diff --git a/common/config/rush/pnpm-lock.yaml b/common/config/rush/pnpm-lock.yaml index 476af22d75ed..a3dddd665c13 100644 --- a/common/config/rush/pnpm-lock.yaml +++ b/common/config/rush/pnpm-lock.yaml @@ -731,6 +731,7 @@ packages: /@azure/ai-form-recognizer/3.1.0-beta.3: resolution: {integrity: sha512-+4QtFKNyxAmdqpcYjuAtmWKm/MuOe9kZsbpS9jA9h0YHzngNj5gc67AA4egV9BXOq9x+1phjYTNC/rxiOUr1uQ==} engines: {node: '>=8.0.0'} + deprecated: Please migrate to a supported (non-beta) version of this package dependencies: '@azure/core-auth': 1.4.0 '@azure/core-http': 1.2.6 @@ -14494,7 +14495,7 @@ packages: dev: false file:projects/arm-securityinsight.tgz: - resolution: {integrity: sha512-EGJtHHI56L+yUltRwDYq/toy0a6WqvIypC88WhojX/XJXuLsEwO/Cyn7ryo/bXD9BQKdsF7BjQCEIPhQbBN3RQ==, tarball: file:projects/arm-securityinsight.tgz} + resolution: {integrity: sha512-siy2bX/cICza7AI6UkGPZoGm8rAdexoeXY4HtHb/jnkFwUJt9cNWOU0APs0+ZIbX56au0JKEXfrkFy39hehrJQ==, tarball: file:projects/arm-securityinsight.tgz} name: '@rush-temp/arm-securityinsight' version: 0.0.0 dependencies: @@ -14508,8 +14509,8 @@ packages: '@types/node': 14.18.38 chai: 4.3.7 cross-env: 7.0.3 - dotenv: 8.6.0 - mkdirp: 1.0.4 + dotenv: 16.0.3 + mkdirp: 2.1.5 mocha: 7.2.0 rimraf: 3.0.2 rollup: 2.79.1 diff --git a/sdk/securityinsight/arm-securityinsight/CHANGELOG.md b/sdk/securityinsight/arm-securityinsight/CHANGELOG.md index 7e10d8fce8ba..7968148f7538 100644 --- a/sdk/securityinsight/arm-securityinsight/CHANGELOG.md +++ b/sdk/securityinsight/arm-securityinsight/CHANGELOG.md @@ -1,15 +1,312 @@ # Release History + +## 1.0.0-beta.7 (2023-03-22) + +**Features** -## 1.0.0-beta.7 (Unreleased) - -### Features Added - -### Breaking Changes - -### Bugs Fixed + - Added operation group AlertRuleOperations + - Added operation group Get + - Added operation group GetRecommendations + - Added operation group GetTriggeredAnalyticsRuleRuns + - Added operation group IncidentTasks + - Added operation group TriggeredAnalyticsRuleRunOperations + - Added operation group Update + - Added operation group WorkspaceManagerAssignmentJobs + - Added operation group WorkspaceManagerAssignments + - Added operation group WorkspaceManagerConfigurations + - Added operation group WorkspaceManagerGroups + - Added operation group WorkspaceManagerMembers + - Added operation Entities.runPlaybook + - Added Interface AddIncidentTaskActionProperties + - Added Interface AlertPropertyMapping + - Added Interface AlertRuleTriggerRuleRunHeaders + - Added Interface AlertRuleTriggerRuleRunOptionalParams + - Added Interface AnalyticsRuleRunTrigger + - Added Interface AssignmentItem + - Added Interface AutomationRuleAddIncidentTaskAction + - Added Interface AzureEntityResource + - Added Interface Content + - Added Interface EntitiesRunPlaybookOptionalParams + - Added Interface EntityManualTriggerRequestBody + - Added Interface ErrorAdditionalInfo + - Added Interface ErrorDetail + - Added Interface ErrorModel + - Added Interface ErrorResponse + - Added Interface GetRecommendationsListOptionalParams + - Added Interface GetSingleRecommendationOptionalParams + - Added Interface GetTriggeredAnalyticsRuleRunsListNextOptionalParams + - Added Interface GetTriggeredAnalyticsRuleRunsListOptionalParams + - Added Interface IncidentTask + - Added Interface IncidentTaskList + - Added Interface IncidentTasksCreateOrUpdateOptionalParams + - Added Interface IncidentTasksDeleteOptionalParams + - Added Interface IncidentTasksGetOptionalParams + - Added Interface IncidentTasksListNextOptionalParams + - Added Interface IncidentTasksListOptionalParams + - Added Interface Instructions + - Added Interface Job + - Added Interface JobItem + - Added Interface JobList + - Added Interface MicrosoftPurviewInformationProtectionCheckRequirements + - Added Interface MicrosoftPurviewInformationProtectionCheckRequirementsProperties + - Added Interface MicrosoftPurviewInformationProtectionConnectorDataTypes + - Added Interface MicrosoftPurviewInformationProtectionConnectorDataTypesLogs + - Added Interface MicrosoftPurviewInformationProtectionDataConnector + - Added Interface MicrosoftPurviewInformationProtectionDataConnectorProperties + - Added Interface MTPDataConnectorDataTypesAlerts + - Added Interface MtpFilteredProviders + - Added Interface Recommendation + - Added Interface RecommendationList + - Added Interface RecommendationPatch + - Added Interface RecommendedAction + - Added Interface SentinelEntityMapping + - Added Interface TriggeredAnalyticsRuleRun + - Added Interface TriggeredAnalyticsRuleRunGetOptionalParams + - Added Interface TriggeredAnalyticsRuleRuns + - Added Interface UpdateRecommendationOptionalParams + - Added Interface WorkspaceManagerAssignment + - Added Interface WorkspaceManagerAssignmentJobsCreateOptionalParams + - Added Interface WorkspaceManagerAssignmentJobsDeleteOptionalParams + - Added Interface WorkspaceManagerAssignmentJobsGetOptionalParams + - Added Interface WorkspaceManagerAssignmentJobsListNextOptionalParams + - Added Interface WorkspaceManagerAssignmentJobsListOptionalParams + - Added Interface WorkspaceManagerAssignmentList + - Added Interface WorkspaceManagerAssignmentsCreateOrUpdateOptionalParams + - Added Interface WorkspaceManagerAssignmentsDeleteOptionalParams + - Added Interface WorkspaceManagerAssignmentsGetOptionalParams + - Added Interface WorkspaceManagerAssignmentsListNextOptionalParams + - Added Interface WorkspaceManagerAssignmentsListOptionalParams + - Added Interface WorkspaceManagerConfiguration + - Added Interface WorkspaceManagerConfigurationList + - Added Interface WorkspaceManagerConfigurationsCreateOrUpdateOptionalParams + - Added Interface WorkspaceManagerConfigurationsDeleteOptionalParams + - Added Interface WorkspaceManagerConfigurationsGetOptionalParams + - Added Interface WorkspaceManagerConfigurationsListNextOptionalParams + - Added Interface WorkspaceManagerConfigurationsListOptionalParams + - Added Interface WorkspaceManagerGroup + - Added Interface WorkspaceManagerGroupList + - Added Interface WorkspaceManagerGroupsCreateOrUpdateOptionalParams + - Added Interface WorkspaceManagerGroupsDeleteOptionalParams + - Added Interface WorkspaceManagerGroupsGetOptionalParams + - Added Interface WorkspaceManagerGroupsListNextOptionalParams + - Added Interface WorkspaceManagerGroupsListOptionalParams + - Added Interface WorkspaceManagerMember + - Added Interface WorkspaceManagerMembersCreateOrUpdateOptionalParams + - Added Interface WorkspaceManagerMembersDeleteOptionalParams + - Added Interface WorkspaceManagerMembersGetOptionalParams + - Added Interface WorkspaceManagerMembersList + - Added Interface WorkspaceManagerMembersListNextOptionalParams + - Added Interface WorkspaceManagerMembersListOptionalParams + - Added Type Alias AlertProperty + - Added Type Alias AlertRuleTriggerRuleRunResponse + - Added Type Alias Category + - Added Type Alias Context + - Added Type Alias EntityKindEnum + - Added Type Alias GetRecommendationsListResponse + - Added Type Alias GetSingleRecommendationResponse + - Added Type Alias GetTriggeredAnalyticsRuleRunsListNextResponse + - Added Type Alias GetTriggeredAnalyticsRuleRunsListResponse + - Added Type Alias IncidentTasksCreateOrUpdateResponse + - Added Type Alias IncidentTasksGetResponse + - Added Type Alias IncidentTasksListNextResponse + - Added Type Alias IncidentTasksListResponse + - Added Type Alias IncidentTaskStatus + - Added Type Alias Mode + - Added Type Alias MtpProvider + - Added Type Alias Priority + - Added Type Alias ProvisioningState + - Added Type Alias State + - Added Type Alias Status + - Added Type Alias TriggeredAnalyticsRuleRunGetResponse + - Added Type Alias UpdateRecommendationResponse + - Added Type Alias WorkspaceManagerAssignmentJobsCreateResponse + - Added Type Alias WorkspaceManagerAssignmentJobsGetResponse + - Added Type Alias WorkspaceManagerAssignmentJobsListNextResponse + - Added Type Alias WorkspaceManagerAssignmentJobsListResponse + - Added Type Alias WorkspaceManagerAssignmentsCreateOrUpdateResponse + - Added Type Alias WorkspaceManagerAssignmentsGetResponse + - Added Type Alias WorkspaceManagerAssignmentsListNextResponse + - Added Type Alias WorkspaceManagerAssignmentsListResponse + - Added Type Alias WorkspaceManagerConfigurationsCreateOrUpdateResponse + - Added Type Alias WorkspaceManagerConfigurationsGetResponse + - Added Type Alias WorkspaceManagerConfigurationsListNextResponse + - Added Type Alias WorkspaceManagerConfigurationsListResponse + - Added Type Alias WorkspaceManagerGroupsCreateOrUpdateResponse + - Added Type Alias WorkspaceManagerGroupsGetResponse + - Added Type Alias WorkspaceManagerGroupsListNextResponse + - Added Type Alias WorkspaceManagerGroupsListResponse + - Added Type Alias WorkspaceManagerMembersCreateOrUpdateResponse + - Added Type Alias WorkspaceManagerMembersGetResponse + - Added Type Alias WorkspaceManagerMembersListNextResponse + - Added Type Alias WorkspaceManagerMembersListResponse + - Interface AlertDetailsOverride has a new optional parameter alertDynamicProperties + - Interface MTPDataConnector has a new optional parameter filteredProviders + - Interface MTPDataConnectorDataTypes has a new optional parameter alerts + - Interface MTPDataConnectorProperties has a new optional parameter filteredProviders + - Interface NrtAlertRule has a new optional parameter sentinelEntitiesMappings + - Interface NrtAlertRuleTemplate has a new optional parameter sentinelEntitiesMappings + - Interface QueryBasedAlertRuleTemplateProperties has a new optional parameter sentinelEntitiesMappings + - Interface ScheduledAlertRule has a new optional parameter sentinelEntitiesMappings + - Interface ScheduledAlertRuleCommonProperties has a new optional parameter sentinelEntitiesMappings + - Interface ScheduledAlertRuleTemplate has a new optional parameter sentinelEntitiesMappings + - Interface SecurityAlertTimelineItem has a new optional parameter intent + - Interface SecurityAlertTimelineItem has a new optional parameter techniques + - Type of parameter actionType of interface AutomationRuleAction is changed from "ModifyProperties" | "RunPlaybook" to "AddIncidentTask" | "ModifyProperties" | "RunPlaybook" + - Type of parameter kind of interface DataConnectorsCheckRequirements is changed from "AzureActiveDirectory" | "AzureAdvancedThreatProtection" | "AzureSecurityCenter" | "AmazonWebServicesCloudTrail" | "AmazonWebServicesS3" | "Dynamics365" | "MicrosoftCloudAppSecurity" | "MicrosoftDefenderAdvancedThreatProtection" | "MicrosoftThreatIntelligence" | "MicrosoftThreatProtection" | "OfficeATP" | "OfficeIRM" | "Office365Project" | "OfficePowerBI" | "ThreatIntelligence" | "ThreatIntelligenceTaxii" | "IOT" to "AzureActiveDirectory" | "AzureAdvancedThreatProtection" | "AzureSecurityCenter" | "AmazonWebServicesCloudTrail" | "AmazonWebServicesS3" | "Dynamics365" | "MicrosoftCloudAppSecurity" | "MicrosoftDefenderAdvancedThreatProtection" | "MicrosoftThreatIntelligence" | "MicrosoftThreatProtection" | "OfficeATP" | "OfficeIRM" | "MicrosoftPurviewInformationProtection" | "Office365Project" | "OfficePowerBI" | "ThreatIntelligence" | "ThreatIntelligenceTaxii" | "IOT" + - Added Enum KnownAlertProperty + - Added Enum KnownCategory + - Added Enum KnownContext + - Added Enum KnownEntityKindEnum + - Added Enum KnownIncidentTaskStatus + - Added Enum KnownMode + - Added Enum KnownMtpProvider + - Added Enum KnownPriority + - Added Enum KnownProvisioningState + - Added Enum KnownState + - Added Enum KnownStatus + - Enum KnownActionType has a new value AddIncidentTask + - Enum KnownDataConnectorKind has a new value MicrosoftPurviewInformationProtection -### Other Changes +**Breaking Changes** + - Operation Incidents.createTeam has a new signature + - Interface MstiDataConnectorDataTypes no longer has parameter bingSafetyPhishingURL + - Parameter logicAppResourceId of interface PlaybookActionProperties is now required + - Type of parameter additionalData of interface AccountEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface AzureResourceEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface CloudApplicationEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface DnsEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter kind of interface Entity is changed from EntityKind to EntityKindEnum + - Type of parameter additionalData of interface EntityCommonProperties is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface EntityEdges is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter entityKind of interface ExpansionResultAggregation is changed from EntityKind to EntityKindEnum + - Type of parameter additionalData of interface FileEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface FileHashEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface HostEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface HuntingBookmark is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter entityKind of interface IncidentEntitiesResultsMetadata is changed from EntityKind to EntityKindEnum + - Type of parameter additionalData of interface IoTDeviceEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface IpEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface MailboxEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface MailClusterEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface MailMessageEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface MalwareEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter kind of interface MetadataDependencies is changed from Kind to string + - Type of parameter kind of interface MetadataModel is changed from Kind to string + - Type of parameter kind of interface MetadataPatch is changed from Kind to string + - Type of parameter additionalData of interface NicEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface ProcessEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface RegistryKeyEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface RegistryValueEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface SecurityAlert is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface SecurityGroupEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface SubmissionMailEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface ThreatIntelligenceIndicatorModel is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Type of parameter additionalData of interface UrlEntity is changed from { + [propertyName: string]: Record; + } to { + [propertyName: string]: any; + } + - Removed Enum KnownEntityKind + - Removed Enum KnownKind + + ## 1.0.0-beta.6 (2023-02-03) **Features** diff --git a/sdk/securityinsight/arm-securityinsight/_meta.json b/sdk/securityinsight/arm-securityinsight/_meta.json index 46308dd072f2..cdc096fc8ee8 100644 --- a/sdk/securityinsight/arm-securityinsight/_meta.json +++ b/sdk/securityinsight/arm-securityinsight/_meta.json @@ -1,8 +1,8 @@ { - "commit": "b41f929626289b59e31be8a1091c99994864b096", - "readme": "specification\\securityinsights\\resource-manager\\readme.md", - "autorest_command": "autorest --version=3.9.3 --typescript --modelerfour.lenient-model-deduplication --azure-arm --head-as-boolean=true --license-header=MICROSOFT_MIT_NO_VERSION --generate-test --typescript-sdks-folder=F:\\azure-sdk-for-js ..\\azure-rest-api-specs\\specification\\securityinsights\\resource-manager\\readme.md --use=@autorest/typescript@6.0.0-rc.7 --generate-sample=true", + "commit": "fa8037a2947a298244419c1d5f8296affc38a1eb", + "readme": "specification/securityinsights/resource-manager/readme.md", + "autorest_command": "autorest --version=3.9.3 --typescript --modelerfour.lenient-model-deduplication --azure-arm --head-as-boolean=true --license-header=MICROSOFT_MIT_NO_VERSION --generate-test --typescript-sdks-folder=/mnt/vss/_work/1/s/azure-sdk-for-js ../azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md --use=@autorest/typescript@6.0.0-rc.10", "repository_url": "https://github.com/Azure/azure-rest-api-specs.git", - "release_tool": "@azure-tools/js-sdk-release-tools@2.6.0", - "use": "@autorest/typescript@6.0.0-rc.7" + "release_tool": "@azure-tools/js-sdk-release-tools@2.6.2", + "use": "@autorest/typescript@6.0.0-rc.10" } \ No newline at end of file diff --git a/sdk/securityinsight/arm-securityinsight/package.json b/sdk/securityinsight/arm-securityinsight/package.json index 07c0c7cf6b37..215ce59112e9 100644 --- a/sdk/securityinsight/arm-securityinsight/package.json +++ b/sdk/securityinsight/arm-securityinsight/package.json @@ -8,10 +8,10 @@ "node": ">=14.0.0" }, "dependencies": { - "@azure/core-lro": "^2.2.0", + "@azure/core-lro": "^2.5.0", "@azure/abort-controller": "^1.0.0", "@azure/core-paging": "^1.2.0", - "@azure/core-client": "^1.6.1", + "@azure/core-client": "^1.7.0", "@azure/core-auth": "^1.3.0", "@azure/core-rest-pipeline": "^1.8.0", "tslib": "^2.2.0" @@ -33,13 +33,13 @@ "@rollup/plugin-json": "^6.0.0", "@rollup/plugin-multi-entry": "^6.0.0", "@rollup/plugin-node-resolve": "^13.1.3", - "mkdirp": "^1.0.4", + "mkdirp": "^2.1.2", "rollup": "^2.66.1", "rollup-plugin-sourcemaps": "^0.6.3", "typescript": "~4.8.0", "uglify-js": "^3.4.9", "rimraf": "^3.0.0", - "dotenv": "^8.2.0", + "dotenv": "^16.0.0", "@azure/identity": "^2.0.1", "@azure-tools/test-recorder": "^3.0.0", "@azure-tools/test-credential": "^1.0.0", @@ -111,13 +111,5 @@ ] }, "autoPublish": true, - "homepage": "https://github.com/Azure/azure-sdk-for-js/tree/main/sdk/securityinsight/arm-securityinsight", - "//sampleConfiguration": { - "productName": "", - "productSlugs": [ - "azure" - ], - "disableDocsMs": true, - "apiRefLink": "https://docs.microsoft.com/javascript/api/@azure/arm-securityinsight?view=azure-node-preview" - } -} + "homepage": "https://github.com/Azure/azure-sdk-for-js/tree/main/sdk/securityinsight/arm-securityinsight" +} \ No newline at end of file diff --git a/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md b/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md index 96c4b0c5595f..ca1afe9db3b9 100644 --- a/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md +++ b/sdk/securityinsight/arm-securityinsight/review/arm-securityinsight.api.md @@ -6,9 +6,9 @@ import * as coreAuth from '@azure/core-auth'; import * as coreClient from '@azure/core-client'; +import { OperationState } from '@azure/core-lro'; import { PagedAsyncIterableIterator } from '@azure/core-paging'; -import { PollerLike } from '@azure/core-lro'; -import { PollOperationState } from '@azure/core-lro'; +import { SimplePollerLike } from '@azure/core-lro'; // @public export interface AADCheckRequirements extends DataConnectorsCheckRequirements { @@ -58,7 +58,7 @@ export interface AccountEntity extends Entity { readonly aadUserId?: string; readonly accountName?: string; readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly displayName?: string; readonly dnsDomain?: string; @@ -239,6 +239,12 @@ export interface ActivityTimelineItem extends EntityTimelineItem { title: string; } +// @public (undocumented) +export interface AddIncidentTaskActionProperties { + description?: string; + title: string; +} + // @public export type AlertDetail = string; @@ -246,10 +252,20 @@ export type AlertDetail = string; export interface AlertDetailsOverride { alertDescriptionFormat?: string; alertDisplayNameFormat?: string; + alertDynamicProperties?: AlertPropertyMapping[]; alertSeverityColumnName?: string; alertTacticsColumnName?: string; } +// @public +export type AlertProperty = string; + +// @public +export interface AlertPropertyMapping { + alertProperty?: AlertProperty; + value?: string; +} + // @public export interface AlertRule extends ResourceWithEtag { kind: AlertRuleKind; @@ -258,6 +274,12 @@ export interface AlertRule extends ResourceWithEtag { // @public export type AlertRuleKind = string; +// @public +export interface AlertRuleOperations { + beginTriggerRuleRun(resourceGroupName: string, workspaceName: string, ruleId: string, analyticsRuleRunTriggerParameter: AnalyticsRuleRunTrigger, options?: AlertRuleTriggerRuleRunOptionalParams): Promise, AlertRuleTriggerRuleRunResponse>>; + beginTriggerRuleRunAndWait(resourceGroupName: string, workspaceName: string, ruleId: string, analyticsRuleRunTriggerParameter: AnalyticsRuleRunTrigger, options?: AlertRuleTriggerRuleRunOptionalParams): Promise; +} + // @public export interface AlertRules { createOrUpdate(resourceGroupName: string, workspaceName: string, ruleId: string, alertRule: AlertRuleUnion, options?: AlertRulesCreateOrUpdateOptionalParams): Promise; @@ -368,6 +390,21 @@ export interface AlertRuleTemplateWithMitreProperties extends AlertRuleTemplateP techniques?: string[]; } +// @public +export interface AlertRuleTriggerRuleRunHeaders { + // (undocumented) + location?: string; +} + +// @public +export interface AlertRuleTriggerRuleRunOptionalParams extends coreClient.OperationOptions { + resumeFrom?: string; + updateIntervalInMs?: number; +} + +// @public +export type AlertRuleTriggerRuleRunResponse = AlertRuleTriggerRuleRunHeaders; + // @public (undocumented) export type AlertRuleUnion = AlertRule | MLBehaviorAnalyticsAlertRule | FusionAlertRule | ThreatIntelligenceAlertRule | MicrosoftSecurityIncidentCreationAlertRule | ScheduledAlertRule | NrtAlertRule; @@ -382,6 +419,12 @@ export type AlertSeverity = string; // @public export type AlertStatus = string; +// @public +export interface AnalyticsRuleRunTrigger { + // (undocumented) + executionTimeUtc: Date; +} + // @public export interface Anomalies extends Settings { readonly isEnabled?: boolean; @@ -444,6 +487,11 @@ export interface ASCDataConnectorProperties extends DataConnectorWithAlertsPrope subscriptionId?: string; } +// @public +export interface AssignmentItem { + resourceId?: string; +} + // @public export type AttackTactic = string; @@ -461,13 +509,20 @@ export interface AutomationRule extends ResourceWithEtag { // @public export interface AutomationRuleAction { - actionType: "ModifyProperties" | "RunPlaybook"; + actionType: "AddIncidentTask" | "ModifyProperties" | "RunPlaybook"; // (undocumented) order: number; } // @public (undocumented) -export type AutomationRuleActionUnion = AutomationRuleAction | AutomationRuleModifyPropertiesAction | AutomationRuleRunPlaybookAction; +export type AutomationRuleActionUnion = AutomationRuleAction | AutomationRuleAddIncidentTaskAction | AutomationRuleModifyPropertiesAction | AutomationRuleRunPlaybookAction; + +// @public +export interface AutomationRuleAddIncidentTaskAction extends AutomationRuleAction { + // (undocumented) + actionConfiguration?: AddIncidentTaskActionProperties; + actionType: "AddIncidentTask"; +} // @public (undocumented) export interface AutomationRuleBooleanCondition { @@ -684,10 +739,15 @@ export interface AzureDevOpsResourceInfo { serviceConnectionId?: string; } +// @public +export interface AzureEntityResource extends Resource { + readonly etag?: string; +} + // @public export interface AzureResourceEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly friendlyName?: string; kind: "AzureResource"; @@ -868,6 +928,9 @@ export interface BooleanConditionProperties extends AutomationRuleCondition { conditionType: "Boolean"; } +// @public +export type Category = string; + // @public export interface ClientInfo { email?: string; @@ -879,7 +942,7 @@ export interface ClientInfo { // @public export interface CloudApplicationEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly appId?: number; readonly appName?: string; @@ -1051,6 +1114,12 @@ export interface ConnectorInstructionModelBase { type: SettingType; } +// @public +export interface Content { + description: string; + title: string; +} + // @public export interface ContentPathMap { contentType?: ContentType; @@ -1060,6 +1129,9 @@ export interface ContentPathMap { // @public export type ContentType = string; +// @public +export type Context = string; + // @public export type CreatedByType = string; @@ -1143,7 +1215,7 @@ export interface DataConnectors { // @public export interface DataConnectorsCheckRequirements { - kind: "AzureActiveDirectory" | "AzureAdvancedThreatProtection" | "AzureSecurityCenter" | "AmazonWebServicesCloudTrail" | "AmazonWebServicesS3" | "Dynamics365" | "MicrosoftCloudAppSecurity" | "MicrosoftDefenderAdvancedThreatProtection" | "MicrosoftThreatIntelligence" | "MicrosoftThreatProtection" | "OfficeATP" | "OfficeIRM" | "Office365Project" | "OfficePowerBI" | "ThreatIntelligence" | "ThreatIntelligenceTaxii" | "IOT"; + kind: "AzureActiveDirectory" | "AzureAdvancedThreatProtection" | "AzureSecurityCenter" | "AmazonWebServicesCloudTrail" | "AmazonWebServicesS3" | "Dynamics365" | "MicrosoftCloudAppSecurity" | "MicrosoftDefenderAdvancedThreatProtection" | "MicrosoftThreatIntelligence" | "MicrosoftThreatProtection" | "OfficeATP" | "OfficeIRM" | "MicrosoftPurviewInformationProtection" | "Office365Project" | "OfficePowerBI" | "ThreatIntelligence" | "ThreatIntelligenceTaxii" | "IOT"; } // @public @@ -1159,7 +1231,7 @@ export interface DataConnectorsCheckRequirementsPostOptionalParams extends coreC export type DataConnectorsCheckRequirementsPostResponse = DataConnectorRequirementsState; // @public (undocumented) -export type DataConnectorsCheckRequirementsUnion = DataConnectorsCheckRequirements | AADCheckRequirements | AatpCheckRequirements | ASCCheckRequirements | AwsCloudTrailCheckRequirements | AwsS3CheckRequirements | Dynamics365CheckRequirements | McasCheckRequirements | MdatpCheckRequirements | MstiCheckRequirements | MtpCheckRequirements | OfficeATPCheckRequirements | OfficeIRMCheckRequirements | Office365ProjectCheckRequirements | OfficePowerBICheckRequirements | TICheckRequirements | TiTaxiiCheckRequirements | IoTCheckRequirements; +export type DataConnectorsCheckRequirementsUnion = DataConnectorsCheckRequirements | AADCheckRequirements | AatpCheckRequirements | ASCCheckRequirements | AwsCloudTrailCheckRequirements | AwsS3CheckRequirements | Dynamics365CheckRequirements | McasCheckRequirements | MdatpCheckRequirements | MstiCheckRequirements | MtpCheckRequirements | OfficeATPCheckRequirements | OfficeIRMCheckRequirements | MicrosoftPurviewInformationProtectionCheckRequirements | Office365ProjectCheckRequirements | OfficePowerBICheckRequirements | TICheckRequirements | TiTaxiiCheckRequirements | IoTCheckRequirements; // @public export interface DataConnectorsConnectOptionalParams extends coreClient.OperationOptions { @@ -1207,7 +1279,7 @@ export interface DataConnectorTenantId { } // @public (undocumented) -export type DataConnectorUnion = DataConnector | AADDataConnector | MstiDataConnector | MTPDataConnector | AatpDataConnector | ASCDataConnector | AwsCloudTrailDataConnector | AwsS3DataConnector | McasDataConnector | Dynamics365DataConnector | OfficeATPDataConnector | Office365ProjectDataConnector | OfficePowerBIDataConnector | OfficeIRMDataConnector | MdatpDataConnector | OfficeDataConnector | TIDataConnector | TiTaxiiDataConnector | IoTDataConnector | CodelessUiDataConnector | CodelessApiPollingDataConnector; +export type DataConnectorUnion = DataConnector | AADDataConnector | MstiDataConnector | MTPDataConnector | AatpDataConnector | ASCDataConnector | AwsCloudTrailDataConnector | AwsS3DataConnector | McasDataConnector | Dynamics365DataConnector | OfficeATPDataConnector | MicrosoftPurviewInformationProtectionDataConnector | Office365ProjectDataConnector | OfficePowerBIDataConnector | OfficeIRMDataConnector | MdatpDataConnector | OfficeDataConnector | TIDataConnector | TiTaxiiDataConnector | IoTDataConnector | CodelessUiDataConnector | CodelessApiPollingDataConnector; // @public export interface DataConnectorWithAlertsProperties { @@ -1262,7 +1334,7 @@ export type DeviceImportance = string; // @public export interface DnsEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly dnsServerIpEntityId?: string; readonly domainName?: string; @@ -1404,6 +1476,7 @@ export interface Entities { getInsights(resourceGroupName: string, workspaceName: string, entityId: string, parameters: EntityGetInsightsParameters, options?: EntitiesGetInsightsOptionalParams): Promise; list(resourceGroupName: string, workspaceName: string, options?: EntitiesListOptionalParams): PagedAsyncIterableIterator; queries(resourceGroupName: string, workspaceName: string, entityId: string, kind: EntityItemQueryKind, options?: EntitiesQueriesOptionalParams): Promise; + runPlaybook(resourceGroupName: string, workspaceName: string, entityIdentifier: string, options?: EntitiesRunPlaybookOptionalParams): Promise; } // @public @@ -1483,9 +1556,14 @@ export interface EntitiesRelationsListOptionalParams extends coreClient.Operatio // @public export type EntitiesRelationsListResponse = RelationList; +// @public +export interface EntitiesRunPlaybookOptionalParams extends coreClient.OperationOptions { + requestBody?: EntityManualTriggerRequestBody; +} + // @public export interface Entity extends Resource { - kind: EntityKind; + kind: EntityKindEnum; } // @public @@ -1497,7 +1575,7 @@ export interface EntityAnalytics extends Settings { // @public export interface EntityCommonProperties { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly friendlyName?: string; } @@ -1505,7 +1583,7 @@ export interface EntityCommonProperties { // @public export interface EntityEdges { additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; targetEntityId?: string; } @@ -1567,7 +1645,7 @@ export interface EntityInsightItemQueryTimeInterval { export type EntityItemQueryKind = string; // @public -export type EntityKind = string; +export type EntityKindEnum = string; // @public export interface EntityList { @@ -1575,6 +1653,13 @@ export interface EntityList { value: EntityUnion[]; } +// @public +export interface EntityManualTriggerRequestBody { + incidentArmId?: string; + logicAppsResourceId: string; + tenantId?: string; +} + // @public export interface EntityMapping { entityType?: EntityMappingType; @@ -1759,6 +1844,32 @@ export type EntityUnion = Entity | SecurityAlert | HuntingBookmark | AccountEnti // @public export type Enum13 = string; +// @public +export interface ErrorAdditionalInfo { + readonly info?: Record; + readonly type?: string; +} + +// @public +export interface ErrorDetail { + readonly additionalInfo?: ErrorAdditionalInfo[]; + readonly code?: string; + readonly details?: ErrorDetail[]; + readonly message?: string; + readonly target?: string; +} + +// @public +export interface ErrorModel { + errorMessage: string; + memberResourceName: string; +} + +// @public +export interface ErrorResponse { + error?: ErrorDetail; +} + // @public export type EventGroupingAggregationKind = string; @@ -1783,7 +1894,7 @@ export interface ExpansionResultAggregation { aggregationType?: string; count: number; displayName?: string; - entityKind: EntityKind; + entityKind: EntityKindEnum; } // @public @@ -1806,7 +1917,7 @@ export interface FieldMapping { // @public export interface FileEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly directory?: string; readonly fileHashEntityIds?: string[]; @@ -1833,7 +1944,7 @@ export type FileHashAlgorithm = string; // @public export interface FileHashEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly algorithm?: FileHashAlgorithm; readonly friendlyName?: string; @@ -1875,7 +1986,7 @@ export interface FileImportList { // @public export interface FileImports { - beginDelete(resourceGroupName: string, workspaceName: string, fileImportId: string, options?: FileImportsDeleteOptionalParams): Promise, FileImportsDeleteResponse>>; + beginDelete(resourceGroupName: string, workspaceName: string, fileImportId: string, options?: FileImportsDeleteOptionalParams): Promise, FileImportsDeleteResponse>>; beginDeleteAndWait(resourceGroupName: string, workspaceName: string, fileImportId: string, options?: FileImportsDeleteOptionalParams): Promise; create(resourceGroupName: string, workspaceName: string, fileImportId: string, fileImport: FileImport, options?: FileImportsCreateOptionalParams): Promise; get(resourceGroupName: string, workspaceName: string, fileImportId: string, options?: FileImportsGetOptionalParams): Promise; @@ -2029,6 +2140,11 @@ export interface GeoLocation { readonly state?: string; } +// @public +export interface Get { + singleRecommendation(resourceGroupName: string, workspaceName: string, recommendationId: string, options?: GetSingleRecommendationOptionalParams): Promise; +} + // @public export function getContinuationToken(page: unknown): string | undefined; @@ -2053,6 +2169,44 @@ export interface GetQueriesResponse { value?: EntityQueryItemUnion[]; } +// @public +export interface GetRecommendations { + list(resourceGroupName: string, workspaceName: string, options?: GetRecommendationsListOptionalParams): Promise; +} + +// @public +export interface GetRecommendationsListOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type GetRecommendationsListResponse = RecommendationList; + +// @public +export interface GetSingleRecommendationOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type GetSingleRecommendationResponse = Recommendation; + +// @public +export interface GetTriggeredAnalyticsRuleRuns { + list(resourceGroupName: string, workspaceName: string, options?: GetTriggeredAnalyticsRuleRunsListOptionalParams): PagedAsyncIterableIterator; +} + +// @public +export interface GetTriggeredAnalyticsRuleRunsListNextOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type GetTriggeredAnalyticsRuleRunsListNextResponse = TriggeredAnalyticsRuleRuns; + +// @public +export interface GetTriggeredAnalyticsRuleRunsListOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type GetTriggeredAnalyticsRuleRunsListResponse = TriggeredAnalyticsRuleRuns; + // @public export interface GitHubResourceInfo { appInstallationId?: string; @@ -2079,7 +2233,7 @@ export interface GroupingConfiguration { // @public export interface HostEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly azureID?: string; readonly dnsDomain?: string; @@ -2110,7 +2264,7 @@ export interface HostEntityProperties extends EntityCommonProperties { // @public export interface HuntingBookmark extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; created?: Date; createdBy?: UserInfo; @@ -2142,7 +2296,7 @@ export interface HuntingBookmarkProperties extends EntityCommonProperties { updatedBy?: UserInfo; } -// @public +// @public (undocumented) export interface Incident extends ResourceWithEtag { readonly additionalData?: IncidentAdditionalData; classification?: IncidentClassification; @@ -2157,7 +2311,7 @@ export interface Incident extends ResourceWithEtag { lastActivityTimeUtc?: Date; readonly lastModifiedTimeUtc?: Date; owner?: IncidentOwnerInfo; - providerIncidentId?: string; + readonly providerIncidentId?: string; providerName?: string; readonly relatedAnalyticRuleIds?: string[]; severity?: IncidentSeverity; @@ -2201,9 +2355,10 @@ export interface IncidentComment extends ResourceWithEtag { message?: string; } -// @public +// @public (undocumented) export interface IncidentCommentList { readonly nextLink?: string; + // (undocumented) value: IncidentComment[]; } @@ -2266,7 +2421,7 @@ export interface IncidentEntitiesResponse { // @public export interface IncidentEntitiesResultsMetadata { count: number; - entityKind: EntityKind; + entityKind: EntityKindEnum; } // @public @@ -2289,6 +2444,7 @@ export type IncidentLabelType = string; // @public export interface IncidentList { readonly nextLink?: string; + // (undocumented) value: Incident[]; } @@ -2359,7 +2515,7 @@ export type IncidentRelationsListResponse = RelationList; // @public export interface Incidents { createOrUpdate(resourceGroupName: string, workspaceName: string, incidentId: string, incident: Incident, options?: IncidentsCreateOrUpdateOptionalParams): Promise; - createTeam(resourceGroupName: string, workspaceName: string, incidentId: string, teamProperties: TeamProperties, options?: IncidentsCreateTeamOptionalParams): Promise; + createTeam(resourceGroupName: string, workspaceName: string, incidentId: string, teamProperties: TeamInformation, options?: IncidentsCreateTeamOptionalParams): Promise; delete(resourceGroupName: string, workspaceName: string, incidentId: string, options?: IncidentsDeleteOptionalParams): Promise; get(resourceGroupName: string, workspaceName: string, incidentId: string, options?: IncidentsGetOptionalParams): Promise; list(resourceGroupName: string, workspaceName: string, options?: IncidentsListOptionalParams): PagedAsyncIterableIterator; @@ -2448,6 +2604,69 @@ export type IncidentsRunPlaybookResponse = Record; // @public export type IncidentStatus = string; +// @public (undocumented) +export interface IncidentTask extends ResourceWithEtag { + createdBy?: ClientInfo; + readonly createdTimeUtc?: Date; + description?: string; + lastModifiedBy?: ClientInfo; + readonly lastModifiedTimeUtc?: Date; + // (undocumented) + status: IncidentTaskStatus; + title: string; +} + +// @public (undocumented) +export interface IncidentTaskList { + // (undocumented) + nextLink?: string; + // (undocumented) + value?: IncidentTask[]; +} + +// @public +export interface IncidentTasks { + createOrUpdate(resourceGroupName: string, workspaceName: string, incidentId: string, incidentTaskId: string, incidentTask: IncidentTask, options?: IncidentTasksCreateOrUpdateOptionalParams): Promise; + delete(resourceGroupName: string, workspaceName: string, incidentId: string, incidentTaskId: string, options?: IncidentTasksDeleteOptionalParams): Promise; + get(resourceGroupName: string, workspaceName: string, incidentId: string, incidentTaskId: string, options?: IncidentTasksGetOptionalParams): Promise; + list(resourceGroupName: string, workspaceName: string, incidentId: string, options?: IncidentTasksListOptionalParams): PagedAsyncIterableIterator; +} + +// @public +export interface IncidentTasksCreateOrUpdateOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type IncidentTasksCreateOrUpdateResponse = IncidentTask; + +// @public +export interface IncidentTasksDeleteOptionalParams extends coreClient.OperationOptions { +} + +// @public +export interface IncidentTasksGetOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type IncidentTasksGetResponse = IncidentTask; + +// @public +export interface IncidentTasksListNextOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type IncidentTasksListNextResponse = IncidentTaskList; + +// @public +export interface IncidentTasksListOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type IncidentTasksListResponse = IncidentTaskList; + +// @public +export type IncidentTaskStatus = string; + // @public export type IngestionMode = string; @@ -2525,6 +2744,13 @@ export interface InsightsTableResultColumnsItem { type?: string; } +// @public +export interface Instructions { + actionsToBePerformed: string; + howToPerformActionDetails?: string; + recommendationImportance: string; +} + // @public export interface InstructionSteps { description?: string; @@ -2557,7 +2783,7 @@ export interface IoTDataConnectorProperties extends DataConnectorWithAlertsPrope // @public export interface IoTDeviceEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly deviceId?: string; readonly deviceName?: string; @@ -2626,7 +2852,7 @@ export interface IoTDeviceEntityProperties extends EntityCommonProperties { // @public export interface IpEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly address?: string; readonly friendlyName?: string; @@ -2655,13 +2881,34 @@ export interface IPGeodataGetOptionalParams extends coreClient.OperationOptions export type IPGeodataGetResponse = EnrichmentIpGeodata; // @public -export type KillChainIntent = string; +export interface Job extends ResourceWithEtag { + readonly endTime?: Date; + readonly errorMessage?: string; + items?: JobItem[]; + readonly provisioningState?: ProvisioningState; + readonly startTime?: Date; +} + +// @public +export interface JobItem { + errors?: ErrorModel[]; + readonly executionTime?: Date; + resourceId?: string; + readonly status?: Status; +} // @public -export type Kind = string; +export interface JobList { + readonly nextLink?: string; + value: Job[]; +} + +// @public +export type KillChainIntent = string; // @public export enum KnownActionType { + AddIncidentTask = "AddIncidentTask", ModifyProperties = "ModifyProperties", RunPlaybook = "RunPlaybook" } @@ -2672,6 +2919,19 @@ export enum KnownAlertDetail { Severity = "Severity" } +// @public +export enum KnownAlertProperty { + AlertLink = "AlertLink", + ConfidenceLevel = "ConfidenceLevel", + ConfidenceScore = "ConfidenceScore", + ExtendedLinks = "ExtendedLinks", + ProductComponentName = "ProductComponentName", + ProductName = "ProductName", + ProviderName = "ProviderName", + RemediationSteps = "RemediationSteps", + Techniques = "Techniques" +} + // @public export enum KnownAlertRuleKind { Fusion = "Fusion", @@ -2845,6 +3105,15 @@ export enum KnownAutomationRulePropertyConditionSupportedProperty { Url = "Url" } +// @public +export enum KnownCategory { + CostOptimization = "CostOptimization", + Demo = "Demo", + NewFeature = "NewFeature", + Onboarding = "Onboarding", + SocEfficiency = "SocEfficiency" +} + // @public export enum KnownConditionType { Boolean = "Boolean", @@ -2887,6 +3156,14 @@ export enum KnownContentType { Workbook = "Workbook" } +// @public +export enum KnownContext { + Analytics = "Analytics", + Incidents = "Incidents", + None = "None", + Overview = "Overview" +} + // @public export enum KnownCreatedByType { Application = "Application", @@ -2919,6 +3196,7 @@ export enum KnownDataConnectorKind { IOT = "IOT", MicrosoftCloudAppSecurity = "MicrosoftCloudAppSecurity", MicrosoftDefenderAdvancedThreatProtection = "MicrosoftDefenderAdvancedThreatProtection", + MicrosoftPurviewInformationProtection = "MicrosoftPurviewInformationProtection", MicrosoftThreatIntelligence = "MicrosoftThreatIntelligence", MicrosoftThreatProtection = "MicrosoftThreatProtection", Office365 = "Office365", @@ -2986,7 +3264,7 @@ export enum KnownEntityItemQueryKind { } // @public -export enum KnownEntityKind { +export enum KnownEntityKindEnum { Account = "Account", AzureResource = "AzureResource", Bookmark = "Bookmark", @@ -3173,6 +3451,12 @@ export enum KnownIncidentStatus { New = "New" } +// @public +export enum KnownIncidentTaskStatus { + Completed = "Completed", + New = "New" +} + // @public export enum KnownIngestionMode { IngestAnyValidRecords = "IngestAnyValidRecords", @@ -3198,27 +3482,6 @@ export enum KnownKillChainIntent { Unknown = "Unknown" } -// @public -export enum KnownKind { - AnalyticsRule = "AnalyticsRule", - AnalyticsRuleTemplate = "AnalyticsRuleTemplate", - AutomationRule = "AutomationRule", - AzureFunction = "AzureFunction", - DataConnector = "DataConnector", - DataType = "DataType", - HuntingQuery = "HuntingQuery", - InvestigationQuery = "InvestigationQuery", - LogicAppsCustomConnector = "LogicAppsCustomConnector", - Parser = "Parser", - Playbook = "Playbook", - PlaybookTemplate = "PlaybookTemplate", - Solution = "Solution", - Watchlist = "Watchlist", - WatchlistTemplate = "WatchlistTemplate", - Workbook = "Workbook", - WorkbookTemplate = "WorkbookTemplate" -} - // @public export enum KnownMatchingMethod { AllEntities = "AllEntities", @@ -3237,6 +3500,18 @@ export enum KnownMicrosoftSecurityProductName { Office365AdvancedThreatProtection = "Office 365 Advanced Threat Protection" } +// @public +export enum KnownMode { + Disabled = "Disabled", + Enabled = "Enabled" +} + +// @public +export enum KnownMtpProvider { + MicrosoftDefenderForCloudApps = "microsoftDefenderForCloudApps", + MicrosoftDefenderForIdentity = "microsoftDefenderForIdentity" +} + // @public export enum KnownOperator { AND = "AND", @@ -3272,6 +3547,13 @@ export enum KnownPollingFrequency { OnceAnHour = "OnceAnHour" } +// @public +export enum KnownPriority { + High = "High", + Low = "Low", + Medium = "Medium" +} + // @public export enum KnownProviderName { MicrosoftAadiamDiagnosticSettings = "microsoft.aadiam/diagnosticSettings", @@ -3282,6 +3564,15 @@ export enum KnownProviderName { MicrosoftOperationalInsightsWorkspacesSharedKeys = "Microsoft.OperationalInsights/workspaces/sharedKeys" } +// @public +export enum KnownProvisioningState { + Accepted = "Accepted", + Canceled = "Canceled", + Failed = "Failed", + InProgress = "InProgress", + Succeeded = "Succeeded" +} + // @public export enum KnownRegistryHive { HkeyA = "HKEY_A", @@ -3354,6 +3645,22 @@ export enum KnownSourceType { RemoteStorage = "Remote storage" } +// @public +export enum KnownState { + Active = "Active", + CompletedByAction = "CompletedByAction", + CompletedByUser = "CompletedByUser", + Disabled = "Disabled", + Hidden = "Hidden" +} + +// @public +export enum KnownStatus { + Failed = "Failed", + InProgress = "InProgress", + Succeeded = "Succeeded" +} + // @public export enum KnownSupportTier { Community = "Community", @@ -3415,7 +3722,7 @@ export interface LastDataReceivedDataType { // @public export interface MailboxEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly displayName?: string; readonly externalDirectoryObjectId?: string; @@ -3436,7 +3743,7 @@ export interface MailboxEntityProperties extends EntityCommonProperties { // @public export interface MailClusterEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly clusterGroup?: string; readonly clusterQueryEndTime?: Date; @@ -3479,7 +3786,7 @@ export interface MailClusterEntityProperties extends EntityCommonProperties { // @public export interface MailMessageEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; antispamDirection?: AntispamMailDirection; bodyFingerprintBin1?: number; @@ -3542,7 +3849,7 @@ export interface MailMessageEntityProperties extends EntityCommonProperties { // @public export interface MalwareEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly category?: string; readonly fileEntityIds?: string[]; @@ -3656,7 +3963,7 @@ export interface MetadataDeleteOptionalParams extends coreClient.OperationOption export interface MetadataDependencies { contentId?: string; criteria?: MetadataDependencies[]; - kind?: Kind; + kind?: string; name?: string; operator?: Operator; version?: string; @@ -3703,7 +4010,7 @@ export interface MetadataModel extends ResourceWithEtag { dependencies?: MetadataDependencies; firstPublishDate?: Date; icon?: string; - kind?: Kind; + kind?: string; lastPublishDate?: Date; parentId?: string; previewImages?: string[]; @@ -3726,7 +4033,7 @@ export interface MetadataPatch extends ResourceWithEtag { dependencies?: MetadataDependencies; firstPublishDate?: Date; icon?: string; - kind?: Kind; + kind?: string; lastPublishDate?: Date; parentId?: string; previewImages?: string[]; @@ -3761,6 +4068,37 @@ export interface MetadataUpdateOptionalParams extends coreClient.OperationOption // @public export type MetadataUpdateResponse = MetadataModel; +// @public +export interface MicrosoftPurviewInformationProtectionCheckRequirements extends DataConnectorsCheckRequirements { + kind: "MicrosoftPurviewInformationProtection"; + tenantId?: string; +} + +// @public +export interface MicrosoftPurviewInformationProtectionCheckRequirementsProperties extends DataConnectorTenantId { +} + +// @public +export interface MicrosoftPurviewInformationProtectionConnectorDataTypes { + logs: MicrosoftPurviewInformationProtectionConnectorDataTypesLogs; +} + +// @public +export interface MicrosoftPurviewInformationProtectionConnectorDataTypesLogs extends DataConnectorDataTypeCommon { +} + +// @public +export interface MicrosoftPurviewInformationProtectionDataConnector extends DataConnector { + dataTypes?: MicrosoftPurviewInformationProtectionConnectorDataTypes; + kind: "MicrosoftPurviewInformationProtection"; + tenantId?: string; +} + +// @public +export interface MicrosoftPurviewInformationProtectionDataConnectorProperties extends DataConnectorTenantId { + dataTypes: MicrosoftPurviewInformationProtectionConnectorDataTypes; +} + // @public export interface MicrosoftSecurityIncidentCreationAlertRule extends AlertRule { alertRuleTemplateName?: string; @@ -3852,6 +4190,9 @@ export interface MLBehaviorAnalyticsAlertRuleTemplateProperties extends AlertRul severity: AlertSeverity; } +// @public +export type Mode = string; + // @public export interface MstiCheckRequirements extends DataConnectorsCheckRequirements { kind: "MicrosoftThreatIntelligence"; @@ -3871,15 +4212,9 @@ export interface MstiDataConnector extends DataConnector { // @public export interface MstiDataConnectorDataTypes { - bingSafetyPhishingURL: MstiDataConnectorDataTypesBingSafetyPhishingURL; microsoftEmergingThreatFeed: MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed; } -// @public -export interface MstiDataConnectorDataTypesBingSafetyPhishingURL extends DataConnectorDataTypeCommon { - lookbackPeriod: string; -} - // @public export interface MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed extends DataConnectorDataTypeCommon { lookbackPeriod: string; @@ -3903,15 +4238,21 @@ export interface MTPCheckRequirementsProperties extends DataConnectorTenantId { // @public export interface MTPDataConnector extends DataConnector { dataTypes?: MTPDataConnectorDataTypes; + filteredProviders?: MtpFilteredProviders; kind: "MicrosoftThreatProtection"; tenantId?: string; } // @public export interface MTPDataConnectorDataTypes { + alerts?: MTPDataConnectorDataTypesAlerts; incidents: MTPDataConnectorDataTypesIncidents; } +// @public +export interface MTPDataConnectorDataTypesAlerts extends DataConnectorDataTypeCommon { +} + // @public export interface MTPDataConnectorDataTypesIncidents extends DataConnectorDataTypeCommon { } @@ -3919,12 +4260,21 @@ export interface MTPDataConnectorDataTypesIncidents extends DataConnectorDataTyp // @public export interface MTPDataConnectorProperties extends DataConnectorTenantId { dataTypes: MTPDataConnectorDataTypes; + filteredProviders?: MtpFilteredProviders; } // @public -export interface NicEntity extends Entity { +export interface MtpFilteredProviders { + alerts: MtpProvider[]; +} + +// @public +export type MtpProvider = string; + +// @public +export interface NicEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly friendlyName?: string; readonly ipAddressEntityId?: string; @@ -3956,6 +4306,7 @@ export interface NrtAlertRule extends AlertRule { kind: "NRT"; readonly lastModifiedUtc?: Date; query?: string; + sentinelEntitiesMappings?: SentinelEntityMapping[]; severity?: AlertSeverity; suppressionDuration?: string; suppressionEnabled?: boolean; @@ -3980,6 +4331,7 @@ export interface NrtAlertRuleTemplate extends AlertRuleTemplate { readonly lastUpdatedDateUTC?: Date; query?: string; requiredDataConnectors?: AlertRuleTemplateDataSource[]; + sentinelEntitiesMappings?: SentinelEntityMapping[]; severity?: AlertSeverity; status?: TemplateStatus; tactics?: AttackTactic[]; @@ -4243,18 +4595,21 @@ export interface PermissionsResourceProviderItem extends ResourceProvider { // @public (undocumented) export interface PlaybookActionProperties { - logicAppResourceId?: string; + logicAppResourceId: string; tenantId?: string; } // @public export type PollingFrequency = string; +// @public +export type Priority = string; + // @public export interface ProcessEntity extends Entity { readonly accountEntityId?: string; readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly commandLine?: string; readonly creationTimeUtc?: Date; @@ -4345,6 +4700,9 @@ export interface PropertyConditionProperties extends AutomationRuleCondition { // @public export type ProviderName = string; +// @public +export type ProvisioningState = string; + // @public export interface QueryBasedAlertRuleTemplateProperties { alertDetailsOverride?: AlertDetailsOverride; @@ -4354,17 +4712,61 @@ export interface QueryBasedAlertRuleTemplateProperties { entityMappings?: EntityMapping[]; eventGroupingSettings?: EventGroupingSettings; query?: string; + sentinelEntitiesMappings?: SentinelEntityMapping[]; severity?: AlertSeverity; version?: string; } +// @public +export interface Recommendation { + actions: RecommendedAction[]; + additionalProperties?: { + [propertyName: string]: string; + }; + category: Category; + content?: Content; + context: Context; + description: string; + displayUntilTimeUtc?: Date; + hideUntilTimeUtc?: Date; + id: string; + instructions: Instructions; + lastEvaluatedTimeUtc: Date; + priority: Priority; + recommendationTypeId: string; + recommendationTypeTitle: string; + resourceId?: string; + state: State; + title: string; + visible?: boolean; + workspaceId: string; +} + +// @public +export interface RecommendationList { + value?: Recommendation[]; +} + +// @public +export interface RecommendationPatch { + hideUntilTimeUtc?: Date; + state?: State; +} + +// @public +export interface RecommendedAction { + linkText: string; + linkUrl: string; + state?: Priority; +} + // @public export type RegistryHive = string; // @public export interface RegistryKeyEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly friendlyName?: string; readonly hive?: RegistryHive; @@ -4381,7 +4783,7 @@ export interface RegistryKeyEntityProperties extends EntityCommonProperties { // @public export interface RegistryValueEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly friendlyName?: string; readonly keyEntityId?: string; @@ -4502,6 +4904,7 @@ export interface ScheduledAlertRule extends AlertRule { query?: string; queryFrequency?: string; queryPeriod?: string; + sentinelEntitiesMappings?: SentinelEntityMapping[]; severity?: AlertSeverity; suppressionDuration?: string; suppressionEnabled?: boolean; @@ -4523,6 +4926,7 @@ export interface ScheduledAlertRuleCommonProperties { query?: string; queryFrequency?: string; queryPeriod?: string; + sentinelEntitiesMappings?: SentinelEntityMapping[]; severity?: AlertSeverity; triggerOperator?: TriggerOperator; triggerThreshold?: number; @@ -4561,6 +4965,7 @@ export interface ScheduledAlertRuleTemplate extends AlertRuleTemplate { queryFrequency?: string; queryPeriod?: string; requiredDataConnectors?: AlertRuleTemplateDataSource[]; + sentinelEntitiesMappings?: SentinelEntityMapping[]; severity?: AlertSeverity; status?: TemplateStatus; tactics?: AttackTactic[]; @@ -4573,7 +4978,7 @@ export interface ScheduledAlertRuleTemplate extends AlertRuleTemplate { // @public export interface SecurityAlert extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly alertDisplayName?: string; readonly alertLink?: string; @@ -4646,17 +5051,19 @@ export interface SecurityAlertTimelineItem extends EntityTimelineItem { description?: string; displayName: string; endTimeUtc: Date; + readonly intent?: KillChainIntent; kind: "SecurityAlert"; productName?: string; severity: AlertSeverity; startTimeUtc: Date; + techniques?: string[]; timeGenerated: Date; } // @public export interface SecurityGroupEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly distinguishedName?: string; readonly friendlyName?: string; @@ -4680,6 +5087,8 @@ export class SecurityInsights extends coreClient.ServiceClient { // (undocumented) actions: Actions; // (undocumented) + alertRuleOperations: AlertRuleOperations; + // (undocumented) alertRules: AlertRules; // (undocumented) alertRuleTemplates: AlertRuleTemplates; @@ -4714,12 +5123,20 @@ export class SecurityInsights extends coreClient.ServiceClient { // (undocumented) fileImports: FileImports; // (undocumented) + get: Get; + // (undocumented) + getRecommendations: GetRecommendations; + // (undocumented) + getTriggeredAnalyticsRuleRuns: GetTriggeredAnalyticsRuleRuns; + // (undocumented) incidentComments: IncidentComments; // (undocumented) incidentRelations: IncidentRelations; // (undocumented) incidents: Incidents; // (undocumented) + incidentTasks: IncidentTasks; + // (undocumented) iPGeodata: IPGeodata; // (undocumented) metadata: Metadata; @@ -4746,9 +5163,23 @@ export class SecurityInsights extends coreClient.ServiceClient { // (undocumented) threatIntelligenceIndicators: ThreatIntelligenceIndicators; // (undocumented) + triggeredAnalyticsRuleRunOperations: TriggeredAnalyticsRuleRunOperations; + // (undocumented) + update: Update; + // (undocumented) watchlistItems: WatchlistItems; // (undocumented) watchlists: Watchlists; + // (undocumented) + workspaceManagerAssignmentJobs: WorkspaceManagerAssignmentJobs; + // (undocumented) + workspaceManagerAssignments: WorkspaceManagerAssignments; + // (undocumented) + workspaceManagerConfigurations: WorkspaceManagerConfigurations; + // (undocumented) + workspaceManagerGroups: WorkspaceManagerGroups; + // (undocumented) + workspaceManagerMembers: WorkspaceManagerMembers; } // @public @@ -4821,6 +5252,11 @@ export type SecurityMLAnalyticsSettingsListResponse = SecurityMLAnalyticsSetting // @public (undocumented) export type SecurityMLAnalyticsSettingUnion = SecurityMLAnalyticsSetting | AnomalySecurityMLAnalyticsSettings; +// @public +export interface SentinelEntityMapping { + columnName?: string; +} + // @public export interface SentinelOnboardingState extends ResourceWithEtag { customerManagedKey?: boolean; @@ -4971,10 +5407,16 @@ export type SourceKind = string; // @public export type SourceType = string; +// @public +export type State = string; + +// @public +export type Status = string; + // @public export interface SubmissionMailEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly friendlyName?: string; kind: "SubmissionMail"; @@ -5175,7 +5617,7 @@ export type ThreatIntelligenceIndicatorMetricsListResponse = ThreatIntelligenceM // @public export interface ThreatIntelligenceIndicatorModel extends ThreatIntelligenceInformation { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; confidence?: number; created?: string; @@ -5457,6 +5899,39 @@ export interface TiTaxiiDataConnectorProperties extends DataConnectorTenantId { workspaceId?: string; } +// @public +export interface TriggeredAnalyticsRuleRun extends ResourceWithEtag { + // (undocumented) + executionTimeUtc: Date; + provisioningState: ProvisioningState; + // (undocumented) + ruleId: string; + ruleRunAdditionalData?: { + [propertyName: string]: any; + }; + // (undocumented) + triggeredAnalyticsRuleRunId: string; +} + +// @public +export interface TriggeredAnalyticsRuleRunGetOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type TriggeredAnalyticsRuleRunGetResponse = TriggeredAnalyticsRuleRun; + +// @public +export interface TriggeredAnalyticsRuleRunOperations { + get(resourceGroupName: string, workspaceName: string, ruleRunId: string, options?: TriggeredAnalyticsRuleRunGetOptionalParams): Promise; +} + +// @public +export interface TriggeredAnalyticsRuleRuns { + readonly nextLink?: string; + // (undocumented) + value: TriggeredAnalyticsRuleRun[]; +} + // @public export type TriggerOperator = "GreaterThan" | "LessThan" | "Equal" | "NotEqual"; @@ -5475,10 +5950,25 @@ export interface Ueba extends Settings { // @public export type UebaDataSources = string; +// @public +export interface Update { + beginRecommendation(resourceGroupName: string, workspaceName: string, recommendationId: string, recommendationPatch: RecommendationPatch[], options?: UpdateRecommendationOptionalParams): Promise, UpdateRecommendationResponse>>; + beginRecommendationAndWait(resourceGroupName: string, workspaceName: string, recommendationId: string, recommendationPatch: RecommendationPatch[], options?: UpdateRecommendationOptionalParams): Promise; +} + +// @public +export interface UpdateRecommendationOptionalParams extends coreClient.OperationOptions { + resumeFrom?: string; + updateIntervalInMs?: number; +} + +// @public +export type UpdateRecommendationResponse = Recommendation; + // @public export interface UrlEntity extends Entity { readonly additionalData?: { - [propertyName: string]: Record; + [propertyName: string]: any; }; readonly friendlyName?: string; kind: "Url"; @@ -5664,6 +6154,271 @@ export interface Webhook { webhookUrl?: string; } +// @public +export interface WorkspaceManagerAssignment extends AzureEntityResource { + items?: AssignmentItem[]; + readonly lastJobEndTime?: Date; + readonly lastJobProvisioningState?: ProvisioningState; + targetResourceName?: string; +} + +// @public +export interface WorkspaceManagerAssignmentJobs { + create(resourceGroupName: string, workspaceName: string, workspaceManagerAssignmentName: string, options?: WorkspaceManagerAssignmentJobsCreateOptionalParams): Promise; + delete(resourceGroupName: string, workspaceName: string, workspaceManagerAssignmentName: string, jobName: string, options?: WorkspaceManagerAssignmentJobsDeleteOptionalParams): Promise; + get(resourceGroupName: string, workspaceName: string, workspaceManagerAssignmentName: string, jobName: string, options?: WorkspaceManagerAssignmentJobsGetOptionalParams): Promise; + list(resourceGroupName: string, workspaceName: string, workspaceManagerAssignmentName: string, options?: WorkspaceManagerAssignmentJobsListOptionalParams): PagedAsyncIterableIterator; +} + +// @public +export interface WorkspaceManagerAssignmentJobsCreateOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerAssignmentJobsCreateResponse = Job; + +// @public +export interface WorkspaceManagerAssignmentJobsDeleteOptionalParams extends coreClient.OperationOptions { +} + +// @public +export interface WorkspaceManagerAssignmentJobsGetOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerAssignmentJobsGetResponse = Job; + +// @public +export interface WorkspaceManagerAssignmentJobsListNextOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerAssignmentJobsListNextResponse = JobList; + +// @public +export interface WorkspaceManagerAssignmentJobsListOptionalParams extends coreClient.OperationOptions { + orderby?: string; + skipToken?: string; + top?: number; +} + +// @public +export type WorkspaceManagerAssignmentJobsListResponse = JobList; + +// @public +export interface WorkspaceManagerAssignmentList { + readonly nextLink?: string; + value: WorkspaceManagerAssignment[]; +} + +// @public +export interface WorkspaceManagerAssignments { + createOrUpdate(resourceGroupName: string, workspaceName: string, workspaceManagerAssignmentName: string, workspaceManagerAssignment: WorkspaceManagerAssignment, options?: WorkspaceManagerAssignmentsCreateOrUpdateOptionalParams): Promise; + delete(resourceGroupName: string, workspaceName: string, workspaceManagerAssignmentName: string, options?: WorkspaceManagerAssignmentsDeleteOptionalParams): Promise; + get(resourceGroupName: string, workspaceName: string, workspaceManagerAssignmentName: string, options?: WorkspaceManagerAssignmentsGetOptionalParams): Promise; + list(resourceGroupName: string, workspaceName: string, options?: WorkspaceManagerAssignmentsListOptionalParams): PagedAsyncIterableIterator; +} + +// @public +export interface WorkspaceManagerAssignmentsCreateOrUpdateOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerAssignmentsCreateOrUpdateResponse = WorkspaceManagerAssignment; + +// @public +export interface WorkspaceManagerAssignmentsDeleteOptionalParams extends coreClient.OperationOptions { +} + +// @public +export interface WorkspaceManagerAssignmentsGetOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerAssignmentsGetResponse = WorkspaceManagerAssignment; + +// @public +export interface WorkspaceManagerAssignmentsListNextOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerAssignmentsListNextResponse = WorkspaceManagerAssignmentList; + +// @public +export interface WorkspaceManagerAssignmentsListOptionalParams extends coreClient.OperationOptions { + orderby?: string; + skipToken?: string; + top?: number; +} + +// @public +export type WorkspaceManagerAssignmentsListResponse = WorkspaceManagerAssignmentList; + +// @public +export interface WorkspaceManagerConfiguration extends AzureEntityResource { + mode?: Mode; +} + +// @public +export interface WorkspaceManagerConfigurationList { + readonly nextLink?: string; + value: WorkspaceManagerConfiguration[]; +} + +// @public +export interface WorkspaceManagerConfigurations { + createOrUpdate(resourceGroupName: string, workspaceName: string, workspaceManagerConfigurationName: string, workspaceManagerConfiguration: WorkspaceManagerConfiguration, options?: WorkspaceManagerConfigurationsCreateOrUpdateOptionalParams): Promise; + delete(resourceGroupName: string, workspaceName: string, workspaceManagerConfigurationName: string, options?: WorkspaceManagerConfigurationsDeleteOptionalParams): Promise; + get(resourceGroupName: string, workspaceName: string, workspaceManagerConfigurationName: string, options?: WorkspaceManagerConfigurationsGetOptionalParams): Promise; + list(resourceGroupName: string, workspaceName: string, options?: WorkspaceManagerConfigurationsListOptionalParams): PagedAsyncIterableIterator; +} + +// @public +export interface WorkspaceManagerConfigurationsCreateOrUpdateOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerConfigurationsCreateOrUpdateResponse = WorkspaceManagerConfiguration; + +// @public +export interface WorkspaceManagerConfigurationsDeleteOptionalParams extends coreClient.OperationOptions { +} + +// @public +export interface WorkspaceManagerConfigurationsGetOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerConfigurationsGetResponse = WorkspaceManagerConfiguration; + +// @public +export interface WorkspaceManagerConfigurationsListNextOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerConfigurationsListNextResponse = WorkspaceManagerConfigurationList; + +// @public +export interface WorkspaceManagerConfigurationsListOptionalParams extends coreClient.OperationOptions { + orderby?: string; + skipToken?: string; + top?: number; +} + +// @public +export type WorkspaceManagerConfigurationsListResponse = WorkspaceManagerConfigurationList; + +// @public +export interface WorkspaceManagerGroup extends AzureEntityResource { + description?: string; + displayName?: string; + memberResourceNames?: string[]; +} + +// @public +export interface WorkspaceManagerGroupList { + readonly nextLink?: string; + value: WorkspaceManagerGroup[]; +} + +// @public +export interface WorkspaceManagerGroups { + createOrUpdate(resourceGroupName: string, workspaceName: string, workspaceManagerGroupName: string, workspaceManagerGroup: WorkspaceManagerGroup, options?: WorkspaceManagerGroupsCreateOrUpdateOptionalParams): Promise; + delete(resourceGroupName: string, workspaceName: string, workspaceManagerGroupName: string, options?: WorkspaceManagerGroupsDeleteOptionalParams): Promise; + get(resourceGroupName: string, workspaceName: string, workspaceManagerGroupName: string, options?: WorkspaceManagerGroupsGetOptionalParams): Promise; + list(resourceGroupName: string, workspaceName: string, options?: WorkspaceManagerGroupsListOptionalParams): PagedAsyncIterableIterator; +} + +// @public +export interface WorkspaceManagerGroupsCreateOrUpdateOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerGroupsCreateOrUpdateResponse = WorkspaceManagerGroup; + +// @public +export interface WorkspaceManagerGroupsDeleteOptionalParams extends coreClient.OperationOptions { +} + +// @public +export interface WorkspaceManagerGroupsGetOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerGroupsGetResponse = WorkspaceManagerGroup; + +// @public +export interface WorkspaceManagerGroupsListNextOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerGroupsListNextResponse = WorkspaceManagerGroupList; + +// @public +export interface WorkspaceManagerGroupsListOptionalParams extends coreClient.OperationOptions { + orderby?: string; + skipToken?: string; + top?: number; +} + +// @public +export type WorkspaceManagerGroupsListResponse = WorkspaceManagerGroupList; + +// @public +export interface WorkspaceManagerMember extends AzureEntityResource { + targetWorkspaceId?: string; + targetWorkspaceTenantId?: string; +} + +// @public +export interface WorkspaceManagerMembers { + createOrUpdate(resourceGroupName: string, workspaceName: string, workspaceManagerMemberName: string, workspaceManagerMember: WorkspaceManagerMember, options?: WorkspaceManagerMembersCreateOrUpdateOptionalParams): Promise; + delete(resourceGroupName: string, workspaceName: string, workspaceManagerMemberName: string, options?: WorkspaceManagerMembersDeleteOptionalParams): Promise; + get(resourceGroupName: string, workspaceName: string, workspaceManagerMemberName: string, options?: WorkspaceManagerMembersGetOptionalParams): Promise; + list(resourceGroupName: string, workspaceName: string, options?: WorkspaceManagerMembersListOptionalParams): PagedAsyncIterableIterator; +} + +// @public +export interface WorkspaceManagerMembersCreateOrUpdateOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerMembersCreateOrUpdateResponse = WorkspaceManagerMember; + +// @public +export interface WorkspaceManagerMembersDeleteOptionalParams extends coreClient.OperationOptions { +} + +// @public +export interface WorkspaceManagerMembersGetOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerMembersGetResponse = WorkspaceManagerMember; + +// @public +export interface WorkspaceManagerMembersList { + readonly nextLink?: string; + value: WorkspaceManagerMember[]; +} + +// @public +export interface WorkspaceManagerMembersListNextOptionalParams extends coreClient.OperationOptions { +} + +// @public +export type WorkspaceManagerMembersListNextResponse = WorkspaceManagerMembersList; + +// @public +export interface WorkspaceManagerMembersListOptionalParams extends coreClient.OperationOptions { + orderby?: string; + skipToken?: string; + top?: number; +} + +// @public +export type WorkspaceManagerMembersListResponse = WorkspaceManagerMembersList; + // (No @packageDocumentation comment for this package) ``` diff --git a/sdk/securityinsight/arm-securityinsight/src/lroImpl.ts b/sdk/securityinsight/arm-securityinsight/src/lroImpl.ts index 518d5f053b4e..dd803cd5e28c 100644 --- a/sdk/securityinsight/arm-securityinsight/src/lroImpl.ts +++ b/sdk/securityinsight/arm-securityinsight/src/lroImpl.ts @@ -6,29 +6,37 @@ * Changes may cause incorrect behavior and will be lost if the code is regenerated. */ +// Copyright (c) Microsoft Corporation. +// Licensed under the MIT license. + +import { AbortSignalLike } from "@azure/abort-controller"; import { LongRunningOperation, LroResponse } from "@azure/core-lro"; -export class LroImpl implements LongRunningOperation { - constructor( - private sendOperationFn: (args: any, spec: any) => Promise>, - private args: Record, - private spec: { - readonly requestBody?: unknown; - readonly path?: string; - readonly httpMethod: string; - } & Record, - public requestPath: string = spec.path!, - public requestMethod: string = spec.httpMethod - ) {} - public async sendInitialRequest(): Promise> { - return this.sendOperationFn(this.args, this.spec); - } - public async sendPollRequest(path: string): Promise> { - const { requestBody, ...restSpec } = this.spec; - return this.sendOperationFn(this.args, { - ...restSpec, - path, - httpMethod: "GET" - }); - } +export function createLroSpec(inputs: { + sendOperationFn: (args: any, spec: any) => Promise>; + args: Record; + spec: { + readonly requestBody?: unknown; + readonly path?: string; + readonly httpMethod: string; + } & Record; +}): LongRunningOperation { + const { args, spec, sendOperationFn } = inputs; + return { + requestMethod: spec.httpMethod, + requestPath: spec.path!, + sendInitialRequest: () => sendOperationFn(args, spec), + sendPollRequest: ( + path: string, + options?: { abortSignal?: AbortSignalLike } + ) => { + const { requestBody, ...restSpec } = spec; + return sendOperationFn(args, { + ...restSpec, + httpMethod: "GET", + path, + abortSignal: options?.abortSignal + }); + } + }; } diff --git a/sdk/securityinsight/arm-securityinsight/src/models/index.ts b/sdk/securityinsight/arm-securityinsight/src/models/index.ts index ce2c0ea1f1ab..8a08e4dfb978 100644 --- a/sdk/securityinsight/arm-securityinsight/src/models/index.ts +++ b/sdk/securityinsight/arm-securityinsight/src/models/index.ts @@ -17,6 +17,7 @@ export type AutomationRuleConditionUnion = | PropertyConditionProperties; export type AutomationRuleActionUnion = | AutomationRuleAction + | AutomationRuleAddIncidentTaskAction | AutomationRuleModifyPropertiesAction | AutomationRuleRunPlaybookAction; export type EntityTimelineItemUnion = @@ -40,6 +41,7 @@ export type DataConnectorsCheckRequirementsUnion = | MtpCheckRequirements | OfficeATPCheckRequirements | OfficeIRMCheckRequirements + | MicrosoftPurviewInformationProtectionCheckRequirements | Office365ProjectCheckRequirements | OfficePowerBICheckRequirements | TICheckRequirements @@ -119,6 +121,7 @@ export type DataConnectorUnion = | McasDataConnector | Dynamics365DataConnector | OfficeATPDataConnector + | MicrosoftPurviewInformationProtectionDataConnector | Office365ProjectDataConnector | OfficePowerBIDataConnector | OfficeIRMDataConnector @@ -255,7 +258,7 @@ export interface AutomationRuleCondition { /** Describes an automation rule action. */ export interface AutomationRuleAction { /** Polymorphic discriminator, which specifies the different types this object can be */ - actionType: "ModifyProperties" | "RunPlaybook"; + actionType: "AddIncidentTask" | "ModifyProperties" | "RunPlaybook"; order: number; } @@ -276,6 +279,16 @@ export interface AutomationRulesList { nextLink?: string; } +/** Describes the request body for triggering a playbook on an entity. */ +export interface EntityManualTriggerRequestBody { + /** Incident ARM id. */ + incidentArmId?: string; + /** The tenant id of the playbook resource. */ + tenantId?: string; + /** The resource id of the playbook resource. */ + logicAppsResourceId: string; +} + export interface ManualTriggerRequestBody { tenantId?: string; logicAppsResourceId: string; @@ -380,7 +393,7 @@ export interface ExpansionResultAggregation { /** The display name of the aggregation by type. */ displayName?: string; /** The kind of the aggregated entity. */ - entityKind: EntityKind; + entityKind: EntityKindEnum; } /** The expansion result values. */ @@ -559,7 +572,7 @@ export interface EntityEdges { /** The target entity Id. */ targetEntityId?: string; /** A bag of custom fields that should be part of the entity and will be presented to the user. */ - additionalData?: { [propertyName: string]: Record }; + additionalData?: { [propertyName: string]: any }; } /** The parameters required to execute s timeline operation on the given entity. */ @@ -776,13 +789,37 @@ export interface ValidationError { /** List all the incidents. */ export interface IncidentList { + value: Incident[]; /** * URL to fetch the next set of incidents. * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly nextLink?: string; - /** Array of incidents. */ - value: Incident[]; +} + +/** Information on the user an incident is assigned to */ +export interface IncidentOwnerInfo { + /** The email of the user the incident is assigned to. */ + email?: string; + /** The name of the user the incident is assigned to. */ + assignedTo?: string; + /** The object id of the user the incident is assigned to. */ + objectId?: string; + /** The user principal name of the user the incident is assigned to. */ + userPrincipalName?: string; + /** The type of the owner the incident is assigned to. */ + ownerType?: OwnerType; +} + +/** Represents an incident label */ +export interface IncidentLabel { + /** The name of the label */ + labelName: string; + /** + * The type of the label + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly labelType?: IncidentLabelType; } /** Incident additional data property bag. */ @@ -807,46 +844,21 @@ export interface IncidentAdditionalData { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly alertProductNames?: string[]; - /** - * The provider incident url to the incident in Microsoft 365 Defender portal - * NOTE: This property will not be serialized. It can only be populated by the server. - */ - readonly providerIncidentUrl?: string; /** * The tactics associated with incident * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly tactics?: AttackTactic[]; /** - * The techniques associated with incident's tactics' + * The techniques associated with incident's tactics * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly techniques?: string[]; -} - -/** Represents an incident label */ -export interface IncidentLabel { - /** The name of the label */ - labelName: string; /** - * The type of the label + * The provider incident url to the incident in Microsoft 365 Defender portal * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly labelType?: IncidentLabelType; -} - -/** Information on the user an incident is assigned to */ -export interface IncidentOwnerInfo { - /** The email of the user the incident is assigned to. */ - email?: string; - /** The name of the user the incident is assigned to. */ - assignedTo?: string; - /** The object id of the user the incident is assigned to. */ - objectId?: string; - /** The user principal name of the user the incident is assigned to. */ - userPrincipalName?: string; - /** The type of the owner the incident is assigned to. */ - ownerType?: OwnerType; + readonly providerIncidentUrl?: string; } /** Describes team information */ @@ -878,18 +890,6 @@ export interface TeamInformation { readonly description?: string; } -/** Describes team properties */ -export interface TeamProperties { - /** The name of the team */ - teamName: string; - /** The description of the team */ - teamDescription?: string; - /** List of member IDs to add to the team */ - memberIds?: string[]; - /** List of group IDs to add their members to the team */ - groupIds?: string[]; -} - /** List of incident alerts. */ export interface IncidentAlertList { /** Array of incident alerts. */ @@ -916,7 +916,7 @@ export interface EntityCommonProperties { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -930,15 +930,10 @@ export interface IncidentBookmarkList { value: HuntingBookmark[]; } -/** List of incident comments. */ export interface IncidentCommentList { - /** - * URL to fetch the next set of comments. - * NOTE: This property will not be serialized. It can only be populated by the server. - */ - readonly nextLink?: string; - /** Array of comments. */ value: IncidentComment[]; + /** NOTE: This property will not be serialized. It can only be populated by the server. */ + readonly nextLink?: string; } /** The incident related entities response. */ @@ -951,10 +946,15 @@ export interface IncidentEntitiesResponse { /** Information of a specific aggregation in the incident related entities result. */ export interface IncidentEntitiesResultsMetadata { + /** The kind of the aggregated entity. */ + entityKind: EntityKindEnum; /** Total number of aggregations of the given kind in the incident related entities result. */ count: number; - /** The kind of the aggregated entity. */ - entityKind: EntityKind; +} + +export interface IncidentTaskList { + value?: IncidentTask[]; + nextLink?: string; } /** List of all the metadata. */ @@ -1005,7 +1005,7 @@ export interface MetadataDependencies { /** Id of the content item we depend on */ contentId?: string; /** Type of the content item we depend on */ - kind?: Kind; + kind?: string; /** Version of the the content item we depend on. Can be blank, * or missing to indicate any version fulfills the dependency. If version does not match our defined numeric format then an exact match is required. */ version?: string; /** Name of the content item */ @@ -1041,6 +1041,90 @@ export interface SentinelOnboardingStatesList { value: SentinelOnboardingState[]; } +/** A list of recommendations */ +export interface RecommendationList { + /** An list of recommendations */ + value?: Recommendation[]; +} + +/** Recommendation object. */ +export interface Recommendation { + /** id of recommendation. */ + id: string; + /** Instructions of the recommendation. */ + instructions: Instructions; + /** Content of the recommendation. */ + content?: Content; + /** Id of the resource this recommendation refers to. */ + resourceId?: string; + /** Collection of additional properties for the recommendation. */ + additionalProperties?: { [propertyName: string]: string }; + /** Title of the recommendation. */ + title: string; + /** Description of the recommendation. */ + description: string; + /** Title of the recommendation type. */ + recommendationTypeTitle: string; + /** Id of the recommendation type. */ + recommendationTypeId: string; + /** Category of the recommendation. */ + category: Category; + /** Context of the recommendation. */ + context: Context; + /** Id of the workspace this recommendation refers to. */ + workspaceId: string; + /** List of actions to take for this recommendation. */ + actions: RecommendedAction[]; + /** State of the recommendation. */ + state: State; + /** Priority of the recommendation. */ + priority: Priority; + /** The time stamp (UTC) when the recommendation was last evaluated. */ + lastEvaluatedTimeUtc: Date; + /** The time stamp (UTC) when the recommendation should be displayed again. */ + hideUntilTimeUtc?: Date; + /** The timestamp (UTC) after which the recommendation should not be displayed anymore. */ + displayUntilTimeUtc?: Date; + /** Value indicating if the recommendation should be displayed or not. */ + visible?: boolean; +} + +/** Instructions section of a recommendation. */ +export interface Instructions { + /** What actions should be taken to complete the recommendation. */ + actionsToBePerformed: string; + /** Explains why the recommendation is important. */ + recommendationImportance: string; + /** How should the user complete the recommendation. */ + howToPerformActionDetails?: string; +} + +/** Content section of the recommendation. */ +export interface Content { + /** Title of the content. */ + title: string; + /** Description of the content. */ + description: string; +} + +/** What actions should be taken to complete the recommendation. */ +export interface RecommendedAction { + /** Text of the link to complete the action. */ + linkText: string; + /** The Link to complete the action. */ + linkUrl: string; + /** The state of the action. */ + state?: Priority; +} + +/** Recommendation Fields to update. */ +export interface RecommendationPatch { + /** State of the recommendation. */ + state?: State; + /** The time stamp (UTC) when the recommendation should be displayed again. */ + hideUntilTimeUtc?: Date; +} + /** List all the SecurityMLAnalyticsSettings */ export interface SecurityMLAnalyticsSettingsList { /** @@ -1307,6 +1391,18 @@ export interface ThreatIntelligenceAppendTags { threatIntelligenceTags?: string[]; } +/** The triggered analytics rule run array */ +export interface TriggeredAnalyticsRuleRuns { + value: TriggeredAnalyticsRuleRun[]; + /** NOTE: This property will not be serialized. It can only be populated by the server. */ + readonly nextLink?: string; +} + +/** Analytics Rule Run Trigger request */ +export interface AnalyticsRuleRunTrigger { + executionTimeUtc: Date; +} + /** List all the watchlists. */ export interface WatchlistList { /** @@ -1329,6 +1425,142 @@ export interface WatchlistItemList { value: WatchlistItem[]; } +/** List of all the workspace manager groups. */ +export interface WorkspaceManagerGroupList { + /** + * URL to fetch the next set of workspace manager groups. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly nextLink?: string; + /** Array of workspace manager groups. */ + value: WorkspaceManagerGroup[]; +} + +/** Common error response for all Azure Resource Manager APIs to return error details for failed operations. (This also follows the OData error response format.). */ +export interface ErrorResponse { + /** The error object. */ + error?: ErrorDetail; +} + +/** The error detail. */ +export interface ErrorDetail { + /** + * The error code. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly code?: string; + /** + * The error message. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly message?: string; + /** + * The error target. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly target?: string; + /** + * The error details. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly details?: ErrorDetail[]; + /** + * The error additional info. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly additionalInfo?: ErrorAdditionalInfo[]; +} + +/** The resource management error additional info. */ +export interface ErrorAdditionalInfo { + /** + * The additional info type. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly type?: string; + /** + * The additional info. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly info?: Record; +} + +/** List of all the workspace manager assignments. */ +export interface WorkspaceManagerAssignmentList { + /** + * URL to fetch the next set of workspace manager assignments. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly nextLink?: string; + /** Array of workspace manager assignments. */ + value: WorkspaceManagerAssignment[]; +} + +/** An entity describing a content item. */ +export interface AssignmentItem { + /** The resource id of the content item */ + resourceId?: string; +} + +/** List of all the jobs */ +export interface JobList { + /** + * URL to fetch the next set of jobs. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly nextLink?: string; + /** Array of jobs. */ + value: Job[]; +} + +/** An entity describing the publish status of a content item. */ +export interface JobItem { + /** The resource id of the content item */ + resourceId?: string; + /** + * Status of the item publication + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly status?: Status; + /** + * The time the item publishing was completed + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly executionTime?: Date; + /** The list of error descriptions if the item publication fails. */ + errors?: ErrorModel[]; +} + +/** The error description for why a publication failed */ +export interface ErrorModel { + /** The member resource name for which the publication error occured */ + memberResourceName: string; + /** The error message */ + errorMessage: string; +} + +/** List all the workspace manager configurations for the workspace. */ +export interface WorkspaceManagerConfigurationList { + /** + * URL to fetch the next set of workspace manager configurations. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly nextLink?: string; + /** Array of workspace manager configurations. */ + value: WorkspaceManagerConfiguration[]; +} + +/** List of workspace manager members */ +export interface WorkspaceManagerMembersList { + /** + * URL to fetch the next set of workspace manager members + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly nextLink?: string; + /** Array of workspace manager members */ + value: WorkspaceManagerMember[]; +} + /** List all the data connectors. */ export interface DataConnectorList { /** @@ -1381,6 +1613,7 @@ export interface DataConnectorsCheckRequirements { | "MicrosoftThreatProtection" | "OfficeATP" | "OfficeIRM" + | "MicrosoftPurviewInformationProtection" | "Office365Project" | "OfficePowerBI" | "ThreatIntelligence" @@ -1479,6 +1712,8 @@ export interface QueryBasedAlertRuleTemplateProperties { alertDetailsOverride?: AlertDetailsOverride; /** The event grouping settings. */ eventGroupingSettings?: EventGroupingSettings; + /** Array of the sentinel entity mappings of the alert rule */ + sentinelEntitiesMappings?: SentinelEntityMapping[]; } /** Single entity mapping for the alert rule */ @@ -1507,6 +1742,16 @@ export interface AlertDetailsOverride { alertTacticsColumnName?: string; /** the column name to take the alert severity from */ alertSeverityColumnName?: string; + /** List of additional dynamic properties to override */ + alertDynamicProperties?: AlertPropertyMapping[]; +} + +/** A single alert property mapping to override */ +export interface AlertPropertyMapping { + /** The V3 alert property */ + alertProperty?: AlertProperty; + /** the column name to use to override this property */ + value?: string; } /** Event grouping settings property bag. */ @@ -1515,6 +1760,12 @@ export interface EventGroupingSettings { aggregationKind?: EventGroupingAggregationKind; } +/** A single sentinel entity mapping */ +export interface SentinelEntityMapping { + /** the column name to be mapped to the SentinelEntities */ + columnName?: string; +} + /** Represents a supported source signal configuration in Fusion detection. */ export interface FusionSourceSettings { /** Determines whether this source signal is enabled or disabled in Fusion detection. */ @@ -1656,6 +1907,15 @@ export interface ScheduledAlertRuleCommonProperties { entityMappings?: EntityMapping[]; /** The alert details override settings */ alertDetailsOverride?: AlertDetailsOverride; + /** Array of the sentinel entity mappings of the alert rule */ + sentinelEntitiesMappings?: SentinelEntityMapping[]; +} + +export interface AddIncidentTaskActionProperties { + /** The title of the task. */ + title: string; + /** The description of the task. */ + description?: string; } export interface AutomationRuleBooleanCondition { @@ -1707,7 +1967,7 @@ export interface AutomationRulePropertyValuesCondition { export interface PlaybookActionProperties { /** The resource id of the playbook resource. */ - logicAppResourceId?: string; + logicAppResourceId: string; /** The tenant id of the playbook resource. */ tenantId?: string; } @@ -1806,6 +2066,18 @@ export interface DataTypeDefinitions { dataType?: string; } +/** Describes team properties */ +export interface TeamProperties { + /** The name of the team */ + teamName: string; + /** The description of the team */ + teamDescription?: string; + /** List of group IDs to add their members to the team */ + groupIds?: string[]; + /** List of member IDs to add to the team */ + memberIds?: string[]; +} + /** security ml analytics settings data sources */ export interface SecurityMLAnalyticsSettingsDataSource { /** The connector id that provides the following data types */ @@ -1840,16 +2112,22 @@ export interface DataConnectorDataTypeCommon { /** The available data types for Microsoft Threat Intelligence Platforms data connector. */ export interface MstiDataConnectorDataTypes { - /** Data type for Microsoft Threat Intelligence Platforms data connector. */ - bingSafetyPhishingURL: MstiDataConnectorDataTypesBingSafetyPhishingURL; /** Data type for Microsoft Threat Intelligence Platforms data connector. */ microsoftEmergingThreatFeed: MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed; } /** The available data types for Microsoft Threat Protection Platforms data connector. */ export interface MTPDataConnectorDataTypes { - /** Data type for Microsoft Threat Protection Platforms data connector. */ + /** Incidents data type for Microsoft Threat Protection Platforms data connector. */ incidents: MTPDataConnectorDataTypesIncidents; + /** Alerts data type for Microsoft Threat Protection Platforms data connector. */ + alerts?: MTPDataConnectorDataTypesAlerts; +} + +/** Represents the connector's Filtered providers */ +export interface MtpFilteredProviders { + /** Alerts filtered providers. When filters are not applied, all alerts will stream through the MTP pipeline, still in private preview for all products EXCEPT MDA and MDI, which are in GA state. */ + alerts: MtpProvider[]; } /** The available data types for Amazon Web Services CloudTrail data connector. */ @@ -1870,6 +2148,12 @@ export interface Dynamics365DataConnectorDataTypes { dynamics365CdsActivities: Dynamics365DataConnectorDataTypesDynamics365CdsActivities; } +/** The available data types for Microsoft Purview Information Protection data connector. */ +export interface MicrosoftPurviewInformationProtectionConnectorDataTypes { + /** Logs data type. */ + logs: MicrosoftPurviewInformationProtectionConnectorDataTypesLogs; +} + /** The available data types for Office Microsoft Project data connector. */ export interface Office365ProjectConnectorDataTypes { /** Logs data type. */ @@ -2228,7 +2512,7 @@ export interface AlertRuleTemplate extends Resource { /** Specific entity. */ export interface Entity extends Resource { /** The kind of the entity. */ - kind: EntityKind; + kind: EntityKindEnum; } /** Specific entity query template. */ @@ -2302,6 +2586,15 @@ export interface OfficeConsent extends Resource { consentId?: string; } +/** The resource model definition for an Azure Resource Manager resource with an etag. */ +export interface AzureEntityResource extends Resource { + /** + * Resource Etag. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly etag?: string; +} + /** Action property bag. */ export interface ActionResponseProperties extends ActionPropertiesBase { /** The name of the logic app's workflow. */ @@ -2352,6 +2645,14 @@ export interface PropertyConditionProperties extends AutomationRuleCondition { conditionProperties?: AutomationRulePropertyValuesCondition; } +/** Describes an automation rule action to add a task to an incident */ +export interface AutomationRuleAddIncidentTaskAction + extends AutomationRuleAction { + /** Polymorphic discriminator, which specifies the different types this object can be */ + actionType: "AddIncidentTask"; + actionConfiguration?: AddIncidentTaskActionProperties; +} + /** Describes an automation rule action to modify an object's properties */ export interface AutomationRuleModifyPropertiesAction extends AutomationRuleAction { @@ -2459,6 +2760,13 @@ export interface SecurityAlertTimelineItem extends EntityTimelineItem { timeGenerated: Date; /** The name of the alert type. */ alertType: string; + /** + * The intent of the alert. + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly intent?: KillChainIntent; + /** The techniques of the alert. */ + techniques?: string[]; } /** Represents Insight Query. */ @@ -3465,7 +3773,7 @@ export interface NicEntityProperties extends EntityCommonProperties { readonly vlans?: string[]; } -/** Represents AAD (Azure Active Directory) requirements check request. */ +/** Represents AADIP (Azure Active Directory Identity Protection) requirements check request. */ export interface AADCheckRequirements extends DataConnectorsCheckRequirements { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "AzureActiveDirectory"; @@ -3563,6 +3871,15 @@ export interface OfficeIRMCheckRequirements tenantId?: string; } +/** Represents MicrosoftPurviewInformationProtection requirements check request. */ +export interface MicrosoftPurviewInformationProtectionCheckRequirements + extends DataConnectorsCheckRequirements { + /** Polymorphic discriminator, which specifies the different types this object can be */ + kind: "MicrosoftPurviewInformationProtection"; + /** The tenant id to connect to, and get the data from. */ + tenantId?: string; +} + /** Represents Office365 Project requirements check request. */ export interface Office365ProjectCheckRequirements extends DataConnectorsCheckRequirements { @@ -3701,7 +4018,7 @@ export interface InsightQueryItemProperties extends EntityQueryItemProperties { referenceTimeRange?: InsightQueryItemPropertiesReferenceTimeRange; } -/** AAD (Azure Active Directory) requirements check properties. */ +/** AADIP (Azure Active Directory Identity Protection) requirements check properties. */ export interface AADCheckRequirementsProperties extends DataConnectorTenantId {} /** AATP (Azure Advanced Threat Protection) requirements check properties. */ @@ -3735,6 +4052,10 @@ export interface OfficeATPCheckRequirementsProperties export interface OfficeIRMCheckRequirementsProperties extends DataConnectorTenantId {} +/** MicrosoftPurviewInformationProtection requirements check properties. */ +export interface MicrosoftPurviewInformationProtectionCheckRequirementsProperties + extends DataConnectorTenantId {} + /** Office365 Project requirements check properties. */ export interface Office365ProjectCheckRequirementsProperties extends DataConnectorTenantId {} @@ -3750,7 +4071,7 @@ export interface TICheckRequirementsProperties extends DataConnectorTenantId {} export interface TiTaxiiCheckRequirementsProperties extends DataConnectorTenantId {} -/** AAD (Azure Active Directory) data connector properties. */ +/** AADIP (Azure Active Directory Identity Protection) data connector properties. */ export interface AADDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties {} @@ -3765,6 +4086,8 @@ export interface MstiDataConnectorProperties extends DataConnectorTenantId { export interface MTPDataConnectorProperties extends DataConnectorTenantId { /** The available data types for the connector. */ dataTypes: MTPDataConnectorDataTypes; + /** The available filtered providers for the connector. */ + filteredProviders?: MtpFilteredProviders; } /** AATP (Azure Advanced Threat Protection) data connector properties. */ @@ -3790,6 +4113,13 @@ export interface OfficeATPDataConnectorProperties extends DataConnectorTenantId, DataConnectorWithAlertsProperties {} +/** Microsoft Purview Information Protection data connector properties. */ +export interface MicrosoftPurviewInformationProtectionDataConnectorProperties + extends DataConnectorTenantId { + /** The available data types for the connector. */ + dataTypes: MicrosoftPurviewInformationProtectionConnectorDataTypes; +} + /** Office Microsoft Project data connector properties. */ export interface Office365ProjectDataConnectorProperties extends DataConnectorTenantId { @@ -3871,24 +4201,21 @@ export interface McasDataConnectorDataTypes discoveryLogs?: DataConnectorDataTypeCommon; } -/** Data type for Microsoft Threat Intelligence Platforms data connector. */ -export interface MstiDataConnectorDataTypesBingSafetyPhishingURL - extends DataConnectorDataTypeCommon { - /** lookback period */ - lookbackPeriod: string; -} - /** Data type for Microsoft Threat Intelligence Platforms data connector. */ export interface MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed extends DataConnectorDataTypeCommon { - /** lookback period */ + /** The lookback period for the feed to be imported. */ lookbackPeriod: string; } -/** Data type for Microsoft Threat Protection Platforms data connector. */ +/** Incidents data type for Microsoft Threat Protection Platforms data connector. */ export interface MTPDataConnectorDataTypesIncidents extends DataConnectorDataTypeCommon {} +/** Alerts data type for Microsoft Threat Protection Platforms data connector. */ +export interface MTPDataConnectorDataTypesAlerts + extends DataConnectorDataTypeCommon {} + /** Logs data type. */ export interface AwsCloudTrailDataConnectorDataTypesLogs extends DataConnectorDataTypeCommon {} @@ -3901,6 +4228,10 @@ export interface AwsS3DataConnectorDataTypesLogs export interface Dynamics365DataConnectorDataTypesDynamics365CdsActivities extends DataConnectorDataTypeCommon {} +/** Logs data type. */ +export interface MicrosoftPurviewInformationProtectionConnectorDataTypesLogs + extends DataConnectorDataTypeCommon {} + /** Logs data type. */ export interface Office365ProjectConnectorDataTypesLogs extends DataConnectorDataTypeCommon {} @@ -4074,70 +4405,74 @@ export interface CustomEntityQuery extends ResourceWithEtag { kind: CustomEntityQueryKind; } -/** Represents an incident in Azure Security Insights. */ export interface Incident extends ResourceWithEtag { - /** - * Additional data on the incident - * NOTE: This property will not be serialized. It can only be populated by the server. - */ - readonly additionalData?: IncidentAdditionalData; + /** The title of the incident */ + title?: string; + /** The description of the incident */ + description?: string; + /** The severity of the incident */ + severity?: IncidentSeverity; + /** The status of the incident */ + status?: IncidentStatus; /** The reason the incident was closed */ classification?: IncidentClassification; - /** Describes the reason the incident was closed */ - classificationComment?: string; /** The classification reason the incident was closed with */ classificationReason?: IncidentClassificationReason; - /** - * The time the incident was created - * NOTE: This property will not be serialized. It can only be populated by the server. - */ - readonly createdTimeUtc?: Date; - /** The description of the incident */ - description?: string; + /** Describes the reason the incident was closed */ + classificationComment?: string; + /** Describes a user that the incident is assigned to */ + owner?: IncidentOwnerInfo; + /** List of labels relevant to this incident */ + labels?: IncidentLabel[]; /** The time of the first activity in the incident */ firstActivityTimeUtc?: Date; + /** The time of the last activity in the incident */ + lastActivityTimeUtc?: Date; /** - * The deep-link url to the incident in Azure portal + * The last time the incident was updated * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly incidentUrl?: string; + readonly lastModifiedTimeUtc?: Date; + /** + * The time the incident was created + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly createdTimeUtc?: Date; /** * A sequential number * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly incidentNumber?: number; - /** List of labels relevant to this incident */ - labels?: IncidentLabel[]; - /** The name of the source provider that generated the incident */ - providerName?: string; - /** The incident ID assigned by the incident provider */ - providerIncidentId?: string; - /** The time of the last activity in the incident */ - lastActivityTimeUtc?: Date; /** - * The last time the incident was updated + * Additional data on the incident * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly lastModifiedTimeUtc?: Date; - /** Describes a user that the incident is assigned to */ - owner?: IncidentOwnerInfo; + readonly additionalData?: IncidentAdditionalData; /** * List of resource ids of Analytic rules related to the incident * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly relatedAnalyticRuleIds?: string[]; - /** The severity of the incident */ - severity?: IncidentSeverity; - /** The status of the incident */ - status?: IncidentStatus; + /** + * The deep-link url to the incident in Azure portal + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly incidentUrl?: string; + /** The name of the source provider that generated the incident */ + providerName?: string; + /** + * The incident ID assigned by the incident provider + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly providerIncidentId?: string; /** Describes a team for the incident */ teamInformation?: TeamInformation; - /** The title of the incident */ - title?: string; } /** Represents an incident comment */ export interface IncidentComment extends ResourceWithEtag { + /** The comment message */ + message?: string; /** * The time the comment was created * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4148,8 +4483,6 @@ export interface IncidentComment extends ResourceWithEtag { * NOTE: This property will not be serialized. It can only be populated by the server. */ readonly lastModifiedTimeUtc?: Date; - /** The comment message */ - message?: string; /** * Describes the client that created the comment * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4157,6 +4490,28 @@ export interface IncidentComment extends ResourceWithEtag { readonly author?: ClientInfo; } +export interface IncidentTask extends ResourceWithEtag { + /** The title of the task */ + title: string; + /** The description of the task */ + description?: string; + status: IncidentTaskStatus; + /** + * The time the task was created + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly createdTimeUtc?: Date; + /** + * The last time the task was updated + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly lastModifiedTimeUtc?: Date; + /** Information on the client (user or application) that made some action */ + createdBy?: ClientInfo; + /** Information on the client (user or application) that made some action */ + lastModifiedBy?: ClientInfo; +} + /** Metadata resource definition. */ export interface MetadataModel extends ResourceWithEtag { /** Static ID for the content. Used to identify dependencies and content from solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic for user-created. This is the resource name */ @@ -4166,7 +4521,7 @@ export interface MetadataModel extends ResourceWithEtag { /** Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks */ version?: string; /** The kind of content the metadata is for. */ - kind?: Kind; + kind?: string; /** Source of the content. This is where/how it was created. */ source?: MetadataSource; /** The creator of the content item. */ @@ -4208,7 +4563,7 @@ export interface MetadataPatch extends ResourceWithEtag { /** Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks */ version?: string; /** The kind of content the metadata is for. */ - kind?: Kind; + kind?: string; /** Source of the content. This is where/how it was created. */ source?: MetadataSource; /** The creator of the content item. */ @@ -4287,6 +4642,17 @@ export interface ThreatIntelligenceInformation extends ResourceWithEtag { kind: ThreatIntelligenceResourceKindEnum; } +/** The triggered analytics rule run */ +export interface TriggeredAnalyticsRuleRun extends ResourceWithEtag { + executionTimeUtc: Date; + ruleId: string; + triggeredAnalyticsRuleRunId: string; + /** The triggered analytics rule run provisioning state */ + provisioningState: ProvisioningState; + /** Dictionary of */ + ruleRunAdditionalData?: { [propertyName: string]: any }; +} + /** Represents a Watchlist in Azure Security Insights. */ export interface Watchlist extends ResourceWithEtag { /** The id (a Guid) of the watchlist */ @@ -4357,6 +4723,32 @@ export interface WatchlistItem extends ResourceWithEtag { entityMapping?: { [propertyName: string]: any }; } +/** The assignment job */ +export interface Job extends ResourceWithEtag { + /** + * The time the job completed + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly endTime?: Date; + /** List of items published by the job */ + items?: JobItem[]; + /** + * State of the job + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly provisioningState?: ProvisioningState; + /** + * The time the job started + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly startTime?: Date; + /** + * Message to describe error, if an error exists + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly errorMessage?: string; +} + /** Data connector */ export interface DataConnector extends ResourceWithEtag { /** The data connector kind */ @@ -4547,6 +4939,8 @@ export interface ScheduledAlertRuleTemplate extends AlertRuleTemplate { entityMappings?: EntityMapping[]; /** The alert details override settings */ alertDetailsOverride?: AlertDetailsOverride; + /** Array of the sentinel entity mappings of the alert rule */ + sentinelEntitiesMappings?: SentinelEntityMapping[]; } /** Represents NRT alert rule template. */ @@ -4591,6 +4985,8 @@ export interface NrtAlertRuleTemplate extends AlertRuleTemplate { alertDetailsOverride?: AlertDetailsOverride; /** The event grouping settings. */ eventGroupingSettings?: EventGroupingSettings; + /** Array of the sentinel entity mappings of the alert rule */ + sentinelEntitiesMappings?: SentinelEntityMapping[]; } /** Represents a security alert entity. */ @@ -4601,7 +4997,7 @@ export interface SecurityAlert extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4739,7 +5135,7 @@ export interface HuntingBookmark extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4777,7 +5173,7 @@ export interface AccountEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4853,7 +5249,7 @@ export interface AzureResourceEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4879,7 +5275,7 @@ export interface CloudApplicationEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4910,7 +5306,7 @@ export interface DnsEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4946,7 +5342,7 @@ export interface FileEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -4982,7 +5378,7 @@ export interface FileHashEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5008,7 +5404,7 @@ export interface HostEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5066,7 +5462,7 @@ export interface IoTDeviceEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5219,7 +5615,7 @@ export interface IpEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5250,7 +5646,7 @@ export interface MailboxEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5286,7 +5682,7 @@ export interface MailClusterEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5377,7 +5773,7 @@ export interface MailMessageEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5494,7 +5890,7 @@ export interface MalwareEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5530,7 +5926,7 @@ export interface ProcessEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5588,7 +5984,7 @@ export interface RegistryKeyEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5614,7 +6010,7 @@ export interface RegistryValueEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5650,7 +6046,7 @@ export interface SecurityGroupEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5681,7 +6077,7 @@ export interface SubmissionMailEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5747,7 +6143,7 @@ export interface UrlEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5768,7 +6164,7 @@ export interface NicEntity extends Entity { * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -5813,6 +6209,48 @@ export interface ActivityEntityQueryTemplate extends EntityQueryTemplate { entitiesFilter?: { [propertyName: string]: string[] }; } +/** The workspace manager group */ +export interface WorkspaceManagerGroup extends AzureEntityResource { + /** The description of the workspace manager group */ + description?: string; + /** The display name of the workspace manager group */ + displayName?: string; + /** The names of the workspace manager members participating in this group. */ + memberResourceNames?: string[]; +} + +/** The workspace manager assignment */ +export interface WorkspaceManagerAssignment extends AzureEntityResource { + /** The resource name of the workspace manager group targeted by the workspace manager assignment */ + targetResourceName?: string; + /** + * The time the last job associated to this assignment ended at + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly lastJobEndTime?: Date; + /** + * State of the last job associated to this assignment + * NOTE: This property will not be serialized. It can only be populated by the server. + */ + readonly lastJobProvisioningState?: ProvisioningState; + /** List of resources included in this workspace manager assignment */ + items?: AssignmentItem[]; +} + +/** The workspace manager configuration */ +export interface WorkspaceManagerConfiguration extends AzureEntityResource { + /** The current mode of the workspace manager configuration */ + mode?: Mode; +} + +/** The workspace manager member */ +export interface WorkspaceManagerMember extends AzureEntityResource { + /** Fully qualified resource ID of the target Sentinel workspace joining the given Sentinel workspace manager */ + targetWorkspaceId?: string; + /** Tenant id of the target Sentinel workspace joining the given Sentinel workspace manager */ + targetWorkspaceTenantId?: string; +} + /** MLBehaviorAnalytics alert rule template properties. */ export interface MLBehaviorAnalyticsAlertRuleTemplateProperties extends AlertRuleTemplateWithMitreProperties { @@ -6004,6 +6442,8 @@ export interface ScheduledAlertRule extends AlertRule { entityMappings?: EntityMapping[]; /** The alert details override settings */ alertDetailsOverride?: AlertDetailsOverride; + /** Array of the sentinel entity mappings of the alert rule */ + sentinelEntitiesMappings?: SentinelEntityMapping[]; /** The Name of the alert rule template used to create this rule. */ alertRuleTemplateName?: string; /** The version of the alert rule template used to create this rule - in format , where all are numbers, for example 0 <1.0.2> */ @@ -6072,6 +6512,8 @@ export interface NrtAlertRule extends AlertRule { alertDetailsOverride?: AlertDetailsOverride; /** The event grouping settings. */ eventGroupingSettings?: EventGroupingSettings; + /** Array of the sentinel entity mappings of the alert rule */ + sentinelEntitiesMappings?: SentinelEntityMapping[]; } /** Represents Expansion entity query. */ @@ -6245,7 +6687,7 @@ export interface ThreatIntelligenceIndicatorModel * A bag of custom fields that should be part of the entity and will be presented to the user. * NOTE: This property will not be serialized. It can only be populated by the server. */ - readonly additionalData?: { [propertyName: string]: Record }; + readonly additionalData?: { [propertyName: string]: any }; /** * The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. * NOTE: This property will not be serialized. It can only be populated by the server. @@ -6309,7 +6751,7 @@ export interface ThreatIntelligenceIndicatorModel extensions?: { [propertyName: string]: any }; } -/** Represents AAD (Azure Active Directory) data connector. */ +/** Represents AADIP (Azure Active Directory Identity Protection) data connector. */ export interface AADDataConnector extends DataConnector { /** Polymorphic discriminator, which specifies the different types this object can be */ kind: "AzureActiveDirectory"; @@ -6337,6 +6779,8 @@ export interface MTPDataConnector extends DataConnector { tenantId?: string; /** The available data types for the connector. */ dataTypes?: MTPDataConnectorDataTypes; + /** The available filtered providers for the connector. */ + filteredProviders?: MtpFilteredProviders; } /** Represents AATP (Azure Advanced Threat Protection) data connector. */ @@ -6413,6 +6857,17 @@ export interface OfficeATPDataConnector extends DataConnector { dataTypes?: AlertsDataTypeOfDataConnector; } +/** Represents Microsoft Purview Information Protection data connector. */ +export interface MicrosoftPurviewInformationProtectionDataConnector + extends DataConnector { + /** Polymorphic discriminator, which specifies the different types this object can be */ + kind: "MicrosoftPurviewInformationProtection"; + /** The tenant id to connect to, and get the data from. */ + tenantId?: string; + /** The available data types for the connector. */ + dataTypes?: MicrosoftPurviewInformationProtectionConnectorDataTypes; +} + /** Represents Office Microsoft Project data connector. */ export interface Office365ProjectDataConnector extends DataConnector { /** Polymorphic discriminator, which specifies the different types this object can be */ @@ -6529,6 +6984,11 @@ export interface CodelessApiPollingDataConnector extends DataConnector { pollingConfig?: CodelessConnectorPollingConfigProperties; } +/** Defines headers for AlertRule_triggerRuleRun operation. */ +export interface AlertRuleTriggerRuleRunHeaders { + location?: string; +} + /** Defines headers for Watchlists_delete operation. */ export interface WatchlistsDeleteHeaders { /** Contains the status URL on which clients are expected to poll the status of the delete operation. */ @@ -6663,7 +7123,9 @@ export enum KnownActionType { /** Modify an object's properties */ ModifyProperties = "ModifyProperties", /** Run a playbook on an object */ - RunPlaybook = "RunPlaybook" + RunPlaybook = "RunPlaybook", + /** Add a task to an incident object */ + AddIncidentTask = "AddIncidentTask" } /** @@ -6672,7 +7134,8 @@ export enum KnownActionType { * this enum contains the known values that the service supports. * ### Known values supported by the service * **ModifyProperties**: Modify an object's properties \ - * **RunPlaybook**: Run a playbook on an object + * **RunPlaybook**: Run a playbook on an object \ + * **AddIncidentTask**: Add a task to an incident object */ export type ActionType = string; @@ -6763,8 +7226,8 @@ export enum KnownAttackTactic { */ export type AttackTactic = string; -/** Known values of {@link EntityKind} that the service accepts. */ -export enum KnownEntityKind { +/** Known values of {@link EntityKindEnum} that the service accepts. */ +export enum KnownEntityKindEnum { /** Entity represents account in the system. */ Account = "Account", /** Entity represents host in the system. */ @@ -6812,8 +7275,8 @@ export enum KnownEntityKind { } /** - * Defines values for EntityKind. \ - * {@link KnownEntityKind} can be used interchangeably with EntityKind, + * Defines values for EntityKindEnum. \ + * {@link KnownEntityKindEnum} can be used interchangeably with EntityKindEnum, * this enum contains the known values that the service supports. * ### Known values supported by the service * **Account**: Entity represents account in the system. \ @@ -6839,7 +7302,7 @@ export enum KnownEntityKind { * **SubmissionMail**: Entity represents submission mail in the system. \ * **Nic**: Entity represents network interface in the system. */ -export type EntityKind = string; +export type EntityKindEnum = string; /** Known values of {@link EntityTimelineKind} that the service accepts. */ export enum KnownEntityTimelineKind { @@ -7081,6 +7544,27 @@ export enum KnownFileImportState { */ export type FileImportState = string; +/** Known values of {@link IncidentStatus} that the service accepts. */ +export enum KnownIncidentStatus { + /** An active incident which isn't being handled currently */ + New = "New", + /** An active incident which is being handled */ + Active = "Active", + /** A non-active incident */ + Closed = "Closed" +} + +/** + * Defines values for IncidentStatus. \ + * {@link KnownIncidentStatus} can be used interchangeably with IncidentStatus, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **New**: An active incident which isn't being handled currently \ + * **Active**: An active incident which is being handled \ + * **Closed**: A non-active incident + */ +export type IncidentStatus = string; + /** Known values of {@link IncidentClassification} that the service accepts. */ export enum KnownIncidentClassification { /** Incident classification was undetermined */ @@ -7129,24 +7613,6 @@ export enum KnownIncidentClassificationReason { */ export type IncidentClassificationReason = string; -/** Known values of {@link IncidentLabelType} that the service accepts. */ -export enum KnownIncidentLabelType { - /** Label manually created by a user */ - User = "User", - /** Label automatically created by the system */ - AutoAssigned = "AutoAssigned" -} - -/** - * Defines values for IncidentLabelType. \ - * {@link KnownIncidentLabelType} can be used interchangeably with IncidentLabelType, - * this enum contains the known values that the service supports. - * ### Known values supported by the service - * **User**: Label manually created by a user \ - * **AutoAssigned**: Label automatically created by the system - */ -export type IncidentLabelType = string; - /** Known values of {@link OwnerType} that the service accepts. */ export enum KnownOwnerType { /** The incident owner type is unknown */ @@ -7168,26 +7634,23 @@ export enum KnownOwnerType { */ export type OwnerType = string; -/** Known values of {@link IncidentStatus} that the service accepts. */ -export enum KnownIncidentStatus { - /** An active incident which isn't being handled currently */ - New = "New", - /** An active incident which is being handled */ - Active = "Active", - /** A non-active incident */ - Closed = "Closed" +/** Known values of {@link IncidentLabelType} that the service accepts. */ +export enum KnownIncidentLabelType { + /** Label manually created by a user */ + User = "User", + /** Label automatically created by the system */ + AutoAssigned = "AutoAssigned" } /** - * Defines values for IncidentStatus. \ - * {@link KnownIncidentStatus} can be used interchangeably with IncidentStatus, + * Defines values for IncidentLabelType. \ + * {@link KnownIncidentLabelType} can be used interchangeably with IncidentLabelType, * this enum contains the known values that the service supports. * ### Known values supported by the service - * **New**: An active incident which isn't being handled currently \ - * **Active**: An active incident which is being handled \ - * **Closed**: A non-active incident + * **User**: Label manually created by a user \ + * **AutoAssigned**: Label automatically created by the system */ -export type IncidentStatus = string; +export type IncidentLabelType = string; /** Known values of {@link ConfidenceLevel} that the service accepts. */ export enum KnownConfidenceLevel { @@ -7339,68 +7802,23 @@ export enum KnownAlertStatus { */ export type AlertStatus = string; -/** Known values of {@link Kind} that the service accepts. */ -export enum KnownKind { - /** DataConnector */ - DataConnector = "DataConnector", - /** DataType */ - DataType = "DataType", - /** Workbook */ - Workbook = "Workbook", - /** WorkbookTemplate */ - WorkbookTemplate = "WorkbookTemplate", - /** Playbook */ - Playbook = "Playbook", - /** PlaybookTemplate */ - PlaybookTemplate = "PlaybookTemplate", - /** AnalyticsRuleTemplate */ - AnalyticsRuleTemplate = "AnalyticsRuleTemplate", - /** AnalyticsRule */ - AnalyticsRule = "AnalyticsRule", - /** HuntingQuery */ - HuntingQuery = "HuntingQuery", - /** InvestigationQuery */ - InvestigationQuery = "InvestigationQuery", - /** Parser */ - Parser = "Parser", - /** Watchlist */ - Watchlist = "Watchlist", - /** WatchlistTemplate */ - WatchlistTemplate = "WatchlistTemplate", - /** Solution */ - Solution = "Solution", - /** AzureFunction */ - AzureFunction = "AzureFunction", - /** LogicAppsCustomConnector */ - LogicAppsCustomConnector = "LogicAppsCustomConnector", - /** AutomationRule */ - AutomationRule = "AutomationRule" +/** Known values of {@link IncidentTaskStatus} that the service accepts. */ +export enum KnownIncidentTaskStatus { + /** A new task */ + New = "New", + /** A completed task */ + Completed = "Completed" } /** - * Defines values for Kind. \ - * {@link KnownKind} can be used interchangeably with Kind, + * Defines values for IncidentTaskStatus. \ + * {@link KnownIncidentTaskStatus} can be used interchangeably with IncidentTaskStatus, * this enum contains the known values that the service supports. * ### Known values supported by the service - * **DataConnector** \ - * **DataType** \ - * **Workbook** \ - * **WorkbookTemplate** \ - * **Playbook** \ - * **PlaybookTemplate** \ - * **AnalyticsRuleTemplate** \ - * **AnalyticsRule** \ - * **HuntingQuery** \ - * **InvestigationQuery** \ - * **Parser** \ - * **Watchlist** \ - * **WatchlistTemplate** \ - * **Solution** \ - * **AzureFunction** \ - * **LogicAppsCustomConnector** \ - * **AutomationRule** + * **New**: A new task \ + * **Completed**: A completed task */ -export type Kind = string; +export type IncidentTaskStatus = string; /** Known values of {@link SourceKind} that the service accepts. */ export enum KnownSourceKind { @@ -7465,6 +7883,105 @@ export enum KnownOperator { */ export type Operator = string; +/** Known values of {@link Category} that the service accepts. */ +export enum KnownCategory { + /** Onboarding recommendation. */ + Onboarding = "Onboarding", + /** New feature recommendation. */ + NewFeature = "NewFeature", + /** Soc Efficiency recommendation. */ + SocEfficiency = "SocEfficiency", + /** Cost optimization recommendation. */ + CostOptimization = "CostOptimization", + /** Demo recommendation. */ + Demo = "Demo" +} + +/** + * Defines values for Category. \ + * {@link KnownCategory} can be used interchangeably with Category, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Onboarding**: Onboarding recommendation. \ + * **NewFeature**: New feature recommendation. \ + * **SocEfficiency**: Soc Efficiency recommendation. \ + * **CostOptimization**: Cost optimization recommendation. \ + * **Demo**: Demo recommendation. + */ +export type Category = string; + +/** Known values of {@link Context} that the service accepts. */ +export enum KnownContext { + /** Analytics context. */ + Analytics = "Analytics", + /** Incidents context. */ + Incidents = "Incidents", + /** Overview context. */ + Overview = "Overview", + /** No context. */ + None = "None" +} + +/** + * Defines values for Context. \ + * {@link KnownContext} can be used interchangeably with Context, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Analytics**: Analytics context. \ + * **Incidents**: Incidents context. \ + * **Overview**: Overview context. \ + * **None**: No context. + */ +export type Context = string; + +/** Known values of {@link Priority} that the service accepts. */ +export enum KnownPriority { + /** Low priority for recommendation. */ + Low = "Low", + /** Medium priority for recommendation. */ + Medium = "Medium", + /** High priority for recommendation. */ + High = "High" +} + +/** + * Defines values for Priority. \ + * {@link KnownPriority} can be used interchangeably with Priority, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Low**: Low priority for recommendation. \ + * **Medium**: Medium priority for recommendation. \ + * **High**: High priority for recommendation. + */ +export type Priority = string; + +/** Known values of {@link State} that the service accepts. */ +export enum KnownState { + /** Recommendation is active. */ + Active = "Active", + /** Recommendation is disabled. */ + Disabled = "Disabled", + /** Recommendation has been completed by user. */ + CompletedByUser = "CompletedByUser", + /** Recommendation has been completed by action. */ + CompletedByAction = "CompletedByAction", + /** Recommendation is hidden. */ + Hidden = "Hidden" +} + +/** + * Defines values for State. \ + * {@link KnownState} can be used interchangeably with State, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Active**: Recommendation is active. \ + * **Disabled**: Recommendation is disabled. \ + * **CompletedByUser**: Recommendation has been completed by user. \ + * **CompletedByAction**: Recommendation has been completed by action. \ + * **Hidden**: Recommendation is hidden. + */ +export type State = string; + /** Known values of {@link SecurityMLAnalyticsSettingsKind} that the service accepts. */ export enum KnownSecurityMLAnalyticsSettingsKind { /** Anomaly */ @@ -7660,6 +8177,33 @@ export enum KnownThreatIntelligenceSortingCriteriaEnum { */ export type ThreatIntelligenceSortingCriteriaEnum = string; +/** Known values of {@link ProvisioningState} that the service accepts. */ +export enum KnownProvisioningState { + /** Accepted */ + Accepted = "Accepted", + /** InProgress */ + InProgress = "InProgress", + /** Succeeded */ + Succeeded = "Succeeded", + /** Failed */ + Failed = "Failed", + /** Canceled */ + Canceled = "Canceled" +} + +/** + * Defines values for ProvisioningState. \ + * {@link KnownProvisioningState} can be used interchangeably with ProvisioningState, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Accepted** \ + * **InProgress** \ + * **Succeeded** \ + * **Failed** \ + * **Canceled** + */ +export type ProvisioningState = string; + /** Known values of {@link SourceType} that the service accepts. */ export enum KnownSourceType { /** LocalFile */ @@ -7678,6 +8222,45 @@ export enum KnownSourceType { */ export type SourceType = string; +/** Known values of {@link Status} that the service accepts. */ +export enum KnownStatus { + /** The item publication succeeded */ + Succeeded = "Succeeded", + /** The item publication failed */ + Failed = "Failed", + /** The item publication is in progress */ + InProgress = "InProgress" +} + +/** + * Defines values for Status. \ + * {@link KnownStatus} can be used interchangeably with Status, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Succeeded**: The item publication succeeded \ + * **Failed**: The item publication failed \ + * **InProgress**: The item publication is in progress + */ +export type Status = string; + +/** Known values of {@link Mode} that the service accepts. */ +export enum KnownMode { + /** The workspace manager configuration is enabled */ + Enabled = "Enabled", + /** The workspace manager configuration is disabled */ + Disabled = "Disabled" +} + +/** + * Defines values for Mode. \ + * {@link KnownMode} can be used interchangeably with Mode, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **Enabled**: The workspace manager configuration is enabled \ + * **Disabled**: The workspace manager configuration is disabled + */ +export type Mode = string; + /** Known values of {@link DataConnectorKind} that the service accepts. */ export enum KnownDataConnectorKind { /** AzureActiveDirectory */ @@ -7698,6 +8281,8 @@ export enum KnownDataConnectorKind { OfficeIRM = "OfficeIRM", /** Office365Project */ Office365Project = "Office365Project", + /** MicrosoftPurviewInformationProtection */ + MicrosoftPurviewInformationProtection = "MicrosoftPurviewInformationProtection", /** OfficePowerBI */ OfficePowerBI = "OfficePowerBI", /** AmazonWebServicesCloudTrail */ @@ -7736,6 +8321,7 @@ export enum KnownDataConnectorKind { * **OfficeATP** \ * **OfficeIRM** \ * **Office365Project** \ + * **MicrosoftPurviewInformationProtection** \ * **OfficePowerBI** \ * **AmazonWebServicesCloudTrail** \ * **AmazonWebServicesS3** \ @@ -7897,6 +8483,45 @@ export enum KnownEntityMappingType { */ export type EntityMappingType = string; +/** Known values of {@link AlertProperty} that the service accepts. */ +export enum KnownAlertProperty { + /** Alert's link */ + AlertLink = "AlertLink", + /** Confidence level property */ + ConfidenceLevel = "ConfidenceLevel", + /** Confidence score */ + ConfidenceScore = "ConfidenceScore", + /** Extended links to the alert */ + ExtendedLinks = "ExtendedLinks", + /** Product name alert property */ + ProductName = "ProductName", + /** Provider name alert property */ + ProviderName = "ProviderName", + /** Product component name alert property */ + ProductComponentName = "ProductComponentName", + /** Remediation steps alert property */ + RemediationSteps = "RemediationSteps", + /** Techniques alert property */ + Techniques = "Techniques" +} + +/** + * Defines values for AlertProperty. \ + * {@link KnownAlertProperty} can be used interchangeably with AlertProperty, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **AlertLink**: Alert's link \ + * **ConfidenceLevel**: Confidence level property \ + * **ConfidenceScore**: Confidence score \ + * **ExtendedLinks**: Extended links to the alert \ + * **ProductName**: Product name alert property \ + * **ProviderName**: Provider name alert property \ + * **ProductComponentName**: Product component name alert property \ + * **RemediationSteps**: Remediation steps alert property \ + * **Techniques**: Techniques alert property + */ +export type AlertProperty = string; + /** Known values of {@link EventGroupingAggregationKind} that the service accepts. */ export enum KnownEventGroupingAggregationKind { /** SingleAlert */ @@ -8518,6 +9143,24 @@ export enum KnownDataTypeState { */ export type DataTypeState = string; +/** Known values of {@link MtpProvider} that the service accepts. */ +export enum KnownMtpProvider { + /** MicrosoftDefenderForCloudApps */ + MicrosoftDefenderForCloudApps = "microsoftDefenderForCloudApps", + /** MicrosoftDefenderForIdentity */ + MicrosoftDefenderForIdentity = "microsoftDefenderForIdentity" +} + +/** + * Defines values for MtpProvider. \ + * {@link KnownMtpProvider} can be used interchangeably with MtpProvider, + * this enum contains the known values that the service supports. + * ### Known values supported by the service + * **microsoftDefenderForCloudApps** \ + * **microsoftDefenderForIdentity** + */ +export type MtpProvider = string; + /** Known values of {@link PollingFrequency} that the service accepts. */ export enum KnownPollingFrequency { /** Once a minute */ @@ -8926,18 +9569,67 @@ export interface AutomationRulesListNextOptionalParams export type AutomationRulesListNextResponse = AutomationRulesList; /** Optional parameters. */ -export interface IncidentsRunPlaybookOptionalParams +export interface EntitiesRunPlaybookOptionalParams extends coreClient.OperationOptions { - requestBody?: ManualTriggerRequestBody; + /** Describes the request body for triggering a playbook on an entity. */ + requestBody?: EntityManualTriggerRequestBody; } -/** Contains response data for the runPlaybook operation. */ -export type IncidentsRunPlaybookResponse = Record; - /** Optional parameters. */ -export interface IncidentsListOptionalParams - extends coreClient.OperationOptions { - /** Filters the results, based on a Boolean condition. Optional. */ +export interface EntitiesListOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the list operation. */ +export type EntitiesListResponse = EntityList; + +/** Optional parameters. */ +export interface EntitiesGetOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the get operation. */ +export type EntitiesGetResponse = EntityUnion; + +/** Optional parameters. */ +export interface EntitiesExpandOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the expand operation. */ +export type EntitiesExpandResponse = EntityExpandResponse; + +/** Optional parameters. */ +export interface EntitiesQueriesOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the queries operation. */ +export type EntitiesQueriesResponse = GetQueriesResponse; + +/** Optional parameters. */ +export interface EntitiesGetInsightsOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the getInsights operation. */ +export type EntitiesGetInsightsResponse = EntityGetInsightsResponse; + +/** Optional parameters. */ +export interface EntitiesListNextOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the listNext operation. */ +export type EntitiesListNextResponse = EntityList; + +/** Optional parameters. */ +export interface IncidentsRunPlaybookOptionalParams + extends coreClient.OperationOptions { + requestBody?: ManualTriggerRequestBody; +} + +/** Contains response data for the runPlaybook operation. */ +export type IncidentsRunPlaybookResponse = Record; + +/** Optional parameters. */ +export interface IncidentsListOptionalParams + extends coreClient.OperationOptions { + /** Filters the results, based on a Boolean condition. Optional. */ filter?: string; /** Sorts the results. Optional. */ orderby?: string; @@ -9097,48 +9789,6 @@ export interface DomainWhoisGetOptionalParams /** Contains response data for the get operation. */ export type DomainWhoisGetResponse = EnrichmentDomainWhois; -/** Optional parameters. */ -export interface EntitiesListOptionalParams - extends coreClient.OperationOptions {} - -/** Contains response data for the list operation. */ -export type EntitiesListResponse = EntityList; - -/** Optional parameters. */ -export interface EntitiesGetOptionalParams - extends coreClient.OperationOptions {} - -/** Contains response data for the get operation. */ -export type EntitiesGetResponse = EntityUnion; - -/** Optional parameters. */ -export interface EntitiesExpandOptionalParams - extends coreClient.OperationOptions {} - -/** Contains response data for the expand operation. */ -export type EntitiesExpandResponse = EntityExpandResponse; - -/** Optional parameters. */ -export interface EntitiesQueriesOptionalParams - extends coreClient.OperationOptions {} - -/** Contains response data for the queries operation. */ -export type EntitiesQueriesResponse = GetQueriesResponse; - -/** Optional parameters. */ -export interface EntitiesGetInsightsOptionalParams - extends coreClient.OperationOptions {} - -/** Contains response data for the getInsights operation. */ -export type EntitiesGetInsightsResponse = EntityGetInsightsResponse; - -/** Optional parameters. */ -export interface EntitiesListNextOptionalParams - extends coreClient.OperationOptions {} - -/** Contains response data for the listNext operation. */ -export type EntitiesListNextResponse = EntityList; - /** Optional parameters. */ export interface EntitiesGetTimelineListOptionalParams extends coreClient.OperationOptions {} @@ -9363,6 +10013,38 @@ export interface IncidentRelationsListNextOptionalParams /** Contains response data for the listNext operation. */ export type IncidentRelationsListNextResponse = RelationList; +/** Optional parameters. */ +export interface IncidentTasksListOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the list operation. */ +export type IncidentTasksListResponse = IncidentTaskList; + +/** Optional parameters. */ +export interface IncidentTasksGetOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the get operation. */ +export type IncidentTasksGetResponse = IncidentTask; + +/** Optional parameters. */ +export interface IncidentTasksCreateOrUpdateOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the createOrUpdate operation. */ +export type IncidentTasksCreateOrUpdateResponse = IncidentTask; + +/** Optional parameters. */ +export interface IncidentTasksDeleteOptionalParams + extends coreClient.OperationOptions {} + +/** Optional parameters. */ +export interface IncidentTasksListNextOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the listNext operation. */ +export type IncidentTasksListNextResponse = IncidentTaskList; + /** Optional parameters. */ export interface MetadataListOptionalParams extends coreClient.OperationOptions { @@ -9464,6 +10146,32 @@ export interface SentinelOnboardingStatesListOptionalParams /** Contains response data for the list operation. */ export type SentinelOnboardingStatesListResponse = SentinelOnboardingStatesList; +/** Optional parameters. */ +export interface GetRecommendationsListOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the list operation. */ +export type GetRecommendationsListResponse = RecommendationList; + +/** Optional parameters. */ +export interface GetSingleRecommendationOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the singleRecommendation operation. */ +export type GetSingleRecommendationResponse = Recommendation; + +/** Optional parameters. */ +export interface UpdateRecommendationOptionalParams + extends coreClient.OperationOptions { + /** Delay to wait until next poll, in milliseconds. */ + updateIntervalInMs?: number; + /** A serialized poller which can be used to resume an existing paused Long-Running-Operation. */ + resumeFrom?: string; +} + +/** Contains response data for the recommendation operation. */ +export type UpdateRecommendationResponse = Recommendation; + /** Optional parameters. */ export interface SecurityMLAnalyticsSettingsListOptionalParams extends coreClient.OperationOptions {} @@ -9647,6 +10355,39 @@ export interface ThreatIntelligenceIndicatorMetricsListOptionalParams /** Contains response data for the list operation. */ export type ThreatIntelligenceIndicatorMetricsListResponse = ThreatIntelligenceMetricsList; +/** Optional parameters. */ +export interface TriggeredAnalyticsRuleRunGetOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the get operation. */ +export type TriggeredAnalyticsRuleRunGetResponse = TriggeredAnalyticsRuleRun; + +/** Optional parameters. */ +export interface GetTriggeredAnalyticsRuleRunsListOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the list operation. */ +export type GetTriggeredAnalyticsRuleRunsListResponse = TriggeredAnalyticsRuleRuns; + +/** Optional parameters. */ +export interface GetTriggeredAnalyticsRuleRunsListNextOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the listNext operation. */ +export type GetTriggeredAnalyticsRuleRunsListNextResponse = TriggeredAnalyticsRuleRuns; + +/** Optional parameters. */ +export interface AlertRuleTriggerRuleRunOptionalParams + extends coreClient.OperationOptions { + /** Delay to wait until next poll, in milliseconds. */ + updateIntervalInMs?: number; + /** A serialized poller which can be used to resume an existing paused Long-Running-Operation. */ + resumeFrom?: string; +} + +/** Contains response data for the triggerRuleRun operation. */ +export type AlertRuleTriggerRuleRunResponse = AlertRuleTriggerRuleRunHeaders; + /** Optional parameters. */ export interface WatchlistsListOptionalParams extends coreClient.OperationOptions { @@ -9720,6 +10461,201 @@ export interface WatchlistItemsListNextOptionalParams /** Contains response data for the listNext operation. */ export type WatchlistItemsListNextResponse = WatchlistItemList; +/** Optional parameters. */ +export interface WorkspaceManagerGroupsListOptionalParams + extends coreClient.OperationOptions { + /** Sorts the results. Optional. */ + orderby?: string; + /** Returns only the first n results. Optional. */ + top?: number; + /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */ + skipToken?: string; +} + +/** Contains response data for the list operation. */ +export type WorkspaceManagerGroupsListResponse = WorkspaceManagerGroupList; + +/** Optional parameters. */ +export interface WorkspaceManagerGroupsGetOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the get operation. */ +export type WorkspaceManagerGroupsGetResponse = WorkspaceManagerGroup; + +/** Optional parameters. */ +export interface WorkspaceManagerGroupsCreateOrUpdateOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the createOrUpdate operation. */ +export type WorkspaceManagerGroupsCreateOrUpdateResponse = WorkspaceManagerGroup; + +/** Optional parameters. */ +export interface WorkspaceManagerGroupsDeleteOptionalParams + extends coreClient.OperationOptions {} + +/** Optional parameters. */ +export interface WorkspaceManagerGroupsListNextOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the listNext operation. */ +export type WorkspaceManagerGroupsListNextResponse = WorkspaceManagerGroupList; + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentsListOptionalParams + extends coreClient.OperationOptions { + /** Sorts the results. Optional. */ + orderby?: string; + /** Returns only the first n results. Optional. */ + top?: number; + /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */ + skipToken?: string; +} + +/** Contains response data for the list operation. */ +export type WorkspaceManagerAssignmentsListResponse = WorkspaceManagerAssignmentList; + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentsGetOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the get operation. */ +export type WorkspaceManagerAssignmentsGetResponse = WorkspaceManagerAssignment; + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentsCreateOrUpdateOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the createOrUpdate operation. */ +export type WorkspaceManagerAssignmentsCreateOrUpdateResponse = WorkspaceManagerAssignment; + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentsDeleteOptionalParams + extends coreClient.OperationOptions {} + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentsListNextOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the listNext operation. */ +export type WorkspaceManagerAssignmentsListNextResponse = WorkspaceManagerAssignmentList; + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentJobsListOptionalParams + extends coreClient.OperationOptions { + /** Sorts the results. Optional. */ + orderby?: string; + /** Returns only the first n results. Optional. */ + top?: number; + /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */ + skipToken?: string; +} + +/** Contains response data for the list operation. */ +export type WorkspaceManagerAssignmentJobsListResponse = JobList; + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentJobsCreateOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the create operation. */ +export type WorkspaceManagerAssignmentJobsCreateResponse = Job; + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentJobsGetOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the get operation. */ +export type WorkspaceManagerAssignmentJobsGetResponse = Job; + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentJobsDeleteOptionalParams + extends coreClient.OperationOptions {} + +/** Optional parameters. */ +export interface WorkspaceManagerAssignmentJobsListNextOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the listNext operation. */ +export type WorkspaceManagerAssignmentJobsListNextResponse = JobList; + +/** Optional parameters. */ +export interface WorkspaceManagerConfigurationsListOptionalParams + extends coreClient.OperationOptions { + /** Sorts the results. Optional. */ + orderby?: string; + /** Returns only the first n results. Optional. */ + top?: number; + /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */ + skipToken?: string; +} + +/** Contains response data for the list operation. */ +export type WorkspaceManagerConfigurationsListResponse = WorkspaceManagerConfigurationList; + +/** Optional parameters. */ +export interface WorkspaceManagerConfigurationsGetOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the get operation. */ +export type WorkspaceManagerConfigurationsGetResponse = WorkspaceManagerConfiguration; + +/** Optional parameters. */ +export interface WorkspaceManagerConfigurationsDeleteOptionalParams + extends coreClient.OperationOptions {} + +/** Optional parameters. */ +export interface WorkspaceManagerConfigurationsCreateOrUpdateOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the createOrUpdate operation. */ +export type WorkspaceManagerConfigurationsCreateOrUpdateResponse = WorkspaceManagerConfiguration; + +/** Optional parameters. */ +export interface WorkspaceManagerConfigurationsListNextOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the listNext operation. */ +export type WorkspaceManagerConfigurationsListNextResponse = WorkspaceManagerConfigurationList; + +/** Optional parameters. */ +export interface WorkspaceManagerMembersListOptionalParams + extends coreClient.OperationOptions { + /** Sorts the results. Optional. */ + orderby?: string; + /** Returns only the first n results. Optional. */ + top?: number; + /** Skiptoken is only used if a previous operation returned a partial result. If a previous response contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. */ + skipToken?: string; +} + +/** Contains response data for the list operation. */ +export type WorkspaceManagerMembersListResponse = WorkspaceManagerMembersList; + +/** Optional parameters. */ +export interface WorkspaceManagerMembersGetOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the get operation. */ +export type WorkspaceManagerMembersGetResponse = WorkspaceManagerMember; + +/** Optional parameters. */ +export interface WorkspaceManagerMembersCreateOrUpdateOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the createOrUpdate operation. */ +export type WorkspaceManagerMembersCreateOrUpdateResponse = WorkspaceManagerMember; + +/** Optional parameters. */ +export interface WorkspaceManagerMembersDeleteOptionalParams + extends coreClient.OperationOptions {} + +/** Optional parameters. */ +export interface WorkspaceManagerMembersListNextOptionalParams + extends coreClient.OperationOptions {} + +/** Contains response data for the listNext operation. */ +export type WorkspaceManagerMembersListNextResponse = WorkspaceManagerMembersList; + /** Optional parameters. */ export interface DataConnectorsListOptionalParams extends coreClient.OperationOptions {} diff --git a/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts index 6f5b1105eada..dd644e11c155 100644 --- a/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts +++ b/sdk/securityinsight/arm-securityinsight/src/models/mappers.ts @@ -392,6 +392,34 @@ export const AutomationRulesList: coreClient.CompositeMapper = { } }; +export const EntityManualTriggerRequestBody: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "EntityManualTriggerRequestBody", + modelProperties: { + incidentArmId: { + serializedName: "incidentArmId", + type: { + name: "String" + } + }, + tenantId: { + serializedName: "tenantId", + type: { + name: "Uuid" + } + }, + logicAppsResourceId: { + serializedName: "logicAppsResourceId", + required: true, + type: { + name: "String" + } + } + } + } +}; + export const ManualTriggerRequestBody: coreClient.CompositeMapper = { type: { name: "Composite", @@ -1229,9 +1257,7 @@ export const EntityEdges: coreClient.CompositeMapper = { serializedName: "additionalData", type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } } } @@ -1886,13 +1912,6 @@ export const IncidentList: coreClient.CompositeMapper = { name: "Composite", className: "IncidentList", modelProperties: { - nextLink: { - serializedName: "nextLink", - readOnly: true, - type: { - name: "String" - } - }, value: { serializedName: "value", required: true, @@ -1905,6 +1924,75 @@ export const IncidentList: coreClient.CompositeMapper = { } } } + }, + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } + } + } + } +}; + +export const IncidentOwnerInfo: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "IncidentOwnerInfo", + modelProperties: { + email: { + serializedName: "email", + type: { + name: "String" + } + }, + assignedTo: { + serializedName: "assignedTo", + type: { + name: "String" + } + }, + objectId: { + serializedName: "objectId", + type: { + name: "Uuid" + } + }, + userPrincipalName: { + serializedName: "userPrincipalName", + type: { + name: "String" + } + }, + ownerType: { + serializedName: "ownerType", + type: { + name: "String" + } + } + } + } +}; + +export const IncidentLabel: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "IncidentLabel", + modelProperties: { + labelName: { + serializedName: "labelName", + required: true, + type: { + name: "String" + } + }, + labelType: { + serializedName: "labelType", + readOnly: true, + type: { + name: "String" + } } } } @@ -1948,13 +2036,6 @@ export const IncidentAdditionalData: coreClient.CompositeMapper = { } } }, - providerIncidentUrl: { - serializedName: "providerIncidentUrl", - readOnly: true, - type: { - name: "String" - } - }, tactics: { serializedName: "tactics", readOnly: true, @@ -1978,25 +2059,9 @@ export const IncidentAdditionalData: coreClient.CompositeMapper = { } } } - } - } - } -}; - -export const IncidentLabel: coreClient.CompositeMapper = { - type: { - name: "Composite", - className: "IncidentLabel", - modelProperties: { - labelName: { - serializedName: "labelName", - required: true, - type: { - name: "String" - } }, - labelType: { - serializedName: "labelType", + providerIncidentUrl: { + serializedName: "providerIncidentUrl", readOnly: true, type: { name: "String" @@ -2006,45 +2071,6 @@ export const IncidentLabel: coreClient.CompositeMapper = { } }; -export const IncidentOwnerInfo: coreClient.CompositeMapper = { - type: { - name: "Composite", - className: "IncidentOwnerInfo", - modelProperties: { - email: { - serializedName: "email", - type: { - name: "String" - } - }, - assignedTo: { - serializedName: "assignedTo", - type: { - name: "String" - } - }, - objectId: { - serializedName: "objectId", - type: { - name: "Uuid" - } - }, - userPrincipalName: { - serializedName: "userPrincipalName", - type: { - name: "String" - } - }, - ownerType: { - serializedName: "ownerType", - type: { - name: "String" - } - } - } - } -}; - export const TeamInformation: coreClient.CompositeMapper = { type: { name: "Composite", @@ -2089,50 +2115,6 @@ export const TeamInformation: coreClient.CompositeMapper = { } }; -export const TeamProperties: coreClient.CompositeMapper = { - type: { - name: "Composite", - className: "TeamProperties", - modelProperties: { - teamName: { - serializedName: "teamName", - required: true, - type: { - name: "String" - } - }, - teamDescription: { - serializedName: "teamDescription", - type: { - name: "String" - } - }, - memberIds: { - serializedName: "memberIds", - type: { - name: "Sequence", - element: { - type: { - name: "Uuid" - } - } - } - }, - groupIds: { - serializedName: "groupIds", - type: { - name: "Sequence", - element: { - type: { - name: "Uuid" - } - } - } - } - } - } -}; - export const IncidentAlertList: coreClient.CompositeMapper = { type: { name: "Composite", @@ -2188,9 +2170,7 @@ export const EntityCommonProperties: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -2231,13 +2211,6 @@ export const IncidentCommentList: coreClient.CompositeMapper = { name: "Composite", className: "IncidentCommentList", modelProperties: { - nextLink: { - serializedName: "nextLink", - readOnly: true, - type: { - name: "String" - } - }, value: { serializedName: "value", required: true, @@ -2250,6 +2223,13 @@ export const IncidentCommentList: coreClient.CompositeMapper = { } } } + }, + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } } } } @@ -2293,45 +2273,43 @@ export const IncidentEntitiesResultsMetadata: coreClient.CompositeMapper = { name: "Composite", className: "IncidentEntitiesResultsMetadata", modelProperties: { - count: { - serializedName: "count", + entityKind: { + serializedName: "entityKind", required: true, type: { - name: "Number" + name: "String" } }, - entityKind: { - serializedName: "entityKind", + count: { + serializedName: "count", required: true, type: { - name: "String" + name: "Number" } } } } }; -export const MetadataList: coreClient.CompositeMapper = { +export const IncidentTaskList: coreClient.CompositeMapper = { type: { name: "Composite", - className: "MetadataList", + className: "IncidentTaskList", modelProperties: { value: { serializedName: "value", - required: true, type: { name: "Sequence", element: { type: { name: "Composite", - className: "MetadataModel" + className: "IncidentTask" } } } }, nextLink: { serializedName: "nextLink", - readOnly: true, type: { name: "String" } @@ -2340,16 +2318,45 @@ export const MetadataList: coreClient.CompositeMapper = { } }; -export const MetadataSource: coreClient.CompositeMapper = { +export const MetadataList: coreClient.CompositeMapper = { type: { name: "Composite", - className: "MetadataSource", + className: "MetadataList", modelProperties: { - kind: { - serializedName: "kind", + value: { + serializedName: "value", required: true, type: { - name: "String" + name: "Sequence", + element: { + type: { + name: "Composite", + className: "MetadataModel" + } + } + } + }, + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } + } + } + } +}; + +export const MetadataSource: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "MetadataSource", + modelProperties: { + kind: { + serializedName: "kind", + required: true, + type: { + name: "String" } }, name: { @@ -2562,6 +2569,278 @@ export const SentinelOnboardingStatesList: coreClient.CompositeMapper = { } }; +export const RecommendationList: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "RecommendationList", + modelProperties: { + value: { + serializedName: "value", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Recommendation" + } + } + } + } + } + } +}; + +export const Recommendation: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "Recommendation", + modelProperties: { + id: { + serializedName: "id", + required: true, + type: { + name: "Uuid" + } + }, + instructions: { + serializedName: "instructions", + type: { + name: "Composite", + className: "Instructions" + } + }, + content: { + serializedName: "content", + type: { + name: "Composite", + className: "Content" + } + }, + resourceId: { + serializedName: "resourceId", + nullable: true, + type: { + name: "String" + } + }, + additionalProperties: { + serializedName: "additionalProperties", + nullable: true, + type: { + name: "Dictionary", + value: { type: { name: "String" } } + } + }, + title: { + serializedName: "title", + required: true, + type: { + name: "String" + } + }, + description: { + serializedName: "description", + required: true, + type: { + name: "String" + } + }, + recommendationTypeTitle: { + serializedName: "recommendationTypeTitle", + required: true, + type: { + name: "String" + } + }, + recommendationTypeId: { + serializedName: "recommendationTypeId", + required: true, + type: { + name: "String" + } + }, + category: { + serializedName: "category", + required: true, + type: { + name: "String" + } + }, + context: { + serializedName: "context", + required: true, + type: { + name: "String" + } + }, + workspaceId: { + serializedName: "workspaceId", + required: true, + type: { + name: "Uuid" + } + }, + actions: { + serializedName: "actions", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "RecommendedAction" + } + } + } + }, + state: { + serializedName: "state", + required: true, + type: { + name: "String" + } + }, + priority: { + serializedName: "priority", + required: true, + type: { + name: "String" + } + }, + lastEvaluatedTimeUtc: { + serializedName: "lastEvaluatedTimeUtc", + required: true, + type: { + name: "DateTime" + } + }, + hideUntilTimeUtc: { + serializedName: "hideUntilTimeUtc", + nullable: true, + type: { + name: "DateTime" + } + }, + displayUntilTimeUtc: { + serializedName: "displayUntilTimeUtc", + nullable: true, + type: { + name: "DateTime" + } + }, + visible: { + serializedName: "visible", + type: { + name: "Boolean" + } + } + } + } +}; + +export const Instructions: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "Instructions", + modelProperties: { + actionsToBePerformed: { + serializedName: "actionsToBePerformed", + required: true, + type: { + name: "String" + } + }, + recommendationImportance: { + serializedName: "recommendationImportance", + required: true, + type: { + name: "String" + } + }, + howToPerformActionDetails: { + serializedName: "howToPerformActionDetails", + nullable: true, + type: { + name: "String" + } + } + } + } +}; + +export const Content: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "Content", + modelProperties: { + title: { + serializedName: "title", + required: true, + type: { + name: "String" + } + }, + description: { + serializedName: "description", + required: true, + type: { + name: "String" + } + } + } + } +}; + +export const RecommendedAction: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "RecommendedAction", + modelProperties: { + linkText: { + serializedName: "linkText", + required: true, + type: { + name: "String" + } + }, + linkUrl: { + serializedName: "linkUrl", + required: true, + type: { + name: "String" + } + }, + state: { + serializedName: "state", + type: { + name: "String" + } + } + } + } +}; + +export const RecommendationPatch: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "RecommendationPatch", + modelProperties: { + state: { + serializedName: "state", + type: { + name: "String" + } + }, + hideUntilTimeUtc: { + serializedName: "hideUntilTimeUtc", + type: { + name: "DateTime" + } + } + } + } +}; + export const SecurityMLAnalyticsSettingsList: coreClient.CompositeMapper = { type: { name: "Composite", @@ -3374,7 +3653,52 @@ export const ThreatIntelligenceAppendTags: coreClient.CompositeMapper = { } }; -export const WatchlistList: coreClient.CompositeMapper = { +export const TriggeredAnalyticsRuleRuns: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "TriggeredAnalyticsRuleRuns", + modelProperties: { + value: { + serializedName: "value", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "TriggeredAnalyticsRuleRun" + } + } + } + }, + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } + } + } + } +}; + +export const AnalyticsRuleRunTrigger: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "AnalyticsRuleRunTrigger", + modelProperties: { + executionTimeUtc: { + serializedName: "properties.executionTimeUtc", + required: true, + type: { + name: "DateTime" + } + } + } + } +}; + +export const WatchlistList: coreClient.CompositeMapper = { type: { name: "Composite", className: "WatchlistList", @@ -3432,6 +3756,326 @@ export const WatchlistItemList: coreClient.CompositeMapper = { } }; +export const WorkspaceManagerGroupList: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "WorkspaceManagerGroupList", + modelProperties: { + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } + }, + value: { + serializedName: "value", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "WorkspaceManagerGroup" + } + } + } + } + } + } +}; + +export const ErrorResponse: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "ErrorResponse", + modelProperties: { + error: { + serializedName: "error", + type: { + name: "Composite", + className: "ErrorDetail" + } + } + } + } +}; + +export const ErrorDetail: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "ErrorDetail", + modelProperties: { + code: { + serializedName: "code", + readOnly: true, + type: { + name: "String" + } + }, + message: { + serializedName: "message", + readOnly: true, + type: { + name: "String" + } + }, + target: { + serializedName: "target", + readOnly: true, + type: { + name: "String" + } + }, + details: { + serializedName: "details", + readOnly: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ErrorDetail" + } + } + } + }, + additionalInfo: { + serializedName: "additionalInfo", + readOnly: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ErrorAdditionalInfo" + } + } + } + } + } + } +}; + +export const ErrorAdditionalInfo: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "ErrorAdditionalInfo", + modelProperties: { + type: { + serializedName: "type", + readOnly: true, + type: { + name: "String" + } + }, + info: { + serializedName: "info", + readOnly: true, + type: { + name: "Dictionary", + value: { type: { name: "any" } } + } + } + } + } +}; + +export const WorkspaceManagerAssignmentList: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "WorkspaceManagerAssignmentList", + modelProperties: { + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } + }, + value: { + serializedName: "value", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "WorkspaceManagerAssignment" + } + } + } + } + } + } +}; + +export const AssignmentItem: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "AssignmentItem", + modelProperties: { + resourceId: { + serializedName: "resourceId", + type: { + name: "String" + } + } + } + } +}; + +export const JobList: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "JobList", + modelProperties: { + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } + }, + value: { + serializedName: "value", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "Job" + } + } + } + } + } + } +}; + +export const JobItem: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "JobItem", + modelProperties: { + resourceId: { + serializedName: "resourceId", + type: { + name: "String" + } + }, + status: { + serializedName: "status", + readOnly: true, + type: { + name: "String" + } + }, + executionTime: { + serializedName: "executionTime", + readOnly: true, + type: { + name: "DateTime" + } + }, + errors: { + serializedName: "errors", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "ErrorModel" + } + } + } + } + } + } +}; + +export const ErrorModel: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "ErrorModel", + modelProperties: { + memberResourceName: { + serializedName: "memberResourceName", + required: true, + type: { + name: "String" + } + }, + errorMessage: { + serializedName: "errorMessage", + required: true, + type: { + name: "String" + } + } + } + } +}; + +export const WorkspaceManagerConfigurationList: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "WorkspaceManagerConfigurationList", + modelProperties: { + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } + }, + value: { + serializedName: "value", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "WorkspaceManagerConfiguration" + } + } + } + } + } + } +}; + +export const WorkspaceManagerMembersList: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "WorkspaceManagerMembersList", + modelProperties: { + nextLink: { + serializedName: "nextLink", + readOnly: true, + type: { + name: "String" + } + }, + value: { + serializedName: "value", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "WorkspaceManagerMember" + } + } + } + } + } + } +}; + export const DataConnectorList: coreClient.CompositeMapper = { type: { name: "Composite", @@ -3820,6 +4464,18 @@ export const QueryBasedAlertRuleTemplateProperties: coreClient.CompositeMapper = name: "Composite", className: "EventGroupingSettings" } + }, + sentinelEntitiesMappings: { + serializedName: "sentinelEntitiesMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SentinelEntityMapping" + } + } + } } } } @@ -3889,15 +4545,48 @@ export const AlertDetailsOverride: coreClient.CompositeMapper = { type: { name: "String" } - }, - alertTacticsColumnName: { - serializedName: "alertTacticsColumnName", + }, + alertTacticsColumnName: { + serializedName: "alertTacticsColumnName", + type: { + name: "String" + } + }, + alertSeverityColumnName: { + serializedName: "alertSeverityColumnName", + type: { + name: "String" + } + }, + alertDynamicProperties: { + serializedName: "alertDynamicProperties", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AlertPropertyMapping" + } + } + } + } + } + } +}; + +export const AlertPropertyMapping: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "AlertPropertyMapping", + modelProperties: { + alertProperty: { + serializedName: "alertProperty", type: { name: "String" } }, - alertSeverityColumnName: { - serializedName: "alertSeverityColumnName", + value: { + serializedName: "value", type: { name: "String" } @@ -3921,6 +4610,21 @@ export const EventGroupingSettings: coreClient.CompositeMapper = { } }; +export const SentinelEntityMapping: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "SentinelEntityMapping", + modelProperties: { + columnName: { + serializedName: "columnName", + type: { + name: "String" + } + } + } + } +}; + export const FusionSourceSettings: coreClient.CompositeMapper = { type: { name: "Composite", @@ -4368,6 +5072,40 @@ export const ScheduledAlertRuleCommonProperties: coreClient.CompositeMapper = { name: "Composite", className: "AlertDetailsOverride" } + }, + sentinelEntitiesMappings: { + serializedName: "sentinelEntitiesMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SentinelEntityMapping" + } + } + } + } + } + } +}; + +export const AddIncidentTaskActionProperties: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "AddIncidentTaskActionProperties", + modelProperties: { + title: { + serializedName: "title", + required: true, + type: { + name: "String" + } + }, + description: { + serializedName: "description", + type: { + name: "String" + } } } } @@ -4596,6 +5334,7 @@ export const PlaybookActionProperties: coreClient.CompositeMapper = { modelProperties: { logicAppResourceId: { serializedName: "logicAppResourceId", + required: true, type: { name: "String" } @@ -4907,6 +5646,50 @@ export const DataTypeDefinitions: coreClient.CompositeMapper = { } }; +export const TeamProperties: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "TeamProperties", + modelProperties: { + teamName: { + serializedName: "teamName", + required: true, + type: { + name: "String" + } + }, + teamDescription: { + serializedName: "teamDescription", + type: { + name: "String" + } + }, + groupIds: { + serializedName: "groupIds", + type: { + name: "Sequence", + element: { + type: { + name: "Uuid" + } + } + } + }, + memberIds: { + serializedName: "memberIds", + type: { + name: "Sequence", + element: { + type: { + name: "Uuid" + } + } + } + } + } + } +}; + export const SecurityMLAnalyticsSettingsDataSource: coreClient.CompositeMapper = { type: { name: "Composite", @@ -5002,13 +5785,6 @@ export const MstiDataConnectorDataTypes: coreClient.CompositeMapper = { name: "Composite", className: "MstiDataConnectorDataTypes", modelProperties: { - bingSafetyPhishingURL: { - serializedName: "bingSafetyPhishingURL", - type: { - name: "Composite", - className: "MstiDataConnectorDataTypesBingSafetyPhishingURL" - } - }, microsoftEmergingThreatFeed: { serializedName: "microsoftEmergingThreatFeed", type: { @@ -5031,6 +5807,34 @@ export const MTPDataConnectorDataTypes: coreClient.CompositeMapper = { name: "Composite", className: "MTPDataConnectorDataTypesIncidents" } + }, + alerts: { + serializedName: "alerts", + type: { + name: "Composite", + className: "MTPDataConnectorDataTypesAlerts" + } + } + } + } +}; + +export const MtpFilteredProviders: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "MtpFilteredProviders", + modelProperties: { + alerts: { + serializedName: "alerts", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } } } } @@ -5084,6 +5888,23 @@ export const Dynamics365DataConnectorDataTypes: coreClient.CompositeMapper = { } }; +export const MicrosoftPurviewInformationProtectionConnectorDataTypes: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "MicrosoftPurviewInformationProtectionConnectorDataTypes", + modelProperties: { + logs: { + serializedName: "logs", + type: { + name: "Composite", + className: + "MicrosoftPurviewInformationProtectionConnectorDataTypesLogs" + } + } + } + } +}; + export const Office365ProjectConnectorDataTypes: coreClient.CompositeMapper = { type: { name: "Composite", @@ -6247,6 +7068,23 @@ export const OfficeConsent: coreClient.CompositeMapper = { } }; +export const AzureEntityResource: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "AzureEntityResource", + modelProperties: { + ...Resource.type.modelProperties, + etag: { + serializedName: "etag", + readOnly: true, + type: { + name: "String" + } + } + } + } +}; + export const ActionResponseProperties: coreClient.CompositeMapper = { type: { name: "Composite", @@ -6385,6 +7223,27 @@ export const PropertyConditionProperties: coreClient.CompositeMapper = { } }; +export const AutomationRuleAddIncidentTaskAction: coreClient.CompositeMapper = { + serializedName: "AddIncidentTask", + type: { + name: "Composite", + className: "AutomationRuleAddIncidentTaskAction", + uberParent: "AutomationRuleAction", + polymorphicDiscriminator: + AutomationRuleAction.type.polymorphicDiscriminator, + modelProperties: { + ...AutomationRuleAction.type.modelProperties, + actionConfiguration: { + serializedName: "actionConfiguration", + type: { + name: "Composite", + className: "AddIncidentTaskActionProperties" + } + } + } + } +}; + export const AutomationRuleModifyPropertiesAction: coreClient.CompositeMapper = { serializedName: "ModifyProperties", type: { @@ -6720,6 +7579,24 @@ export const SecurityAlertTimelineItem: coreClient.CompositeMapper = { type: { name: "String" } + }, + intent: { + serializedName: "intent", + readOnly: true, + type: { + name: "String" + } + }, + techniques: { + serializedName: "techniques", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } } } } @@ -8816,6 +9693,26 @@ export const OfficeIRMCheckRequirements: coreClient.CompositeMapper = { } }; +export const MicrosoftPurviewInformationProtectionCheckRequirements: coreClient.CompositeMapper = { + serializedName: "MicrosoftPurviewInformationProtection", + type: { + name: "Composite", + className: "MicrosoftPurviewInformationProtectionCheckRequirements", + uberParent: "DataConnectorsCheckRequirements", + polymorphicDiscriminator: + DataConnectorsCheckRequirements.type.polymorphicDiscriminator, + modelProperties: { + ...DataConnectorsCheckRequirements.type.modelProperties, + tenantId: { + serializedName: "properties.tenantId", + type: { + name: "String" + } + } + } + } +}; + export const Office365ProjectCheckRequirements: coreClient.CompositeMapper = { serializedName: "Office365Project", type: { @@ -9297,6 +10194,17 @@ export const OfficeIRMCheckRequirementsProperties: coreClient.CompositeMapper = } }; +export const MicrosoftPurviewInformationProtectionCheckRequirementsProperties: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: + "MicrosoftPurviewInformationProtectionCheckRequirementsProperties", + modelProperties: { + ...DataConnectorTenantId.type.modelProperties + } + } +}; + export const Office365ProjectCheckRequirementsProperties: coreClient.CompositeMapper = { type: { name: "Composite", @@ -9377,6 +10285,13 @@ export const MTPDataConnectorProperties: coreClient.CompositeMapper = { name: "Composite", className: "MTPDataConnectorDataTypes" } + }, + filteredProviders: { + serializedName: "filteredProviders", + type: { + name: "Composite", + className: "MtpFilteredProviders" + } } } } @@ -9438,6 +10353,23 @@ export const OfficeATPDataConnectorProperties: coreClient.CompositeMapper = { } }; +export const MicrosoftPurviewInformationProtectionDataConnectorProperties: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "MicrosoftPurviewInformationProtectionDataConnectorProperties", + modelProperties: { + ...DataConnectorTenantId.type.modelProperties, + dataTypes: { + serializedName: "dataTypes", + type: { + name: "Composite", + className: "MicrosoftPurviewInformationProtectionConnectorDataTypes" + } + } + } + } +}; + export const Office365ProjectDataConnectorProperties: coreClient.CompositeMapper = { type: { name: "Composite", @@ -9652,23 +10584,6 @@ export const McasDataConnectorDataTypes: coreClient.CompositeMapper = { } }; -export const MstiDataConnectorDataTypesBingSafetyPhishingURL: coreClient.CompositeMapper = { - type: { - name: "Composite", - className: "MstiDataConnectorDataTypesBingSafetyPhishingURL", - modelProperties: { - ...DataConnectorDataTypeCommon.type.modelProperties, - lookbackPeriod: { - serializedName: "lookbackPeriod", - required: true, - type: { - name: "String" - } - } - } - } -}; - export const MstiDataConnectorDataTypesMicrosoftEmergingThreatFeed: coreClient.CompositeMapper = { type: { name: "Composite", @@ -9696,6 +10611,16 @@ export const MTPDataConnectorDataTypesIncidents: coreClient.CompositeMapper = { } }; +export const MTPDataConnectorDataTypesAlerts: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "MTPDataConnectorDataTypesAlerts", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + export const AwsCloudTrailDataConnectorDataTypesLogs: coreClient.CompositeMapper = { type: { name: "Composite", @@ -9726,6 +10651,16 @@ export const Dynamics365DataConnectorDataTypesDynamics365CdsActivities: coreClie } }; +export const MicrosoftPurviewInformationProtectionConnectorDataTypesLogs: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "MicrosoftPurviewInformationProtectionConnectorDataTypesLogs", + modelProperties: { + ...DataConnectorDataTypeCommon.type.modelProperties + } + } +}; + export const Office365ProjectConnectorDataTypesLogs: coreClient.CompositeMapper = { type: { name: "Composite", @@ -10244,62 +11179,53 @@ export const Incident: coreClient.CompositeMapper = { className: "Incident", modelProperties: { ...ResourceWithEtag.type.modelProperties, - additionalData: { - serializedName: "properties.additionalData", - type: { - name: "Composite", - className: "IncidentAdditionalData" - } - }, - classification: { - serializedName: "properties.classification", + title: { + serializedName: "properties.title", type: { name: "String" } }, - classificationComment: { - serializedName: "properties.classificationComment", + description: { + serializedName: "properties.description", type: { name: "String" } }, - classificationReason: { - serializedName: "properties.classificationReason", + severity: { + serializedName: "properties.severity", type: { name: "String" } }, - createdTimeUtc: { - serializedName: "properties.createdTimeUtc", - readOnly: true, + status: { + serializedName: "properties.status", type: { - name: "DateTime" + name: "String" } }, - description: { - serializedName: "properties.description", + classification: { + serializedName: "properties.classification", type: { name: "String" } }, - firstActivityTimeUtc: { - serializedName: "properties.firstActivityTimeUtc", + classificationReason: { + serializedName: "properties.classificationReason", type: { - name: "DateTime" + name: "String" } }, - incidentUrl: { - serializedName: "properties.incidentUrl", - readOnly: true, + classificationComment: { + serializedName: "properties.classificationComment", type: { name: "String" } }, - incidentNumber: { - serializedName: "properties.incidentNumber", - readOnly: true, + owner: { + serializedName: "properties.owner", type: { - name: "Number" + name: "Composite", + className: "IncidentOwnerInfo" } }, labels: { @@ -10314,16 +11240,10 @@ export const Incident: coreClient.CompositeMapper = { } } }, - providerName: { - serializedName: "properties.providerName", - type: { - name: "String" - } - }, - providerIncidentId: { - serializedName: "properties.providerIncidentId", + firstActivityTimeUtc: { + serializedName: "properties.firstActivityTimeUtc", type: { - name: "String" + name: "DateTime" } }, lastActivityTimeUtc: { @@ -10339,11 +11259,25 @@ export const Incident: coreClient.CompositeMapper = { name: "DateTime" } }, - owner: { - serializedName: "properties.owner", + createdTimeUtc: { + serializedName: "properties.createdTimeUtc", + readOnly: true, + type: { + name: "DateTime" + } + }, + incidentNumber: { + serializedName: "properties.incidentNumber", + readOnly: true, + type: { + name: "Number" + } + }, + additionalData: { + serializedName: "properties.additionalData", type: { name: "Composite", - className: "IncidentOwnerInfo" + className: "IncidentAdditionalData" } }, relatedAnalyticRuleIds: { @@ -10358,14 +11292,22 @@ export const Incident: coreClient.CompositeMapper = { } } }, - severity: { - serializedName: "properties.severity", + incidentUrl: { + serializedName: "properties.incidentUrl", + readOnly: true, type: { name: "String" } }, - status: { - serializedName: "properties.status", + providerName: { + serializedName: "properties.providerName", + type: { + name: "String" + } + }, + providerIncidentId: { + serializedName: "properties.providerIncidentId", + readOnly: true, type: { name: "String" } @@ -10376,12 +11318,6 @@ export const Incident: coreClient.CompositeMapper = { name: "Composite", className: "TeamInformation" } - }, - title: { - serializedName: "properties.title", - type: { - name: "String" - } } } } @@ -10393,6 +11329,12 @@ export const IncidentComment: coreClient.CompositeMapper = { className: "IncidentComment", modelProperties: { ...ResourceWithEtag.type.modelProperties, + message: { + serializedName: "properties.message", + type: { + name: "String" + } + }, createdTimeUtc: { serializedName: "properties.createdTimeUtc", readOnly: true, @@ -10407,14 +11349,66 @@ export const IncidentComment: coreClient.CompositeMapper = { name: "DateTime" } }, - message: { - serializedName: "properties.message", + author: { + serializedName: "properties.author", + type: { + name: "Composite", + className: "ClientInfo" + } + } + } + } +}; + +export const IncidentTask: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "IncidentTask", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + title: { + serializedName: "properties.title", + required: true, type: { name: "String" } }, - author: { - serializedName: "properties.author", + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + status: { + serializedName: "properties.status", + required: true, + type: { + name: "String" + } + }, + createdTimeUtc: { + serializedName: "properties.createdTimeUtc", + readOnly: true, + type: { + name: "DateTime" + } + }, + lastModifiedTimeUtc: { + serializedName: "properties.lastModifiedTimeUtc", + readOnly: true, + type: { + name: "DateTime" + } + }, + createdBy: { + serializedName: "properties.createdBy", + type: { + name: "Composite", + className: "ClientInfo" + } + }, + lastModifiedBy: { + serializedName: "properties.lastModifiedBy", type: { name: "Composite", className: "ClientInfo" @@ -10889,6 +11883,51 @@ export const ThreatIntelligenceInformation: coreClient.CompositeMapper = { } }; +export const TriggeredAnalyticsRuleRun: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "TriggeredAnalyticsRuleRun", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + executionTimeUtc: { + serializedName: "properties.executionTimeUtc", + required: true, + type: { + name: "DateTime" + } + }, + ruleId: { + serializedName: "properties.ruleId", + required: true, + type: { + name: "String" + } + }, + triggeredAnalyticsRuleRunId: { + serializedName: "properties.triggeredAnalyticsRuleRunId", + required: true, + type: { + name: "String" + } + }, + provisioningState: { + serializedName: "properties.provisioningState", + required: true, + type: { + name: "String" + } + }, + ruleRunAdditionalData: { + serializedName: "properties.ruleRunAdditionalData", + type: { + name: "Dictionary", + value: { type: { name: "any" } } + } + } + } + } +}; + export const Watchlist: coreClient.CompositeMapper = { type: { name: "Composite", @@ -11077,29 +12116,79 @@ export const WatchlistItem: coreClient.CompositeMapper = { createdBy: { serializedName: "properties.createdBy", type: { - name: "Composite", - className: "UserInfo" + name: "Composite", + className: "UserInfo" + } + }, + updatedBy: { + serializedName: "properties.updatedBy", + type: { + name: "Composite", + className: "UserInfo" + } + }, + itemsKeyValue: { + serializedName: "properties.itemsKeyValue", + type: { + name: "Dictionary", + value: { type: { name: "any" } } + } + }, + entityMapping: { + serializedName: "properties.entityMapping", + type: { + name: "Dictionary", + value: { type: { name: "any" } } + } + } + } + } +}; + +export const Job: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "Job", + modelProperties: { + ...ResourceWithEtag.type.modelProperties, + endTime: { + serializedName: "properties.endTime", + readOnly: true, + type: { + name: "DateTime" + } + }, + items: { + serializedName: "properties.items", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "JobItem" + } + } } }, - updatedBy: { - serializedName: "properties.updatedBy", + provisioningState: { + serializedName: "properties.provisioningState", + readOnly: true, type: { - name: "Composite", - className: "UserInfo" + name: "String" } }, - itemsKeyValue: { - serializedName: "properties.itemsKeyValue", + startTime: { + serializedName: "properties.startTime", + readOnly: true, type: { - name: "Dictionary", - value: { type: { name: "any" } } + name: "DateTime" } }, - entityMapping: { - serializedName: "properties.entityMapping", + errorMessage: { + serializedName: "properties.errorMessage", + readOnly: true, type: { - name: "Dictionary", - value: { type: { name: "any" } } + name: "String" } } } @@ -11672,6 +12761,18 @@ export const ScheduledAlertRuleTemplate: coreClient.CompositeMapper = { name: "Composite", className: "AlertDetailsOverride" } + }, + sentinelEntitiesMappings: { + serializedName: "properties.sentinelEntitiesMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SentinelEntityMapping" + } + } + } } } } @@ -11808,6 +12909,18 @@ export const NrtAlertRuleTemplate: coreClient.CompositeMapper = { name: "Composite", className: "EventGroupingSettings" } + }, + sentinelEntitiesMappings: { + serializedName: "properties.sentinelEntitiesMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SentinelEntityMapping" + } + } + } } } } @@ -11827,9 +12940,7 @@ export const SecurityAlert: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12053,9 +13164,7 @@ export const HuntingBookmark: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12157,9 +13266,7 @@ export const AccountEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12271,9 +13378,7 @@ export const AzureResourceEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12315,9 +13420,7 @@ export const CloudApplicationEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12366,9 +13469,7 @@ export const DnsEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12429,9 +13530,7 @@ export const FileEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12492,9 +13591,7 @@ export const FileHashEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12536,9 +13633,7 @@ export const HostEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12629,9 +13724,7 @@ export const IoTDeviceEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12875,9 +13968,7 @@ export const IpEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12932,9 +14023,7 @@ export const MailboxEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -12990,9 +14079,7 @@ export const MailClusterEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13138,9 +14225,7 @@ export const MailMessageEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13373,9 +14458,7 @@ export const MalwareEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13441,9 +14524,7 @@ export const ProcessEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13534,9 +14615,7 @@ export const RegistryKeyEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13578,9 +14657,7 @@ export const RegistryValueEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13636,9 +14713,7 @@ export const SecurityGroupEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13687,9 +14762,7 @@ export const SubmissionMailEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13787,9 +14860,7 @@ export const UrlEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13824,9 +14895,7 @@ export const NicEntity: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -13947,6 +15016,119 @@ export const ActivityEntityQueryTemplate: coreClient.CompositeMapper = { } }; +export const WorkspaceManagerGroup: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "WorkspaceManagerGroup", + modelProperties: { + ...AzureEntityResource.type.modelProperties, + description: { + serializedName: "properties.description", + type: { + name: "String" + } + }, + displayName: { + serializedName: "properties.displayName", + type: { + name: "String" + } + }, + memberResourceNames: { + serializedName: "properties.memberResourceNames", + type: { + name: "Sequence", + element: { + type: { + name: "String" + } + } + } + } + } + } +}; + +export const WorkspaceManagerAssignment: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "WorkspaceManagerAssignment", + modelProperties: { + ...AzureEntityResource.type.modelProperties, + targetResourceName: { + serializedName: "properties.targetResourceName", + type: { + name: "String" + } + }, + lastJobEndTime: { + serializedName: "properties.lastJobEndTime", + readOnly: true, + type: { + name: "DateTime" + } + }, + lastJobProvisioningState: { + serializedName: "properties.lastJobProvisioningState", + readOnly: true, + type: { + name: "String" + } + }, + items: { + serializedName: "properties.items", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "AssignmentItem" + } + } + } + } + } + } +}; + +export const WorkspaceManagerConfiguration: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "WorkspaceManagerConfiguration", + modelProperties: { + ...AzureEntityResource.type.modelProperties, + mode: { + serializedName: "properties.mode", + type: { + name: "String" + } + } + } + } +}; + +export const WorkspaceManagerMember: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "WorkspaceManagerMember", + modelProperties: { + ...AzureEntityResource.type.modelProperties, + targetWorkspaceId: { + serializedName: "properties.targetWorkspaceId", + type: { + name: "String" + } + }, + targetWorkspaceTenantId: { + serializedName: "properties.targetWorkspaceTenantId", + type: { + name: "String" + } + } + } + } +}; + export const MLBehaviorAnalyticsAlertRuleTemplateProperties: coreClient.CompositeMapper = { type: { name: "Composite", @@ -14408,6 +15590,18 @@ export const ScheduledAlertRule: coreClient.CompositeMapper = { className: "AlertDetailsOverride" } }, + sentinelEntitiesMappings: { + serializedName: "properties.sentinelEntitiesMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SentinelEntityMapping" + } + } + } + }, alertRuleTemplateName: { serializedName: "properties.alertRuleTemplateName", type: { @@ -14621,6 +15815,18 @@ export const NrtAlertRule: coreClient.CompositeMapper = { name: "Composite", className: "EventGroupingSettings" } + }, + sentinelEntitiesMappings: { + serializedName: "properties.sentinelEntitiesMappings", + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "SentinelEntityMapping" + } + } + } } } } @@ -15099,9 +16305,7 @@ export const ThreatIntelligenceIndicatorModel: coreClient.CompositeMapper = { readOnly: true, type: { name: "Dictionary", - value: { - type: { name: "Dictionary", value: { type: { name: "any" } } } - } + value: { type: { name: "any" } } } }, friendlyName: { @@ -15406,6 +16610,13 @@ export const MTPDataConnector: coreClient.CompositeMapper = { name: "Composite", className: "MTPDataConnectorDataTypes" } + }, + filteredProviders: { + serializedName: "properties.filteredProviders", + type: { + name: "Composite", + className: "MtpFilteredProviders" + } } } } @@ -15610,6 +16821,32 @@ export const OfficeATPDataConnector: coreClient.CompositeMapper = { } }; +export const MicrosoftPurviewInformationProtectionDataConnector: coreClient.CompositeMapper = { + serializedName: "MicrosoftPurviewInformationProtection", + type: { + name: "Composite", + className: "MicrosoftPurviewInformationProtectionDataConnector", + uberParent: "DataConnector", + polymorphicDiscriminator: DataConnector.type.polymorphicDiscriminator, + modelProperties: { + ...DataConnector.type.modelProperties, + tenantId: { + serializedName: "properties.tenantId", + type: { + name: "String" + } + }, + dataTypes: { + serializedName: "properties.dataTypes", + type: { + name: "Composite", + className: "MicrosoftPurviewInformationProtectionConnectorDataTypes" + } + } + } + } +}; + export const Office365ProjectDataConnector: coreClient.CompositeMapper = { serializedName: "Office365Project", type: { @@ -15922,6 +17159,21 @@ export const CodelessApiPollingDataConnector: coreClient.CompositeMapper = { } }; +export const AlertRuleTriggerRuleRunHeaders: coreClient.CompositeMapper = { + type: { + name: "Composite", + className: "AlertRuleTriggerRuleRunHeaders", + modelProperties: { + location: { + serializedName: "location", + type: { + name: "String" + } + } + } + } +}; + export const WatchlistsDeleteHeaders: coreClient.CompositeMapper = { type: { name: "Composite", @@ -15966,6 +17218,7 @@ export let discriminators = { "AutomationRuleCondition.PropertyArray": PropertyArrayConditionProperties, "AutomationRuleCondition.PropertyChanged": PropertyChangedConditionProperties, "AutomationRuleCondition.Property": PropertyConditionProperties, + "AutomationRuleAction.AddIncidentTask": AutomationRuleAddIncidentTaskAction, "AutomationRuleAction.ModifyProperties": AutomationRuleModifyPropertiesAction, "AutomationRuleAction.RunPlaybook": AutomationRuleRunPlaybookAction, "EntityTimelineItem.Activity": ActivityTimelineItem, @@ -15985,6 +17238,7 @@ export let discriminators = { "DataConnectorsCheckRequirements.MicrosoftThreatProtection": MtpCheckRequirements, "DataConnectorsCheckRequirements.OfficeATP": OfficeATPCheckRequirements, "DataConnectorsCheckRequirements.OfficeIRM": OfficeIRMCheckRequirements, + "DataConnectorsCheckRequirements.MicrosoftPurviewInformationProtection": MicrosoftPurviewInformationProtectionCheckRequirements, "DataConnectorsCheckRequirements.Office365Project": Office365ProjectCheckRequirements, "DataConnectorsCheckRequirements.OfficePowerBI": OfficePowerBICheckRequirements, "DataConnectorsCheckRequirements.ThreatIntelligence": TICheckRequirements, @@ -16051,6 +17305,7 @@ export let discriminators = { "DataConnector.MicrosoftCloudAppSecurity": McasDataConnector, "DataConnector.Dynamics365": Dynamics365DataConnector, "DataConnector.OfficeATP": OfficeATPDataConnector, + "DataConnector.MicrosoftPurviewInformationProtection": MicrosoftPurviewInformationProtectionDataConnector, "DataConnector.Office365Project": Office365ProjectDataConnector, "DataConnector.OfficePowerBI": OfficePowerBIDataConnector, "DataConnector.OfficeIRM": OfficeIRMDataConnector, diff --git a/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts b/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts index dd3bcead9d0b..c1463c1d4d3f 100644 --- a/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts +++ b/sdk/securityinsight/arm-securityinsight/src/models/parameters.ts @@ -15,18 +15,20 @@ import { AlertRule as AlertRuleMapper, ActionRequest as ActionRequestMapper, AutomationRule as AutomationRuleMapper, + EntityManualTriggerRequestBody as EntityManualTriggerRequestBodyMapper, + EntityExpandParameters as EntityExpandParametersMapper, + EntityGetInsightsParameters as EntityGetInsightsParametersMapper, ManualTriggerRequestBody as ManualTriggerRequestBodyMapper, Incident as IncidentMapper, - TeamProperties as TeamPropertiesMapper, + TeamInformation as TeamInformationMapper, Bookmark as BookmarkMapper, Relation as RelationMapper, BookmarkExpandParameters as BookmarkExpandParametersMapper, - EntityExpandParameters as EntityExpandParametersMapper, - EntityGetInsightsParameters as EntityGetInsightsParametersMapper, EntityTimelineParameters as EntityTimelineParametersMapper, CustomEntityQuery as CustomEntityQueryMapper, FileImport as FileImportMapper, IncidentComment as IncidentCommentMapper, + IncidentTask as IncidentTaskMapper, MetadataModel as MetadataModelMapper, MetadataPatch as MetadataPatchMapper, SentinelOnboardingState as SentinelOnboardingStateMapper, @@ -36,8 +38,13 @@ import { ThreatIntelligenceIndicatorModel as ThreatIntelligenceIndicatorModelMapper, ThreatIntelligenceFilteringCriteria as ThreatIntelligenceFilteringCriteriaMapper, ThreatIntelligenceAppendTags as ThreatIntelligenceAppendTagsMapper, + AnalyticsRuleRunTrigger as AnalyticsRuleRunTriggerMapper, Watchlist as WatchlistMapper, WatchlistItem as WatchlistItemMapper, + WorkspaceManagerGroup as WorkspaceManagerGroupMapper, + WorkspaceManagerAssignment as WorkspaceManagerAssignmentMapper, + WorkspaceManagerConfiguration as WorkspaceManagerConfigurationMapper, + WorkspaceManagerMember as WorkspaceManagerMemberMapper, DataConnector as DataConnectorMapper, DataConnectorConnectBody as DataConnectorConnectBodyMapper, DataConnectorsCheckRequirements as DataConnectorsCheckRequirementsMapper @@ -70,7 +77,7 @@ export const $host: OperationURLParameter = { export const apiVersion: OperationQueryParameter = { parameterPath: "apiVersion", mapper: { - defaultValue: "2022-09-01-preview", + defaultValue: "2023-04-01-preview", isConstant: true, serializedName: "api-version", type: { @@ -112,6 +119,7 @@ export const workspaceName: OperationURLParameter = { parameterPath: "workspaceName", mapper: { constraints: { + Pattern: new RegExp("^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$"), MaxLength: 90, MinLength: 1 }, @@ -207,6 +215,54 @@ export const automationRuleToUpsert: OperationParameter = { }; export const requestBody: OperationParameter = { + parameterPath: ["options", "requestBody"], + mapper: EntityManualTriggerRequestBodyMapper +}; + +export const entityIdentifier: OperationURLParameter = { + parameterPath: "entityIdentifier", + mapper: { + serializedName: "entityIdentifier", + required: true, + type: { + name: "String" + } + } +}; + +export const entityId: OperationURLParameter = { + parameterPath: "entityId", + mapper: { + serializedName: "entityId", + required: true, + type: { + name: "String" + } + } +}; + +export const parameters: OperationParameter = { + parameterPath: "parameters", + mapper: EntityExpandParametersMapper +}; + +export const kind: OperationQueryParameter = { + parameterPath: "kind", + mapper: { + serializedName: "kind", + required: true, + type: { + name: "String" + } + } +}; + +export const parameters1: OperationParameter = { + parameterPath: "parameters", + mapper: EntityGetInsightsParametersMapper +}; + +export const requestBody1: OperationParameter = { parameterPath: ["options", "requestBody"], mapper: ManualTriggerRequestBodyMapper }; @@ -280,7 +336,7 @@ export const incident: OperationParameter = { export const teamProperties: OperationParameter = { parameterPath: "teamProperties", - mapper: TeamPropertiesMapper + mapper: TeamInformationMapper }; export const bookmarkId: OperationURLParameter = { @@ -315,7 +371,7 @@ export const relation: OperationParameter = { mapper: RelationMapper }; -export const parameters: OperationParameter = { +export const parameters2: OperationParameter = { parameterPath: "parameters", mapper: BookmarkExpandParametersMapper }; @@ -342,38 +398,6 @@ export const domain: OperationQueryParameter = { } }; -export const entityId: OperationURLParameter = { - parameterPath: "entityId", - mapper: { - serializedName: "entityId", - required: true, - type: { - name: "String" - } - } -}; - -export const parameters1: OperationParameter = { - parameterPath: "parameters", - mapper: EntityExpandParametersMapper -}; - -export const kind: OperationQueryParameter = { - parameterPath: "kind", - mapper: { - serializedName: "kind", - required: true, - type: { - name: "String" - } - } -}; - -export const parameters2: OperationParameter = { - parameterPath: "parameters", - mapper: EntityGetInsightsParametersMapper -}; - export const parameters3: OperationParameter = { parameterPath: "parameters", mapper: EntityTimelineParametersMapper @@ -460,6 +484,22 @@ export const incidentComment: OperationParameter = { mapper: IncidentCommentMapper }; +export const incidentTaskId: OperationURLParameter = { + parameterPath: "incidentTaskId", + mapper: { + serializedName: "incidentTaskId", + required: true, + type: { + name: "String" + } + } +}; + +export const incidentTask: OperationParameter = { + parameterPath: "incidentTask", + mapper: IncidentTaskMapper +}; + export const skip: OperationQueryParameter = { parameterPath: ["options", "skip"], mapper: { @@ -473,6 +513,9 @@ export const skip: OperationQueryParameter = { export const metadataName: OperationURLParameter = { parameterPath: "metadataName", mapper: { + constraints: { + Pattern: new RegExp("^\\S+$") + }, serializedName: "metadataName", required: true, type: { @@ -518,6 +561,34 @@ export const sentinelOnboardingStateParameter: OperationParameter = { mapper: SentinelOnboardingStateMapper }; +export const recommendationId: OperationURLParameter = { + parameterPath: "recommendationId", + mapper: { + serializedName: "recommendationId", + required: true, + type: { + name: "Uuid" + } + } +}; + +export const recommendationPatch: OperationParameter = { + parameterPath: "recommendationPatch", + mapper: { + serializedName: "recommendationPatch", + required: true, + type: { + name: "Sequence", + element: { + type: { + name: "Composite", + className: "RecommendationPatch" + } + } + } + } +}; + export const settingsResourceName: OperationURLParameter = { parameterPath: "settingsResourceName", mapper: { @@ -608,6 +679,22 @@ export const threatIntelligenceReplaceTags: OperationParameter = { mapper: ThreatIntelligenceIndicatorModelMapper }; +export const ruleRunId: OperationURLParameter = { + parameterPath: "ruleRunId", + mapper: { + serializedName: "ruleRunId", + required: true, + type: { + name: "String" + } + } +}; + +export const analyticsRuleRunTriggerParameter: OperationParameter = { + parameterPath: "analyticsRuleRunTriggerParameter", + mapper: AnalyticsRuleRunTriggerMapper +}; + export const watchlistAlias: OperationURLParameter = { parameterPath: "watchlistAlias", mapper: { @@ -640,6 +727,96 @@ export const watchlistItem: OperationParameter = { mapper: WatchlistItemMapper }; +export const workspaceManagerGroupName: OperationURLParameter = { + parameterPath: "workspaceManagerGroupName", + mapper: { + constraints: { + Pattern: new RegExp("^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$") + }, + serializedName: "workspaceManagerGroupName", + required: true, + type: { + name: "String" + } + } +}; + +export const workspaceManagerGroup: OperationParameter = { + parameterPath: "workspaceManagerGroup", + mapper: WorkspaceManagerGroupMapper +}; + +export const workspaceManagerAssignmentName: OperationURLParameter = { + parameterPath: "workspaceManagerAssignmentName", + mapper: { + constraints: { + Pattern: new RegExp("^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$") + }, + serializedName: "workspaceManagerAssignmentName", + required: true, + type: { + name: "String" + } + } +}; + +export const workspaceManagerAssignment: OperationParameter = { + parameterPath: "workspaceManagerAssignment", + mapper: WorkspaceManagerAssignmentMapper +}; + +export const jobName: OperationURLParameter = { + parameterPath: "jobName", + mapper: { + constraints: { + Pattern: new RegExp("^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$") + }, + serializedName: "jobName", + required: true, + type: { + name: "String" + } + } +}; + +export const workspaceManagerConfigurationName: OperationURLParameter = { + parameterPath: "workspaceManagerConfigurationName", + mapper: { + constraints: { + Pattern: new RegExp("^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$") + }, + serializedName: "workspaceManagerConfigurationName", + required: true, + type: { + name: "String" + } + } +}; + +export const workspaceManagerConfiguration: OperationParameter = { + parameterPath: "workspaceManagerConfiguration", + mapper: WorkspaceManagerConfigurationMapper +}; + +export const workspaceManagerMemberName: OperationURLParameter = { + parameterPath: "workspaceManagerMemberName", + mapper: { + constraints: { + Pattern: new RegExp("^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$") + }, + serializedName: "workspaceManagerMemberName", + required: true, + type: { + name: "String" + } + } +}; + +export const workspaceManagerMember: OperationParameter = { + parameterPath: "workspaceManagerMember", + mapper: WorkspaceManagerMemberMapper +}; + export const dataConnectorId: OperationURLParameter = { parameterPath: "dataConnectorId", mapper: { diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/alertRuleOperations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/alertRuleOperations.ts new file mode 100644 index 000000000000..d296c8917879 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/alertRuleOperations.ts @@ -0,0 +1,181 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { AlertRuleOperations } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + SimplePollerLike, + OperationState, + createHttpPoller +} from "@azure/core-lro"; +import { createLroSpec } from "../lroImpl"; +import { + AnalyticsRuleRunTrigger, + AlertRuleTriggerRuleRunOptionalParams, + AlertRuleTriggerRuleRunResponse +} from "../models"; + +/** Class containing AlertRuleOperations operations. */ +export class AlertRuleOperationsImpl implements AlertRuleOperations { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class AlertRuleOperations class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * triggers analytics rule run + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param analyticsRuleRunTriggerParameter The Analytics Rule Run Trigger parameter + * @param options The options parameters. + */ + async beginTriggerRuleRun( + resourceGroupName: string, + workspaceName: string, + ruleId: string, + analyticsRuleRunTriggerParameter: AnalyticsRuleRunTrigger, + options?: AlertRuleTriggerRuleRunOptionalParams + ): Promise< + SimplePollerLike< + OperationState, + AlertRuleTriggerRuleRunResponse + > + > { + const directSendOperation = async ( + args: coreClient.OperationArguments, + spec: coreClient.OperationSpec + ): Promise => { + return this.client.sendOperationRequest(args, spec); + }; + const sendOperationFn = async ( + args: coreClient.OperationArguments, + spec: coreClient.OperationSpec + ) => { + let currentRawResponse: + | coreClient.FullOperationResponse + | undefined = undefined; + const providedCallback = args.options?.onResponse; + const callback: coreClient.RawResponseCallback = ( + rawResponse: coreClient.FullOperationResponse, + flatResponse: unknown + ) => { + currentRawResponse = rawResponse; + providedCallback?.(rawResponse, flatResponse); + }; + const updatedArgs = { + ...args, + options: { + ...args.options, + onResponse: callback + } + }; + const flatResponse = await directSendOperation(updatedArgs, spec); + return { + flatResponse, + rawResponse: { + statusCode: currentRawResponse!.status, + body: currentRawResponse!.parsedBody, + headers: currentRawResponse!.headers.toJSON() + } + }; + }; + + const lro = createLroSpec({ + sendOperationFn, + args: { + resourceGroupName, + workspaceName, + ruleId, + analyticsRuleRunTriggerParameter, + options + }, + spec: triggerRuleRunOperationSpec + }); + const poller = await createHttpPoller< + AlertRuleTriggerRuleRunResponse, + OperationState + >(lro, { + restoreFrom: options?.resumeFrom, + intervalInMs: options?.updateIntervalInMs, + resourceLocationConfig: "location" + }); + await poller.poll(); + return poller; + } + + /** + * triggers analytics rule run + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param analyticsRuleRunTriggerParameter The Analytics Rule Run Trigger parameter + * @param options The options parameters. + */ + async beginTriggerRuleRunAndWait( + resourceGroupName: string, + workspaceName: string, + ruleId: string, + analyticsRuleRunTriggerParameter: AnalyticsRuleRunTrigger, + options?: AlertRuleTriggerRuleRunOptionalParams + ): Promise { + const poller = await this.beginTriggerRuleRun( + resourceGroupName, + workspaceName, + ruleId, + analyticsRuleRunTriggerParameter, + options + ); + return poller.pollUntilDone(); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const triggerRuleRunOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/triggerRuleRun", + httpMethod: "POST", + responses: { + 200: { + headersMapper: Mappers.AlertRuleTriggerRuleRunHeaders + }, + 201: { + headersMapper: Mappers.AlertRuleTriggerRuleRunHeaders + }, + 202: { + headersMapper: Mappers.AlertRuleTriggerRuleRunHeaders + }, + 204: { + headersMapper: Mappers.AlertRuleTriggerRuleRunHeaders + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + requestBody: Parameters.analyticsRuleRunTriggerParameter, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.ruleId + ], + headerParameters: [Parameters.accept, Parameters.contentType], + mediaType: "json", + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkOperations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkOperations.ts index cd0a944ecdca..846da8040277 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkOperations.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operations/bookmarkOperations.ts @@ -65,7 +65,7 @@ const expandOperationSpec: coreClient.OperationSpec = { bodyMapper: Mappers.CloudError } }, - requestBody: Parameters.parameters, + requestBody: Parameters.parameters2, queryParameters: [Parameters.apiVersion], urlParameters: [ Parameters.$host, diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/entities.ts b/sdk/securityinsight/arm-securityinsight/src/operations/entities.ts index bb7626cae02f..04f800510bd5 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operations/entities.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operations/entities.ts @@ -18,6 +18,7 @@ import { EntitiesListNextOptionalParams, EntitiesListOptionalParams, EntitiesListResponse, + EntitiesRunPlaybookOptionalParams, EntitiesGetOptionalParams, EntitiesGetResponse, EntityExpandParameters, @@ -121,6 +122,25 @@ export class EntitiesImpl implements Entities { } } + /** + * Triggers playbook on a specific entity. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param entityIdentifier Entity identifier. + * @param options The options parameters. + */ + runPlaybook( + resourceGroupName: string, + workspaceName: string, + entityIdentifier: string, + options?: EntitiesRunPlaybookOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, entityIdentifier, options }, + runPlaybookOperationSpec + ); + } + /** * Gets all entities. * @param resourceGroupName The name of the resource group. The name is case insensitive. @@ -242,6 +262,29 @@ export class EntitiesImpl implements Entities { // Operation Specifications const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); +const runPlaybookOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityIdentifier}/runPlaybook", + httpMethod: "POST", + responses: { + 204: {}, + default: { + bodyMapper: Mappers.CloudError + } + }, + requestBody: Parameters.requestBody, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.entityIdentifier + ], + headerParameters: [Parameters.accept, Parameters.contentType], + mediaType: "json", + serializer +}; const listOperationSpec: coreClient.OperationSpec = { path: "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities", @@ -299,7 +342,7 @@ const expandOperationSpec: coreClient.OperationSpec = { bodyMapper: Mappers.CloudError } }, - requestBody: Parameters.parameters1, + requestBody: Parameters.parameters, queryParameters: [Parameters.apiVersion], urlParameters: [ Parameters.$host, @@ -347,7 +390,7 @@ const getInsightsOperationSpec: coreClient.OperationSpec = { bodyMapper: Mappers.CloudError } }, - requestBody: Parameters.parameters2, + requestBody: Parameters.parameters1, queryParameters: [Parameters.apiVersion], urlParameters: [ Parameters.$host, diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/entityRelations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/entityRelations.ts index e76d8ca12d13..68100fb6d6cf 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operations/entityRelations.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operations/entityRelations.ts @@ -70,8 +70,8 @@ const getRelationOperationSpec: coreClient.OperationSpec = { Parameters.subscriptionId, Parameters.resourceGroupName, Parameters.workspaceName, - Parameters.relationName, - Parameters.entityId + Parameters.entityId, + Parameters.relationName ], headerParameters: [Parameters.accept], serializer diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/fileImports.ts b/sdk/securityinsight/arm-securityinsight/src/operations/fileImports.ts index 2c61c29c476c..54c08b6e6cb3 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operations/fileImports.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operations/fileImports.ts @@ -13,8 +13,12 @@ import * as coreClient from "@azure/core-client"; import * as Mappers from "../models/mappers"; import * as Parameters from "../models/parameters"; import { SecurityInsights } from "../securityInsights"; -import { PollerLike, PollOperationState, LroEngine } from "@azure/core-lro"; -import { LroImpl } from "../lroImpl"; +import { + SimplePollerLike, + OperationState, + createHttpPoller +} from "@azure/core-lro"; +import { createLroSpec } from "../lroImpl"; import { FileImport, FileImportsListNextOptionalParams, @@ -188,8 +192,8 @@ export class FileImportsImpl implements FileImports { fileImportId: string, options?: FileImportsDeleteOptionalParams ): Promise< - PollerLike< - PollOperationState, + SimplePollerLike< + OperationState, FileImportsDeleteResponse > > { @@ -199,7 +203,7 @@ export class FileImportsImpl implements FileImports { ): Promise => { return this.client.sendOperationRequest(args, spec); }; - const sendOperation = async ( + const sendOperationFn = async ( args: coreClient.OperationArguments, spec: coreClient.OperationSpec ) => { @@ -232,15 +236,18 @@ export class FileImportsImpl implements FileImports { }; }; - const lro = new LroImpl( - sendOperation, - { resourceGroupName, workspaceName, fileImportId, options }, - deleteOperationSpec - ); - const poller = new LroEngine(lro, { - resumeFrom: options?.resumeFrom, + const lro = createLroSpec({ + sendOperationFn, + args: { resourceGroupName, workspaceName, fileImportId, options }, + spec: deleteOperationSpec + }); + const poller = await createHttpPoller< + FileImportsDeleteResponse, + OperationState + >(lro, { + restoreFrom: options?.resumeFrom, intervalInMs: options?.updateIntervalInMs, - lroResourceLocationConfig: "location" + resourceLocationConfig: "location" }); await poller.poll(); return poller; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/get.ts b/sdk/securityinsight/arm-securityinsight/src/operations/get.ts new file mode 100644 index 000000000000..3b420b7b9785 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/get.ts @@ -0,0 +1,75 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { Get } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + GetSingleRecommendationOptionalParams, + GetSingleRecommendationResponse +} from "../models"; + +/** Class containing Get operations. */ +export class GetImpl implements Get { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class Get class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Gets a recommendation by its id. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param recommendationId Recommendation Id. + * @param options The options parameters. + */ + singleRecommendation( + resourceGroupName: string, + workspaceName: string, + recommendationId: string, + options?: GetSingleRecommendationOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, recommendationId, options }, + singleRecommendationOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const singleRecommendationOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.Recommendation + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.recommendationId + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/getRecommendations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/getRecommendations.ts new file mode 100644 index 000000000000..b354ff342f93 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/getRecommendations.ts @@ -0,0 +1,72 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { GetRecommendations } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + GetRecommendationsListOptionalParams, + GetRecommendationsListResponse +} from "../models"; + +/** Class containing GetRecommendations operations. */ +export class GetRecommendationsImpl implements GetRecommendations { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class GetRecommendations class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Gets a list of all recommendations. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + options?: GetRecommendationsListOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, options }, + listOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const listOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.RecommendationList + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/getTriggeredAnalyticsRuleRuns.ts b/sdk/securityinsight/arm-securityinsight/src/operations/getTriggeredAnalyticsRuleRuns.ts new file mode 100644 index 000000000000..c6813493406d --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/getTriggeredAnalyticsRuleRuns.ts @@ -0,0 +1,195 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator, PageSettings } from "@azure/core-paging"; +import { setContinuationToken } from "../pagingHelper"; +import { GetTriggeredAnalyticsRuleRuns } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + TriggeredAnalyticsRuleRun, + GetTriggeredAnalyticsRuleRunsListNextOptionalParams, + GetTriggeredAnalyticsRuleRunsListOptionalParams, + GetTriggeredAnalyticsRuleRunsListResponse, + GetTriggeredAnalyticsRuleRunsListNextResponse +} from "../models"; + +/// +/** Class containing GetTriggeredAnalyticsRuleRuns operations. */ +export class GetTriggeredAnalyticsRuleRunsImpl + implements GetTriggeredAnalyticsRuleRuns { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class GetTriggeredAnalyticsRuleRuns class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Gets the triggered analytics rule runs. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + public list( + resourceGroupName: string, + workspaceName: string, + options?: GetTriggeredAnalyticsRuleRunsListOptionalParams + ): PagedAsyncIterableIterator { + const iter = this.listPagingAll(resourceGroupName, workspaceName, options); + return { + next() { + return iter.next(); + }, + [Symbol.asyncIterator]() { + return this; + }, + byPage: (settings?: PageSettings) => { + if (settings?.maxPageSize) { + throw new Error("maxPageSize is not supported by this operation."); + } + return this.listPagingPage( + resourceGroupName, + workspaceName, + options, + settings + ); + } + }; + } + + private async *listPagingPage( + resourceGroupName: string, + workspaceName: string, + options?: GetTriggeredAnalyticsRuleRunsListOptionalParams, + settings?: PageSettings + ): AsyncIterableIterator { + let result: GetTriggeredAnalyticsRuleRunsListResponse; + let continuationToken = settings?.continuationToken; + if (!continuationToken) { + result = await this._list(resourceGroupName, workspaceName, options); + let page = result.value || []; + continuationToken = result.nextLink; + setContinuationToken(page, continuationToken); + yield page; + } + while (continuationToken) { + result = await this._listNext( + resourceGroupName, + workspaceName, + continuationToken, + options + ); + continuationToken = result.nextLink; + let page = result.value || []; + setContinuationToken(page, continuationToken); + yield page; + } + } + + private async *listPagingAll( + resourceGroupName: string, + workspaceName: string, + options?: GetTriggeredAnalyticsRuleRunsListOptionalParams + ): AsyncIterableIterator { + for await (const page of this.listPagingPage( + resourceGroupName, + workspaceName, + options + )) { + yield* page; + } + } + + /** + * Gets the triggered analytics rule runs. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + private _list( + resourceGroupName: string, + workspaceName: string, + options?: GetTriggeredAnalyticsRuleRunsListOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, options }, + listOperationSpec + ); + } + + /** + * ListNext + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param nextLink The nextLink from the previous successful call to the List method. + * @param options The options parameters. + */ + private _listNext( + resourceGroupName: string, + workspaceName: string, + nextLink: string, + options?: GetTriggeredAnalyticsRuleRunsListNextOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, nextLink, options }, + listNextOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const listOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.TriggeredAnalyticsRuleRuns + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName + ], + headerParameters: [Parameters.accept], + serializer +}; +const listNextOperationSpec: coreClient.OperationSpec = { + path: "{nextLink}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.TriggeredAnalyticsRuleRuns + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.nextLink + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/incidentTasks.ts b/sdk/securityinsight/arm-securityinsight/src/operations/incidentTasks.ts new file mode 100644 index 000000000000..fa1f14f92b19 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/incidentTasks.ts @@ -0,0 +1,370 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator, PageSettings } from "@azure/core-paging"; +import { setContinuationToken } from "../pagingHelper"; +import { IncidentTasks } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + IncidentTask, + IncidentTasksListNextOptionalParams, + IncidentTasksListOptionalParams, + IncidentTasksListResponse, + IncidentTasksGetOptionalParams, + IncidentTasksGetResponse, + IncidentTasksCreateOrUpdateOptionalParams, + IncidentTasksCreateOrUpdateResponse, + IncidentTasksDeleteOptionalParams, + IncidentTasksListNextResponse +} from "../models"; + +/// +/** Class containing IncidentTasks operations. */ +export class IncidentTasksImpl implements IncidentTasks { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class IncidentTasks class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Gets all incident tasks. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The options parameters. + */ + public list( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + options?: IncidentTasksListOptionalParams + ): PagedAsyncIterableIterator { + const iter = this.listPagingAll( + resourceGroupName, + workspaceName, + incidentId, + options + ); + return { + next() { + return iter.next(); + }, + [Symbol.asyncIterator]() { + return this; + }, + byPage: (settings?: PageSettings) => { + if (settings?.maxPageSize) { + throw new Error("maxPageSize is not supported by this operation."); + } + return this.listPagingPage( + resourceGroupName, + workspaceName, + incidentId, + options, + settings + ); + } + }; + } + + private async *listPagingPage( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + options?: IncidentTasksListOptionalParams, + settings?: PageSettings + ): AsyncIterableIterator { + let result: IncidentTasksListResponse; + let continuationToken = settings?.continuationToken; + if (!continuationToken) { + result = await this._list( + resourceGroupName, + workspaceName, + incidentId, + options + ); + let page = result.value || []; + continuationToken = result.nextLink; + setContinuationToken(page, continuationToken); + yield page; + } + while (continuationToken) { + result = await this._listNext( + resourceGroupName, + workspaceName, + incidentId, + continuationToken, + options + ); + continuationToken = result.nextLink; + let page = result.value || []; + setContinuationToken(page, continuationToken); + yield page; + } + } + + private async *listPagingAll( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + options?: IncidentTasksListOptionalParams + ): AsyncIterableIterator { + for await (const page of this.listPagingPage( + resourceGroupName, + workspaceName, + incidentId, + options + )) { + yield* page; + } + } + + /** + * Gets all incident tasks. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The options parameters. + */ + private _list( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + options?: IncidentTasksListOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, incidentId, options }, + listOperationSpec + ); + } + + /** + * Gets an incident task. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentTaskId Incident task ID + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + incidentTaskId: string, + options?: IncidentTasksGetOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, incidentId, incidentTaskId, options }, + getOperationSpec + ); + } + + /** + * Creates or updates the incident task. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentTaskId Incident task ID + * @param incidentTask The incident task + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + incidentTaskId: string, + incidentTask: IncidentTask, + options?: IncidentTasksCreateOrUpdateOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + incidentId, + incidentTaskId, + incidentTask, + options + }, + createOrUpdateOperationSpec + ); + } + + /** + * Delete the incident task. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentTaskId Incident task ID + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + incidentTaskId: string, + options?: IncidentTasksDeleteOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, incidentId, incidentTaskId, options }, + deleteOperationSpec + ); + } + + /** + * ListNext + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param nextLink The nextLink from the previous successful call to the List method. + * @param options The options parameters. + */ + private _listNext( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + nextLink: string, + options?: IncidentTasksListNextOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, incidentId, nextLink, options }, + listNextOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const listOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.IncidentTaskList + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.incidentId + ], + headerParameters: [Parameters.accept], + serializer +}; +const getOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.IncidentTask + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.incidentId, + Parameters.incidentTaskId + ], + headerParameters: [Parameters.accept], + serializer +}; +const createOrUpdateOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}", + httpMethod: "PUT", + responses: { + 200: { + bodyMapper: Mappers.IncidentTask + }, + 201: { + bodyMapper: Mappers.IncidentTask + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + requestBody: Parameters.incidentTask, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.incidentId, + Parameters.incidentTaskId + ], + headerParameters: [Parameters.accept, Parameters.contentType], + mediaType: "json", + serializer +}; +const deleteOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}", + httpMethod: "DELETE", + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.incidentId, + Parameters.incidentTaskId + ], + headerParameters: [Parameters.accept], + serializer +}; +const listNextOperationSpec: coreClient.OperationSpec = { + path: "{nextLink}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.IncidentTaskList + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.nextLink, + Parameters.incidentId + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts b/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts index f4ed7f0e348b..3eda00aced3d 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operations/incidents.ts @@ -25,7 +25,7 @@ import { IncidentsCreateOrUpdateOptionalParams, IncidentsCreateOrUpdateResponse, IncidentsDeleteOptionalParams, - TeamProperties, + TeamInformation, IncidentsCreateTeamOptionalParams, IncidentsCreateTeamResponse, IncidentsListAlertsOptionalParams, @@ -234,7 +234,7 @@ export class IncidentsImpl implements Incidents { resourceGroupName: string, workspaceName: string, incidentId: string, - teamProperties: TeamProperties, + teamProperties: TeamInformation, options?: IncidentsCreateTeamOptionalParams ): Promise { return this.client.sendOperationRequest( @@ -336,7 +336,7 @@ const runPlaybookOperationSpec: coreClient.OperationSpec = { bodyMapper: Mappers.CloudError } }, - requestBody: Parameters.requestBody, + requestBody: Parameters.requestBody1, queryParameters: [Parameters.apiVersion], urlParameters: [ Parameters.$host, diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/index.ts b/sdk/securityinsight/arm-securityinsight/src/operations/index.ts index 6f66d834535e..956ef3ad7e90 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operations/index.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operations/index.ts @@ -10,13 +10,13 @@ export * from "./alertRules"; export * from "./actions"; export * from "./alertRuleTemplates"; export * from "./automationRules"; +export * from "./entities"; export * from "./incidents"; export * from "./bookmarks"; export * from "./bookmarkRelations"; export * from "./bookmarkOperations"; export * from "./iPGeodata"; export * from "./domainWhois"; -export * from "./entities"; export * from "./entitiesGetTimeline"; export * from "./entitiesRelations"; export * from "./entityRelations"; @@ -25,9 +25,13 @@ export * from "./entityQueryTemplates"; export * from "./fileImports"; export * from "./incidentComments"; export * from "./incidentRelations"; +export * from "./incidentTasks"; export * from "./metadata"; export * from "./officeConsents"; export * from "./sentinelOnboardingStates"; +export * from "./getRecommendations"; +export * from "./get"; +export * from "./update"; export * from "./securityMLAnalyticsSettings"; export * from "./productSettings"; export * from "./sourceControlOperations"; @@ -35,8 +39,16 @@ export * from "./sourceControls"; export * from "./threatIntelligenceIndicator"; export * from "./threatIntelligenceIndicators"; export * from "./threatIntelligenceIndicatorMetrics"; +export * from "./triggeredAnalyticsRuleRunOperations"; +export * from "./getTriggeredAnalyticsRuleRuns"; +export * from "./alertRuleOperations"; export * from "./watchlists"; export * from "./watchlistItems"; +export * from "./workspaceManagerGroups"; +export * from "./workspaceManagerAssignments"; +export * from "./workspaceManagerAssignmentJobs"; +export * from "./workspaceManagerConfigurations"; +export * from "./workspaceManagerMembers"; export * from "./dataConnectors"; export * from "./dataConnectorsCheckRequirementsOperations"; export * from "./operations"; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/triggeredAnalyticsRuleRunOperations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/triggeredAnalyticsRuleRunOperations.ts new file mode 100644 index 000000000000..2c3565718cc0 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/triggeredAnalyticsRuleRunOperations.ts @@ -0,0 +1,76 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { TriggeredAnalyticsRuleRunOperations } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + TriggeredAnalyticsRuleRunGetOptionalParams, + TriggeredAnalyticsRuleRunGetResponse +} from "../models"; + +/** Class containing TriggeredAnalyticsRuleRunOperations operations. */ +export class TriggeredAnalyticsRuleRunOperationsImpl + implements TriggeredAnalyticsRuleRunOperations { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class TriggeredAnalyticsRuleRunOperations class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Gets the triggered analytics rule run. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param ruleRunId the triggered rule id + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + ruleRunId: string, + options?: TriggeredAnalyticsRuleRunGetOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, ruleRunId, options }, + getOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const getOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns/{ruleRunId}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.TriggeredAnalyticsRuleRun + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.ruleRunId + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/update.ts b/sdk/securityinsight/arm-securityinsight/src/operations/update.ts new file mode 100644 index 000000000000..d6ff55439104 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/update.ts @@ -0,0 +1,180 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { Update } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + SimplePollerLike, + OperationState, + createHttpPoller +} from "@azure/core-lro"; +import { createLroSpec } from "../lroImpl"; +import { + RecommendationPatch, + UpdateRecommendationOptionalParams, + UpdateRecommendationResponse +} from "../models"; + +/** Class containing Update operations. */ +export class UpdateImpl implements Update { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class Update class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Patch a recommendation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param recommendationId Recommendation Id. + * @param recommendationPatch Recommendation Fields to Update. + * @param options The options parameters. + */ + async beginRecommendation( + resourceGroupName: string, + workspaceName: string, + recommendationId: string, + recommendationPatch: RecommendationPatch[], + options?: UpdateRecommendationOptionalParams + ): Promise< + SimplePollerLike< + OperationState, + UpdateRecommendationResponse + > + > { + const directSendOperation = async ( + args: coreClient.OperationArguments, + spec: coreClient.OperationSpec + ): Promise => { + return this.client.sendOperationRequest(args, spec); + }; + const sendOperationFn = async ( + args: coreClient.OperationArguments, + spec: coreClient.OperationSpec + ) => { + let currentRawResponse: + | coreClient.FullOperationResponse + | undefined = undefined; + const providedCallback = args.options?.onResponse; + const callback: coreClient.RawResponseCallback = ( + rawResponse: coreClient.FullOperationResponse, + flatResponse: unknown + ) => { + currentRawResponse = rawResponse; + providedCallback?.(rawResponse, flatResponse); + }; + const updatedArgs = { + ...args, + options: { + ...args.options, + onResponse: callback + } + }; + const flatResponse = await directSendOperation(updatedArgs, spec); + return { + flatResponse, + rawResponse: { + statusCode: currentRawResponse!.status, + body: currentRawResponse!.parsedBody, + headers: currentRawResponse!.headers.toJSON() + } + }; + }; + + const lro = createLroSpec({ + sendOperationFn, + args: { + resourceGroupName, + workspaceName, + recommendationId, + recommendationPatch, + options + }, + spec: recommendationOperationSpec + }); + const poller = await createHttpPoller< + UpdateRecommendationResponse, + OperationState + >(lro, { + restoreFrom: options?.resumeFrom, + intervalInMs: options?.updateIntervalInMs + }); + await poller.poll(); + return poller; + } + + /** + * Patch a recommendation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param recommendationId Recommendation Id. + * @param recommendationPatch Recommendation Fields to Update. + * @param options The options parameters. + */ + async beginRecommendationAndWait( + resourceGroupName: string, + workspaceName: string, + recommendationId: string, + recommendationPatch: RecommendationPatch[], + options?: UpdateRecommendationOptionalParams + ): Promise { + const poller = await this.beginRecommendation( + resourceGroupName, + workspaceName, + recommendationId, + recommendationPatch, + options + ); + return poller.pollUntilDone(); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const recommendationOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId}", + httpMethod: "PATCH", + responses: { + 200: { + bodyMapper: Mappers.Recommendation + }, + 201: { + bodyMapper: Mappers.Recommendation + }, + 202: { + bodyMapper: Mappers.Recommendation + }, + 204: { + bodyMapper: Mappers.Recommendation + }, + default: { + bodyMapper: Mappers.CloudError + } + }, + requestBody: Parameters.recommendationPatch, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.recommendationId + ], + headerParameters: [Parameters.accept, Parameters.contentType], + mediaType: "json", + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerAssignmentJobs.ts b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerAssignmentJobs.ts new file mode 100644 index 000000000000..1f933d3ffb19 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerAssignmentJobs.ts @@ -0,0 +1,387 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator, PageSettings } from "@azure/core-paging"; +import { setContinuationToken } from "../pagingHelper"; +import { WorkspaceManagerAssignmentJobs } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + Job, + WorkspaceManagerAssignmentJobsListNextOptionalParams, + WorkspaceManagerAssignmentJobsListOptionalParams, + WorkspaceManagerAssignmentJobsListResponse, + WorkspaceManagerAssignmentJobsCreateOptionalParams, + WorkspaceManagerAssignmentJobsCreateResponse, + WorkspaceManagerAssignmentJobsGetOptionalParams, + WorkspaceManagerAssignmentJobsGetResponse, + WorkspaceManagerAssignmentJobsDeleteOptionalParams, + WorkspaceManagerAssignmentJobsListNextResponse +} from "../models"; + +/// +/** Class containing WorkspaceManagerAssignmentJobs operations. */ +export class WorkspaceManagerAssignmentJobsImpl + implements WorkspaceManagerAssignmentJobs { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class WorkspaceManagerAssignmentJobs class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Get all jobs for the specified workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param options The options parameters. + */ + public list( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentJobsListOptionalParams + ): PagedAsyncIterableIterator { + const iter = this.listPagingAll( + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + options + ); + return { + next() { + return iter.next(); + }, + [Symbol.asyncIterator]() { + return this; + }, + byPage: (settings?: PageSettings) => { + if (settings?.maxPageSize) { + throw new Error("maxPageSize is not supported by this operation."); + } + return this.listPagingPage( + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + options, + settings + ); + } + }; + } + + private async *listPagingPage( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentJobsListOptionalParams, + settings?: PageSettings + ): AsyncIterableIterator { + let result: WorkspaceManagerAssignmentJobsListResponse; + let continuationToken = settings?.continuationToken; + if (!continuationToken) { + result = await this._list( + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + options + ); + let page = result.value || []; + continuationToken = result.nextLink; + setContinuationToken(page, continuationToken); + yield page; + } + while (continuationToken) { + result = await this._listNext( + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + continuationToken, + options + ); + continuationToken = result.nextLink; + let page = result.value || []; + setContinuationToken(page, continuationToken); + yield page; + } + } + + private async *listPagingAll( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentJobsListOptionalParams + ): AsyncIterableIterator { + for await (const page of this.listPagingPage( + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + options + )) { + yield* page; + } + } + + /** + * Get all jobs for the specified workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param options The options parameters. + */ + private _list( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentJobsListOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + options + }, + listOperationSpec + ); + } + + /** + * Create a job for the specified workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param options The options parameters. + */ + create( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentJobsCreateOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + options + }, + createOperationSpec + ); + } + + /** + * Gets a job + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param jobName The job name + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + jobName: string, + options?: WorkspaceManagerAssignmentJobsGetOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + jobName, + options + }, + getOperationSpec + ); + } + + /** + * Deletes the specified job from the specified workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param jobName The job name + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + jobName: string, + options?: WorkspaceManagerAssignmentJobsDeleteOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + jobName, + options + }, + deleteOperationSpec + ); + } + + /** + * ListNext + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param nextLink The nextLink from the previous successful call to the List method. + * @param options The options parameters. + */ + private _listNext( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + nextLink: string, + options?: WorkspaceManagerAssignmentJobsListNextOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + nextLink, + options + }, + listNextOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const listOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.JobList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [ + Parameters.apiVersion, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerAssignmentName + ], + headerParameters: [Parameters.accept], + serializer +}; +const createOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs", + httpMethod: "POST", + responses: { + 200: { + bodyMapper: Mappers.Job + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerAssignmentName + ], + headerParameters: [Parameters.accept], + serializer +}; +const getOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.Job + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerAssignmentName, + Parameters.jobName + ], + headerParameters: [Parameters.accept], + serializer +}; +const deleteOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}", + httpMethod: "DELETE", + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerAssignmentName, + Parameters.jobName + ], + headerParameters: [Parameters.accept], + serializer +}; +const listNextOperationSpec: coreClient.OperationSpec = { + path: "{nextLink}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.JobList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.nextLink, + Parameters.workspaceManagerAssignmentName + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerAssignments.ts b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerAssignments.ts new file mode 100644 index 000000000000..2e3b3be3faca --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerAssignments.ts @@ -0,0 +1,353 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator, PageSettings } from "@azure/core-paging"; +import { setContinuationToken } from "../pagingHelper"; +import { WorkspaceManagerAssignments } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + WorkspaceManagerAssignment, + WorkspaceManagerAssignmentsListNextOptionalParams, + WorkspaceManagerAssignmentsListOptionalParams, + WorkspaceManagerAssignmentsListResponse, + WorkspaceManagerAssignmentsGetOptionalParams, + WorkspaceManagerAssignmentsGetResponse, + WorkspaceManagerAssignmentsCreateOrUpdateOptionalParams, + WorkspaceManagerAssignmentsCreateOrUpdateResponse, + WorkspaceManagerAssignmentsDeleteOptionalParams, + WorkspaceManagerAssignmentsListNextResponse +} from "../models"; + +/// +/** Class containing WorkspaceManagerAssignments operations. */ +export class WorkspaceManagerAssignmentsImpl + implements WorkspaceManagerAssignments { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class WorkspaceManagerAssignments class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Get all workspace manager assignments for the Sentinel workspace manager. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + public list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerAssignmentsListOptionalParams + ): PagedAsyncIterableIterator { + const iter = this.listPagingAll(resourceGroupName, workspaceName, options); + return { + next() { + return iter.next(); + }, + [Symbol.asyncIterator]() { + return this; + }, + byPage: (settings?: PageSettings) => { + if (settings?.maxPageSize) { + throw new Error("maxPageSize is not supported by this operation."); + } + return this.listPagingPage( + resourceGroupName, + workspaceName, + options, + settings + ); + } + }; + } + + private async *listPagingPage( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerAssignmentsListOptionalParams, + settings?: PageSettings + ): AsyncIterableIterator { + let result: WorkspaceManagerAssignmentsListResponse; + let continuationToken = settings?.continuationToken; + if (!continuationToken) { + result = await this._list(resourceGroupName, workspaceName, options); + let page = result.value || []; + continuationToken = result.nextLink; + setContinuationToken(page, continuationToken); + yield page; + } + while (continuationToken) { + result = await this._listNext( + resourceGroupName, + workspaceName, + continuationToken, + options + ); + continuationToken = result.nextLink; + let page = result.value || []; + setContinuationToken(page, continuationToken); + yield page; + } + } + + private async *listPagingAll( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerAssignmentsListOptionalParams + ): AsyncIterableIterator { + for await (const page of this.listPagingPage( + resourceGroupName, + workspaceName, + options + )) { + yield* page; + } + } + + /** + * Get all workspace manager assignments for the Sentinel workspace manager. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + private _list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerAssignmentsListOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, options }, + listOperationSpec + ); + } + + /** + * Gets a workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentsGetOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + options + }, + getOperationSpec + ); + } + + /** + * Creates or updates a workspace manager assignment. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param workspaceManagerAssignment The workspace manager assignment + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + workspaceManagerAssignment: WorkspaceManagerAssignment, + options?: WorkspaceManagerAssignmentsCreateOrUpdateOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + workspaceManagerAssignment, + options + }, + createOrUpdateOperationSpec + ); + } + + /** + * Deletes a workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentsDeleteOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerAssignmentName, + options + }, + deleteOperationSpec + ); + } + + /** + * ListNext + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param nextLink The nextLink from the previous successful call to the List method. + * @param options The options parameters. + */ + private _listNext( + resourceGroupName: string, + workspaceName: string, + nextLink: string, + options?: WorkspaceManagerAssignmentsListNextOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, nextLink, options }, + listNextOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const listOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerAssignmentList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [ + Parameters.apiVersion, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName + ], + headerParameters: [Parameters.accept], + serializer +}; +const getOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerAssignment + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerAssignmentName + ], + headerParameters: [Parameters.accept], + serializer +}; +const createOrUpdateOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}", + httpMethod: "PUT", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerAssignment + }, + 201: { + bodyMapper: Mappers.WorkspaceManagerAssignment + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + requestBody: Parameters.workspaceManagerAssignment, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerAssignmentName + ], + headerParameters: [Parameters.accept, Parameters.contentType], + mediaType: "json", + serializer +}; +const deleteOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}", + httpMethod: "DELETE", + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerAssignmentName + ], + headerParameters: [Parameters.accept], + serializer +}; +const listNextOperationSpec: coreClient.OperationSpec = { + path: "{nextLink}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerAssignmentList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.nextLink + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerConfigurations.ts b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerConfigurations.ts new file mode 100644 index 000000000000..a36af1270b4d --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerConfigurations.ts @@ -0,0 +1,353 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator, PageSettings } from "@azure/core-paging"; +import { setContinuationToken } from "../pagingHelper"; +import { WorkspaceManagerConfigurations } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + WorkspaceManagerConfiguration, + WorkspaceManagerConfigurationsListNextOptionalParams, + WorkspaceManagerConfigurationsListOptionalParams, + WorkspaceManagerConfigurationsListResponse, + WorkspaceManagerConfigurationsGetOptionalParams, + WorkspaceManagerConfigurationsGetResponse, + WorkspaceManagerConfigurationsDeleteOptionalParams, + WorkspaceManagerConfigurationsCreateOrUpdateOptionalParams, + WorkspaceManagerConfigurationsCreateOrUpdateResponse, + WorkspaceManagerConfigurationsListNextResponse +} from "../models"; + +/// +/** Class containing WorkspaceManagerConfigurations operations. */ +export class WorkspaceManagerConfigurationsImpl + implements WorkspaceManagerConfigurations { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class WorkspaceManagerConfigurations class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Gets all workspace manager configurations for a Sentinel workspace. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + public list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerConfigurationsListOptionalParams + ): PagedAsyncIterableIterator { + const iter = this.listPagingAll(resourceGroupName, workspaceName, options); + return { + next() { + return iter.next(); + }, + [Symbol.asyncIterator]() { + return this; + }, + byPage: (settings?: PageSettings) => { + if (settings?.maxPageSize) { + throw new Error("maxPageSize is not supported by this operation."); + } + return this.listPagingPage( + resourceGroupName, + workspaceName, + options, + settings + ); + } + }; + } + + private async *listPagingPage( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerConfigurationsListOptionalParams, + settings?: PageSettings + ): AsyncIterableIterator { + let result: WorkspaceManagerConfigurationsListResponse; + let continuationToken = settings?.continuationToken; + if (!continuationToken) { + result = await this._list(resourceGroupName, workspaceName, options); + let page = result.value || []; + continuationToken = result.nextLink; + setContinuationToken(page, continuationToken); + yield page; + } + while (continuationToken) { + result = await this._listNext( + resourceGroupName, + workspaceName, + continuationToken, + options + ); + continuationToken = result.nextLink; + let page = result.value || []; + setContinuationToken(page, continuationToken); + yield page; + } + } + + private async *listPagingAll( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerConfigurationsListOptionalParams + ): AsyncIterableIterator { + for await (const page of this.listPagingPage( + resourceGroupName, + workspaceName, + options + )) { + yield* page; + } + } + + /** + * Gets all workspace manager configurations for a Sentinel workspace. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + private _list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerConfigurationsListOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, options }, + listOperationSpec + ); + } + + /** + * Gets a workspace manager configuration + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerConfigurationName The name of the workspace manager configuration + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerConfigurationName: string, + options?: WorkspaceManagerConfigurationsGetOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerConfigurationName, + options + }, + getOperationSpec + ); + } + + /** + * Deletes a workspace manager configuration + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerConfigurationName The name of the workspace manager configuration + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerConfigurationName: string, + options?: WorkspaceManagerConfigurationsDeleteOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerConfigurationName, + options + }, + deleteOperationSpec + ); + } + + /** + * Creates or updates a workspace manager configuration. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerConfigurationName The name of the workspace manager configuration + * @param workspaceManagerConfiguration The workspace manager configuration + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + workspaceManagerConfigurationName: string, + workspaceManagerConfiguration: WorkspaceManagerConfiguration, + options?: WorkspaceManagerConfigurationsCreateOrUpdateOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerConfigurationName, + workspaceManagerConfiguration, + options + }, + createOrUpdateOperationSpec + ); + } + + /** + * ListNext + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param nextLink The nextLink from the previous successful call to the List method. + * @param options The options parameters. + */ + private _listNext( + resourceGroupName: string, + workspaceName: string, + nextLink: string, + options?: WorkspaceManagerConfigurationsListNextOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, nextLink, options }, + listNextOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const listOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerConfigurationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [ + Parameters.apiVersion, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName + ], + headerParameters: [Parameters.accept], + serializer +}; +const getOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerConfiguration + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerConfigurationName + ], + headerParameters: [Parameters.accept], + serializer +}; +const deleteOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}", + httpMethod: "DELETE", + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerConfigurationName + ], + headerParameters: [Parameters.accept], + serializer +}; +const createOrUpdateOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}", + httpMethod: "PUT", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerConfiguration + }, + 201: { + bodyMapper: Mappers.WorkspaceManagerConfiguration + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + requestBody: Parameters.workspaceManagerConfiguration, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerConfigurationName + ], + headerParameters: [Parameters.accept, Parameters.contentType], + mediaType: "json", + serializer +}; +const listNextOperationSpec: coreClient.OperationSpec = { + path: "{nextLink}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerConfigurationList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.nextLink + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerGroups.ts b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerGroups.ts new file mode 100644 index 000000000000..c5783093b8dc --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerGroups.ts @@ -0,0 +1,342 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator, PageSettings } from "@azure/core-paging"; +import { setContinuationToken } from "../pagingHelper"; +import { WorkspaceManagerGroups } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + WorkspaceManagerGroup, + WorkspaceManagerGroupsListNextOptionalParams, + WorkspaceManagerGroupsListOptionalParams, + WorkspaceManagerGroupsListResponse, + WorkspaceManagerGroupsGetOptionalParams, + WorkspaceManagerGroupsGetResponse, + WorkspaceManagerGroupsCreateOrUpdateOptionalParams, + WorkspaceManagerGroupsCreateOrUpdateResponse, + WorkspaceManagerGroupsDeleteOptionalParams, + WorkspaceManagerGroupsListNextResponse +} from "../models"; + +/// +/** Class containing WorkspaceManagerGroups operations. */ +export class WorkspaceManagerGroupsImpl implements WorkspaceManagerGroups { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class WorkspaceManagerGroups class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Gets all workspace manager groups in the Sentinel workspace manager + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + public list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerGroupsListOptionalParams + ): PagedAsyncIterableIterator { + const iter = this.listPagingAll(resourceGroupName, workspaceName, options); + return { + next() { + return iter.next(); + }, + [Symbol.asyncIterator]() { + return this; + }, + byPage: (settings?: PageSettings) => { + if (settings?.maxPageSize) { + throw new Error("maxPageSize is not supported by this operation."); + } + return this.listPagingPage( + resourceGroupName, + workspaceName, + options, + settings + ); + } + }; + } + + private async *listPagingPage( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerGroupsListOptionalParams, + settings?: PageSettings + ): AsyncIterableIterator { + let result: WorkspaceManagerGroupsListResponse; + let continuationToken = settings?.continuationToken; + if (!continuationToken) { + result = await this._list(resourceGroupName, workspaceName, options); + let page = result.value || []; + continuationToken = result.nextLink; + setContinuationToken(page, continuationToken); + yield page; + } + while (continuationToken) { + result = await this._listNext( + resourceGroupName, + workspaceName, + continuationToken, + options + ); + continuationToken = result.nextLink; + let page = result.value || []; + setContinuationToken(page, continuationToken); + yield page; + } + } + + private async *listPagingAll( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerGroupsListOptionalParams + ): AsyncIterableIterator { + for await (const page of this.listPagingPage( + resourceGroupName, + workspaceName, + options + )) { + yield* page; + } + } + + /** + * Gets all workspace manager groups in the Sentinel workspace manager + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + private _list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerGroupsListOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, options }, + listOperationSpec + ); + } + + /** + * Gets a workspace manager group + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerGroupName The name of the workspace manager group + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerGroupName: string, + options?: WorkspaceManagerGroupsGetOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, workspaceManagerGroupName, options }, + getOperationSpec + ); + } + + /** + * Creates or updates a workspace manager group. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerGroupName The name of the workspace manager group + * @param workspaceManagerGroup The workspace manager group object + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + workspaceManagerGroupName: string, + workspaceManagerGroup: WorkspaceManagerGroup, + options?: WorkspaceManagerGroupsCreateOrUpdateOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerGroupName, + workspaceManagerGroup, + options + }, + createOrUpdateOperationSpec + ); + } + + /** + * Deletes a workspace manager group + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerGroupName The name of the workspace manager group + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerGroupName: string, + options?: WorkspaceManagerGroupsDeleteOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, workspaceManagerGroupName, options }, + deleteOperationSpec + ); + } + + /** + * ListNext + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param nextLink The nextLink from the previous successful call to the List method. + * @param options The options parameters. + */ + private _listNext( + resourceGroupName: string, + workspaceName: string, + nextLink: string, + options?: WorkspaceManagerGroupsListNextOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, nextLink, options }, + listNextOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const listOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerGroupList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [ + Parameters.apiVersion, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName + ], + headerParameters: [Parameters.accept], + serializer +}; +const getOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerGroup + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerGroupName + ], + headerParameters: [Parameters.accept], + serializer +}; +const createOrUpdateOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}", + httpMethod: "PUT", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerGroup + }, + 201: { + bodyMapper: Mappers.WorkspaceManagerGroup + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + requestBody: Parameters.workspaceManagerGroup, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerGroupName + ], + headerParameters: [Parameters.accept, Parameters.contentType], + mediaType: "json", + serializer +}; +const deleteOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}", + httpMethod: "DELETE", + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerGroupName + ], + headerParameters: [Parameters.accept], + serializer +}; +const listNextOperationSpec: coreClient.OperationSpec = { + path: "{nextLink}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerGroupList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.nextLink + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerMembers.ts b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerMembers.ts new file mode 100644 index 000000000000..225d3d113c87 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operations/workspaceManagerMembers.ts @@ -0,0 +1,342 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator, PageSettings } from "@azure/core-paging"; +import { setContinuationToken } from "../pagingHelper"; +import { WorkspaceManagerMembers } from "../operationsInterfaces"; +import * as coreClient from "@azure/core-client"; +import * as Mappers from "../models/mappers"; +import * as Parameters from "../models/parameters"; +import { SecurityInsights } from "../securityInsights"; +import { + WorkspaceManagerMember, + WorkspaceManagerMembersListNextOptionalParams, + WorkspaceManagerMembersListOptionalParams, + WorkspaceManagerMembersListResponse, + WorkspaceManagerMembersGetOptionalParams, + WorkspaceManagerMembersGetResponse, + WorkspaceManagerMembersCreateOrUpdateOptionalParams, + WorkspaceManagerMembersCreateOrUpdateResponse, + WorkspaceManagerMembersDeleteOptionalParams, + WorkspaceManagerMembersListNextResponse +} from "../models"; + +/// +/** Class containing WorkspaceManagerMembers operations. */ +export class WorkspaceManagerMembersImpl implements WorkspaceManagerMembers { + private readonly client: SecurityInsights; + + /** + * Initialize a new instance of the class WorkspaceManagerMembers class. + * @param client Reference to the service client + */ + constructor(client: SecurityInsights) { + this.client = client; + } + + /** + * Gets all workspace manager members that exist for the given Sentinel workspace manager + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + public list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerMembersListOptionalParams + ): PagedAsyncIterableIterator { + const iter = this.listPagingAll(resourceGroupName, workspaceName, options); + return { + next() { + return iter.next(); + }, + [Symbol.asyncIterator]() { + return this; + }, + byPage: (settings?: PageSettings) => { + if (settings?.maxPageSize) { + throw new Error("maxPageSize is not supported by this operation."); + } + return this.listPagingPage( + resourceGroupName, + workspaceName, + options, + settings + ); + } + }; + } + + private async *listPagingPage( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerMembersListOptionalParams, + settings?: PageSettings + ): AsyncIterableIterator { + let result: WorkspaceManagerMembersListResponse; + let continuationToken = settings?.continuationToken; + if (!continuationToken) { + result = await this._list(resourceGroupName, workspaceName, options); + let page = result.value || []; + continuationToken = result.nextLink; + setContinuationToken(page, continuationToken); + yield page; + } + while (continuationToken) { + result = await this._listNext( + resourceGroupName, + workspaceName, + continuationToken, + options + ); + continuationToken = result.nextLink; + let page = result.value || []; + setContinuationToken(page, continuationToken); + yield page; + } + } + + private async *listPagingAll( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerMembersListOptionalParams + ): AsyncIterableIterator { + for await (const page of this.listPagingPage( + resourceGroupName, + workspaceName, + options + )) { + yield* page; + } + } + + /** + * Gets all workspace manager members that exist for the given Sentinel workspace manager + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + private _list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerMembersListOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, options }, + listOperationSpec + ); + } + + /** + * Gets a workspace manager member + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerMemberName The name of the workspace manager member + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerMemberName: string, + options?: WorkspaceManagerMembersGetOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, workspaceManagerMemberName, options }, + getOperationSpec + ); + } + + /** + * Creates or updates a workspace manager member + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerMemberName The name of the workspace manager member + * @param workspaceManagerMember The workspace manager member object + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + workspaceManagerMemberName: string, + workspaceManagerMember: WorkspaceManagerMember, + options?: WorkspaceManagerMembersCreateOrUpdateOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { + resourceGroupName, + workspaceName, + workspaceManagerMemberName, + workspaceManagerMember, + options + }, + createOrUpdateOperationSpec + ); + } + + /** + * Deletes a workspace manager member + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerMemberName The name of the workspace manager member + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerMemberName: string, + options?: WorkspaceManagerMembersDeleteOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, workspaceManagerMemberName, options }, + deleteOperationSpec + ); + } + + /** + * ListNext + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param nextLink The nextLink from the previous successful call to the List method. + * @param options The options parameters. + */ + private _listNext( + resourceGroupName: string, + workspaceName: string, + nextLink: string, + options?: WorkspaceManagerMembersListNextOptionalParams + ): Promise { + return this.client.sendOperationRequest( + { resourceGroupName, workspaceName, nextLink, options }, + listNextOperationSpec + ); + } +} +// Operation Specifications +const serializer = coreClient.createSerializer(Mappers, /* isXml */ false); + +const listOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerMembersList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [ + Parameters.apiVersion, + Parameters.orderby, + Parameters.top, + Parameters.skipToken + ], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName + ], + headerParameters: [Parameters.accept], + serializer +}; +const getOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerMember + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerMemberName + ], + headerParameters: [Parameters.accept], + serializer +}; +const createOrUpdateOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}", + httpMethod: "PUT", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerMember + }, + 201: { + bodyMapper: Mappers.WorkspaceManagerMember + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + requestBody: Parameters.workspaceManagerMember, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerMemberName + ], + headerParameters: [Parameters.accept, Parameters.contentType], + mediaType: "json", + serializer +}; +const deleteOperationSpec: coreClient.OperationSpec = { + path: + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}", + httpMethod: "DELETE", + responses: { + 200: {}, + 204: {}, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + queryParameters: [Parameters.apiVersion], + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.workspaceManagerMemberName + ], + headerParameters: [Parameters.accept], + serializer +}; +const listNextOperationSpec: coreClient.OperationSpec = { + path: "{nextLink}", + httpMethod: "GET", + responses: { + 200: { + bodyMapper: Mappers.WorkspaceManagerMembersList + }, + default: { + bodyMapper: Mappers.ErrorResponse + } + }, + urlParameters: [ + Parameters.$host, + Parameters.subscriptionId, + Parameters.resourceGroupName, + Parameters.workspaceName, + Parameters.nextLink + ], + headerParameters: [Parameters.accept], + serializer +}; diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/alertRuleOperations.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/alertRuleOperations.ts new file mode 100644 index 000000000000..65409feac5fa --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/alertRuleOperations.ts @@ -0,0 +1,53 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { SimplePollerLike, OperationState } from "@azure/core-lro"; +import { + AnalyticsRuleRunTrigger, + AlertRuleTriggerRuleRunOptionalParams, + AlertRuleTriggerRuleRunResponse +} from "../models"; + +/** Interface representing a AlertRuleOperations. */ +export interface AlertRuleOperations { + /** + * triggers analytics rule run + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param analyticsRuleRunTriggerParameter The Analytics Rule Run Trigger parameter + * @param options The options parameters. + */ + beginTriggerRuleRun( + resourceGroupName: string, + workspaceName: string, + ruleId: string, + analyticsRuleRunTriggerParameter: AnalyticsRuleRunTrigger, + options?: AlertRuleTriggerRuleRunOptionalParams + ): Promise< + SimplePollerLike< + OperationState, + AlertRuleTriggerRuleRunResponse + > + >; + /** + * triggers analytics rule run + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param ruleId Alert rule ID + * @param analyticsRuleRunTriggerParameter The Analytics Rule Run Trigger parameter + * @param options The options parameters. + */ + beginTriggerRuleRunAndWait( + resourceGroupName: string, + workspaceName: string, + ruleId: string, + analyticsRuleRunTriggerParameter: AnalyticsRuleRunTrigger, + options?: AlertRuleTriggerRuleRunOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/entities.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/entities.ts index ac24d1939afa..4a8ae16ec998 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/entities.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/entities.ts @@ -10,6 +10,7 @@ import { PagedAsyncIterableIterator } from "@azure/core-paging"; import { EntityUnion, EntitiesListOptionalParams, + EntitiesRunPlaybookOptionalParams, EntitiesGetOptionalParams, EntitiesGetResponse, EntityExpandParameters, @@ -37,6 +38,19 @@ export interface Entities { workspaceName: string, options?: EntitiesListOptionalParams ): PagedAsyncIterableIterator; + /** + * Triggers playbook on a specific entity. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param entityIdentifier Entity identifier. + * @param options The options parameters. + */ + runPlaybook( + resourceGroupName: string, + workspaceName: string, + entityIdentifier: string, + options?: EntitiesRunPlaybookOptionalParams + ): Promise; /** * Gets an entity. * @param resourceGroupName The name of the resource group. The name is case insensitive. diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/fileImports.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/fileImports.ts index 4cd0209b551b..c25bcdcbf704 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/fileImports.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/fileImports.ts @@ -7,7 +7,7 @@ */ import { PagedAsyncIterableIterator } from "@azure/core-paging"; -import { PollerLike, PollOperationState } from "@azure/core-lro"; +import { SimplePollerLike, OperationState } from "@azure/core-lro"; import { FileImport, FileImportsListOptionalParams, @@ -74,8 +74,8 @@ export interface FileImports { fileImportId: string, options?: FileImportsDeleteOptionalParams ): Promise< - PollerLike< - PollOperationState, + SimplePollerLike< + OperationState, FileImportsDeleteResponse > >; diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/get.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/get.ts new file mode 100644 index 000000000000..8384596c454c --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/get.ts @@ -0,0 +1,29 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { + GetSingleRecommendationOptionalParams, + GetSingleRecommendationResponse +} from "../models"; + +/** Interface representing a Get. */ +export interface Get { + /** + * Gets a recommendation by its id. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param recommendationId Recommendation Id. + * @param options The options parameters. + */ + singleRecommendation( + resourceGroupName: string, + workspaceName: string, + recommendationId: string, + options?: GetSingleRecommendationOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/getRecommendations.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/getRecommendations.ts new file mode 100644 index 000000000000..3c68d7feb9c2 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/getRecommendations.ts @@ -0,0 +1,27 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { + GetRecommendationsListOptionalParams, + GetRecommendationsListResponse +} from "../models"; + +/** Interface representing a GetRecommendations. */ +export interface GetRecommendations { + /** + * Gets a list of all recommendations. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + options?: GetRecommendationsListOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/getTriggeredAnalyticsRuleRuns.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/getTriggeredAnalyticsRuleRuns.ts new file mode 100644 index 000000000000..f1c077beeeaa --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/getTriggeredAnalyticsRuleRuns.ts @@ -0,0 +1,29 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator } from "@azure/core-paging"; +import { + TriggeredAnalyticsRuleRun, + GetTriggeredAnalyticsRuleRunsListOptionalParams +} from "../models"; + +/// +/** Interface representing a GetTriggeredAnalyticsRuleRuns. */ +export interface GetTriggeredAnalyticsRuleRuns { + /** + * Gets the triggered analytics rule runs. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + options?: GetTriggeredAnalyticsRuleRunsListOptionalParams + ): PagedAsyncIterableIterator; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/incidentTasks.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/incidentTasks.ts new file mode 100644 index 000000000000..68e3fc281f99 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/incidentTasks.ts @@ -0,0 +1,83 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator } from "@azure/core-paging"; +import { + IncidentTask, + IncidentTasksListOptionalParams, + IncidentTasksGetOptionalParams, + IncidentTasksGetResponse, + IncidentTasksCreateOrUpdateOptionalParams, + IncidentTasksCreateOrUpdateResponse, + IncidentTasksDeleteOptionalParams +} from "../models"; + +/// +/** Interface representing a IncidentTasks. */ +export interface IncidentTasks { + /** + * Gets all incident tasks. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + options?: IncidentTasksListOptionalParams + ): PagedAsyncIterableIterator; + /** + * Gets an incident task. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentTaskId Incident task ID + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + incidentTaskId: string, + options?: IncidentTasksGetOptionalParams + ): Promise; + /** + * Creates or updates the incident task. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentTaskId Incident task ID + * @param incidentTask The incident task + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + incidentTaskId: string, + incidentTask: IncidentTask, + options?: IncidentTasksCreateOrUpdateOptionalParams + ): Promise; + /** + * Delete the incident task. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param incidentId Incident ID + * @param incidentTaskId Incident task ID + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + incidentId: string, + incidentTaskId: string, + options?: IncidentTasksDeleteOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/incidents.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/incidents.ts index 18695a4f8cc7..300c8af1bbdc 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/incidents.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/incidents.ts @@ -17,7 +17,7 @@ import { IncidentsCreateOrUpdateOptionalParams, IncidentsCreateOrUpdateResponse, IncidentsDeleteOptionalParams, - TeamProperties, + TeamInformation, IncidentsCreateTeamOptionalParams, IncidentsCreateTeamResponse, IncidentsListAlertsOptionalParams, @@ -109,7 +109,7 @@ export interface Incidents { resourceGroupName: string, workspaceName: string, incidentId: string, - teamProperties: TeamProperties, + teamProperties: TeamInformation, options?: IncidentsCreateTeamOptionalParams ): Promise; /** diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/index.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/index.ts index 6f66d834535e..956ef3ad7e90 100644 --- a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/index.ts +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/index.ts @@ -10,13 +10,13 @@ export * from "./alertRules"; export * from "./actions"; export * from "./alertRuleTemplates"; export * from "./automationRules"; +export * from "./entities"; export * from "./incidents"; export * from "./bookmarks"; export * from "./bookmarkRelations"; export * from "./bookmarkOperations"; export * from "./iPGeodata"; export * from "./domainWhois"; -export * from "./entities"; export * from "./entitiesGetTimeline"; export * from "./entitiesRelations"; export * from "./entityRelations"; @@ -25,9 +25,13 @@ export * from "./entityQueryTemplates"; export * from "./fileImports"; export * from "./incidentComments"; export * from "./incidentRelations"; +export * from "./incidentTasks"; export * from "./metadata"; export * from "./officeConsents"; export * from "./sentinelOnboardingStates"; +export * from "./getRecommendations"; +export * from "./get"; +export * from "./update"; export * from "./securityMLAnalyticsSettings"; export * from "./productSettings"; export * from "./sourceControlOperations"; @@ -35,8 +39,16 @@ export * from "./sourceControls"; export * from "./threatIntelligenceIndicator"; export * from "./threatIntelligenceIndicators"; export * from "./threatIntelligenceIndicatorMetrics"; +export * from "./triggeredAnalyticsRuleRunOperations"; +export * from "./getTriggeredAnalyticsRuleRuns"; +export * from "./alertRuleOperations"; export * from "./watchlists"; export * from "./watchlistItems"; +export * from "./workspaceManagerGroups"; +export * from "./workspaceManagerAssignments"; +export * from "./workspaceManagerAssignmentJobs"; +export * from "./workspaceManagerConfigurations"; +export * from "./workspaceManagerMembers"; export * from "./dataConnectors"; export * from "./dataConnectorsCheckRequirementsOperations"; export * from "./operations"; diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/triggeredAnalyticsRuleRunOperations.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/triggeredAnalyticsRuleRunOperations.ts new file mode 100644 index 000000000000..5447cc5462a3 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/triggeredAnalyticsRuleRunOperations.ts @@ -0,0 +1,29 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { + TriggeredAnalyticsRuleRunGetOptionalParams, + TriggeredAnalyticsRuleRunGetResponse +} from "../models"; + +/** Interface representing a TriggeredAnalyticsRuleRunOperations. */ +export interface TriggeredAnalyticsRuleRunOperations { + /** + * Gets the triggered analytics rule run. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param ruleRunId the triggered rule id + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + ruleRunId: string, + options?: TriggeredAnalyticsRuleRunGetOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/update.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/update.ts new file mode 100644 index 000000000000..87d313c09a10 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/update.ts @@ -0,0 +1,53 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { SimplePollerLike, OperationState } from "@azure/core-lro"; +import { + RecommendationPatch, + UpdateRecommendationOptionalParams, + UpdateRecommendationResponse +} from "../models"; + +/** Interface representing a Update. */ +export interface Update { + /** + * Patch a recommendation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param recommendationId Recommendation Id. + * @param recommendationPatch Recommendation Fields to Update. + * @param options The options parameters. + */ + beginRecommendation( + resourceGroupName: string, + workspaceName: string, + recommendationId: string, + recommendationPatch: RecommendationPatch[], + options?: UpdateRecommendationOptionalParams + ): Promise< + SimplePollerLike< + OperationState, + UpdateRecommendationResponse + > + >; + /** + * Patch a recommendation. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param recommendationId Recommendation Id. + * @param recommendationPatch Recommendation Fields to Update. + * @param options The options parameters. + */ + beginRecommendationAndWait( + resourceGroupName: string, + workspaceName: string, + recommendationId: string, + recommendationPatch: RecommendationPatch[], + options?: UpdateRecommendationOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerAssignmentJobs.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerAssignmentJobs.ts new file mode 100644 index 000000000000..614caf3b8fa1 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerAssignmentJobs.ts @@ -0,0 +1,79 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator } from "@azure/core-paging"; +import { + Job, + WorkspaceManagerAssignmentJobsListOptionalParams, + WorkspaceManagerAssignmentJobsCreateOptionalParams, + WorkspaceManagerAssignmentJobsCreateResponse, + WorkspaceManagerAssignmentJobsGetOptionalParams, + WorkspaceManagerAssignmentJobsGetResponse, + WorkspaceManagerAssignmentJobsDeleteOptionalParams +} from "../models"; + +/// +/** Interface representing a WorkspaceManagerAssignmentJobs. */ +export interface WorkspaceManagerAssignmentJobs { + /** + * Get all jobs for the specified workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentJobsListOptionalParams + ): PagedAsyncIterableIterator; + /** + * Create a job for the specified workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param options The options parameters. + */ + create( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentJobsCreateOptionalParams + ): Promise; + /** + * Gets a job + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param jobName The job name + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + jobName: string, + options?: WorkspaceManagerAssignmentJobsGetOptionalParams + ): Promise; + /** + * Deletes the specified job from the specified workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param jobName The job name + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + jobName: string, + options?: WorkspaceManagerAssignmentJobsDeleteOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerAssignments.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerAssignments.ts new file mode 100644 index 000000000000..37751de45aa1 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerAssignments.ts @@ -0,0 +1,75 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator } from "@azure/core-paging"; +import { + WorkspaceManagerAssignment, + WorkspaceManagerAssignmentsListOptionalParams, + WorkspaceManagerAssignmentsGetOptionalParams, + WorkspaceManagerAssignmentsGetResponse, + WorkspaceManagerAssignmentsCreateOrUpdateOptionalParams, + WorkspaceManagerAssignmentsCreateOrUpdateResponse, + WorkspaceManagerAssignmentsDeleteOptionalParams +} from "../models"; + +/// +/** Interface representing a WorkspaceManagerAssignments. */ +export interface WorkspaceManagerAssignments { + /** + * Get all workspace manager assignments for the Sentinel workspace manager. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerAssignmentsListOptionalParams + ): PagedAsyncIterableIterator; + /** + * Gets a workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentsGetOptionalParams + ): Promise; + /** + * Creates or updates a workspace manager assignment. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param workspaceManagerAssignment The workspace manager assignment + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + workspaceManagerAssignment: WorkspaceManagerAssignment, + options?: WorkspaceManagerAssignmentsCreateOrUpdateOptionalParams + ): Promise; + /** + * Deletes a workspace manager assignment + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerAssignmentName The name of the workspace manager assignment + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerAssignmentName: string, + options?: WorkspaceManagerAssignmentsDeleteOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerConfigurations.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerConfigurations.ts new file mode 100644 index 000000000000..ba65395316f1 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerConfigurations.ts @@ -0,0 +1,75 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator } from "@azure/core-paging"; +import { + WorkspaceManagerConfiguration, + WorkspaceManagerConfigurationsListOptionalParams, + WorkspaceManagerConfigurationsGetOptionalParams, + WorkspaceManagerConfigurationsGetResponse, + WorkspaceManagerConfigurationsDeleteOptionalParams, + WorkspaceManagerConfigurationsCreateOrUpdateOptionalParams, + WorkspaceManagerConfigurationsCreateOrUpdateResponse +} from "../models"; + +/// +/** Interface representing a WorkspaceManagerConfigurations. */ +export interface WorkspaceManagerConfigurations { + /** + * Gets all workspace manager configurations for a Sentinel workspace. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerConfigurationsListOptionalParams + ): PagedAsyncIterableIterator; + /** + * Gets a workspace manager configuration + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerConfigurationName The name of the workspace manager configuration + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerConfigurationName: string, + options?: WorkspaceManagerConfigurationsGetOptionalParams + ): Promise; + /** + * Deletes a workspace manager configuration + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerConfigurationName The name of the workspace manager configuration + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerConfigurationName: string, + options?: WorkspaceManagerConfigurationsDeleteOptionalParams + ): Promise; + /** + * Creates or updates a workspace manager configuration. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerConfigurationName The name of the workspace manager configuration + * @param workspaceManagerConfiguration The workspace manager configuration + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + workspaceManagerConfigurationName: string, + workspaceManagerConfiguration: WorkspaceManagerConfiguration, + options?: WorkspaceManagerConfigurationsCreateOrUpdateOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerGroups.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerGroups.ts new file mode 100644 index 000000000000..2e181ac7819a --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerGroups.ts @@ -0,0 +1,75 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator } from "@azure/core-paging"; +import { + WorkspaceManagerGroup, + WorkspaceManagerGroupsListOptionalParams, + WorkspaceManagerGroupsGetOptionalParams, + WorkspaceManagerGroupsGetResponse, + WorkspaceManagerGroupsCreateOrUpdateOptionalParams, + WorkspaceManagerGroupsCreateOrUpdateResponse, + WorkspaceManagerGroupsDeleteOptionalParams +} from "../models"; + +/// +/** Interface representing a WorkspaceManagerGroups. */ +export interface WorkspaceManagerGroups { + /** + * Gets all workspace manager groups in the Sentinel workspace manager + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerGroupsListOptionalParams + ): PagedAsyncIterableIterator; + /** + * Gets a workspace manager group + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerGroupName The name of the workspace manager group + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerGroupName: string, + options?: WorkspaceManagerGroupsGetOptionalParams + ): Promise; + /** + * Creates or updates a workspace manager group. + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerGroupName The name of the workspace manager group + * @param workspaceManagerGroup The workspace manager group object + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + workspaceManagerGroupName: string, + workspaceManagerGroup: WorkspaceManagerGroup, + options?: WorkspaceManagerGroupsCreateOrUpdateOptionalParams + ): Promise; + /** + * Deletes a workspace manager group + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerGroupName The name of the workspace manager group + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerGroupName: string, + options?: WorkspaceManagerGroupsDeleteOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerMembers.ts b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerMembers.ts new file mode 100644 index 000000000000..f3b687caa8ca --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/src/operationsInterfaces/workspaceManagerMembers.ts @@ -0,0 +1,75 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { PagedAsyncIterableIterator } from "@azure/core-paging"; +import { + WorkspaceManagerMember, + WorkspaceManagerMembersListOptionalParams, + WorkspaceManagerMembersGetOptionalParams, + WorkspaceManagerMembersGetResponse, + WorkspaceManagerMembersCreateOrUpdateOptionalParams, + WorkspaceManagerMembersCreateOrUpdateResponse, + WorkspaceManagerMembersDeleteOptionalParams +} from "../models"; + +/// +/** Interface representing a WorkspaceManagerMembers. */ +export interface WorkspaceManagerMembers { + /** + * Gets all workspace manager members that exist for the given Sentinel workspace manager + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param options The options parameters. + */ + list( + resourceGroupName: string, + workspaceName: string, + options?: WorkspaceManagerMembersListOptionalParams + ): PagedAsyncIterableIterator; + /** + * Gets a workspace manager member + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerMemberName The name of the workspace manager member + * @param options The options parameters. + */ + get( + resourceGroupName: string, + workspaceName: string, + workspaceManagerMemberName: string, + options?: WorkspaceManagerMembersGetOptionalParams + ): Promise; + /** + * Creates or updates a workspace manager member + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerMemberName The name of the workspace manager member + * @param workspaceManagerMember The workspace manager member object + * @param options The options parameters. + */ + createOrUpdate( + resourceGroupName: string, + workspaceName: string, + workspaceManagerMemberName: string, + workspaceManagerMember: WorkspaceManagerMember, + options?: WorkspaceManagerMembersCreateOrUpdateOptionalParams + ): Promise; + /** + * Deletes a workspace manager member + * @param resourceGroupName The name of the resource group. The name is case insensitive. + * @param workspaceName The name of the workspace. + * @param workspaceManagerMemberName The name of the workspace manager member + * @param options The options parameters. + */ + delete( + resourceGroupName: string, + workspaceName: string, + workspaceManagerMemberName: string, + options?: WorkspaceManagerMembersDeleteOptionalParams + ): Promise; +} diff --git a/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts b/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts index 20a358af6b03..6007a1ec6f93 100644 --- a/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts +++ b/sdk/securityinsight/arm-securityinsight/src/securityInsights.ts @@ -19,13 +19,13 @@ import { ActionsImpl, AlertRuleTemplatesImpl, AutomationRulesImpl, + EntitiesImpl, IncidentsImpl, BookmarksImpl, BookmarkRelationsImpl, BookmarkOperationsImpl, IPGeodataImpl, DomainWhoisImpl, - EntitiesImpl, EntitiesGetTimelineImpl, EntitiesRelationsImpl, EntityRelationsImpl, @@ -34,9 +34,13 @@ import { FileImportsImpl, IncidentCommentsImpl, IncidentRelationsImpl, + IncidentTasksImpl, MetadataImpl, OfficeConsentsImpl, SentinelOnboardingStatesImpl, + GetRecommendationsImpl, + GetImpl, + UpdateImpl, SecurityMLAnalyticsSettingsImpl, ProductSettingsImpl, SourceControlOperationsImpl, @@ -44,8 +48,16 @@ import { ThreatIntelligenceIndicatorImpl, ThreatIntelligenceIndicatorsImpl, ThreatIntelligenceIndicatorMetricsImpl, + TriggeredAnalyticsRuleRunOperationsImpl, + GetTriggeredAnalyticsRuleRunsImpl, + AlertRuleOperationsImpl, WatchlistsImpl, WatchlistItemsImpl, + WorkspaceManagerGroupsImpl, + WorkspaceManagerAssignmentsImpl, + WorkspaceManagerAssignmentJobsImpl, + WorkspaceManagerConfigurationsImpl, + WorkspaceManagerMembersImpl, DataConnectorsImpl, DataConnectorsCheckRequirementsOperationsImpl, OperationsImpl @@ -55,13 +67,13 @@ import { Actions, AlertRuleTemplates, AutomationRules, + Entities, Incidents, Bookmarks, BookmarkRelations, BookmarkOperations, IPGeodata, DomainWhois, - Entities, EntitiesGetTimeline, EntitiesRelations, EntityRelations, @@ -70,9 +82,13 @@ import { FileImports, IncidentComments, IncidentRelations, + IncidentTasks, Metadata, OfficeConsents, SentinelOnboardingStates, + GetRecommendations, + Get, + Update, SecurityMLAnalyticsSettings, ProductSettings, SourceControlOperations, @@ -80,8 +96,16 @@ import { ThreatIntelligenceIndicator, ThreatIntelligenceIndicators, ThreatIntelligenceIndicatorMetrics, + TriggeredAnalyticsRuleRunOperations, + GetTriggeredAnalyticsRuleRuns, + AlertRuleOperations, Watchlists, WatchlistItems, + WorkspaceManagerGroups, + WorkspaceManagerAssignments, + WorkspaceManagerAssignmentJobs, + WorkspaceManagerConfigurations, + WorkspaceManagerMembers, DataConnectors, DataConnectorsCheckRequirementsOperations, Operations @@ -173,18 +197,18 @@ export class SecurityInsights extends coreClient.ServiceClient { // Assigning values to Constant parameters this.$host = options.$host || "https://management.azure.com"; - this.apiVersion = options.apiVersion || "2022-09-01-preview"; + this.apiVersion = options.apiVersion || "2023-04-01-preview"; this.alertRules = new AlertRulesImpl(this); this.actions = new ActionsImpl(this); this.alertRuleTemplates = new AlertRuleTemplatesImpl(this); this.automationRules = new AutomationRulesImpl(this); + this.entities = new EntitiesImpl(this); this.incidents = new IncidentsImpl(this); this.bookmarks = new BookmarksImpl(this); this.bookmarkRelations = new BookmarkRelationsImpl(this); this.bookmarkOperations = new BookmarkOperationsImpl(this); this.iPGeodata = new IPGeodataImpl(this); this.domainWhois = new DomainWhoisImpl(this); - this.entities = new EntitiesImpl(this); this.entitiesGetTimeline = new EntitiesGetTimelineImpl(this); this.entitiesRelations = new EntitiesRelationsImpl(this); this.entityRelations = new EntityRelationsImpl(this); @@ -193,9 +217,13 @@ export class SecurityInsights extends coreClient.ServiceClient { this.fileImports = new FileImportsImpl(this); this.incidentComments = new IncidentCommentsImpl(this); this.incidentRelations = new IncidentRelationsImpl(this); + this.incidentTasks = new IncidentTasksImpl(this); this.metadata = new MetadataImpl(this); this.officeConsents = new OfficeConsentsImpl(this); this.sentinelOnboardingStates = new SentinelOnboardingStatesImpl(this); + this.getRecommendations = new GetRecommendationsImpl(this); + this.get = new GetImpl(this); + this.update = new UpdateImpl(this); this.securityMLAnalyticsSettings = new SecurityMLAnalyticsSettingsImpl( this ); @@ -211,8 +239,26 @@ export class SecurityInsights extends coreClient.ServiceClient { this.threatIntelligenceIndicatorMetrics = new ThreatIntelligenceIndicatorMetricsImpl( this ); + this.triggeredAnalyticsRuleRunOperations = new TriggeredAnalyticsRuleRunOperationsImpl( + this + ); + this.getTriggeredAnalyticsRuleRuns = new GetTriggeredAnalyticsRuleRunsImpl( + this + ); + this.alertRuleOperations = new AlertRuleOperationsImpl(this); this.watchlists = new WatchlistsImpl(this); this.watchlistItems = new WatchlistItemsImpl(this); + this.workspaceManagerGroups = new WorkspaceManagerGroupsImpl(this); + this.workspaceManagerAssignments = new WorkspaceManagerAssignmentsImpl( + this + ); + this.workspaceManagerAssignmentJobs = new WorkspaceManagerAssignmentJobsImpl( + this + ); + this.workspaceManagerConfigurations = new WorkspaceManagerConfigurationsImpl( + this + ); + this.workspaceManagerMembers = new WorkspaceManagerMembersImpl(this); this.dataConnectors = new DataConnectorsImpl(this); this.dataConnectorsCheckRequirementsOperations = new DataConnectorsCheckRequirementsOperationsImpl( this @@ -253,13 +299,13 @@ export class SecurityInsights extends coreClient.ServiceClient { actions: Actions; alertRuleTemplates: AlertRuleTemplates; automationRules: AutomationRules; + entities: Entities; incidents: Incidents; bookmarks: Bookmarks; bookmarkRelations: BookmarkRelations; bookmarkOperations: BookmarkOperations; iPGeodata: IPGeodata; domainWhois: DomainWhois; - entities: Entities; entitiesGetTimeline: EntitiesGetTimeline; entitiesRelations: EntitiesRelations; entityRelations: EntityRelations; @@ -268,9 +314,13 @@ export class SecurityInsights extends coreClient.ServiceClient { fileImports: FileImports; incidentComments: IncidentComments; incidentRelations: IncidentRelations; + incidentTasks: IncidentTasks; metadata: Metadata; officeConsents: OfficeConsents; sentinelOnboardingStates: SentinelOnboardingStates; + getRecommendations: GetRecommendations; + get: Get; + update: Update; securityMLAnalyticsSettings: SecurityMLAnalyticsSettings; productSettings: ProductSettings; sourceControlOperations: SourceControlOperations; @@ -278,8 +328,16 @@ export class SecurityInsights extends coreClient.ServiceClient { threatIntelligenceIndicator: ThreatIntelligenceIndicator; threatIntelligenceIndicators: ThreatIntelligenceIndicators; threatIntelligenceIndicatorMetrics: ThreatIntelligenceIndicatorMetrics; + triggeredAnalyticsRuleRunOperations: TriggeredAnalyticsRuleRunOperations; + getTriggeredAnalyticsRuleRuns: GetTriggeredAnalyticsRuleRuns; + alertRuleOperations: AlertRuleOperations; watchlists: Watchlists; watchlistItems: WatchlistItems; + workspaceManagerGroups: WorkspaceManagerGroups; + workspaceManagerAssignments: WorkspaceManagerAssignments; + workspaceManagerAssignmentJobs: WorkspaceManagerAssignmentJobs; + workspaceManagerConfigurations: WorkspaceManagerConfigurations; + workspaceManagerMembers: WorkspaceManagerMembers; dataConnectors: DataConnectors; dataConnectorsCheckRequirementsOperations: DataConnectorsCheckRequirementsOperations; operations: Operations; diff --git a/sdk/securityinsight/arm-securityinsight/test/sampleTest.ts b/sdk/securityinsight/arm-securityinsight/test/sampleTest.ts new file mode 100644 index 000000000000..25aeb3ebcc36 --- /dev/null +++ b/sdk/securityinsight/arm-securityinsight/test/sampleTest.ts @@ -0,0 +1,43 @@ +/* + * Copyright (c) Microsoft Corporation. + * Licensed under the MIT License. + * + * Code generated by Microsoft (R) AutoRest Code Generator. + * Changes may cause incorrect behavior and will be lost if the code is regenerated. + */ + +import { + Recorder, + RecorderStartOptions, + env +} from "@azure-tools/test-recorder"; +import { assert } from "chai"; +import { Context } from "mocha"; + +const replaceableVariables: Record = { + AZURE_CLIENT_ID: "azure_client_id", + AZURE_CLIENT_SECRET: "azure_client_secret", + AZURE_TENANT_ID: "88888888-8888-8888-8888-888888888888", + SUBSCRIPTION_ID: "azure_subscription_id" +}; + +const recorderOptions: RecorderStartOptions = { + envSetupForPlayback: replaceableVariables +}; + +describe("My test", () => { + let recorder: Recorder; + + beforeEach(async function(this: Context) { + recorder = new Recorder(this.currentTest); + await recorder.start(recorderOptions); + }); + + afterEach(async function() { + await recorder.stop(); + }); + + it("sample test", async function() { + console.log("Hi, I'm a test!"); + }); +}); diff --git a/sdk/securityinsight/arm-securityinsight/tsconfig.json b/sdk/securityinsight/arm-securityinsight/tsconfig.json index 6c7875caddba..3e6ae96443f3 100644 --- a/sdk/securityinsight/arm-securityinsight/tsconfig.json +++ b/sdk/securityinsight/arm-securityinsight/tsconfig.json @@ -15,17 +15,11 @@ ], "declaration": true, "outDir": "./dist-esm", - "importHelpers": true, - "paths": { - "@azure/arm-securityinsight": [ - "./src/index" - ] - } + "importHelpers": true }, "include": [ "./src/**/*.ts", - "./test/**/*.ts", - "samples-dev/**/*.ts" + "./test/**/*.ts" ], "exclude": [ "node_modules"