Update example for Replica Switchover in PostgreSQL#44102
Conversation
Next Steps to Merge✅ All automated merging requirements have been met! To get your PR merged, see aka.ms/azsdk/specreview/merge.Comment generated by summarize-checks workflow run. |
API Change CheckAPIView identified API level changes in this PR and created the following API reviews
Comment generated by After APIView workflow run. |
|
Please fix Swagger ModelValidation |
|
@ravimeda we are updating patch model to show a missing property that is supported in our backend. This property will have to be used for switchover operation to resolve MSRC vulnerability security issue: The Azure Database for PostgreSQL Flexible Server control-plane action that promotes a read replica (Properties.Replica.PromoteMode = SwitchOver, PromoteOption = Forced) is reported to allow an authorization bypass: a caller can force a replica switchover without holding the required authorization on the linked primary/replica pair. We need to have this be visible to customers. |
ravimeda
left a comment
There was a problem hiding this comment.
ARM API Review
Posting findings from the ARM API Reviewer agent (critic-verified, 2 iterations, converged) against commit aa87e4f. See inline comments for finding 1.
ARM (Control Plane) API Specification Update Pull Request
Tip
Overwhelmed by all this guidance? See the
Getting helpsection at the bottom of this PR description.PR review workflow diagram
Please understand this diagram before proceeding. It explains how to get your PR approved & merged.
Purpose of this PR
What's the purpose of this PR? Check the specific option that applies. This is mandatory!
Update example to show preferred optional property use.
This is an MSRC vulnerability security issue: The Azure Database for PostgreSQL Flexible Server control-plane action that promotes a read replica (Properties.Replica.PromoteMode = SwitchOver, PromoteOption = Forced) is reported to allow an authorization bypass: a caller can force a replica switchover without holding the required authorization on the linked primary/replica pair.
Due diligence checklist
To merge this PR, you must go through the following checklist and confirm you understood
and followed the instructions by checking all the boxes:
ARM resource provider contract and
REST guidelines (estimated time: 4 hours).
I understand this is required before I can proceed to the diagram Step 2, "ARM API changes review", for this PR.
Additional information
Viewing API changes
For convenient view of the API changes made by this PR, refer to the URLs provided in the table
in the
Generated ApiViewcomment added to this PR. You can use ApiView to show API versions diff.Suppressing failures
If one or multiple validation error/warning suppression(s) is detected in your PR, please follow the
suppressions guide to get approval.
Getting help
Purpose of this PRandDue diligence checklist.write accessper aka.ms/azsdk/access#request-access-to-rest-api-or-sdk-repositoriesNext Steps to Mergecomment. It will appear within few minutes of submitting this PR and will continue to be up-to-date with current PR state.and https://aka.ms/ci-fix.
queuedstate, please add a comment with contents/azp run.This should result in a new comment denoting a
PR validation pipelinehas started and the checks should be updated after few minutes.