement Management (CIEM) capabilities that helps organizations to manage and control user access and entitlements in their cloud infrastructure - important attack vector for cloud environments.<br>Permissions Management analyzes all permissions and active usage, and suggests recommendations to reduce permissions to enforce the principle of least privilege. Learn more here https://learn.microsoft.com/en-us/azure/defender-for-cloud/permissions-management.<br>Available for CloudPosture plan. <br><br>**FileIntegrityMonitoring** - File integrity monitoring (FIM), examines operating system files.<br>Windows registries, Linux system files, in real time, for changes that might indicate an attack.<br>Available for VirtualMachines plan (P2 sub plan). <br><br>**ContainerSensor** - The sensor is based on IG and provides a rich threat detection suite for Kubernetes clusters, nodes, and workloads, powered by Microsoft leading threat intelligence, provides mapping to MITRE ATT&CK framework.<br>Available for Containers plan. <br><br>**AIPromptEvidence** - Exposes the prompts passed between the user and the AI model as alert evidence. This helps classify and triage the alerts with relevant user context. The prompt snippets will include only segments of the user prompt or model response that were deemed suspicious and relevant for security classifications. The prompt evidence will be available through Defender portal as part of each alert.<br>Available for AI plan. <br><br>"
+        },
+        "isEnabled": {
+          "type": "string",
+          "description": "Indicates whether the extension is enabled.",
+          "enum": [
+            "True",
+            "False"
+          ],
+          "x-ms-enum": {
+            "name": "isEnabled",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "True",
+                "description": "Indicates the extension is enabled"
+              },
+              {
+                "value": "False",
+                "description": "Indicates the extension is disabled"
+              }
+            ]
+          }
+        },
+        "additionalExtensionProperties": {
+          "type": "object",
+          "description": "Property values associated with the extension.",
+          "additionalProperties": {}
+        },
+        "operationStatus": {
+          "type": "object",
+          "$ref": "#/definitions/OperationStatus",
+          "readOnly": true,
+          "description": "Optional. A status describing the success/failure of the extension's enablement/disablement operation."
+        }
+      },
+      "required": [
+        "name",
+        "isEnabled"
+      ]
+    },
+    "OperationStatus": {
+      "type": "object",
+      "description": "A status describing the success/failure of the extension's enablement/disablement operation.",
+      "properties": {
+        "code": {
+          "type": "string",
+          "description": "The operation status code.",
+          "enum": [
+            "Succeeded",
+            "Failed"
+          ],
+          "x-ms-enum": {
+            "name": "code",
+            "modelAsString": true,
+            "values": [
+              {
+                "value": "Succeeded",
+                "description": "Extension was created/updated successfully."
+              },
+              {
+                "value": "Failed",
+                "description": "Extension was not created/updated successfully. See operation status message for more details."
+              }
+            ]
+          }
+        },
+        "message": {
+          "type": "string",
+          "description": "Additional information regarding the success/failure of the operation."
+        }
+      }
+    }
+  },
+  "parameters": {
+    "PricingName": {
+      "name": "pricingName",
+      "in": "path",
+      "required": true,
+      "type": "string",
+      "description": "name of the pricing configuration",
+      "x-ms-parameter-location": "method"
+    },
+    "Pricing": {
+      "name": "pricing",
+      "in": "body",
+      "required": true,
+      "description": "Pricing object",
+      "schema": {
+        "$ref": "#/definitions/Pricing"
+      },
+      "x-ms-parameter-location": "method"
+    }
+  }
+}
diff --git a/swagger-specs/security/resource-manager/api-set.json b/swagger-specs/security/resource-manager/api-set.json
index 3421be239..27711ffdd 100644
--- a/swagger-specs/security/resource-manager/api-set.json
+++ b/swagger-specs/security/resource-manager/api-set.json
@@ -1 +1 @@
-{"addition_input_file_paths": [], "input_files": ["Microsoft.Security/stable/2024-08-01/securityStandards.json", "Microsoft.Security/stable/2024-08-01/standardAssignments.json", "Microsoft.Security/stable/2024-08-01/customRecommedations.json"], "name": "package-2024-08"}
\ No newline at end of file
+{"addition_input_file_paths": [], "input_files": ["Microsoft.Security/preview/2015-06-01-preview/locations.json", "Microsoft.Security/preview/2024-10-01-preview/operations.json", "Microsoft.Security/preview/2015-06-01-preview/tasks.json", "Microsoft.Security/preview/2017-08-01-preview/autoProvisioningSettings.json", "Microsoft.Security/preview/2017-08-01-preview/compliances.json", "Microsoft.Security/preview/2017-08-01-preview/informationProtectionPolicies.json", "Microsoft.Security/preview/2017-08-01-preview/workspaceSettings.json", "Microsoft.Security/preview/2019-01-01-preview/alertsSuppressionRules.json", "Microsoft.Security/preview/2019-01-01-preview/regulatoryCompliance.json", "Microsoft.Security/preview/2019-01-01-preview/subAssessments.json", "Microsoft.Security/preview/2020-01-01-preview/connectors.json", "Microsoft.Security/preview/2021-05-01-preview/softwareInventories.json", "Microsoft.Security/preview/2021-07-01-preview/customAssessmentAutomation.json", "Microsoft.Security/preview/2021-07-01-preview/customEntityStoreAssignment.json", "Microsoft.Security/preview/2021-10-01-preview/mdeOnboardings.json", "Microsoft.Security/preview/2022-01-01-preview/governanceAssignments.json", "Microsoft.Security/preview/2022-01-01-preview/governanceRules.json", "Microsoft.Security/preview/2022-07-01-preview/applications.json", "Microsoft.Security/preview/2024-10-01-preview/defenderForStorageSettings.json", "Microsoft.Security/preview/2023-01-01-preview/securityOperators.json", "Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsBaselineRuleOperations.json", "Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanOperations.json", "Microsoft.Security/preview/2023-02-01-preview/sqlVulnerabilityAssessmentsScanResultsOperations.json", "Microsoft.Security/preview/2023-02-15-preview/sensitivitySettings.json", "Microsoft.Security/preview/2023-05-01-preview/healthReports.json", "Microsoft.Security/preview/2023-12-01-preview/automations.json", "Microsoft.Security/preview/2023-12-01-preview/securityContacts.json", "Microsoft.Security/preview/2024-08-01-preview/securityConnectors.json", "Microsoft.Security/preview/2024-05-15-preview/securityConnectorsDevOps.json", "Microsoft.Security/stable/2017-08-01/complianceResults.json", "Microsoft.Security/stable/2019-01-01/advancedThreatProtectionSettings.json", "Microsoft.Security/stable/2019-08-01/deviceSecurityGroups.json", "Microsoft.Security/stable/2019-08-01/iotSecuritySolutionAnalytics.json", "Microsoft.Security/stable/2019-08-01/iotSecuritySolutions.json", "Microsoft.Security/stable/2020-01-01/allowedConnections.json", "Microsoft.Security/stable/2020-01-01/discoveredSecuritySolutions.json", "Microsoft.Security/stable/2020-01-01/externalSecuritySolutions.json", "Microsoft.Security/stable/2020-01-01/jitNetworkAccessPolicies.json", "Microsoft.Security/stable/2020-01-01/secureScore.json", "Microsoft.Security/stable/2020-01-01/SecuritySolutions.json", "Microsoft.Security/stable/2020-01-01/securitySolutionsReferenceData.json", "Microsoft.Security/stable/2020-01-01/serverVulnerabilityAssessments.json", "Microsoft.Security/stable/2020-01-01/topologies.json", "Microsoft.Security/stable/2021-06-01/assessmentMetadata.json", "Microsoft.Security/stable/2021-06-01/assessments.json", "Microsoft.Security/stable/2022-01-01/alerts.json", "Microsoft.Security/stable/2022-05-01/settings.json", "Microsoft.Security/stable/2023-05-01/ServerVulnerabilityAssessmentsSettings.json", "Microsoft.Security/stable/2023-11-15/apiCollections.json", "Microsoft.Security/stable/2024-01-01/pricings.json", "Microsoft.Security/stable/2024-08-01/securityStandards.json", "Microsoft.Security/stable/2024-08-01/standardAssignments.json", "Microsoft.Security/stable/2024-08-01/customRecommedations.json"], "name": "package-composite-v3"}
\ No newline at end of file
diff --git a/swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/api-set.json b/swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/api-set.json
index 496edc954..9ed5ac35c 100644
--- a/swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/api-set.json
+++ b/swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/api-set.json
@@ -1 +1 @@
-{"addition_input_file_paths": [], "input_files": ["stable/2025-01-05/DataLakeStorage.json"], "name": "package-2025-01"}
\ No newline at end of file
+{"addition_input_file_paths": [], "input_files": ["stable/2025-05-05/DataLakeStorage.json"], "name": "package-2025-05"}
\ No newline at end of file
diff --git a/swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/stable/2025-01-05/DataLakeStorage.json b/swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/stable/2025-05-05/DataLakeStorage.json
similarity index 99%
rename from swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/stable/2025-01-05/DataLakeStorage.json
rename to swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/stable/2025-05-05/DataLakeStorage.json
index 05675f80e..8a350de89 100644
--- a/swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/stable/2025-01-05/DataLakeStorage.json
+++ b/swagger-specs/storage/data-plane/Azure.Storage.Files.DataLake/stable/2025-05-05/DataLakeStorage.json
@@ -3,7 +3,7 @@
   "info": {
     "description": "Azure Data Lake Storage provides storage for Hadoop and other big data workloads.",
     "title": "Azure Data Lake Storage REST API",
-    "version": "2025-01-05",
+    "version": "2025-05-05",
     "x-ms-code-generation-settings": {
       "internalConstructors": true,
       "name": "DataLakeStorageClient",
@@ -2585,7 +2585,7 @@
       "type": "string",
       "description": "Specifies the version of the operation to use for this request.",
       "enum": [
-        "2025-01-05"
+        "2025-05-05"
       ]
     },
     "accountName": {
diff --git a/swagger-specs/storage/data-plane/Microsoft.FileStorage/api-set.json b/swagger-specs/storage/data-plane/Microsoft.FileStorage/api-set.json
index eca997d0e..833a6d325 100644
--- a/swagger-specs/storage/data-plane/Microsoft.FileStorage/api-set.json
+++ b/swagger-specs/storage/data-plane/Microsoft.FileStorage/api-set.json
@@ -1 +1 @@
-{"addition_input_file_paths": [], "input_files": ["stable/2025-01-05/file.json"], "name": "package-2025-01"}
\ No newline at end of file
+{"addition_input_file_paths": [], "input_files": ["stable/2025-05-05/file.json"], "name": "package-2025-05"}
\ No newline at end of file
diff --git a/swagger-specs/storage/data-plane/Microsoft.FileStorage/stable/2025-01-05/file.json b/swagger-specs/storage/data-plane/Microsoft.FileStorage/stable/2025-05-05/file.json
similarity index 90%
rename from swagger-specs/storage/data-plane/Microsoft.FileStorage/stable/2025-01-05/file.json
rename to swagger-specs/storage/data-plane/Microsoft.FileStorage/stable/2025-05-05/file.json
index 904e16082..95491bb71 100644
--- a/swagger-specs/storage/data-plane/Microsoft.FileStorage/stable/2025-01-05/file.json
+++ b/swagger-specs/storage/data-plane/Microsoft.FileStorage/stable/2025-05-05/file.json
@@ -2,7 +2,7 @@
   "swagger": "2.0",
   "info": {
     "title": "Azure File Storage",
-    "version": "2025-01-05",
+    "version": "2025-05-05",
     "x-ms-code-generation-settings": {
       "header": "MIT",
       "strictSpecAdherence": false
@@ -2239,6 +2239,15 @@
           },
           {
             "$ref": "#/parameters/FileRequestIntent"
+          },
+          {
+            "$ref": "#/parameters/Owner"
+          },
+          {
+            "$ref": "#/parameters/Group"
+          },
+          {
+            "$ref": "#/parameters/FileMode"
           }
         ],
         "responses": {
@@ -2311,6 +2320,35 @@
                 "x-ms-client-name": "FileParentId",
                 "type": "string",
                 "description": "The parent fileId of the directory."
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
+              },
+              "x-ms-file-file-type": {
+                "x-ms-client-name": "nfsFileType",
+                "description": "NFS only. Type of the file or directory.",
+                "type": "string",
+                "enum": [
+                  "Regular",
+                  "Directory",
+                  "SymLink"
+                ],
+                "x-ms-enum": {
+                  "name": "NfsFileType",
+                  "modelAsString": true
+                }
               }
             }
           },
@@ -2424,6 +2462,35 @@
                 "x-ms-client-name": "FileParentId",
                 "type": "string",
                 "description": "The parent fileId of the directory."
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
+              },
+              "x-ms-file-file-type": {
+                "x-ms-client-name": "nfsFileType",
+                "description": "NFS only. Type of the file or directory.",
+                "type": "string",
+                "enum": [
+                  "Regular",
+                  "Directory",
+                  "SymLink"
+                ],
+                "x-ms-enum": {
+                  "name": "NfsFileType",
+                  "modelAsString": true
+                }
               }
             }
           },
@@ -2555,6 +2622,15 @@
           },
           {
             "$ref": "#/parameters/FileRequestIntent"
+          },
+          {
+            "$ref": "#/parameters/Owner"
+          },
+          {
+            "$ref": "#/parameters/Group"
+          },
+          {
+            "$ref": "#/parameters/FileMode"
           }
         ],
         "responses": {
@@ -2627,6 +2703,21 @@
                 "x-ms-client-name": "FileParentId",
                 "type": "string",
                 "description": "The parent fileId of the directory."
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
               }
             }
           },
@@ -3331,6 +3422,18 @@
           },
           {
             "$ref": "#/parameters/FileRequestIntent"
+          },
+          {
+            "$ref": "#/parameters/Owner"
+          },
+          {
+            "$ref": "#/parameters/Group"
+          },
+          {
+            "$ref": "#/parameters/FileMode"
+          },
+          {
+            "$ref": "#/parameters/NfsFileType"
           }
         ],
         "responses": {
@@ -3403,6 +3506,35 @@
                 "x-ms-client-name": "FileParentId",
                 "type": "string",
                 "description": "The parent fileId of the file."
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
+              },
+              "x-ms-file-file-type": {
+                "x-ms-client-name": "nfsFileType",
+                "description": "NFS only. Type of the file or directory.",
+                "type": "string",
+                "enum": [
+                  "Regular",
+                  "Directory",
+                  "SymLink"
+                ],
+                "x-ms-enum": {
+                  "name": "NfsFileType",
+                  "modelAsString": true
+                }
               }
             }
           },
@@ -3663,6 +3795,27 @@
                 "type": "integer",
                 "format": "int64",
                 "description": "The length of the blob/file content inside the message body when the response body is returned as a structured message. Will always be smaller than Content-Length."
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
+              },
+              "x-ms-link-count": {
+                "x-ms-client-name": "linkCount",
+                "type": "integer",
+                "format": "int64",
+                "description": "NFS only. The link count of the file or directory."
               }
             },
             "schema": {
@@ -3883,6 +4036,27 @@
                 "type": "integer",
                 "format": "int64",
                 "description": "The length of the blob/file content inside the message body when the response body is returned as a structured message. Will always be smaller than Content-Length."
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
+              },
+              "x-ms-link-count": {
+                "x-ms-client-name": "linkCount",
+                "type": "integer",
+                "format": "int64",
+                "description": "NFS only. The link count of the file or directory."
               }
             },
             "schema": {
@@ -4124,6 +4298,41 @@
                   "name": "LeaseStatusType",
                   "modelAsString": false
                 }
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
+              },
+              "x-ms-link-count": {
+                "x-ms-client-name": "linkCount",
+                "type": "integer",
+                "format": "int64",
+                "description": "NFS only. The link count of the file or directory."
+              },
+              "x-ms-file-file-type": {
+                "x-ms-client-name": "nfsFileType",
+                "description": "NFS only. Type of the file or directory.",
+                "type": "string",
+                "enum": [
+                  "Regular",
+                  "Directory",
+                  "SymLink"
+                ],
+                "x-ms-enum": {
+                  "name": "NfsFileType",
+                  "modelAsString": true
+                }
               }
             }
           },
@@ -4179,6 +4388,12 @@
                 "type": "string",
                 "format": "date-time-rfc1123",
                 "description": "A UTC date/time value generated by the service that indicates the time at which the response was initiated."
+              },
+              "x-ms-link-count": {
+                "x-ms-client-name": "linkCount",
+                "type": "integer",
+                "format": "int64",
+                "description": "NFS only. The link count of the file or directory."
               }
             }
           },
@@ -4281,6 +4496,15 @@
           },
           {
             "$ref": "#/parameters/FileRequestIntent"
+          },
+          {
+            "$ref": "#/parameters/Owner"
+          },
+          {
+            "$ref": "#/parameters/Group"
+          },
+          {
+            "$ref": "#/parameters/FileMode"
           }
         ],
         "responses": {
@@ -4353,6 +4577,27 @@
                 "x-ms-client-name": "FileParentId",
                 "type": "string",
                 "description": "The parent fileId of the directory."
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
+              },
+              "x-ms-link-count": {
+                "x-ms-client-name": "linkCount",
+                "type": "integer",
+                "format": "int64",
+                "description": "NFS only. The link count of the file or directory."
               }
             }
           },
@@ -5435,6 +5680,21 @@
           },
           {
             "$ref": "#/parameters/FileRequestIntent"
+          },
+          {
+            "$ref": "#/parameters/Owner"
+          },
+          {
+            "$ref": "#/parameters/Group"
+          },
+          {
+            "$ref": "#/parameters/FileMode"
+          },
+          {
+            "$ref": "#/parameters/FileCopyModeCopyMode"
+          },
+          {
+            "$ref": "#/parameters/FileCopyOwnerCopyMode"
           }
         ],
         "responses": {
@@ -5970,140 +6230,550 @@
           ]
         }
       ]
-    }
-  },
-  "definitions": {
-    "AccessRight": {
-      "description": "Access rights of the access policy.",
-      "type": "string",
-      "enum": [
-        "Read",
-        "Write",
-        "Delete"
-      ],
-      "x-ms-enum": {
-        "name": "AccessRight",
-        "modelAsString": false
-      }
-    },
-    "AccessPolicy": {
-      "description": "An Access policy.",
-      "type": "object",
-      "properties": {
-        "Start": {
-          "description": "The date-time the policy is active.",
-          "type": "string",
-          "format": "date-time"
-        },
-        "Expiry": {
-          "description": "The date-time the policy expires.",
-          "type": "string",
-          "format": "date-time"
-        },
-        "Permission": {
-          "description": "The permissions for the ACL policy.",
-          "type": "string"
-        }
-      }
-    },
-    "CorsRule": {
-      "description": "CORS is an HTTP feature that enables a web application running under one domain to access resources in another domain. Web browsers implement a security restriction known as same-origin policy that prevents a web page from calling APIs in a different domain; CORS provides a secure way to allow one domain (the origin domain) to call APIs in another domain.",
-      "type": "object",
-      "required": [
-        "AllowedOrigins",
-        "AllowedMethods",
-        "AllowedHeaders",
-        "ExposedHeaders",
-        "MaxAgeInSeconds"
-      ],
-      "properties": {
-        "AllowedOrigins": {
-          "description": "The origin domains that are permitted to make a request against the storage service via CORS. The origin domain is the domain from which the request originates. Note that the origin must be an exact case-sensitive match with the origin that the user age sends to the service. You can also use the wildcard character '*' to allow all origin domains to make requests via CORS.",
-          "type": "string"
-        },
-        "AllowedMethods": {
-          "description": "The methods (HTTP request verbs) that the origin domain may use for a CORS request. (comma separated)",
-          "type": "string"
-        },
-        "AllowedHeaders": {
-          "description": "The request headers that the origin domain may specify on the CORS request.",
-          "type": "string"
-        },
-        "ExposedHeaders": {
-          "description": "The response headers that may be sent in the response to the CORS request and exposed by the browser to the request issuer.",
-          "type": "string"
-        },
-        "MaxAgeInSeconds": {
-          "description": "The maximum amount time that a browser should cache the preflight OPTIONS request.",
-          "type": "integer",
-          "minimum": 0
-        }
-      }
     },
-    "ErrorCode": {
-      "description": "Error codes returned by the service",
-      "type": "string",
-      "enum": [
-        "AccountAlreadyExists",
-        "AccountBeingCreated",
-        "AccountIsDisabled",
-        "AuthenticationFailed",
-        "AuthorizationFailure",
-        "ConditionHeadersNotSupported",
-        "ConditionNotMet",
-        "EmptyMetadataKey",
-        "FileShareProvisionedBandwidthDowngradeNotAllowed",
-        "FileShareProvisionedIopsDowngradeNotAllowed",
-        "InsufficientAccountPermissions",
-        "InternalError",
-        "InvalidAuthenticationInfo",
-        "InvalidHeaderValue",
-        "InvalidHttpVerb",
-        "InvalidInput",
-        "InvalidMd5",
-        "InvalidMetadata",
-        "InvalidQueryParameterValue",
-        "InvalidRange",
-        "InvalidResourceName",
-        "InvalidUri",
-        "InvalidXmlDocument",
-        "InvalidXmlNodeValue",
-        "Md5Mismatch",
-        "MetadataTooLarge",
-        "MissingContentLengthHeader",
-        "MissingRequiredQueryParameter",
-        "MissingRequiredHeader",
-        "MissingRequiredXmlNode",
-        "MultipleConditionHeadersNotSupported",
-        "OperationTimedOut",
-        "OutOfRangeInput",
-        "OutOfRangeQueryParameterValue",
-        "RequestBodyTooLarge",
-        "ResourceTypeMismatch",
-        "RequestUrlFailedToParse",
-        "ResourceAlreadyExists",
-        "ResourceNotFound",
-        "ServerBusy",
-        "UnsupportedHeader",
-        "UnsupportedXmlNode",
-        "UnsupportedQueryParameter",
-        "UnsupportedHttpVerb",
-        "CannotDeleteFileOrDirectory",
-        "ClientCacheFlushDelay",
-        "DeletePending",
-        "DirectoryNotEmpty",
-        "FileLockConflict",
-        "InvalidFileOrDirectoryPathName",
-        "ParentNotFound",
-        "ReadOnlyAttribute",
-        "ShareAlreadyExists",
-        "ShareBeingDeleted",
-        "ShareDisabled",
-        "ShareNotFound",
-        "SharingViolation",
-        "ShareSnapshotInProgress",
-        "ShareSnapshotCountExceeded",
-        "ShareSnapshotOperationNotSupported",
+    "/{shareName}/{directory}/{fileName}?restype=symboliclink": {
+      "put": {
+        "tags": [
+          "file"
+        ],
+        "operationId": "File_CreateSymbolicLink",
+        "description": "Creates a symbolic link.",
+        "parameters": [
+          {
+            "$ref": "#/parameters/Timeout"
+          },
+          {
+            "$ref": "#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "#/parameters/Metadata"
+          },
+          {
+            "$ref": "#/parameters/FileCreationTime"
+          },
+          {
+            "$ref": "#/parameters/FileLastWriteTime"
+          },
+          {
+            "$ref": "#/parameters/ClientRequestId"
+          },
+          {
+            "$ref": "#/parameters/LeaseIdOptional"
+          },
+          {
+            "$ref": "#/parameters/Owner"
+          },
+          {
+            "$ref": "#/parameters/Group"
+          },
+          {
+            "$ref": "#/parameters/LinkText"
+          },
+          {
+            "$ref": "#/parameters/FileRequestIntent"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Success, symbolic link created.",
+            "headers": {
+              "ETag": {
+                "type": "string",
+                "description": "The ETag contains a value which represents the version of the file, in quotes."
+              },
+              "Last-Modified": {
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "Returns the date and time the share was last modified. Any operation that modifies the directory or its properties updates the last modified time. Operations on files do not affect the last modified time of the directory."
+              },
+              "x-ms-request-id": {
+                "x-ms-client-name": "RequestId",
+                "type": "string",
+                "description": "This header uniquely identifies the request that was made and can be used for troubleshooting the request."
+              },
+              "x-ms-version": {
+                "x-ms-client-name": "Version",
+                "type": "string",
+                "description": "Indicates the version of the File service used to execute the request."
+              },
+              "Date": {
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "A UTC date/time value generated by the service that indicates the time at which the response was initiated."
+              },
+              "x-ms-file-creation-time": {
+                "x-ms-client-name": "FileCreationTime",
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "Creation time for the file."
+              },
+              "x-ms-file-last-write-time": {
+                "x-ms-client-name": "FileLastWriteTime",
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "Last write time for the file."
+              },
+              "x-ms-file-change-time": {
+                "x-ms-client-name": "FileChangeTime",
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "Change time for the file."
+              },
+              "x-ms-file-id": {
+                "x-ms-client-name": "FileId",
+                "type": "string",
+                "description": "The fileId of the file."
+              },
+              "x-ms-file-parent-id": {
+                "x-ms-client-name": "FileParentId",
+                "type": "string",
+                "description": "The parent fileId of the directory."
+              },
+              "x-ms-client-request-id": {
+                "x-ms-client-name": "ClientRequestId",
+                "type": "string",
+                "description": "If a client request id header is sent in the request, this header will be present in the response with the same value."
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
+              },
+              "x-ms-file-file-type": {
+                "x-ms-client-name": "nfsFileType",
+                "description": "NFS only. Type of the file or directory.",
+                "type": "string",
+                "enum": [
+                  "Regular",
+                  "Directory",
+                  "SymLink"
+                ],
+                "x-ms-enum": {
+                  "name": "NfsFileType",
+                  "modelAsString": true
+                }
+              }
+            }
+          },
+          "default": {
+            "description": "Failure",
+            "headers": {
+              "x-ms-error-code": {
+                "x-ms-client-name": "ErrorCode",
+                "type": "string"
+              }
+            },
+            "schema": {
+              "$ref": "#/definitions/StorageError"
+            }
+          }
+        }
+      },
+      "get": {
+        "tags": [
+          "file"
+        ],
+        "operationId": "File_GetSymbolicLink",
+        "parameters": [
+          {
+            "$ref": "#/parameters/Timeout"
+          },
+          {
+            "$ref": "#/parameters/ShareSnapshot"
+          },
+          {
+            "$ref": "#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "#/parameters/ClientRequestId"
+          },
+          {
+            "$ref": "#/parameters/FileRequestIntent"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Succeeded, read SymLink.",
+            "headers": {
+              "ETag": {
+                "type": "string",
+                "description": "The ETag contains a value which represents the version of the file, in quotes."
+              },
+              "Last-Modified": {
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "Returns the date and time the share was last modified. Any operation that modifies the directory or its properties updates the last modified time. Operations on files do not affect the last modified time of the directory."
+              },
+              "x-ms-request-id": {
+                "x-ms-client-name": "RequestId",
+                "type": "string",
+                "description": "This header uniquely identifies the request that was made and can be used for troubleshooting the request."
+              },
+              "x-ms-version": {
+                "x-ms-client-name": "Version",
+                "type": "string",
+                "description": "Indicates the version of the File service used to execute the request."
+              },
+              "Date": {
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "A UTC date/time value generated by the service that indicates the time at which the response was initiated."
+              },
+              "x-ms-link-text": {
+                "x-ms-client-name": "linkText",
+                "type": "string",
+                "description": "The path to the original file, the symbolic link is pointing to. The path is of type string which is not resolved and is stored as is. The path can be absolute path or the relative path depending on the content stored in the symbolic link file."
+              },
+              "x-ms-client-request-id": {
+                "x-ms-client-name": "ClientRequestId",
+                "type": "string",
+                "description": "If a client request id header is sent in the request, this header will be present in the response with the same value."
+              }
+            }
+          },
+          "default": {
+            "description": "Failure",
+            "headers": {
+              "x-ms-error-code": {
+                "x-ms-client-name": "ErrorCode",
+                "type": "string"
+              }
+            },
+            "schema": {
+              "$ref": "#/definitions/StorageError"
+            }
+          }
+        }
+      },
+      "parameters": [
+        {
+          "$ref": "#/parameters/ShareName"
+        },
+        {
+          "$ref": "#/parameters/DirectoryPath"
+        },
+        {
+          "$ref": "#/parameters/FilePath"
+        },
+        {
+          "name": "restype",
+          "description": "restype",
+          "in": "query",
+          "required": true,
+          "type": "string",
+          "enum": [
+            "symboliclink"
+          ]
+        }
+      ]
+    },
+    "/{shareName}/{directory}/{fileName}?restype=hardlink": {
+      "put": {
+        "tags": [
+          "file"
+        ],
+        "operationId": "File_CreateHardLink",
+        "description": "Creates a hard link.",
+        "parameters": [
+          {
+            "$ref": "#/parameters/Timeout"
+          },
+          {
+            "$ref": "#/parameters/ApiVersionParameter"
+          },
+          {
+            "$ref": "#/parameters/FileType"
+          },
+          {
+            "$ref": "#/parameters/ClientRequestId"
+          },
+          {
+            "$ref": "#/parameters/LeaseIdOptional"
+          },
+          {
+            "$ref": "#/parameters/TargetFile"
+          },
+          {
+            "$ref": "#/parameters/FileRequestIntent"
+          }
+        ],
+        "responses": {
+          "201": {
+            "description": "Success, hard link created",
+            "headers": {
+              "ETag": {
+                "type": "string",
+                "description": "The ETag contains a value which represents the version of the file, in quotes."
+              },
+              "Last-Modified": {
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "Returns the date and time the share was last modified. Any operation that modifies the directory or its properties updates the last modified time. Operations on files do not affect the last modified time of the directory."
+              },
+              "x-ms-request-id": {
+                "x-ms-client-name": "RequestId",
+                "type": "string",
+                "description": "This header uniquely identifies the request that was made and can be used for troubleshooting the request."
+              },
+              "x-ms-version": {
+                "x-ms-client-name": "Version",
+                "type": "string",
+                "description": "Indicates the version of the File service used to execute the request."
+              },
+              "Date": {
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "A UTC date/time value generated by the service that indicates the time at which the response was initiated."
+              },
+              "x-ms-file-creation-time": {
+                "x-ms-client-name": "FileCreationTime",
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "Creation time for the file."
+              },
+              "x-ms-file-last-write-time": {
+                "x-ms-client-name": "FileLastWriteTime",
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "Last write time for the file."
+              },
+              "x-ms-file-change-time": {
+                "x-ms-client-name": "FileChangeTime",
+                "type": "string",
+                "format": "date-time-rfc1123",
+                "description": "Change time for the file."
+              },
+              "x-ms-file-id": {
+                "x-ms-client-name": "FileId",
+                "type": "string",
+                "description": "The fileId of the file."
+              },
+              "x-ms-file-parent-id": {
+                "x-ms-client-name": "FileParentId",
+                "type": "string",
+                "description": "The parent fileId of the directory."
+              },
+              "x-ms-client-request-id": {
+                "x-ms-client-name": "ClientRequestId",
+                "type": "string",
+                "description": "If a client request id header is sent in the request, this header will be present in the response with the same value."
+              },
+              "x-ms-link-count": {
+                "x-ms-client-name": "linkCount",
+                "type": "integer",
+                "format": "int64",
+                "description": "NFS only. The link count of the file or directory."
+              },
+              "x-ms-mode": {
+                "x-ms-client-name": "fileMode",
+                "type": "string",
+                "description": "NFS only. The mode of the file or directory."
+              },
+              "x-ms-owner": {
+                "x-ms-client-name": "owner",
+                "type": "string",
+                "description": "NFS only. The owner of the file or directory."
+              },
+              "x-ms-group": {
+                "x-ms-client-name": "group",
+                "type": "string",
+                "description": "NFS only. The owning group of the file or directory."
+              },
+              "x-ms-file-file-type": {
+                "x-ms-client-name": "nfsFileType",
+                "description": "NFS only. Type of the file or directory.",
+                "type": "string",
+                "enum": [
+                  "Regular",
+                  "Directory",
+                  "SymLink"
+                ],
+                "x-ms-enum": {
+                  "name": "NfsFileType",
+                  "modelAsString": true
+                }
+              }
+            }
+          },
+          "default": {
+            "description": "Failure",
+            "headers": {
+              "x-ms-error-code": {
+                "x-ms-client-name": "ErrorCode",
+                "type": "string"
+              }
+            },
+            "schema": {
+              "$ref": "#/definitions/StorageError"
+            }
+          }
+        }
+      },
+      "parameters": [
+        {
+          "$ref": "#/parameters/ShareName"
+        },
+        {
+          "$ref": "#/parameters/DirectoryPath"
+        },
+        {
+          "$ref": "#/parameters/FilePath"
+        },
+        {
+          "name": "restype",
+          "description": "restype",
+          "in": "query",
+          "required": true,
+          "type": "string",
+          "enum": [
+            "hardlink"
+          ]
+        }
+      ]
+    }
+  },
+  "definitions": {
+    "AccessRight": {
+      "description": "Access rights of the access policy.",
+      "type": "string",
+      "enum": [
+        "Read",
+        "Write",
+        "Delete"
+      ],
+      "x-ms-enum": {
+        "name": "AccessRight",
+        "modelAsString": false
+      }
+    },
+    "AccessPolicy": {
+      "description": "An Access policy.",
+      "type": "object",
+      "properties": {
+        "Start": {
+          "description": "The date-time the policy is active.",
+          "type": "string",
+          "format": "date-time"
+        },
+        "Expiry": {
+          "description": "The date-time the policy expires.",
+          "type": "string",
+          "format": "date-time"
+        },
+        "Permission": {
+          "description": "The permissions for the ACL policy.",
+          "type": "string"
+        }
+      }
+    },
+    "CorsRule": {
+      "description": "CORS is an HTTP feature that enables a web application running under one domain to access resources in another domain. Web browsers implement a security restriction known as same-origin policy that prevents a web page from calling APIs in a different domain; CORS provides a secure way to allow one domain (the origin domain) to call APIs in another domain.",
+      "type": "object",
+      "required": [
+        "AllowedOrigins",
+        "AllowedMethods",
+        "AllowedHeaders",
+        "ExposedHeaders",
+        "MaxAgeInSeconds"
+      ],
+      "properties": {
+        "AllowedOrigins": {
+          "description": "The origin domains that are permitted to make a request against the storage service via CORS. The origin domain is the domain from which the request originates. Note that the origin must be an exact case-sensitive match with the origin that the user age sends to the service. You can also use the wildcard character '*' to allow all origin domains to make requests via CORS.",
+          "type": "string"
+        },
+        "AllowedMethods": {
+          "description": "The methods (HTTP request verbs) that the origin domain may use for a CORS request. (comma separated)",
+          "type": "string"
+        },
+        "AllowedHeaders": {
+          "description": "The request headers that the origin domain may specify on the CORS request.",
+          "type": "string"
+        },
+        "ExposedHeaders": {
+          "description": "The response headers that may be sent in the response to the CORS request and exposed by the browser to the request issuer.",
+          "type": "string"
+        },
+        "MaxAgeInSeconds": {
+          "description": "The maximum amount time that a browser should cache the preflight OPTIONS request.",
+          "type": "integer",
+          "minimum": 0
+        }
+      }
+    },
+    "ErrorCode": {
+      "description": "Error codes returned by the service",
+      "type": "string",
+      "enum": [
+        "AccountAlreadyExists",
+        "AccountBeingCreated",
+        "AccountIsDisabled",
+        "AuthenticationFailed",
+        "AuthorizationFailure",
+        "ConditionHeadersNotSupported",
+        "ConditionNotMet",
+        "EmptyMetadataKey",
+        "FileShareProvisionedBandwidthDowngradeNotAllowed",
+        "FileShareProvisionedIopsDowngradeNotAllowed",
+        "InsufficientAccountPermissions",
+        "InternalError",
+        "InvalidAuthenticationInfo",
+        "InvalidHeaderValue",
+        "InvalidHttpVerb",
+        "InvalidInput",
+        "InvalidMd5",
+        "InvalidMetadata",
+        "InvalidQueryParameterValue",
+        "InvalidRange",
+        "InvalidResourceName",
+        "InvalidUri",
+        "InvalidXmlDocument",
+        "InvalidXmlNodeValue",
+        "Md5Mismatch",
+        "MetadataTooLarge",
+        "MissingContentLengthHeader",
+        "MissingRequiredQueryParameter",
+        "MissingRequiredHeader",
+        "MissingRequiredXmlNode",
+        "MultipleConditionHeadersNotSupported",
+        "OperationTimedOut",
+        "OutOfRangeInput",
+        "OutOfRangeQueryParameterValue",
+        "RequestBodyTooLarge",
+        "ResourceTypeMismatch",
+        "RequestUrlFailedToParse",
+        "ResourceAlreadyExists",
+        "ResourceNotFound",
+        "ServerBusy",
+        "UnsupportedHeader",
+        "UnsupportedXmlNode",
+        "UnsupportedQueryParameter",
+        "UnsupportedHttpVerb",
+        "CannotDeleteFileOrDirectory",
+        "ClientCacheFlushDelay",
+        "DeletePending",
+        "DirectoryNotEmpty",
+        "FileLockConflict",
+        "InvalidFileOrDirectoryPathName",
+        "ParentNotFound",
+        "ReadOnlyAttribute",
+        "ShareAlreadyExists",
+        "ShareBeingDeleted",
+        "ShareDisabled",
+        "ShareNotFound",
+        "SharingViolation",
+        "ShareSnapshotInProgress",
+        "ShareSnapshotCountExceeded",
+        "ShareSnapshotOperationNotSupported",
         "ShareHasSnapshots",
         "PreviousSnapshotNotFound",
         "ContainerQuotaDowngradeNotAllowed",
@@ -6934,7 +7604,7 @@
       "required": true,
       "type": "string",
       "enum": [
-        "2025-01-05"
+        "2025-05-05"
       ]
     },
     "ClientRequestId": {
@@ -7097,6 +7767,40 @@
       },
       "description": "Specifies the option to set archive attribute on a target file. True means archive attribute will be set on a target file despite attribute overrides or a source file state."
     },
+    "FileCopyModeCopyMode": {
+      "name": "x-ms-file-mode-copy-mode",
+      "x-ms-client-name": "fileModeCopyMode",
+      "in": "header",
+      "required": false,
+      "type": "string",
+      "enum": [
+        "source",
+        "override"
+      ],
+      "x-ms-enum": {
+        "name": "ModeCopyMode",
+        "modelAsString": false
+      },
+      "x-ms-parameter-location": "method",
+      "description": "NFS only. Applicable only when the copy source is a File. Determines the copy behavior of the mode bits of the file. source: The mode on the destination file is copied from the source file. override: The mode on the destination file is determined via the x-ms-mode header."
+    },
+    "FileCopyOwnerCopyMode": {
+      "name": "x-ms-file-owner-copy-mode",
+      "x-ms-client-name": "fileOwnerCopyMode",
+      "in": "header",
+      "required": false,
+      "type": "string",
+      "enum": [
+        "source",
+        "override"
+      ],
+      "x-ms-enum": {
+        "name": "OwnerCopyMode",
+        "modelAsString": false
+      },
+      "x-ms-parameter-location": "method",
+      "description": "NFS only. Determines the copy behavior of the owner user identifier (UID) and group identifier (GID) of the file. source: The owner user identifier (UID) and group identifier (GID) on the destination file is copied from the source file. override: The owner user identifier (UID) and group identifier (GID) on the destination file is determined via the x-ms-owner and x-ms-group  headers."
+    },
     "DeletedShareName": {
       "name": "x-ms-deleted-share-name",
       "x-ms-client-name": "DeletedShareName",
@@ -7183,7 +7887,7 @@
       "x-ms-client-name": "FileAttributes",
       "in": "header",
       "description": "If specified, the provided file attributes shall be set. Default value: ‘Archive’ for file and ‘Directory’ for directory. ‘None’ can also be specified as default.",
-      "required": true,
+      "required": false,
       "type": "string",
       "x-ms-parameter-location": "method"
     },
@@ -7880,6 +8584,69 @@
       "in": "header",
       "required": false,
       "type": "boolean"
+    },
+    "Owner": {
+      "name": "x-ms-owner",
+      "x-ms-client-name": "owner",
+      "in": "header",
+      "required": false,
+      "type": "string",
+      "description": "Optional, NFS only. The owner of the file or directory.",
+      "x-ms-parameter-location": "method"
+    },
+    "Group": {
+      "name": "x-ms-group",
+      "x-ms-client-name": "group",
+      "in": "header",
+      "required": false,
+      "type": "string",
+      "description": "Optional, NFS only. The owning group of the file or directory.",
+      "x-ms-parameter-location": "method"
+    },
+    "FileMode": {
+      "name": "x-ms-mode",
+      "x-ms-client-name": "fileMode",
+      "in": "header",
+      "required": false,
+      "type": "string",
+      "description": "Optional, NFS only. The file mode of the file or directory",
+      "x-ms-parameter-location": "method"
+    },
+    "NfsFileType": {
+      "name": "x-ms-file-file-type",
+      "x-ms-client-name": "nfsFileType",
+      "in": "header",
+      "required": false,
+      "description": "Optional, NFS only. Type of the file or directory.",
+      "type": "string",
+      "enum": [
+        "Regular",
+        "Directory",
+        "SymLink"
+      ],
+      "x-ms-enum": {
+        "name": "NfsFileType",
+        "modelAsString": true
+      },
+      "x-ms-parameter-location": "method"
+    },
+    "LinkText": {
+      "name": "x-ms-link-text",
+      "x-ms-client-name": "linkText",
+      "in": "header",
+      "required": true,
+      "description": "NFS only. Required. The path to the original file, the symbolic link is pointing to. The path is of type string which is not resolved and is stored as is. The path can be absolute path or the relative path depending on the content stored in the symbolic link file.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
+    },
+    "TargetFile": {
+      "name": "x-ms-file-target-file",
+      "x-ms-client-name": "targetFile",
+      "in": "header",
+      "required": true,
+      "description": "NFS only. Required. Specifies the path of the target file to which the link will be created, up to 2 KiB in length. It should be full path of the target from the root.The target file must be in the same share and hence the same storage account.",
+      "type": "string",
+      "x-ms-parameter-location": "method"
     }
   }
 }