diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs index ed3ecb1ea90d7..ea9728668225e 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs @@ -703,6 +703,8 @@ public static partial class SecurityInsightsExtensions public static System.Threading.Tasks.Task> GetFileImportAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, string fileImportId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.ResourceManager.SecurityInsights.FileImportResource GetFileImportResource(this Azure.ResourceManager.ArmClient client, Azure.Core.ResourceIdentifier id) { throw null; } public static Azure.ResourceManager.SecurityInsights.FileImportCollection GetFileImports(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName) { throw null; } + public static Azure.Pageable GetGetRecommendations(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static Azure.AsyncPageable GetGetRecommendationsAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.Response GetIncident(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, string incidentId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static System.Threading.Tasks.Task> GetIncidentAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, string incidentId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.ResourceManager.SecurityInsights.IncidentCommentResource GetIncidentCommentResource(this Azure.ResourceManager.ArmClient client, Azure.Core.ResourceIdentifier id) { throw null; } @@ -756,6 +758,10 @@ public static partial class SecurityInsightsExtensions public static System.Threading.Tasks.Task> PostDataConnectorsCheckRequirementAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, Azure.ResourceManager.SecurityInsights.Models.DataConnectorsCheckRequirements dataConnectorsCheckRequirements, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.Pageable QueryThreatIntelligenceIndicators(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, Azure.ResourceManager.SecurityInsights.Models.ThreatIntelligenceFilteringCriteria threatIntelligenceFilteringCriteria, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.AsyncPageable QueryThreatIntelligenceIndicatorsAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, Azure.ResourceManager.SecurityInsights.Models.ThreatIntelligenceFilteringCriteria threatIntelligenceFilteringCriteria, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static Azure.ResourceManager.ArmOperation RecommendationUpdate(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, Azure.WaitUntil waitUntil, string workspaceName, System.Guid recommendationId, System.Collections.Generic.IEnumerable patch, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static System.Threading.Tasks.Task> RecommendationUpdateAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, Azure.WaitUntil waitUntil, string workspaceName, System.Guid recommendationId, System.Collections.Generic.IEnumerable patch, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static Azure.Response SingleRecommendationGet(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, System.Guid recommendationId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static System.Threading.Tasks.Task> SingleRecommendationGetAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, System.Guid recommendationId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } } public partial class SecurityMLAnalyticsSettingCollection : Azure.ResourceManager.ArmCollection, System.Collections.Generic.IAsyncEnumerable, System.Collections.Generic.IEnumerable, System.Collections.IEnumerable { @@ -1201,9 +1207,41 @@ public partial class AlertDetailsOverride public AlertDetailsOverride() { } public string AlertDescriptionFormat { get { throw null; } set { } } public string AlertDisplayNameFormat { get { throw null; } set { } } + public System.Collections.Generic.IList AlertDynamicProperties { get { throw null; } } public string AlertSeverityColumnName { get { throw null; } set { } } public string AlertTacticsColumnName { get { throw null; } set { } } } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AlertProperty : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AlertProperty(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty AlertLink { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ConfidenceLevel { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ConfidenceScore { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ExtendedLinks { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ProductComponentName { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ProductName { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ProviderName { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty RemediationSteps { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty Techniques { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AlertProperty other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AlertProperty left, Azure.ResourceManager.SecurityInsights.Models.AlertProperty right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AlertProperty (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AlertProperty left, Azure.ResourceManager.SecurityInsights.Models.AlertProperty right) { throw null; } + public override string ToString() { throw null; } + } + public partial class AlertPropertyMapping + { + public AlertPropertyMapping() { } + public Azure.ResourceManager.SecurityInsights.Models.AlertProperty? AlertProperty { get { throw null; } set { } } + public string Value { get { throw null; } set { } } + } public partial class AlertRuleTemplateDataSource { public AlertRuleTemplateDataSource() { } @@ -1358,6 +1396,30 @@ public abstract partial class AutomationRuleAction protected AutomationRuleAction(int order) { } public int Order { get { throw null; } set { } } } + public partial class AutomationRuleBooleanCondition + { + public AutomationRuleBooleanCondition() { } + public System.Collections.Generic.IList InnerConditions { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator? Operator { get { throw null; } set { } } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AutomationRuleBooleanConditionSupportedOperator : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AutomationRuleBooleanConditionSupportedOperator(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator And { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator Or { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator left, Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator left, Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator right) { throw null; } + public override string ToString() { throw null; } + } public abstract partial class AutomationRuleCondition { protected AutomationRuleCondition() { } @@ -1411,6 +1473,48 @@ public AutomationRulePropertyArrayChangedValuesCondition() { } public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayChangedConditionSupportedChangeType? ChangeType { get { throw null; } set { } } } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayConditionType : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AutomationRulePropertyArrayConditionSupportedArrayConditionType(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType AnyItem { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType right) { throw null; } + public override string ToString() { throw null; } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayType : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AutomationRulePropertyArrayConditionSupportedArrayType(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType CustomDetails { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType CustomDetailValues { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType right) { throw null; } + public override string ToString() { throw null; } + } + public partial class AutomationRulePropertyArrayValuesCondition + { + public AutomationRulePropertyArrayValuesCondition() { } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType? ArrayConditionType { get { throw null; } set { } } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType? ArrayType { get { throw null; } set { } } + public System.Collections.Generic.IList ItemConditions { get { throw null; } } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct AutomationRulePropertyChangedConditionSupportedChangedType : System.IEquatable { private readonly object _dummy; @@ -1500,6 +1604,8 @@ public AutomationRulePropertyArrayChangedValuesCondition() { } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty HostNetBiosName { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty HostNTDomain { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty HostOSVersion { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsKey { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsValue { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentDescription { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentLabel { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentProviderName { get { throw null; } } @@ -1508,6 +1614,7 @@ public AutomationRulePropertyArrayChangedValuesCondition() { } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentStatus { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentTactics { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentTitle { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentUpdatedBySource { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IoTDeviceId { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IoTDeviceModel { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IoTDeviceName { get { throw null; } } @@ -1666,6 +1773,32 @@ internal BookmarkTimelineItem() { } public string Notes { get { throw null; } } public System.DateTimeOffset? StartTimeUtc { get { throw null; } } } + public partial class BooleanConditionProperties : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleCondition + { + public BooleanConditionProperties() { } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanCondition ConditionProperties { get { throw null; } set { } } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct Category : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public Category(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.Category CostOptimization { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Category Demo { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Category NewFeature { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Category Onboarding { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Category SocEfficiency { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.Category other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.Category left, Azure.ResourceManager.SecurityInsights.Models.Category right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.Category (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.Category left, Azure.ResourceManager.SecurityInsights.Models.Category right) { throw null; } + public override string ToString() { throw null; } + } public partial class ClientInfo { internal ClientInfo() { } @@ -1886,6 +2019,12 @@ public ConnectorInstructionModelBase(Azure.ResourceManager.SecurityInsights.Mode public System.BinaryData Parameters { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.SettingType SettingType { get { throw null; } set { } } } + public partial class Content + { + internal Content() { } + public string Description { get { throw null; } } + public string Title { get { throw null; } } + } public partial class ContentPathMap { public ContentPathMap() { } @@ -1910,6 +2049,26 @@ public ContentPathMap() { } public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.ContentType left, Azure.ResourceManager.SecurityInsights.Models.ContentType right) { throw null; } public override string ToString() { throw null; } } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct Context : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public Context(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.Context Analytics { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Context Incidents { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Context None { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Context Overview { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.Context other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.Context left, Azure.ResourceManager.SecurityInsights.Models.Context right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.Context (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.Context left, Azure.ResourceManager.SecurityInsights.Models.Context right) { throw null; } + public override string ToString() { throw null; } + } public partial class Customs : Azure.ResourceManager.SecurityInsights.Models.CustomsPermission { public Customs() { } @@ -3084,6 +3243,13 @@ internal InsightsTableResultColumnsItem() { } public string InsightsTableResultColumnsItemType { get { throw null; } } public string Name { get { throw null; } } } + public partial class Instructions + { + internal Instructions() { } + public string ActionsToBePerformed { get { throw null; } } + public string HowToPerformActionDetails { get { throw null; } } + public string RecommendationImportance { get { throw null; } } + } public partial class InstructionSteps { public InstructionSteps() { } @@ -3259,8 +3425,8 @@ public MalwareEntity() { } } public partial class ManualTriggerRequestBody { - public ManualTriggerRequestBody() { } - public string LogicAppsResourceId { get { throw null; } set { } } + public ManualTriggerRequestBody(string logicAppsResourceId) { } + public string LogicAppsResourceId { get { throw null; } } public System.Guid? TenantId { get { throw null; } set { } } } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] @@ -3496,9 +3662,11 @@ public NrtAlertRule() { } public string DisplayName { get { throw null; } set { } } public bool? Enabled { get { throw null; } set { } } public System.Collections.Generic.IList EntityMappings { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? EventGroupingAggregationKind { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.IncidentConfiguration IncidentConfiguration { get { throw null; } set { } } public System.DateTimeOffset? LastModifiedUtc { get { throw null; } } public string Query { get { throw null; } set { } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public System.TimeSpan? SuppressionDuration { get { throw null; } set { } } public bool? SuppressionEnabled { get { throw null; } set { } } @@ -3516,9 +3684,11 @@ public NrtAlertRuleTemplate() { } public string Description { get { throw null; } set { } } public string DisplayName { get { throw null; } set { } } public System.Collections.Generic.IList EntityMappings { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? EventGroupingAggregationKind { get { throw null; } set { } } public System.DateTimeOffset? LastUpdatedDateUTC { get { throw null; } } public string Query { get { throw null; } set { } } public System.Collections.Generic.IList RequiredDataConnectors { get { throw null; } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.TemplateStatus? Status { get { throw null; } set { } } public System.Collections.Generic.IList Tactics { get { throw null; } } @@ -3700,6 +3870,25 @@ public PlaybookActionProperties() { } public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.PollingFrequency left, Azure.ResourceManager.SecurityInsights.Models.PollingFrequency right) { throw null; } public override string ToString() { throw null; } } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct Priority : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public Priority(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.Priority High { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Priority Low { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Priority Medium { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.Priority other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.Priority left, Azure.ResourceManager.SecurityInsights.Models.Priority right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.Priority (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.Priority left, Azure.ResourceManager.SecurityInsights.Models.Priority right) { throw null; } + public override string ToString() { throw null; } + } public partial class ProcessEntity : Azure.ResourceManager.SecurityInsights.EntityData { public ProcessEntity() { } @@ -3720,6 +3909,11 @@ public partial class PropertyArrayChangedConditionProperties : Azure.ResourceMan public PropertyArrayChangedConditionProperties() { } public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayChangedValuesCondition ConditionProperties { get { throw null; } set { } } } + public partial class PropertyArrayConditionProperties : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleCondition + { + public PropertyArrayConditionProperties() { } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayValuesCondition ConditionProperties { get { throw null; } set { } } + } public partial class PropertyChangedConditionProperties : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleCondition { public PropertyChangedConditionProperties() { } @@ -3752,6 +3946,42 @@ public PropertyConditionProperties() { } public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.ProviderName left, Azure.ResourceManager.SecurityInsights.Models.ProviderName right) { throw null; } public override string ToString() { throw null; } } + public partial class Recommendation + { + internal Recommendation() { } + public System.Collections.Generic.IReadOnlyList Actions { get { throw null; } } + public System.Collections.Generic.IReadOnlyDictionary AdditionalProperties { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Category Category { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Content Content { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Context Context { get { throw null; } } + public string Description { get { throw null; } } + public System.DateTimeOffset? DisplayUntilTimeUtc { get { throw null; } } + public System.DateTimeOffset? HideUntilTimeUtc { get { throw null; } } + public System.Guid Id { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Instructions Instructions { get { throw null; } } + public System.DateTimeOffset LastEvaluatedTimeUtc { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Priority Priority { get { throw null; } } + public string RecommendationTypeId { get { throw null; } } + public string RecommendationTypeTitle { get { throw null; } } + public string ResourceId { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.State State { get { throw null; } } + public string Title { get { throw null; } } + public bool? Visible { get { throw null; } } + public System.Guid WorkspaceId { get { throw null; } } + } + public partial class RecommendationPatch + { + public RecommendationPatch() { } + public System.DateTimeOffset? HideUntilTimeUtc { get { throw null; } set { } } + public Azure.ResourceManager.SecurityInsights.Models.State? State { get { throw null; } set { } } + } + public partial class RecommendedAction + { + internal RecommendedAction() { } + public string LinkText { get { throw null; } } + public System.Uri LinkUri { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Priority? State { get { throw null; } } + } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct RegistryHive : System.IEquatable { @@ -3900,6 +4130,7 @@ public ScheduledAlertRule() { } public string Query { get { throw null; } set { } } public System.TimeSpan? QueryFrequency { get { throw null; } set { } } public System.TimeSpan? QueryPeriod { get { throw null; } set { } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public System.TimeSpan? SuppressionDuration { get { throw null; } set { } } public bool? SuppressionEnabled { get { throw null; } set { } } @@ -3925,6 +4156,7 @@ public ScheduledAlertRuleTemplate() { } public System.TimeSpan? QueryFrequency { get { throw null; } set { } } public System.TimeSpan? QueryPeriod { get { throw null; } set { } } public System.Collections.Generic.IList RequiredDataConnectors { get { throw null; } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.TemplateStatus? Status { get { throw null; } set { } } public System.Collections.Generic.IList Tactics { get { throw null; } } @@ -3978,9 +4210,11 @@ internal SecurityAlertTimelineItem() { } public string Description { get { throw null; } } public string DisplayName { get { throw null; } } public System.DateTimeOffset EndTimeUtc { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.KillChainIntent? Intent { get { throw null; } } public string ProductName { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity Severity { get { throw null; } } public System.DateTimeOffset StartTimeUtc { get { throw null; } } + public System.Collections.Generic.IReadOnlyList Techniques { get { throw null; } } public System.DateTimeOffset TimeGenerated { get { throw null; } } } public partial class SecurityGroupEntity : Azure.ResourceManager.SecurityInsights.EntityData @@ -4031,6 +4265,11 @@ public SecurityMLAnalyticsSettingsDataSource() { } public string ConnectorId { get { throw null; } set { } } public System.Collections.Generic.IList DataTypes { get { throw null; } } } + public partial class SentinelEntityMapping + { + public SentinelEntityMapping() { } + public string ColumnName { get { throw null; } set { } } + } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct SettingsStatus : System.IEquatable { @@ -4106,6 +4345,27 @@ public SecurityMLAnalyticsSettingsDataSource() { } public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.SourceType left, Azure.ResourceManager.SecurityInsights.Models.SourceType right) { throw null; } public override string ToString() { throw null; } } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct State : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public State(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.State Active { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.State CompletedByAction { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.State CompletedByUser { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.State Disabled { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.State Hidden { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.State other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.State left, Azure.ResourceManager.SecurityInsights.Models.State right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.State (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.State left, Azure.ResourceManager.SecurityInsights.Models.State right) { throw null; } + public override string ToString() { throw null; } + } public partial class SubmissionMailEntity : Azure.ResourceManager.SecurityInsights.EntityData { public SubmissionMailEntity() { } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/ResourceGroupResourceExtensionClient.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/ResourceGroupResourceExtensionClient.cs index e0a9b63ffcb61..e86dddef0ed34 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/ResourceGroupResourceExtensionClient.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/ResourceGroupResourceExtensionClient.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using System.Threading; using System.Threading.Tasks; using Azure; @@ -25,6 +26,12 @@ internal partial class ResourceGroupResourceExtensionClient : ArmResource private DomainWhoisRestOperations _domainWhoisRestClient; private ClientDiagnostics _sourceControlClientDiagnostics; private SourceControlRestOperations _sourceControlRestClient; + private ClientDiagnostics _getRecommendationsClientDiagnostics; + private GetRecommendationsRestOperations _getRecommendationsRestClient; + private ClientDiagnostics _getClientDiagnostics; + private GetRestOperations _getRestClient; + private ClientDiagnostics _updateClientDiagnostics; + private UpdateRestOperations _updateRestClient; private ClientDiagnostics _threatIntelligenceIndicatorClientDiagnostics; private ThreatIntelligenceIndicatorsRestOperations _threatIntelligenceIndicatorRestClient; private ClientDiagnostics _dataConnectorsCheckRequirementsClientDiagnostics; @@ -48,6 +55,12 @@ internal ResourceGroupResourceExtensionClient(ArmClient client, ResourceIdentifi private DomainWhoisRestOperations DomainWhoisRestClient => _domainWhoisRestClient ??= new DomainWhoisRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); private ClientDiagnostics SourceControlClientDiagnostics => _sourceControlClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); private SourceControlRestOperations SourceControlRestClient => _sourceControlRestClient ??= new SourceControlRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); + private ClientDiagnostics GetRecommendationsClientDiagnostics => _getRecommendationsClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); + private GetRecommendationsRestOperations GetRecommendationsRestClient => _getRecommendationsRestClient ??= new GetRecommendationsRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); + private ClientDiagnostics GetClientDiagnostics => _getClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); + private GetRestOperations GetRestClient => _getRestClient ??= new GetRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); + private ClientDiagnostics UpdateClientDiagnostics => _updateClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); + private UpdateRestOperations UpdateRestClient => _updateRestClient ??= new UpdateRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); private ClientDiagnostics ThreatIntelligenceIndicatorClientDiagnostics => _threatIntelligenceIndicatorClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ThreatIntelligenceIndicatorResource.ResourceType.Namespace, Diagnostics); private ThreatIntelligenceIndicatorsRestOperations ThreatIntelligenceIndicatorRestClient => _threatIntelligenceIndicatorRestClient ??= new ThreatIntelligenceIndicatorsRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint, GetApiVersionOrNull(ThreatIntelligenceIndicatorResource.ResourceType)); private ClientDiagnostics DataConnectorsCheckRequirementsClientDiagnostics => _dataConnectorsCheckRequirementsClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); @@ -382,6 +395,168 @@ Page NextPageFunc(string nextLink, int? pageSizeHint) return PageableHelpers.CreateEnumerable(FirstPageFunc, NextPageFunc); } + /// + /// Gets a list of all recommendations. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations + /// Operation Id: GetRecommendations_List + /// + /// The name of the workspace. + /// The cancellation token to use. + /// An async collection of that may take multiple service requests to iterate over. + public virtual AsyncPageable GetGetRecommendationsAsync(string workspaceName, CancellationToken cancellationToken = default) + { + async Task> FirstPageFunc(int? pageSizeHint) + { + using var scope = GetRecommendationsClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.GetGetRecommendations"); + scope.Start(); + try + { + var response = await GetRecommendationsRestClient.ListAsync(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, cancellationToken: cancellationToken).ConfigureAwait(false); + return Page.FromValues(response.Value.Value, null, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + return PageableHelpers.CreateAsyncEnumerable(FirstPageFunc, null); + } + + /// + /// Gets a list of all recommendations. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations + /// Operation Id: GetRecommendations_List + /// + /// The name of the workspace. + /// The cancellation token to use. + /// A collection of that may take multiple service requests to iterate over. + public virtual Pageable GetGetRecommendations(string workspaceName, CancellationToken cancellationToken = default) + { + Page FirstPageFunc(int? pageSizeHint) + { + using var scope = GetRecommendationsClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.GetGetRecommendations"); + scope.Start(); + try + { + var response = GetRecommendationsRestClient.List(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, cancellationToken: cancellationToken); + return Page.FromValues(response.Value.Value, null, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + return PageableHelpers.CreateEnumerable(FirstPageFunc, null); + } + + /// + /// Gets a recommendation by its id. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Get_SingleRecommendation + /// + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + public virtual async Task> SingleRecommendationGetAsync(string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + using var scope = GetClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.SingleRecommendationGet"); + scope.Start(); + try + { + var response = await GetRestClient.SingleRecommendationAsync(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, cancellationToken).ConfigureAwait(false); + return response; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Gets a recommendation by its id. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Get_SingleRecommendation + /// + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + public virtual Response SingleRecommendationGet(string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + using var scope = GetClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.SingleRecommendationGet"); + scope.Start(); + try + { + var response = GetRestClient.SingleRecommendation(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, cancellationToken); + return response; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Patch a recommendation. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Update_Recommendation + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + public virtual async Task> RecommendationUpdateAsync(WaitUntil waitUntil, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + using var scope = UpdateClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.RecommendationUpdate"); + scope.Start(); + try + { + var response = await UpdateRestClient.RecommendationAsync(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, patch, cancellationToken).ConfigureAwait(false); + var operation = new SecurityInsightsArmOperation(new RecommendationOperationSource(), UpdateClientDiagnostics, Pipeline, UpdateRestClient.CreateRecommendationRequest(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, patch).Request, response, OperationFinalStateVia.Location); + if (waitUntil == WaitUntil.Completed) + await operation.WaitForCompletionAsync(cancellationToken).ConfigureAwait(false); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Patch a recommendation. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Update_Recommendation + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + public virtual ArmOperation RecommendationUpdate(WaitUntil waitUntil, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + using var scope = UpdateClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.RecommendationUpdate"); + scope.Start(); + try + { + var response = UpdateRestClient.Recommendation(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, patch, cancellationToken); + var operation = new SecurityInsightsArmOperation(new RecommendationOperationSource(), UpdateClientDiagnostics, Pipeline, UpdateRestClient.CreateRecommendationRequest(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, patch).Request, response, OperationFinalStateVia.Location); + if (waitUntil == WaitUntil.Completed) + operation.WaitForCompletion(cancellationToken); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + /// /// Create a new threat intelligence indicator. /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/createIndicator diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/SecurityInsightsExtensions.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/SecurityInsightsExtensions.cs index 89517cfeb7f39..526ee6d873ab5 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/SecurityInsightsExtensions.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/SecurityInsightsExtensions.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using System.Threading; using System.Threading.Tasks; using Azure; @@ -971,6 +972,120 @@ public static Pageable GetRepositoriesSourceControls(this ResourceGroupRes return GetExtensionClient(resourceGroupResource).GetRepositoriesSourceControls(workspaceName, repoType, cancellationToken); } + /// + /// Gets a list of all recommendations. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations + /// Operation Id: GetRecommendations_List + /// + /// The instance the method will execute against. + /// The name of the workspace. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + /// An async collection of that may take multiple service requests to iterate over. + public static AsyncPageable GetGetRecommendationsAsync(this ResourceGroupResource resourceGroupResource, string workspaceName, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + return GetExtensionClient(resourceGroupResource).GetGetRecommendationsAsync(workspaceName, cancellationToken); + } + + /// + /// Gets a list of all recommendations. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations + /// Operation Id: GetRecommendations_List + /// + /// The instance the method will execute against. + /// The name of the workspace. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + /// A collection of that may take multiple service requests to iterate over. + public static Pageable GetGetRecommendations(this ResourceGroupResource resourceGroupResource, string workspaceName, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + return GetExtensionClient(resourceGroupResource).GetGetRecommendations(workspaceName, cancellationToken); + } + + /// + /// Gets a recommendation by its id. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Get_SingleRecommendation + /// + /// The instance the method will execute against. + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + public static async Task> SingleRecommendationGetAsync(this ResourceGroupResource resourceGroupResource, string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + return await GetExtensionClient(resourceGroupResource).SingleRecommendationGetAsync(workspaceName, recommendationId, cancellationToken).ConfigureAwait(false); + } + + /// + /// Gets a recommendation by its id. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Get_SingleRecommendation + /// + /// The instance the method will execute against. + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + public static Response SingleRecommendationGet(this ResourceGroupResource resourceGroupResource, string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + return GetExtensionClient(resourceGroupResource).SingleRecommendationGet(workspaceName, recommendationId, cancellationToken); + } + + /// + /// Patch a recommendation. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Update_Recommendation + /// + /// The instance the method will execute against. + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// or is null. + public static async Task> RecommendationUpdateAsync(this ResourceGroupResource resourceGroupResource, WaitUntil waitUntil, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNull(patch, nameof(patch)); + + return await GetExtensionClient(resourceGroupResource).RecommendationUpdateAsync(waitUntil, workspaceName, recommendationId, patch, cancellationToken).ConfigureAwait(false); + } + + /// + /// Patch a recommendation. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Update_Recommendation + /// + /// The instance the method will execute against. + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// or is null. + public static ArmOperation RecommendationUpdate(this ResourceGroupResource resourceGroupResource, WaitUntil waitUntil, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNull(patch, nameof(patch)); + + return GetExtensionClient(resourceGroupResource).RecommendationUpdate(waitUntil, workspaceName, recommendationId, patch, cancellationToken); + } + /// /// Create a new threat intelligence indicator. /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/threatIntelligence/main/createIndicator diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/LongRunningOperation/RecommendationOperationSource.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/LongRunningOperation/RecommendationOperationSource.cs new file mode 100644 index 0000000000000..9dfceef4ccb5b --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/LongRunningOperation/RecommendationOperationSource.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + internal class RecommendationOperationSource : IOperationSource + { + Recommendation IOperationSource.CreateResult(Response response, CancellationToken cancellationToken) + { + using var document = JsonDocument.Parse(response.ContentStream); + return Recommendation.DeserializeRecommendation(document.RootElement); + } + + async ValueTask IOperationSource.CreateResultAsync(Response response, CancellationToken cancellationToken) + { + using var document = await JsonDocument.ParseAsync(response.ContentStream, default, cancellationToken).ConfigureAwait(false); + return Recommendation.DeserializeRecommendation(document.RootElement); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs index 7fdbbec084deb..ec2168f270354 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs @@ -5,6 +5,7 @@ #nullable disable +using System.Collections.Generic; using System.Text.Json; using Azure.Core; @@ -35,6 +36,16 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertSeverityColumnName"); writer.WriteStringValue(AlertSeverityColumnName); } + if (Optional.IsCollectionDefined(AlertDynamicProperties)) + { + writer.WritePropertyName("alertDynamicProperties"); + writer.WriteStartArray(); + foreach (var item in AlertDynamicProperties) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); } @@ -44,6 +55,7 @@ internal static AlertDetailsOverride DeserializeAlertDetailsOverride(JsonElement Optional alertDescriptionFormat = default; Optional alertTacticsColumnName = default; Optional alertSeverityColumnName = default; + Optional> alertDynamicProperties = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("alertDisplayNameFormat")) @@ -66,8 +78,23 @@ internal static AlertDetailsOverride DeserializeAlertDetailsOverride(JsonElement alertSeverityColumnName = property.Value.GetString(); continue; } + if (property.NameEquals("alertDynamicProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(AlertPropertyMapping.DeserializeAlertPropertyMapping(item)); + } + alertDynamicProperties = array; + continue; + } } - return new AlertDetailsOverride(alertDisplayNameFormat.Value, alertDescriptionFormat.Value, alertTacticsColumnName.Value, alertSeverityColumnName.Value); + return new AlertDetailsOverride(alertDisplayNameFormat.Value, alertDescriptionFormat.Value, alertTacticsColumnName.Value, alertSeverityColumnName.Value, Optional.ToList(alertDynamicProperties)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs index e461da5f89945..04c5d5f84ff9b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs @@ -5,6 +5,9 @@ #nullable disable +using System.Collections.Generic; +using Azure.Core; + namespace Azure.ResourceManager.SecurityInsights.Models { /// Settings for how to dynamically override alert static details. @@ -13,6 +16,7 @@ public partial class AlertDetailsOverride /// Initializes a new instance of AlertDetailsOverride. public AlertDetailsOverride() { + AlertDynamicProperties = new ChangeTrackingList(); } /// Initializes a new instance of AlertDetailsOverride. @@ -20,12 +24,14 @@ public AlertDetailsOverride() /// the format containing columns name(s) to override the alert description. /// the column name to take the alert tactics from. /// the column name to take the alert severity from. - internal AlertDetailsOverride(string alertDisplayNameFormat, string alertDescriptionFormat, string alertTacticsColumnName, string alertSeverityColumnName) + /// List of additional dynamic properties to override. + internal AlertDetailsOverride(string alertDisplayNameFormat, string alertDescriptionFormat, string alertTacticsColumnName, string alertSeverityColumnName, IList alertDynamicProperties) { AlertDisplayNameFormat = alertDisplayNameFormat; AlertDescriptionFormat = alertDescriptionFormat; AlertTacticsColumnName = alertTacticsColumnName; AlertSeverityColumnName = alertSeverityColumnName; + AlertDynamicProperties = alertDynamicProperties; } /// the format containing columns name(s) to override the alert name. @@ -36,5 +42,7 @@ internal AlertDetailsOverride(string alertDisplayNameFormat, string alertDescrip public string AlertTacticsColumnName { get; set; } /// the column name to take the alert severity from. public string AlertSeverityColumnName { get; set; } + /// List of additional dynamic properties to override. + public IList AlertDynamicProperties { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertProperty.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertProperty.cs new file mode 100644 index 0000000000000..5e60dba30a0b9 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertProperty.cs @@ -0,0 +1,72 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The V3 alert property. + public readonly partial struct AlertProperty : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AlertProperty(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AlertLinkValue = "AlertLink"; + private const string ConfidenceLevelValue = "ConfidenceLevel"; + private const string ConfidenceScoreValue = "ConfidenceScore"; + private const string ExtendedLinksValue = "ExtendedLinks"; + private const string ProductNameValue = "ProductName"; + private const string ProviderNameValue = "ProviderName"; + private const string ProductComponentNameValue = "ProductComponentName"; + private const string RemediationStepsValue = "RemediationSteps"; + private const string TechniquesValue = "Techniques"; + + /// Alert's link. + public static AlertProperty AlertLink { get; } = new AlertProperty(AlertLinkValue); + /// Confidence level property. + public static AlertProperty ConfidenceLevel { get; } = new AlertProperty(ConfidenceLevelValue); + /// Confidence score. + public static AlertProperty ConfidenceScore { get; } = new AlertProperty(ConfidenceScoreValue); + /// Extended links to the alert. + public static AlertProperty ExtendedLinks { get; } = new AlertProperty(ExtendedLinksValue); + /// Product name alert property. + public static AlertProperty ProductName { get; } = new AlertProperty(ProductNameValue); + /// Provider name alert property. + public static AlertProperty ProviderName { get; } = new AlertProperty(ProviderNameValue); + /// Product component name alert property. + public static AlertProperty ProductComponentName { get; } = new AlertProperty(ProductComponentNameValue); + /// Remediation steps alert property. + public static AlertProperty RemediationSteps { get; } = new AlertProperty(RemediationStepsValue); + /// Techniques alert property. + public static AlertProperty Techniques { get; } = new AlertProperty(TechniquesValue); + /// Determines if two values are the same. + public static bool operator ==(AlertProperty left, AlertProperty right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AlertProperty left, AlertProperty right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AlertProperty(string value) => new AlertProperty(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AlertProperty other && Equals(other); + /// + public bool Equals(AlertProperty other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.Serialization.cs new file mode 100644 index 0000000000000..2d51e09e0af6a --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.Serialization.cs @@ -0,0 +1,56 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AlertPropertyMapping : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(AlertProperty)) + { + writer.WritePropertyName("alertProperty"); + writer.WriteStringValue(AlertProperty.Value.ToString()); + } + if (Optional.IsDefined(Value)) + { + writer.WritePropertyName("value"); + writer.WriteStringValue(Value); + } + writer.WriteEndObject(); + } + + internal static AlertPropertyMapping DeserializeAlertPropertyMapping(JsonElement element) + { + Optional alertProperty = default; + Optional value = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("alertProperty")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + alertProperty = new AlertProperty(property.Value.GetString()); + continue; + } + if (property.NameEquals("value")) + { + value = property.Value.GetString(); + continue; + } + } + return new AlertPropertyMapping(Optional.ToNullable(alertProperty), value.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.cs new file mode 100644 index 0000000000000..34e379b8cadef --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.cs @@ -0,0 +1,32 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// A single alert property mapping to override. + public partial class AlertPropertyMapping + { + /// Initializes a new instance of AlertPropertyMapping. + public AlertPropertyMapping() + { + } + + /// Initializes a new instance of AlertPropertyMapping. + /// The V3 alert property. + /// the column name to use to override this property. + internal AlertPropertyMapping(AlertProperty? alertProperty, string value) + { + AlertProperty = alertProperty; + Value = value; + } + + /// The V3 alert property. + public AlertProperty? AlertProperty { get; set; } + /// the column name to use to override this property. + public string Value { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.Serialization.cs new file mode 100644 index 0000000000000..c90e163e2f0ce --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.Serialization.cs @@ -0,0 +1,72 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AutomationRuleBooleanCondition : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(Operator)) + { + writer.WritePropertyName("operator"); + writer.WriteStringValue(Operator.Value.ToString()); + } + if (Optional.IsCollectionDefined(InnerConditions)) + { + writer.WritePropertyName("innerConditions"); + writer.WriteStartArray(); + foreach (var item in InnerConditions) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } + writer.WriteEndObject(); + } + + internal static AutomationRuleBooleanCondition DeserializeAutomationRuleBooleanCondition(JsonElement element) + { + Optional @operator = default; + Optional> innerConditions = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("operator")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + @operator = new AutomationRuleBooleanConditionSupportedOperator(property.Value.GetString()); + continue; + } + if (property.NameEquals("innerConditions")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(AutomationRuleCondition.DeserializeAutomationRuleCondition(item)); + } + innerConditions = array; + continue; + } + } + return new AutomationRuleBooleanCondition(Optional.ToNullable(@operator), Optional.ToList(innerConditions)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.cs new file mode 100644 index 0000000000000..37632e7d03280 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.cs @@ -0,0 +1,42 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRuleBooleanCondition. + public partial class AutomationRuleBooleanCondition + { + /// Initializes a new instance of AutomationRuleBooleanCondition. + public AutomationRuleBooleanCondition() + { + InnerConditions = new ChangeTrackingList(); + } + + /// Initializes a new instance of AutomationRuleBooleanCondition. + /// + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + internal AutomationRuleBooleanCondition(AutomationRuleBooleanConditionSupportedOperator? @operator, IList innerConditions) + { + Operator = @operator; + InnerConditions = innerConditions; + } + + /// Gets or sets the operator. + public AutomationRuleBooleanConditionSupportedOperator? Operator { get; set; } + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + public IList InnerConditions { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanConditionSupportedOperator.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanConditionSupportedOperator.cs new file mode 100644 index 0000000000000..c7ac2c77e3d45 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanConditionSupportedOperator.cs @@ -0,0 +1,51 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRuleBooleanConditionSupportedOperator. + public readonly partial struct AutomationRuleBooleanConditionSupportedOperator : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AutomationRuleBooleanConditionSupportedOperator(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AndValue = "And"; + private const string OrValue = "Or"; + + /// Evaluates as true if all the item conditions are evaluated as true. + public static AutomationRuleBooleanConditionSupportedOperator And { get; } = new AutomationRuleBooleanConditionSupportedOperator(AndValue); + /// Evaluates as true if at least one of the item conditions are evaluated as true. + public static AutomationRuleBooleanConditionSupportedOperator Or { get; } = new AutomationRuleBooleanConditionSupportedOperator(OrValue); + /// Determines if two values are the same. + public static bool operator ==(AutomationRuleBooleanConditionSupportedOperator left, AutomationRuleBooleanConditionSupportedOperator right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AutomationRuleBooleanConditionSupportedOperator left, AutomationRuleBooleanConditionSupportedOperator right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AutomationRuleBooleanConditionSupportedOperator(string value) => new AutomationRuleBooleanConditionSupportedOperator(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AutomationRuleBooleanConditionSupportedOperator other && Equals(other); + /// + public bool Equals(AutomationRuleBooleanConditionSupportedOperator other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs index bea9964c8ac26..779799e225614 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs @@ -26,7 +26,9 @@ internal static AutomationRuleCondition DeserializeAutomationRuleCondition(JsonE { switch (discriminator.GetString()) { + case "Boolean": return BooleanConditionProperties.DeserializeBooleanConditionProperties(element); case "Property": return PropertyConditionProperties.DeserializePropertyConditionProperties(element); + case "PropertyArray": return PropertyArrayConditionProperties.DeserializePropertyArrayConditionProperties(element); case "PropertyArrayChanged": return PropertyArrayChangedConditionProperties.DeserializePropertyArrayChangedConditionProperties(element); case "PropertyChanged": return PropertyChangedConditionProperties.DeserializePropertyChangedConditionProperties(element); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs index b5e7cd637d96c..363e1d580d121 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs @@ -10,7 +10,7 @@ namespace Azure.ResourceManager.SecurityInsights.Models /// /// Describes an automation rule condition. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include , and . + /// The available derived classes include , , , and . /// public abstract partial class AutomationRuleCondition { diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayConditionType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayConditionType.cs new file mode 100644 index 0000000000000..c800528f61aa0 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayConditionType.cs @@ -0,0 +1,48 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRulePropertyArrayConditionSupportedArrayConditionType. + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayConditionType : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AutomationRulePropertyArrayConditionSupportedArrayConditionType(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AnyItemValue = "AnyItem"; + + /// Evaluate the condition as true if any item fulfills it. + public static AutomationRulePropertyArrayConditionSupportedArrayConditionType AnyItem { get; } = new AutomationRulePropertyArrayConditionSupportedArrayConditionType(AnyItemValue); + /// Determines if two values are the same. + public static bool operator ==(AutomationRulePropertyArrayConditionSupportedArrayConditionType left, AutomationRulePropertyArrayConditionSupportedArrayConditionType right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AutomationRulePropertyArrayConditionSupportedArrayConditionType left, AutomationRulePropertyArrayConditionSupportedArrayConditionType right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AutomationRulePropertyArrayConditionSupportedArrayConditionType(string value) => new AutomationRulePropertyArrayConditionSupportedArrayConditionType(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AutomationRulePropertyArrayConditionSupportedArrayConditionType other && Equals(other); + /// + public bool Equals(AutomationRulePropertyArrayConditionSupportedArrayConditionType other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayType.cs new file mode 100644 index 0000000000000..a599c41f440c2 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayType.cs @@ -0,0 +1,51 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRulePropertyArrayConditionSupportedArrayType. + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayType : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AutomationRulePropertyArrayConditionSupportedArrayType(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string CustomDetailsValue = "CustomDetails"; + private const string CustomDetailValuesValue = "CustomDetailValues"; + + /// Evaluate the condition on the custom detail keys. + public static AutomationRulePropertyArrayConditionSupportedArrayType CustomDetails { get; } = new AutomationRulePropertyArrayConditionSupportedArrayType(CustomDetailsValue); + /// Evaluate the condition on a custom detail's values. + public static AutomationRulePropertyArrayConditionSupportedArrayType CustomDetailValues { get; } = new AutomationRulePropertyArrayConditionSupportedArrayType(CustomDetailValuesValue); + /// Determines if two values are the same. + public static bool operator ==(AutomationRulePropertyArrayConditionSupportedArrayType left, AutomationRulePropertyArrayConditionSupportedArrayType right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AutomationRulePropertyArrayConditionSupportedArrayType left, AutomationRulePropertyArrayConditionSupportedArrayType right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AutomationRulePropertyArrayConditionSupportedArrayType(string value) => new AutomationRulePropertyArrayConditionSupportedArrayType(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AutomationRulePropertyArrayConditionSupportedArrayType other && Equals(other); + /// + public bool Equals(AutomationRulePropertyArrayConditionSupportedArrayType other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.Serialization.cs new file mode 100644 index 0000000000000..a214b36d93174 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.Serialization.cs @@ -0,0 +1,88 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AutomationRulePropertyArrayValuesCondition : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ArrayType)) + { + writer.WritePropertyName("arrayType"); + writer.WriteStringValue(ArrayType.Value.ToString()); + } + if (Optional.IsDefined(ArrayConditionType)) + { + writer.WritePropertyName("arrayConditionType"); + writer.WriteStringValue(ArrayConditionType.Value.ToString()); + } + if (Optional.IsCollectionDefined(ItemConditions)) + { + writer.WritePropertyName("itemConditions"); + writer.WriteStartArray(); + foreach (var item in ItemConditions) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } + writer.WriteEndObject(); + } + + internal static AutomationRulePropertyArrayValuesCondition DeserializeAutomationRulePropertyArrayValuesCondition(JsonElement element) + { + Optional arrayType = default; + Optional arrayConditionType = default; + Optional> itemConditions = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("arrayType")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + arrayType = new AutomationRulePropertyArrayConditionSupportedArrayType(property.Value.GetString()); + continue; + } + if (property.NameEquals("arrayConditionType")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + arrayConditionType = new AutomationRulePropertyArrayConditionSupportedArrayConditionType(property.Value.GetString()); + continue; + } + if (property.NameEquals("itemConditions")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(AutomationRuleCondition.DeserializeAutomationRuleCondition(item)); + } + itemConditions = array; + continue; + } + } + return new AutomationRulePropertyArrayValuesCondition(Optional.ToNullable(arrayType), Optional.ToNullable(arrayConditionType), Optional.ToList(itemConditions)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.cs new file mode 100644 index 0000000000000..2af0e417d2930 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.cs @@ -0,0 +1,46 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRulePropertyArrayValuesCondition. + public partial class AutomationRulePropertyArrayValuesCondition + { + /// Initializes a new instance of AutomationRulePropertyArrayValuesCondition. + public AutomationRulePropertyArrayValuesCondition() + { + ItemConditions = new ChangeTrackingList(); + } + + /// Initializes a new instance of AutomationRulePropertyArrayValuesCondition. + /// + /// + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + internal AutomationRulePropertyArrayValuesCondition(AutomationRulePropertyArrayConditionSupportedArrayType? arrayType, AutomationRulePropertyArrayConditionSupportedArrayConditionType? arrayConditionType, IList itemConditions) + { + ArrayType = arrayType; + ArrayConditionType = arrayConditionType; + ItemConditions = itemConditions; + } + + /// Gets or sets the array type. + public AutomationRulePropertyArrayConditionSupportedArrayType? ArrayType { get; set; } + /// Gets or sets the array condition type. + public AutomationRulePropertyArrayConditionSupportedArrayConditionType? ArrayConditionType { get; set; } + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + public IList ItemConditions { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs index dea82c9b3ed07..00ad1fadfcaca 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs @@ -30,6 +30,9 @@ public AutomationRulePropertyConditionSupportedProperty(string value) private const string IncidentTacticsValue = "IncidentTactics"; private const string IncidentLabelValue = "IncidentLabel"; private const string IncidentProviderNameValue = "IncidentProviderName"; + private const string IncidentUpdatedBySourceValue = "IncidentUpdatedBySource"; + private const string IncidentCustomDetailsKeyValue = "IncidentCustomDetailsKey"; + private const string IncidentCustomDetailsValueValue = "IncidentCustomDetailsValue"; private const string AccountAadTenantIdValue = "AccountAadTenantId"; private const string AccountAadUserIdValue = "AccountAadUserId"; private const string AccountNameValue = "AccountName"; @@ -94,6 +97,12 @@ public AutomationRulePropertyConditionSupportedProperty(string value) public static AutomationRulePropertyConditionSupportedProperty IncidentLabel { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentLabelValue); /// The provider name of the incident. public static AutomationRulePropertyConditionSupportedProperty IncidentProviderName { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentProviderNameValue); + /// The update source of the incident. + public static AutomationRulePropertyConditionSupportedProperty IncidentUpdatedBySource { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentUpdatedBySourceValue); + /// The incident custom detail key. + public static AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsKey { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentCustomDetailsKeyValue); + /// The incident custom detail value. + public static AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsValue { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentCustomDetailsValueValue); /// The account Azure Active Directory tenant id. public static AutomationRulePropertyConditionSupportedProperty AccountAadTenantId { get; } = new AutomationRulePropertyConditionSupportedProperty(AccountAadTenantIdValue); /// The account Azure Active Directory user id. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs index f1b80992b80e1..3aa3d95b3ab53 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs @@ -34,7 +34,7 @@ public AutomationRuleTriggeringLogic(bool isEnabled, TriggersOn triggersOn, Trig /// /// The conditions to evaluate to determine if the automation rule should be triggered on a given object. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include , and . + /// The available derived classes include , , , and . /// internal AutomationRuleTriggeringLogic(bool isEnabled, DateTimeOffset? expirationTimeUtc, TriggersOn triggersOn, TriggersWhen triggersWhen, IList conditions) { @@ -56,7 +56,7 @@ internal AutomationRuleTriggeringLogic(bool isEnabled, DateTimeOffset? expiratio /// /// The conditions to evaluate to determine if the automation rule should be triggered on a given object. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include , and . + /// The available derived classes include , , , and . /// public IList Conditions { get; } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.Serialization.cs new file mode 100644 index 0000000000000..08f53e3058af8 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.Serialization.cs @@ -0,0 +1,53 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class BooleanConditionProperties : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ConditionProperties)) + { + writer.WritePropertyName("conditionProperties"); + writer.WriteObjectValue(ConditionProperties); + } + writer.WritePropertyName("conditionType"); + writer.WriteStringValue(ConditionType.ToString()); + writer.WriteEndObject(); + } + + internal static BooleanConditionProperties DeserializeBooleanConditionProperties(JsonElement element) + { + Optional conditionProperties = default; + ConditionType conditionType = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("conditionProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + conditionProperties = AutomationRuleBooleanCondition.DeserializeAutomationRuleBooleanCondition(property.Value); + continue; + } + if (property.NameEquals("conditionType")) + { + conditionType = new ConditionType(property.Value.GetString()); + continue; + } + } + return new BooleanConditionProperties(conditionType, conditionProperties.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.cs new file mode 100644 index 0000000000000..cfa8c8e1b3081 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions. + public partial class BooleanConditionProperties : AutomationRuleCondition + { + /// Initializes a new instance of BooleanConditionProperties. + public BooleanConditionProperties() + { + ConditionType = ConditionType.Boolean; + } + + /// Initializes a new instance of BooleanConditionProperties. + /// + /// + internal BooleanConditionProperties(ConditionType conditionType, AutomationRuleBooleanCondition conditionProperties) : base(conditionType) + { + ConditionProperties = conditionProperties; + ConditionType = conditionType; + } + + /// Gets or sets the condition properties. + public AutomationRuleBooleanCondition ConditionProperties { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Category.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Category.cs new file mode 100644 index 0000000000000..6973a5061cedd --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Category.cs @@ -0,0 +1,60 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Categories of recommendations. + public readonly partial struct Category : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public Category(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string OnboardingValue = "Onboarding"; + private const string NewFeatureValue = "NewFeature"; + private const string SocEfficiencyValue = "SocEfficiency"; + private const string CostOptimizationValue = "CostOptimization"; + private const string DemoValue = "Demo"; + + /// Onboarding recommendation. + public static Category Onboarding { get; } = new Category(OnboardingValue); + /// New feature recommendation. + public static Category NewFeature { get; } = new Category(NewFeatureValue); + /// Soc Efficiency recommendation. + public static Category SocEfficiency { get; } = new Category(SocEfficiencyValue); + /// Cost optimization recommendation. + public static Category CostOptimization { get; } = new Category(CostOptimizationValue); + /// Demo recommendation. + public static Category Demo { get; } = new Category(DemoValue); + /// Determines if two values are the same. + public static bool operator ==(Category left, Category right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(Category left, Category right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator Category(string value) => new Category(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is Category other && Equals(other); + /// + public bool Equals(Category other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs index c6f7287395fc9..583f92fe8e9b2 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs @@ -23,15 +23,21 @@ public ConditionType(string value) } private const string PropertyValue = "Property"; + private const string PropertyArrayValue = "PropertyArray"; private const string PropertyChangedValue = "PropertyChanged"; private const string PropertyArrayChangedValue = "PropertyArrayChanged"; + private const string BooleanValue = "Boolean"; /// Evaluate an object property value. public static ConditionType Property { get; } = new ConditionType(PropertyValue); + /// Evaluate an object array property value. + public static ConditionType PropertyArray { get; } = new ConditionType(PropertyArrayValue); /// Evaluate an object property changed value. public static ConditionType PropertyChanged { get; } = new ConditionType(PropertyChangedValue); /// Evaluate an object array property changed value. public static ConditionType PropertyArrayChanged { get; } = new ConditionType(PropertyArrayChangedValue); + /// Apply a boolean operator (e.g AND, OR) to conditions. + public static ConditionType Boolean { get; } = new ConditionType(BooleanValue); /// Determines if two values are the same. public static bool operator ==(ConditionType left, ConditionType right) => left.Equals(right); /// Determines if two values are not the same. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.Serialization.cs new file mode 100644 index 0000000000000..5522bcfcb9c80 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.Serialization.cs @@ -0,0 +1,35 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class Content + { + internal static Content DeserializeContent(JsonElement element) + { + string title = default; + string description = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("title")) + { + title = property.Value.GetString(); + continue; + } + if (property.NameEquals("description")) + { + description = property.Value.GetString(); + continue; + } + } + return new Content(title, description); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.cs new file mode 100644 index 0000000000000..2c841d8e57668 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.cs @@ -0,0 +1,34 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Content section of the recommendation. + public partial class Content + { + /// Initializes a new instance of Content. + /// Title of the content. + /// Description of the content. + /// or is null. + internal Content(string title, string description) + { + Argument.AssertNotNull(title, nameof(title)); + Argument.AssertNotNull(description, nameof(description)); + + Title = title; + Description = description; + } + + /// Title of the content. + public string Title { get; } + /// Description of the content. + public string Description { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Context.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Context.cs new file mode 100644 index 0000000000000..52b61b2b06602 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Context.cs @@ -0,0 +1,57 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Context of recommendation. + public readonly partial struct Context : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public Context(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AnalyticsValue = "Analytics"; + private const string IncidentsValue = "Incidents"; + private const string OverviewValue = "Overview"; + private const string NoneValue = "None"; + + /// Analytics context. + public static Context Analytics { get; } = new Context(AnalyticsValue); + /// Incidents context. + public static Context Incidents { get; } = new Context(IncidentsValue); + /// Overview context. + public static Context Overview { get; } = new Context(OverviewValue); + /// No context. + public static Context None { get; } = new Context(NoneValue); + /// Determines if two values are the same. + public static bool operator ==(Context left, Context right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(Context left, Context right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator Context(string value) => new Context(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is Context other && Equals(other); + /// + public bool Equals(Context other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.Serialization.cs new file mode 100644 index 0000000000000..4c15770f84eda --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.Serialization.cs @@ -0,0 +1,46 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class Instructions + { + internal static Instructions DeserializeInstructions(JsonElement element) + { + string actionsToBePerformed = default; + string recommendationImportance = default; + Optional howToPerformActionDetails = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("actionsToBePerformed")) + { + actionsToBePerformed = property.Value.GetString(); + continue; + } + if (property.NameEquals("recommendationImportance")) + { + recommendationImportance = property.Value.GetString(); + continue; + } + if (property.NameEquals("howToPerformActionDetails")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + howToPerformActionDetails = null; + continue; + } + howToPerformActionDetails = property.Value.GetString(); + continue; + } + } + return new Instructions(actionsToBePerformed, recommendationImportance, howToPerformActionDetails.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.cs new file mode 100644 index 0000000000000..5b5bbec66f34a --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.cs @@ -0,0 +1,47 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Instructions section of a recommendation. + public partial class Instructions + { + /// Initializes a new instance of Instructions. + /// What actions should be taken to complete the recommendation. + /// Explains why the recommendation is important. + /// or is null. + internal Instructions(string actionsToBePerformed, string recommendationImportance) + { + Argument.AssertNotNull(actionsToBePerformed, nameof(actionsToBePerformed)); + Argument.AssertNotNull(recommendationImportance, nameof(recommendationImportance)); + + ActionsToBePerformed = actionsToBePerformed; + RecommendationImportance = recommendationImportance; + } + + /// Initializes a new instance of Instructions. + /// What actions should be taken to complete the recommendation. + /// Explains why the recommendation is important. + /// How should the user complete the recommendation. + internal Instructions(string actionsToBePerformed, string recommendationImportance, string howToPerformActionDetails) + { + ActionsToBePerformed = actionsToBePerformed; + RecommendationImportance = recommendationImportance; + HowToPerformActionDetails = howToPerformActionDetails; + } + + /// What actions should be taken to complete the recommendation. + public string ActionsToBePerformed { get; } + /// Explains why the recommendation is important. + public string RecommendationImportance { get; } + /// How should the user complete the recommendation. + public string HowToPerformActionDetails { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs index 212fd76649420..55acc876d7b7b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs @@ -10,7 +10,7 @@ namespace Azure.ResourceManager.SecurityInsights.Models { - /// Holds the alert intent stage(s) mapping for this alert. + /// The intent of the alert. public readonly partial struct KillChainIntent : IEquatable { private readonly string _value; diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs index f39d6887f16aa..bb04c9018e8e1 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs @@ -20,11 +20,8 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("tenantId"); writer.WriteStringValue(TenantId.Value); } - if (Optional.IsDefined(LogicAppsResourceId)) - { - writer.WritePropertyName("logicAppsResourceId"); - writer.WriteStringValue(LogicAppsResourceId); - } + writer.WritePropertyName("logicAppsResourceId"); + writer.WriteStringValue(LogicAppsResourceId); writer.WriteEndObject(); } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs index 1a35d5ad9dcc9..479330951d44e 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using Azure.Core; namespace Azure.ResourceManager.SecurityInsights.Models { @@ -13,13 +14,18 @@ namespace Azure.ResourceManager.SecurityInsights.Models public partial class ManualTriggerRequestBody { /// Initializes a new instance of ManualTriggerRequestBody. - public ManualTriggerRequestBody() + /// + /// is null. + public ManualTriggerRequestBody(string logicAppsResourceId) { + Argument.AssertNotNull(logicAppsResourceId, nameof(logicAppsResourceId)); + + LogicAppsResourceId = logicAppsResourceId; } /// Gets or sets the tenant id. public Guid? TenantId { get; set; } - /// Gets or sets the logic apps resource id. - public string LogicAppsResourceId { get; set; } + /// Gets the logic apps resource id. + public string LogicAppsResourceId { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs index e23a624f97bbd..9573798be8e6a 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs @@ -124,6 +124,21 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsDefined(EventGroupingSettings)) + { + writer.WritePropertyName("eventGroupingSettings"); + writer.WriteObjectValue(EventGroupingSettings); + } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -152,6 +167,8 @@ internal static NrtAlertRule DeserializeNrtAlertRule(JsonElement element) Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional eventGroupingSettings = default; + Optional> sentinelEntitiesMappings = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("kind")) @@ -358,11 +375,36 @@ internal static NrtAlertRule DeserializeNrtAlertRule(JsonElement element) alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("eventGroupingSettings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + eventGroupingSettings = EventGroupingSettings.DeserializeEventGroupingSettings(property0.Value); + continue; + } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } } continue; } } - return new NrtAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), alertRuleTemplateName.Value, templateVersion.Value, description.Value, query.Value, Optional.ToList(tactics), Optional.ToList(techniques), displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToNullable(severity), incidentConfiguration.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value); + return new NrtAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), alertRuleTemplateName.Value, templateVersion.Value, description.Value, query.Value, Optional.ToList(tactics), Optional.ToList(techniques), displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToNullable(severity), incidentConfiguration.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, eventGroupingSettings.Value, Optional.ToList(sentinelEntitiesMappings)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs index b7b03ece5ab1b..9758717ed687b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs @@ -24,6 +24,7 @@ public NrtAlertRule() Techniques = new ChangeTrackingList(); CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Kind = AlertRuleKind.NRT; } @@ -50,7 +51,9 @@ public NrtAlertRule() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. - internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string alertRuleTemplateName, string templateVersion, string description, string query, IList tactics, IList techniques, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, AlertSeverity? severity, IncidentConfiguration incidentConfiguration, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride) : base(id, name, resourceType, systemData, kind, etag) + /// The event grouping settings. + /// Array of the sentinel entity mappings of the alert rule. + internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string alertRuleTemplateName, string templateVersion, string description, string query, IList tactics, IList techniques, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, AlertSeverity? severity, IncidentConfiguration incidentConfiguration, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, EventGroupingSettings eventGroupingSettings, IList sentinelEntitiesMappings) : base(id, name, resourceType, systemData, kind, etag) { AlertRuleTemplateName = alertRuleTemplateName; TemplateVersion = templateVersion; @@ -68,6 +71,8 @@ internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceT CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + EventGroupingSettings = eventGroupingSettings; + SentinelEntitiesMappings = sentinelEntitiesMappings; Kind = kind; } @@ -103,5 +108,21 @@ internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceT public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// The event grouping settings. + internal EventGroupingSettings EventGroupingSettings { get; set; } + /// The event grouping aggregation kinds. + public EventGroupingAggregationKind? EventGroupingAggregationKind + { + get => EventGroupingSettings is null ? default : EventGroupingSettings.AggregationKind; + set + { + if (EventGroupingSettings is null) + EventGroupingSettings = new EventGroupingSettings(); + EventGroupingSettings.AggregationKind = value; + } + } + + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs index c62697619b853..bd76698af0c2d 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs @@ -113,6 +113,21 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsDefined(EventGroupingSettings)) + { + writer.WritePropertyName("eventGroupingSettings"); + writer.WriteObjectValue(EventGroupingSettings); + } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -139,6 +154,8 @@ internal static NrtAlertRuleTemplate DeserializeNrtAlertRuleTemplate(JsonElement Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional eventGroupingSettings = default; + Optional> sentinelEntitiesMappings = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("kind")) @@ -335,11 +352,36 @@ internal static NrtAlertRuleTemplate DeserializeNrtAlertRuleTemplate(JsonElement alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("eventGroupingSettings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + eventGroupingSettings = EventGroupingSettings.DeserializeEventGroupingSettings(property0.Value); + continue; + } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } } continue; } } - return new NrtAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(lastUpdatedDateUTC), Optional.ToNullable(createdDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), Optional.ToList(tactics), Optional.ToList(techniques), query.Value, Optional.ToNullable(severity), version.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value); + return new NrtAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(lastUpdatedDateUTC), Optional.ToNullable(createdDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), Optional.ToList(tactics), Optional.ToList(techniques), query.Value, Optional.ToNullable(severity), version.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, eventGroupingSettings.Value, Optional.ToList(sentinelEntitiesMappings)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs index ac500774fec7c..a532b6bab5258 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs @@ -24,6 +24,7 @@ public NrtAlertRuleTemplate() Techniques = new ChangeTrackingList(); CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Kind = AlertRuleKind.NRT; } @@ -48,7 +49,9 @@ public NrtAlertRuleTemplate() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. - internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? lastUpdatedDateUTC, DateTimeOffset? createdDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, IList tactics, IList techniques, string query, AlertSeverity? severity, string version, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride) : base(id, name, resourceType, systemData, kind) + /// The event grouping settings. + /// Array of the sentinel entity mappings of the alert rule. + internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? lastUpdatedDateUTC, DateTimeOffset? createdDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, IList tactics, IList techniques, string query, AlertSeverity? severity, string version, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, EventGroupingSettings eventGroupingSettings, IList sentinelEntitiesMappings) : base(id, name, resourceType, systemData, kind) { AlertRulesCreatedByTemplateCount = alertRulesCreatedByTemplateCount; LastUpdatedDateUTC = lastUpdatedDateUTC; @@ -65,6 +68,8 @@ internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType r CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + EventGroupingSettings = eventGroupingSettings; + SentinelEntitiesMappings = sentinelEntitiesMappings; Kind = kind; } @@ -98,5 +103,21 @@ internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType r public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// The event grouping settings. + internal EventGroupingSettings EventGroupingSettings { get; set; } + /// The event grouping aggregation kinds. + public EventGroupingAggregationKind? EventGroupingAggregationKind + { + get => EventGroupingSettings is null ? default : EventGroupingSettings.AggregationKind; + set + { + if (EventGroupingSettings is null) + EventGroupingSettings = new EventGroupingSettings(); + EventGroupingSettings.AggregationKind = value; + } + } + + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Priority.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Priority.cs new file mode 100644 index 0000000000000..5725d0beb578e --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Priority.cs @@ -0,0 +1,54 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Priority of recommendation. + public readonly partial struct Priority : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public Priority(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string LowValue = "Low"; + private const string MediumValue = "Medium"; + private const string HighValue = "High"; + + /// Low priority for recommendation. + public static Priority Low { get; } = new Priority(LowValue); + /// Medium priority for recommendation. + public static Priority Medium { get; } = new Priority(MediumValue); + /// High priority for recommendation. + public static Priority High { get; } = new Priority(HighValue); + /// Determines if two values are the same. + public static bool operator ==(Priority left, Priority right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(Priority left, Priority right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator Priority(string value) => new Priority(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is Priority other && Equals(other); + /// + public bool Equals(Priority other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.Serialization.cs new file mode 100644 index 0000000000000..60a144a9090ea --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.Serialization.cs @@ -0,0 +1,53 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class PropertyArrayConditionProperties : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ConditionProperties)) + { + writer.WritePropertyName("conditionProperties"); + writer.WriteObjectValue(ConditionProperties); + } + writer.WritePropertyName("conditionType"); + writer.WriteStringValue(ConditionType.ToString()); + writer.WriteEndObject(); + } + + internal static PropertyArrayConditionProperties DeserializePropertyArrayConditionProperties(JsonElement element) + { + Optional conditionProperties = default; + ConditionType conditionType = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("conditionProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + conditionProperties = AutomationRulePropertyArrayValuesCondition.DeserializeAutomationRulePropertyArrayValuesCondition(property.Value); + continue; + } + if (property.NameEquals("conditionType")) + { + conditionType = new ConditionType(property.Value.GetString()); + continue; + } + } + return new PropertyArrayConditionProperties(conditionType, conditionProperties.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.cs new file mode 100644 index 0000000000000..612c029e63e7d --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Describes an automation rule condition that evaluates an array property's value. + public partial class PropertyArrayConditionProperties : AutomationRuleCondition + { + /// Initializes a new instance of PropertyArrayConditionProperties. + public PropertyArrayConditionProperties() + { + ConditionType = ConditionType.PropertyArray; + } + + /// Initializes a new instance of PropertyArrayConditionProperties. + /// + /// + internal PropertyArrayConditionProperties(ConditionType conditionType, AutomationRulePropertyArrayValuesCondition conditionProperties) : base(conditionType) + { + ConditionProperties = conditionProperties; + ConditionType = conditionType; + } + + /// Gets or sets the condition properties. + public AutomationRulePropertyArrayValuesCondition ConditionProperties { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.Serialization.cs new file mode 100644 index 0000000000000..d089899467fa1 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.Serialization.cs @@ -0,0 +1,179 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class Recommendation + { + internal static Recommendation DeserializeRecommendation(JsonElement element) + { + Guid id = default; + Instructions instructions = default; + Optional content = default; + Optional resourceId = default; + Optional> additionalProperties = default; + string title = default; + string description = default; + string recommendationTypeTitle = default; + string recommendationTypeId = default; + Category category = default; + Context context = default; + Guid workspaceId = default; + IReadOnlyList actions = default; + State state = default; + Priority priority = default; + DateTimeOffset lastEvaluatedTimeUtc = default; + Optional hideUntilTimeUtc = default; + Optional displayUntilTimeUtc = default; + Optional visible = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("id")) + { + id = property.Value.GetGuid(); + continue; + } + if (property.NameEquals("instructions")) + { + instructions = Instructions.DeserializeInstructions(property.Value); + continue; + } + if (property.NameEquals("content")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + content = null; + continue; + } + content = Content.DeserializeContent(property.Value); + continue; + } + if (property.NameEquals("resourceId")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + resourceId = null; + continue; + } + resourceId = property.Value.GetString(); + continue; + } + if (property.NameEquals("additionalProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + additionalProperties = null; + continue; + } + Dictionary dictionary = new Dictionary(); + foreach (var property0 in property.Value.EnumerateObject()) + { + dictionary.Add(property0.Name, property0.Value.GetString()); + } + additionalProperties = dictionary; + continue; + } + if (property.NameEquals("title")) + { + title = property.Value.GetString(); + continue; + } + if (property.NameEquals("description")) + { + description = property.Value.GetString(); + continue; + } + if (property.NameEquals("recommendationTypeTitle")) + { + recommendationTypeTitle = property.Value.GetString(); + continue; + } + if (property.NameEquals("recommendationTypeId")) + { + recommendationTypeId = property.Value.GetString(); + continue; + } + if (property.NameEquals("category")) + { + category = new Category(property.Value.GetString()); + continue; + } + if (property.NameEquals("context")) + { + context = new Context(property.Value.GetString()); + continue; + } + if (property.NameEquals("workspaceId")) + { + workspaceId = property.Value.GetGuid(); + continue; + } + if (property.NameEquals("actions")) + { + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(RecommendedAction.DeserializeRecommendedAction(item)); + } + actions = array; + continue; + } + if (property.NameEquals("state")) + { + state = new State(property.Value.GetString()); + continue; + } + if (property.NameEquals("priority")) + { + priority = new Priority(property.Value.GetString()); + continue; + } + if (property.NameEquals("lastEvaluatedTimeUtc")) + { + lastEvaluatedTimeUtc = property.Value.GetDateTimeOffset("O"); + continue; + } + if (property.NameEquals("hideUntilTimeUtc")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + hideUntilTimeUtc = null; + continue; + } + hideUntilTimeUtc = property.Value.GetDateTimeOffset("O"); + continue; + } + if (property.NameEquals("displayUntilTimeUtc")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + displayUntilTimeUtc = null; + continue; + } + displayUntilTimeUtc = property.Value.GetDateTimeOffset("O"); + continue; + } + if (property.NameEquals("visible")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + visible = property.Value.GetBoolean(); + continue; + } + } + return new Recommendation(id, instructions, content.Value, resourceId.Value, Optional.ToDictionary(additionalProperties), title, description, recommendationTypeTitle, recommendationTypeId, category, context, workspaceId, actions, state, priority, lastEvaluatedTimeUtc, Optional.ToNullable(hideUntilTimeUtc), Optional.ToNullable(displayUntilTimeUtc), Optional.ToNullable(visible)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.cs new file mode 100644 index 0000000000000..ca8a389d0da23 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.cs @@ -0,0 +1,140 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Collections.Generic; +using System.Linq; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Recommendation object. + public partial class Recommendation + { + /// Initializes a new instance of Recommendation. + /// id of recommendation. + /// Instructions of the recommendation. + /// Title of the recommendation. + /// Description of the recommendation. + /// Title of the recommendation type. + /// Id of the recommendation type. + /// Category of the recommendation. + /// Context of the recommendation. + /// Id of the workspace this recommendation refers to. + /// List of actions to take for this recommendation. + /// State of the recommendation. + /// Priority of the recommendation. + /// The time stamp (UTC) when the recommendation was last evaluated. + /// , , , , or is null. + internal Recommendation(Guid id, Instructions instructions, string title, string description, string recommendationTypeTitle, string recommendationTypeId, Category category, Context context, Guid workspaceId, IEnumerable actions, State state, Priority priority, DateTimeOffset lastEvaluatedTimeUtc) + { + Argument.AssertNotNull(instructions, nameof(instructions)); + Argument.AssertNotNull(title, nameof(title)); + Argument.AssertNotNull(description, nameof(description)); + Argument.AssertNotNull(recommendationTypeTitle, nameof(recommendationTypeTitle)); + Argument.AssertNotNull(recommendationTypeId, nameof(recommendationTypeId)); + Argument.AssertNotNull(actions, nameof(actions)); + + Id = id; + Instructions = instructions; + AdditionalProperties = new ChangeTrackingDictionary(); + Title = title; + Description = description; + RecommendationTypeTitle = recommendationTypeTitle; + RecommendationTypeId = recommendationTypeId; + Category = category; + Context = context; + WorkspaceId = workspaceId; + Actions = actions.ToList(); + State = state; + Priority = priority; + LastEvaluatedTimeUtc = lastEvaluatedTimeUtc; + } + + /// Initializes a new instance of Recommendation. + /// id of recommendation. + /// Instructions of the recommendation. + /// Content of the recommendation. + /// Id of the resource this recommendation refers to. + /// Collection of additional properties for the recommendation. + /// Title of the recommendation. + /// Description of the recommendation. + /// Title of the recommendation type. + /// Id of the recommendation type. + /// Category of the recommendation. + /// Context of the recommendation. + /// Id of the workspace this recommendation refers to. + /// List of actions to take for this recommendation. + /// State of the recommendation. + /// Priority of the recommendation. + /// The time stamp (UTC) when the recommendation was last evaluated. + /// The time stamp (UTC) when the recommendation should be displayed again. + /// The timestamp (UTC) after which the recommendation should not be displayed anymore. + /// Value indicating if the recommendation should be displayed or not. + internal Recommendation(Guid id, Instructions instructions, Content content, string resourceId, IReadOnlyDictionary additionalProperties, string title, string description, string recommendationTypeTitle, string recommendationTypeId, Category category, Context context, Guid workspaceId, IReadOnlyList actions, State state, Priority priority, DateTimeOffset lastEvaluatedTimeUtc, DateTimeOffset? hideUntilTimeUtc, DateTimeOffset? displayUntilTimeUtc, bool? visible) + { + Id = id; + Instructions = instructions; + Content = content; + ResourceId = resourceId; + AdditionalProperties = additionalProperties; + Title = title; + Description = description; + RecommendationTypeTitle = recommendationTypeTitle; + RecommendationTypeId = recommendationTypeId; + Category = category; + Context = context; + WorkspaceId = workspaceId; + Actions = actions; + State = state; + Priority = priority; + LastEvaluatedTimeUtc = lastEvaluatedTimeUtc; + HideUntilTimeUtc = hideUntilTimeUtc; + DisplayUntilTimeUtc = displayUntilTimeUtc; + Visible = visible; + } + + /// id of recommendation. + public Guid Id { get; } + /// Instructions of the recommendation. + public Instructions Instructions { get; } + /// Content of the recommendation. + public Content Content { get; } + /// Id of the resource this recommendation refers to. + public string ResourceId { get; } + /// Collection of additional properties for the recommendation. + public IReadOnlyDictionary AdditionalProperties { get; } + /// Title of the recommendation. + public string Title { get; } + /// Description of the recommendation. + public string Description { get; } + /// Title of the recommendation type. + public string RecommendationTypeTitle { get; } + /// Id of the recommendation type. + public string RecommendationTypeId { get; } + /// Category of the recommendation. + public Category Category { get; } + /// Context of the recommendation. + public Context Context { get; } + /// Id of the workspace this recommendation refers to. + public Guid WorkspaceId { get; } + /// List of actions to take for this recommendation. + public IReadOnlyList Actions { get; } + /// State of the recommendation. + public State State { get; } + /// Priority of the recommendation. + public Priority Priority { get; } + /// The time stamp (UTC) when the recommendation was last evaluated. + public DateTimeOffset LastEvaluatedTimeUtc { get; } + /// The time stamp (UTC) when the recommendation should be displayed again. + public DateTimeOffset? HideUntilTimeUtc { get; } + /// The timestamp (UTC) after which the recommendation should not be displayed anymore. + public DateTimeOffset? DisplayUntilTimeUtc { get; } + /// Value indicating if the recommendation should be displayed or not. + public bool? Visible { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.Serialization.cs new file mode 100644 index 0000000000000..7cab8c678d917 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.Serialization.cs @@ -0,0 +1,40 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + internal partial class RecommendationList + { + internal static RecommendationList DeserializeRecommendationList(JsonElement element) + { + Optional> value = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("value")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(Recommendation.DeserializeRecommendation(item)); + } + value = array; + continue; + } + } + return new RecommendationList(Optional.ToList(value)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.cs new file mode 100644 index 0000000000000..56cd3a1b09454 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.cs @@ -0,0 +1,32 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// A list of recommendations. + internal partial class RecommendationList + { + /// Initializes a new instance of RecommendationList. + internal RecommendationList() + { + Value = new ChangeTrackingList(); + } + + /// Initializes a new instance of RecommendationList. + /// An list of recommendations. + internal RecommendationList(IReadOnlyList value) + { + Value = value; + } + + /// An list of recommendations. + public IReadOnlyList Value { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.Serialization.cs new file mode 100644 index 0000000000000..54adb25a87a5a --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.Serialization.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class RecommendationPatch : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(State)) + { + writer.WritePropertyName("state"); + writer.WriteStringValue(State.Value.ToString()); + } + if (Optional.IsDefined(HideUntilTimeUtc)) + { + writer.WritePropertyName("hideUntilTimeUtc"); + writer.WriteStringValue(HideUntilTimeUtc.Value, "O"); + } + writer.WriteEndObject(); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.cs new file mode 100644 index 0000000000000..d5f82f0c5e341 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.cs @@ -0,0 +1,25 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Recommendation Fields to update. + public partial class RecommendationPatch + { + /// Initializes a new instance of RecommendationPatch. + public RecommendationPatch() + { + } + + /// State of the recommendation. + public State? State { get; set; } + /// The time stamp (UTC) when the recommendation should be displayed again. + public DateTimeOffset? HideUntilTimeUtc { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.Serialization.cs new file mode 100644 index 0000000000000..9a7364e782fbe --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.Serialization.cs @@ -0,0 +1,47 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class RecommendedAction + { + internal static RecommendedAction DeserializeRecommendedAction(JsonElement element) + { + string linkText = default; + Uri linkUrl = default; + Optional state = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("linkText")) + { + linkText = property.Value.GetString(); + continue; + } + if (property.NameEquals("linkUrl")) + { + linkUrl = new Uri(property.Value.GetString()); + continue; + } + if (property.NameEquals("state")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + state = new Priority(property.Value.GetString()); + continue; + } + } + return new RecommendedAction(linkText, linkUrl, Optional.ToNullable(state)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.cs new file mode 100644 index 0000000000000..c28096d093aee --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.cs @@ -0,0 +1,47 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// What actions should be taken to complete the recommendation. + public partial class RecommendedAction + { + /// Initializes a new instance of RecommendedAction. + /// Text of the link to complete the action. + /// The Link to complete the action. + /// or is null. + internal RecommendedAction(string linkText, Uri linkUri) + { + Argument.AssertNotNull(linkText, nameof(linkText)); + Argument.AssertNotNull(linkUri, nameof(linkUri)); + + LinkText = linkText; + LinkUri = linkUri; + } + + /// Initializes a new instance of RecommendedAction. + /// Text of the link to complete the action. + /// The Link to complete the action. + /// The state of the action. + internal RecommendedAction(string linkText, Uri linkUri, Priority? state) + { + LinkText = linkText; + LinkUri = linkUri; + State = state; + } + + /// Text of the link to complete the action. + public string LinkText { get; } + /// The Link to complete the action. + public Uri LinkUri { get; } + /// The state of the action. + public Priority? State { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs index 9082d9c998ba4..306e6e301fc24 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs @@ -89,6 +89,16 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } if (Optional.IsDefined(AlertRuleTemplateName)) { writer.WritePropertyName("alertRuleTemplateName"); @@ -171,6 +181,7 @@ internal static ScheduledAlertRule DeserializeScheduledAlertRule(JsonElement ele Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional> sentinelEntitiesMappings = default; Optional alertRuleTemplateName = default; Optional templateVersion = default; Optional description = default; @@ -338,6 +349,21 @@ internal static ScheduledAlertRule DeserializeScheduledAlertRule(JsonElement ele alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } if (property0.NameEquals("alertRuleTemplateName")) { alertRuleTemplateName = property0.Value.GetString(); @@ -442,7 +468,7 @@ internal static ScheduledAlertRule DeserializeScheduledAlertRule(JsonElement ele continue; } } - return new ScheduledAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, alertRuleTemplateName.Value, templateVersion.Value, description.Value, displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToList(tactics), Optional.ToList(techniques), incidentConfiguration.Value); + return new ScheduledAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, Optional.ToList(sentinelEntitiesMappings), alertRuleTemplateName.Value, templateVersion.Value, description.Value, displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToList(tactics), Optional.ToList(techniques), incidentConfiguration.Value); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs index 7c44306917b49..8b46f1a96b477 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs @@ -22,6 +22,7 @@ public ScheduledAlertRule() { CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Tactics = new ChangeTrackingList(); Techniques = new ChangeTrackingList(); Kind = AlertRuleKind.Scheduled; @@ -44,6 +45,7 @@ public ScheduledAlertRule() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. + /// Array of the sentinel entity mappings of the alert rule. /// The Name of the alert rule template used to create this rule. /// The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>. /// The description of the alert rule. @@ -55,7 +57,7 @@ public ScheduledAlertRule() /// The tactics of the alert rule. /// The techniques of the alert rule. /// The settings of the incidents that created from alerts triggered by this analytics rule. - internal ScheduledAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, string alertRuleTemplateName, string templateVersion, string description, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, IList tactics, IList techniques, IncidentConfiguration incidentConfiguration) : base(id, name, resourceType, systemData, kind, etag) + internal ScheduledAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, IList sentinelEntitiesMappings, string alertRuleTemplateName, string templateVersion, string description, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, IList tactics, IList techniques, IncidentConfiguration incidentConfiguration) : base(id, name, resourceType, systemData, kind, etag) { Query = query; QueryFrequency = queryFrequency; @@ -67,6 +69,7 @@ internal ScheduledAlertRule(ResourceIdentifier id, string name, ResourceType res CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + SentinelEntitiesMappings = sentinelEntitiesMappings; AlertRuleTemplateName = alertRuleTemplateName; TemplateVersion = templateVersion; Description = description; @@ -113,6 +116,8 @@ public EventGroupingAggregationKind? EventGroupingAggregationKind public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } /// The Name of the alert rule template used to create this rule. public string AlertRuleTemplateName { get; set; } /// The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs index d26e4ed871c9f..07f4756979da5 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs @@ -138,6 +138,16 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -169,6 +179,7 @@ internal static ScheduledAlertRuleTemplate DeserializeScheduledAlertRuleTemplate Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional> sentinelEntitiesMappings = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("kind")) @@ -415,11 +426,26 @@ internal static ScheduledAlertRuleTemplate DeserializeScheduledAlertRuleTemplate alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } } continue; } } - return new ScheduledAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(createdDateUTC), Optional.ToNullable(lastUpdatedDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), Optional.ToList(tactics), Optional.ToList(techniques), version.Value, eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value); + return new ScheduledAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(createdDateUTC), Optional.ToNullable(lastUpdatedDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), Optional.ToList(tactics), Optional.ToList(techniques), version.Value, eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, Optional.ToList(sentinelEntitiesMappings)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs index 0c4776e44d4ec..06afef43f2a42 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs @@ -24,6 +24,7 @@ public ScheduledAlertRuleTemplate() Techniques = new ChangeTrackingList(); CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Kind = AlertRuleKind.Scheduled; } @@ -53,7 +54,8 @@ public ScheduledAlertRuleTemplate() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. - internal ScheduledAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? createdDateUTC, DateTimeOffset? lastUpdatedDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, IList tactics, IList techniques, string version, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride) : base(id, name, resourceType, systemData, kind) + /// Array of the sentinel entity mappings of the alert rule. + internal ScheduledAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? createdDateUTC, DateTimeOffset? lastUpdatedDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, IList tactics, IList techniques, string version, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, IList sentinelEntitiesMappings) : base(id, name, resourceType, systemData, kind) { AlertRulesCreatedByTemplateCount = alertRulesCreatedByTemplateCount; CreatedDateUTC = createdDateUTC; @@ -75,6 +77,7 @@ internal ScheduledAlertRuleTemplate(ResourceIdentifier id, string name, Resource CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + SentinelEntitiesMappings = sentinelEntitiesMappings; Kind = kind; } @@ -130,5 +133,7 @@ public EventGroupingAggregationKind? EventGroupingAggregationKind public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs index 1e8a583416163..b70e8b7c94ecd 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using System.Text.Json; using Azure.Core; @@ -24,6 +25,8 @@ internal static SecurityAlertTimelineItem DeserializeSecurityAlertTimelineItem(J DateTimeOffset startTimeUtc = default; DateTimeOffset timeGenerated = default; string alertType = default; + Optional intent = default; + Optional> techniques = default; EntityTimelineKind kind = default; foreach (var property in element.EnumerateObject()) { @@ -72,13 +75,38 @@ internal static SecurityAlertTimelineItem DeserializeSecurityAlertTimelineItem(J alertType = property.Value.GetString(); continue; } + if (property.NameEquals("intent")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + intent = new KillChainIntent(property.Value.GetString()); + continue; + } + if (property.NameEquals("techniques")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(item.GetString()); + } + techniques = array; + continue; + } if (property.NameEquals("kind")) { kind = new EntityTimelineKind(property.Value.GetString()); continue; } } - return new SecurityAlertTimelineItem(kind, azureResourceId, productName.Value, description.Value, displayName, severity, endTimeUtc, startTimeUtc, timeGenerated, alertType); + return new SecurityAlertTimelineItem(kind, azureResourceId, productName.Value, description.Value, displayName, severity, endTimeUtc, startTimeUtc, timeGenerated, alertType, Optional.ToNullable(intent), Optional.ToList(techniques)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs index c4060b2ce5901..15ef70047ad01 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using Azure.Core; namespace Azure.ResourceManager.SecurityInsights.Models @@ -35,6 +36,7 @@ internal SecurityAlertTimelineItem(string azureResourceId, string displayName, A StartTimeUtc = startTimeUtc; TimeGenerated = timeGenerated; AlertType = alertType; + Techniques = new ChangeTrackingList(); Kind = EntityTimelineKind.SecurityAlert; } @@ -49,7 +51,9 @@ internal SecurityAlertTimelineItem(string azureResourceId, string displayName, A /// The alert start time. /// The alert generated time. /// The name of the alert type. - internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResourceId, string productName, string description, string displayName, AlertSeverity severity, DateTimeOffset endTimeUtc, DateTimeOffset startTimeUtc, DateTimeOffset timeGenerated, string alertType) : base(kind) + /// The intent of the alert. + /// The techniques of the alert. + internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResourceId, string productName, string description, string displayName, AlertSeverity severity, DateTimeOffset endTimeUtc, DateTimeOffset startTimeUtc, DateTimeOffset timeGenerated, string alertType, KillChainIntent? intent, IReadOnlyList techniques) : base(kind) { AzureResourceId = azureResourceId; ProductName = productName; @@ -60,6 +64,8 @@ internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResource StartTimeUtc = startTimeUtc; TimeGenerated = timeGenerated; AlertType = alertType; + Intent = intent; + Techniques = techniques; Kind = kind; } @@ -81,5 +87,9 @@ internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResource public DateTimeOffset TimeGenerated { get; } /// The name of the alert type. public string AlertType { get; } + /// The intent of the alert. + public KillChainIntent? Intent { get; } + /// The techniques of the alert. + public IReadOnlyList Techniques { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.Serialization.cs new file mode 100644 index 0000000000000..a63011a8366dc --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.Serialization.cs @@ -0,0 +1,40 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class SentinelEntityMapping : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ColumnName)) + { + writer.WritePropertyName("columnName"); + writer.WriteStringValue(ColumnName); + } + writer.WriteEndObject(); + } + + internal static SentinelEntityMapping DeserializeSentinelEntityMapping(JsonElement element) + { + Optional columnName = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("columnName")) + { + columnName = property.Value.GetString(); + continue; + } + } + return new SentinelEntityMapping(columnName.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.cs new file mode 100644 index 0000000000000..40fd2f03084c3 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.cs @@ -0,0 +1,28 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// A single sentinel entity mapping. + public partial class SentinelEntityMapping + { + /// Initializes a new instance of SentinelEntityMapping. + public SentinelEntityMapping() + { + } + + /// Initializes a new instance of SentinelEntityMapping. + /// the column name to be mapped to the SentinelEntities. + internal SentinelEntityMapping(string columnName) + { + ColumnName = columnName; + } + + /// the column name to be mapped to the SentinelEntities. + public string ColumnName { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/State.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/State.cs new file mode 100644 index 0000000000000..9dd246a3386e9 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/State.cs @@ -0,0 +1,60 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// State of recommendation. + public readonly partial struct State : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public State(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string ActiveValue = "Active"; + private const string DisabledValue = "Disabled"; + private const string CompletedByUserValue = "CompletedByUser"; + private const string CompletedByActionValue = "CompletedByAction"; + private const string HiddenValue = "Hidden"; + + /// Recommendation is active. + public static State Active { get; } = new State(ActiveValue); + /// Recommendation is disabled. + public static State Disabled { get; } = new State(DisabledValue); + /// Recommendation has been completed by user. + public static State CompletedByUser { get; } = new State(CompletedByUserValue); + /// Recommendation has been completed by action. + public static State CompletedByAction { get; } = new State(CompletedByActionValue); + /// Recommendation is hidden. + public static State Hidden { get; } = new State(HiddenValue); + /// Determines if two values are the same. + public static bool operator ==(State left, State right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(State left, State right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator State(string value) => new State(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is State other && Equals(other); + /// + public bool Equals(State other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs index d98d8c25e1254..819ddefa5cbff 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs @@ -33,7 +33,7 @@ public ActionsRestOperations(HttpPipeline pipeline, string applicationId, Uri en { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs index 057689ec8fa91..f5b78a1fc3c6d 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs @@ -33,7 +33,7 @@ public AlertRuleTemplatesRestOperations(HttpPipeline pipeline, string applicatio { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs index 49c7babcb41ea..5670d90cb912f 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs @@ -33,7 +33,7 @@ public AlertRulesRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs index 2bae664c83a23..43adc5f7f1b94 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs @@ -33,7 +33,7 @@ public AutomationRulesRestOperations(HttpPipeline pipeline, string applicationId { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs index 0e5c65b7a4884..f1362ab4365d5 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs @@ -33,7 +33,7 @@ public BookmarkRelationsRestOperations(HttpPipeline pipeline, string application { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs index 362eb47037eea..8fcc083762871 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs @@ -33,7 +33,7 @@ public BookmarksRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs index 7e59c8ac70b9d..9c3f55fa28a79 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs @@ -33,7 +33,7 @@ public DataConnectorsCheckRequirementsRestOperations(HttpPipeline pipeline, stri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs index 3906f9aeea0ab..88dbb1926e7ab 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs @@ -33,7 +33,7 @@ public DataConnectorsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs index efb1a21f975b2..fee78ea3b5e78 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs @@ -33,7 +33,7 @@ public DomainWhoisRestOperations(HttpPipeline pipeline, string applicationId, Ur { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs index c134233ec275f..be7a9ce3d4dcc 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs @@ -33,7 +33,7 @@ public EntitiesGetTimelineRestOperations(HttpPipeline pipeline, string applicati { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs index dccdcc5646b64..d446634955e91 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs @@ -33,7 +33,7 @@ public EntitiesRelationsRestOperations(HttpPipeline pipeline, string application { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs index 887ed9f5441bb..bb5b806a024a2 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs @@ -33,7 +33,7 @@ public EntitiesRestOperations(HttpPipeline pipeline, string applicationId, Uri e { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs index ec69b7786b4bb..68b03ebad1968 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs @@ -33,7 +33,7 @@ public EntityQueriesRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs index 66ea776633dd1..512b340cca6d2 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs @@ -33,7 +33,7 @@ public EntityQueryTemplatesRestOperations(HttpPipeline pipeline, string applicat { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs index 5fa4e073de66e..d29ab203f336f 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs @@ -32,7 +32,7 @@ public EntityRelationsRestOperations(HttpPipeline pipeline, string applicationId { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs index e8f091bbf9837..c2a5e5372b56d 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs @@ -33,7 +33,7 @@ public FileImportsRestOperations(HttpPipeline pipeline, string applicationId, Ur { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRecommendationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRecommendationsRestOperations.cs new file mode 100644 index 0000000000000..9bcd49092480b --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRecommendationsRestOperations.cs @@ -0,0 +1,119 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Text.Json; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.Core.Pipeline; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + internal partial class GetRecommendationsRestOperations + { + private readonly TelemetryDetails _userAgent; + private readonly HttpPipeline _pipeline; + private readonly Uri _endpoint; + private readonly string _apiVersion; + + /// Initializes a new instance of GetRecommendationsRestOperations. + /// The HTTP pipeline for sending and receiving REST requests and responses. + /// The application id to use for user agent. + /// server parameter. + /// Api Version. + /// or is null. + public GetRecommendationsRestOperations(HttpPipeline pipeline, string applicationId, Uri endpoint = null, string apiVersion = default) + { + _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); + _endpoint = endpoint ?? new Uri("https://management.azure.com"); + _apiVersion = apiVersion ?? "2022-11-01-preview"; + _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); + } + + internal HttpMessage CreateListRequest(string subscriptionId, string resourceGroupName, string workspaceName) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Get; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/recommendations", false); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + _userAgent.Apply(message); + return message; + } + + /// Gets a list of all recommendations. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// The cancellation token to use. + /// , or is null. + /// , or is an empty string, and was expected to be non-empty. + public async Task> ListAsync(string subscriptionId, string resourceGroupName, string workspaceName, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + using var message = CreateListRequest(subscriptionId, resourceGroupName, workspaceName); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 200: + { + RecommendationList value = default; + using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); + value = RecommendationList.DeserializeRecommendationList(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + + /// Gets a list of all recommendations. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// The cancellation token to use. + /// , or is null. + /// , or is an empty string, and was expected to be non-empty. + public Response List(string subscriptionId, string resourceGroupName, string workspaceName, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + using var message = CreateListRequest(subscriptionId, resourceGroupName, workspaceName); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 200: + { + RecommendationList value = default; + using var document = JsonDocument.Parse(message.Response.ContentStream); + value = RecommendationList.DeserializeRecommendationList(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRestOperations.cs new file mode 100644 index 0000000000000..df81c6c1860fe --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRestOperations.cs @@ -0,0 +1,122 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Text.Json; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.Core.Pipeline; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + internal partial class GetRestOperations + { + private readonly TelemetryDetails _userAgent; + private readonly HttpPipeline _pipeline; + private readonly Uri _endpoint; + private readonly string _apiVersion; + + /// Initializes a new instance of GetRestOperations. + /// The HTTP pipeline for sending and receiving REST requests and responses. + /// The application id to use for user agent. + /// server parameter. + /// Api Version. + /// or is null. + public GetRestOperations(HttpPipeline pipeline, string applicationId, Uri endpoint = null, string apiVersion = default) + { + _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); + _endpoint = endpoint ?? new Uri("https://management.azure.com"); + _apiVersion = apiVersion ?? "2022-11-01-preview"; + _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); + } + + internal HttpMessage CreateSingleRecommendationRequest(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Get; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/recommendations/", false); + uri.AppendPath(recommendationId, true); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + _userAgent.Apply(message); + return message; + } + + /// Gets a recommendation by its id. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + /// , or is null. + /// , or is an empty string, and was expected to be non-empty. + public async Task> SingleRecommendationAsync(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + using var message = CreateSingleRecommendationRequest(subscriptionId, resourceGroupName, workspaceName, recommendationId); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 200: + { + Recommendation value = default; + using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); + value = Recommendation.DeserializeRecommendation(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + + /// Gets a recommendation by its id. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + /// , or is null. + /// , or is an empty string, and was expected to be non-empty. + public Response SingleRecommendation(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + using var message = CreateSingleRecommendationRequest(subscriptionId, resourceGroupName, workspaceName, recommendationId); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 200: + { + Recommendation value = default; + using var document = JsonDocument.Parse(message.Response.ContentStream); + value = Recommendation.DeserializeRecommendation(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs index 573ab7b8075c1..7b3c663d0fb2f 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs @@ -33,7 +33,7 @@ public IPGeodataRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs index d32e7c9d87e19..b0fc965998c60 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs @@ -33,7 +33,7 @@ public IncidentCommentsRestOperations(HttpPipeline pipeline, string applicationI { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs index 107cc625a17fe..4ce2bfc5a6137 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs @@ -33,7 +33,7 @@ public IncidentRelationsRestOperations(HttpPipeline pipeline, string application { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs index a8b5195fcb039..a3a9f9450e66d 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs @@ -33,7 +33,7 @@ public IncidentsRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs index a4c4d98537f3d..a87e6c0336cf1 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs @@ -33,7 +33,7 @@ public MetadataRestOperations(HttpPipeline pipeline, string applicationId, Uri e { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs index 902e11899ceb7..8816c2ae79047 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs @@ -33,7 +33,7 @@ public OfficeConsentsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs index b8db7c6fd1778..30a7152bd005d 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs @@ -33,7 +33,7 @@ public ProductSettingsRestOperations(HttpPipeline pipeline, string applicationId { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs index c8d5b60a3910d..fabba61671724 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs @@ -33,7 +33,7 @@ public SecurityMLAnalyticsSettingsRestOperations(HttpPipeline pipeline, string a { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs index 523a58771d9b9..c7c491e73a741 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs @@ -33,7 +33,7 @@ public SentinelOnboardingStatesRestOperations(HttpPipeline pipeline, string appl { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs index 18399fb858753..7000b58a579e3 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs @@ -33,7 +33,7 @@ public SourceControlRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs index b06f8d2375350..c970c6bd4aa9a 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs @@ -33,7 +33,7 @@ public SourceControlsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs index 6a0fe5741fe72..3168c296535f0 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs @@ -33,7 +33,7 @@ public ThreatIntelligenceIndicatorsRestOperations(HttpPipeline pipeline, string { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/UpdateRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/UpdateRestOperations.cs new file mode 100644 index 0000000000000..77ea7bc0a4644 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/UpdateRestOperations.cs @@ -0,0 +1,125 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Collections.Generic; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.Core.Pipeline; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + internal partial class UpdateRestOperations + { + private readonly TelemetryDetails _userAgent; + private readonly HttpPipeline _pipeline; + private readonly Uri _endpoint; + private readonly string _apiVersion; + + /// Initializes a new instance of UpdateRestOperations. + /// The HTTP pipeline for sending and receiving REST requests and responses. + /// The application id to use for user agent. + /// server parameter. + /// Api Version. + /// or is null. + public UpdateRestOperations(HttpPipeline pipeline, string applicationId, Uri endpoint = null, string apiVersion = default) + { + _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); + _endpoint = endpoint ?? new Uri("https://management.azure.com"); + _apiVersion = apiVersion ?? "2022-11-01-preview"; + _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); + } + + internal HttpMessage CreateRecommendationRequest(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, IEnumerable patch) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Patch; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/recommendations/", false); + uri.AppendPath(recommendationId, true); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + request.Headers.Add("Content-Type", "application/json"); + var content = new Utf8JsonRequestContent(); + content.JsonWriter.WriteStartArray(); + foreach (var item in patch) + { + content.JsonWriter.WriteObjectValue(item); + } + content.JsonWriter.WriteEndArray(); + request.Content = content; + _userAgent.Apply(message); + return message; + } + + /// Patch a recommendation. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + /// , , or is null. + /// , or is an empty string, and was expected to be non-empty. + public async Task RecommendationAsync(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNull(patch, nameof(patch)); + + using var message = CreateRecommendationRequest(subscriptionId, resourceGroupName, workspaceName, recommendationId, patch); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 202: + return message.Response; + default: + throw new RequestFailedException(message.Response); + } + } + + /// Patch a recommendation. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + /// , , or is null. + /// , or is an empty string, and was expected to be non-empty. + public Response Recommendation(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNull(patch, nameof(patch)); + + using var message = CreateRecommendationRequest(subscriptionId, resourceGroupName, workspaceName, recommendationId, patch); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 202: + return message.Response; + default: + throw new RequestFailedException(message.Response); + } + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs index 7ddb2f8caf956..988ba126e5277 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs @@ -33,7 +33,7 @@ public WatchlistItemsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs index f09f5874f0d9c..1452a3941f435 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs @@ -33,7 +33,7 @@ public WatchlistsRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-11-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md index 39d8e521580ae..e4560b7bf906b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md @@ -9,7 +9,7 @@ csharp: true library-name: SecurityInsights namespace: Azure.ResourceManager.SecurityInsights # default tag is a preview version -require: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/securityinsights/resource-manager/readme.md +require: /mnt/vss/_work/1/s/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md output-folder: $(this-folder)/Generated clear-output-folder: true skip-csproj: true