diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs index ed3ecb1ea90d7..518454d904987 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/api/Azure.ResourceManager.SecurityInsights.netstandard2.0.cs @@ -509,8 +509,8 @@ protected IncidentResource() { } public virtual Azure.ResourceManager.SecurityInsights.IncidentData Data { get { throw null; } } public virtual bool HasData { get { throw null; } } public static Azure.Core.ResourceIdentifier CreateResourceIdentifier(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId) { throw null; } - public virtual Azure.Response CreateTeam(Azure.ResourceManager.SecurityInsights.Models.TeamProperties teamProperties, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } - public virtual System.Threading.Tasks.Task> CreateTeamAsync(Azure.ResourceManager.SecurityInsights.Models.TeamProperties teamProperties, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.Response CreateTeam(Azure.ResourceManager.SecurityInsights.Models.TeamInformation teamProperties, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task> CreateTeamAsync(Azure.ResourceManager.SecurityInsights.Models.TeamInformation teamProperties, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual Azure.ResourceManager.ArmOperation Delete(Azure.WaitUntil waitUntil, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual System.Threading.Tasks.Task DeleteAsync(Azure.WaitUntil waitUntil, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual Azure.Response Get(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } @@ -527,11 +527,55 @@ protected IncidentResource() { } public virtual Azure.Response GetIncidentRelation(string relationName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual System.Threading.Tasks.Task> GetIncidentRelationAsync(string relationName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual Azure.ResourceManager.SecurityInsights.IncidentRelationCollection GetIncidentRelations() { throw null; } + public virtual Azure.Response GetIncidentTask(string incidentTaskId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task> GetIncidentTaskAsync(string incidentTaskId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.ResourceManager.SecurityInsights.IncidentTaskCollection GetIncidentTasks() { throw null; } public virtual Azure.Response RunPlaybook(Azure.ResourceManager.SecurityInsights.Models.ManualTriggerRequestBody requestBody = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual System.Threading.Tasks.Task> RunPlaybookAsync(Azure.ResourceManager.SecurityInsights.Models.ManualTriggerRequestBody requestBody = null, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual Azure.ResourceManager.ArmOperation Update(Azure.WaitUntil waitUntil, Azure.ResourceManager.SecurityInsights.IncidentData data, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public virtual System.Threading.Tasks.Task> UpdateAsync(Azure.WaitUntil waitUntil, Azure.ResourceManager.SecurityInsights.IncidentData data, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } } + public partial class IncidentTaskCollection : Azure.ResourceManager.ArmCollection, System.Collections.Generic.IAsyncEnumerable, System.Collections.Generic.IEnumerable, System.Collections.IEnumerable + { + protected IncidentTaskCollection() { } + public virtual Azure.ResourceManager.ArmOperation CreateOrUpdate(Azure.WaitUntil waitUntil, string incidentTaskId, Azure.ResourceManager.SecurityInsights.IncidentTaskData data, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task> CreateOrUpdateAsync(Azure.WaitUntil waitUntil, string incidentTaskId, Azure.ResourceManager.SecurityInsights.IncidentTaskData data, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.Response Exists(string incidentTaskId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task> ExistsAsync(string incidentTaskId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.Response Get(string incidentTaskId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.Pageable GetAll(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.AsyncPageable GetAllAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task> GetAsync(string incidentTaskId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + System.Collections.Generic.IAsyncEnumerator System.Collections.Generic.IAsyncEnumerable.GetAsyncEnumerator(System.Threading.CancellationToken cancellationToken) { throw null; } + System.Collections.Generic.IEnumerator System.Collections.Generic.IEnumerable.GetEnumerator() { throw null; } + System.Collections.IEnumerator System.Collections.IEnumerable.GetEnumerator() { throw null; } + } + public partial class IncidentTaskData : Azure.ResourceManager.Models.ResourceData + { + public IncidentTaskData(string title, Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus status) { } + public Azure.ResourceManager.SecurityInsights.Models.ClientInfo CreatedBy { get { throw null; } set { } } + public System.DateTimeOffset? CreatedTimeUtc { get { throw null; } } + public string Description { get { throw null; } set { } } + public Azure.ETag? ETag { get { throw null; } set { } } + public Azure.ResourceManager.SecurityInsights.Models.ClientInfo LastModifiedBy { get { throw null; } set { } } + public System.DateTimeOffset? LastModifiedTimeUtc { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus Status { get { throw null; } set { } } + public string Title { get { throw null; } set { } } + } + public partial class IncidentTaskResource : Azure.ResourceManager.ArmResource + { + public static readonly Azure.Core.ResourceType ResourceType; + protected IncidentTaskResource() { } + public virtual Azure.ResourceManager.SecurityInsights.IncidentTaskData Data { get { throw null; } } + public virtual bool HasData { get { throw null; } } + public static Azure.Core.ResourceIdentifier CreateResourceIdentifier(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId) { throw null; } + public virtual Azure.ResourceManager.ArmOperation Delete(Azure.WaitUntil waitUntil, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task DeleteAsync(Azure.WaitUntil waitUntil, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.Response Get(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task> GetAsync(System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual Azure.ResourceManager.ArmOperation Update(Azure.WaitUntil waitUntil, Azure.ResourceManager.SecurityInsights.IncidentTaskData data, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public virtual System.Threading.Tasks.Task> UpdateAsync(Azure.WaitUntil waitUntil, Azure.ResourceManager.SecurityInsights.IncidentTaskData data, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + } public partial class MetadataModelCollection : Azure.ResourceManager.ArmCollection, System.Collections.Generic.IAsyncEnumerable, System.Collections.Generic.IEnumerable, System.Collections.IEnumerable { protected MetadataModelCollection() { } @@ -703,12 +747,15 @@ public static partial class SecurityInsightsExtensions public static System.Threading.Tasks.Task> GetFileImportAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, string fileImportId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.ResourceManager.SecurityInsights.FileImportResource GetFileImportResource(this Azure.ResourceManager.ArmClient client, Azure.Core.ResourceIdentifier id) { throw null; } public static Azure.ResourceManager.SecurityInsights.FileImportCollection GetFileImports(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName) { throw null; } + public static Azure.Pageable GetGetRecommendations(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static Azure.AsyncPageable GetGetRecommendationsAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.Response GetIncident(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, string incidentId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static System.Threading.Tasks.Task> GetIncidentAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, string incidentId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.ResourceManager.SecurityInsights.IncidentCommentResource GetIncidentCommentResource(this Azure.ResourceManager.ArmClient client, Azure.Core.ResourceIdentifier id) { throw null; } public static Azure.ResourceManager.SecurityInsights.IncidentRelationResource GetIncidentRelationResource(this Azure.ResourceManager.ArmClient client, Azure.Core.ResourceIdentifier id) { throw null; } public static Azure.ResourceManager.SecurityInsights.IncidentResource GetIncidentResource(this Azure.ResourceManager.ArmClient client, Azure.Core.ResourceIdentifier id) { throw null; } public static Azure.ResourceManager.SecurityInsights.IncidentCollection GetIncidents(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName) { throw null; } + public static Azure.ResourceManager.SecurityInsights.IncidentTaskResource GetIncidentTaskResource(this Azure.ResourceManager.ArmClient client, Azure.Core.ResourceIdentifier id) { throw null; } public static Azure.Response GetIPGeodatum(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string ipAddress, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static System.Threading.Tasks.Task> GetIPGeodatumAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string ipAddress, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.Response GetMetadataModel(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, string metadataName, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } @@ -756,6 +803,10 @@ public static partial class SecurityInsightsExtensions public static System.Threading.Tasks.Task> PostDataConnectorsCheckRequirementAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, Azure.ResourceManager.SecurityInsights.Models.DataConnectorsCheckRequirements dataConnectorsCheckRequirements, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.Pageable QueryThreatIntelligenceIndicators(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, Azure.ResourceManager.SecurityInsights.Models.ThreatIntelligenceFilteringCriteria threatIntelligenceFilteringCriteria, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } public static Azure.AsyncPageable QueryThreatIntelligenceIndicatorsAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, Azure.ResourceManager.SecurityInsights.Models.ThreatIntelligenceFilteringCriteria threatIntelligenceFilteringCriteria, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static Azure.ResourceManager.ArmOperation RecommendationUpdate(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, Azure.WaitUntil waitUntil, string workspaceName, System.Guid recommendationId, System.Collections.Generic.IEnumerable patch, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static System.Threading.Tasks.Task> RecommendationUpdateAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, Azure.WaitUntil waitUntil, string workspaceName, System.Guid recommendationId, System.Collections.Generic.IEnumerable patch, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static Azure.Response SingleRecommendationGet(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, System.Guid recommendationId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } + public static System.Threading.Tasks.Task> SingleRecommendationGetAsync(this Azure.ResourceManager.Resources.ResourceGroupResource resourceGroupResource, string workspaceName, System.Guid recommendationId, System.Threading.CancellationToken cancellationToken = default(System.Threading.CancellationToken)) { throw null; } } public partial class SecurityMLAnalyticsSettingCollection : Azure.ResourceManager.ArmCollection, System.Collections.Generic.IAsyncEnumerable, System.Collections.Generic.IEnumerable, System.Collections.IEnumerable { @@ -1178,6 +1229,12 @@ internal ActivityTimelineItem() { } public string QueryId { get { throw null; } } public string Title { get { throw null; } } } + public partial class AddIncidentTaskActionProperties + { + public AddIncidentTaskActionProperties(string title) { } + public string Description { get { throw null; } set { } } + public string Title { get { throw null; } set { } } + } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct AlertDetail : System.IEquatable { @@ -1201,9 +1258,41 @@ public partial class AlertDetailsOverride public AlertDetailsOverride() { } public string AlertDescriptionFormat { get { throw null; } set { } } public string AlertDisplayNameFormat { get { throw null; } set { } } + public System.Collections.Generic.IList AlertDynamicProperties { get { throw null; } } public string AlertSeverityColumnName { get { throw null; } set { } } public string AlertTacticsColumnName { get { throw null; } set { } } } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AlertProperty : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AlertProperty(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty AlertLink { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ConfidenceLevel { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ConfidenceScore { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ExtendedLinks { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ProductComponentName { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ProductName { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty ProviderName { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty RemediationSteps { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AlertProperty Techniques { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AlertProperty other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AlertProperty left, Azure.ResourceManager.SecurityInsights.Models.AlertProperty right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AlertProperty (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AlertProperty left, Azure.ResourceManager.SecurityInsights.Models.AlertProperty right) { throw null; } + public override string ToString() { throw null; } + } + public partial class AlertPropertyMapping + { + public AlertPropertyMapping() { } + public Azure.ResourceManager.SecurityInsights.Models.AlertProperty? AlertProperty { get { throw null; } set { } } + public string Value { get { throw null; } set { } } + } public partial class AlertRuleTemplateDataSource { public AlertRuleTemplateDataSource() { } @@ -1358,6 +1447,35 @@ public abstract partial class AutomationRuleAction protected AutomationRuleAction(int order) { } public int Order { get { throw null; } set { } } } + public partial class AutomationRuleAddIncidentTaskAction : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleAction + { + public AutomationRuleAddIncidentTaskAction(int order) : base (default(int)) { } + public Azure.ResourceManager.SecurityInsights.Models.AddIncidentTaskActionProperties ActionConfiguration { get { throw null; } set { } } + } + public partial class AutomationRuleBooleanCondition + { + public AutomationRuleBooleanCondition() { } + public System.Collections.Generic.IList InnerConditions { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator? Operator { get { throw null; } set { } } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AutomationRuleBooleanConditionSupportedOperator : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AutomationRuleBooleanConditionSupportedOperator(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator And { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator Or { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator left, Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator left, Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanConditionSupportedOperator right) { throw null; } + public override string ToString() { throw null; } + } public abstract partial class AutomationRuleCondition { protected AutomationRuleCondition() { } @@ -1411,6 +1529,48 @@ public AutomationRulePropertyArrayChangedValuesCondition() { } public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayChangedConditionSupportedChangeType? ChangeType { get { throw null; } set { } } } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayConditionType : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AutomationRulePropertyArrayConditionSupportedArrayConditionType(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType AnyItem { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType right) { throw null; } + public override string ToString() { throw null; } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayType : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public AutomationRulePropertyArrayConditionSupportedArrayType(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType CustomDetails { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType CustomDetailValues { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType left, Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType right) { throw null; } + public override string ToString() { throw null; } + } + public partial class AutomationRulePropertyArrayValuesCondition + { + public AutomationRulePropertyArrayValuesCondition() { } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayConditionType? ArrayConditionType { get { throw null; } set { } } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayConditionSupportedArrayType? ArrayType { get { throw null; } set { } } + public System.Collections.Generic.IList ItemConditions { get { throw null; } } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct AutomationRulePropertyChangedConditionSupportedChangedType : System.IEquatable { private readonly object _dummy; @@ -1500,6 +1660,8 @@ public AutomationRulePropertyArrayChangedValuesCondition() { } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty HostNetBiosName { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty HostNTDomain { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty HostOSVersion { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsKey { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsValue { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentDescription { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentLabel { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentProviderName { get { throw null; } } @@ -1508,6 +1670,7 @@ public AutomationRulePropertyArrayChangedValuesCondition() { } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentStatus { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentTactics { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentTitle { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IncidentUpdatedBySource { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IoTDeviceId { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IoTDeviceModel { get { throw null; } } public static Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyConditionSupportedProperty IoTDeviceName { get { throw null; } } @@ -1666,13 +1829,39 @@ internal BookmarkTimelineItem() { } public string Notes { get { throw null; } } public System.DateTimeOffset? StartTimeUtc { get { throw null; } } } + public partial class BooleanConditionProperties : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleCondition + { + public BooleanConditionProperties() { } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRuleBooleanCondition ConditionProperties { get { throw null; } set { } } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct Category : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public Category(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.Category CostOptimization { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Category Demo { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Category NewFeature { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Category Onboarding { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Category SocEfficiency { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.Category other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.Category left, Azure.ResourceManager.SecurityInsights.Models.Category right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.Category (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.Category left, Azure.ResourceManager.SecurityInsights.Models.Category right) { throw null; } + public override string ToString() { throw null; } + } public partial class ClientInfo { - internal ClientInfo() { } - public string Email { get { throw null; } } - public string Name { get { throw null; } } - public System.Guid? ObjectId { get { throw null; } } - public string UserPrincipalName { get { throw null; } } + public ClientInfo() { } + public string Email { get { throw null; } set { } } + public string Name { get { throw null; } set { } } + public System.Guid? ObjectId { get { throw null; } set { } } + public string UserPrincipalName { get { throw null; } set { } } } public partial class CloudApplicationEntity : Azure.ResourceManager.SecurityInsights.EntityData { @@ -1886,6 +2075,12 @@ public ConnectorInstructionModelBase(Azure.ResourceManager.SecurityInsights.Mode public System.BinaryData Parameters { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.SettingType SettingType { get { throw null; } set { } } } + public partial class Content + { + internal Content() { } + public string Description { get { throw null; } } + public string Title { get { throw null; } } + } public partial class ContentPathMap { public ContentPathMap() { } @@ -1910,6 +2105,26 @@ public ContentPathMap() { } public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.ContentType left, Azure.ResourceManager.SecurityInsights.Models.ContentType right) { throw null; } public override string ToString() { throw null; } } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct Context : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public Context(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.Context Analytics { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Context Incidents { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Context None { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Context Overview { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.Context other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.Context left, Azure.ResourceManager.SecurityInsights.Models.Context right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.Context (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.Context left, Azure.ResourceManager.SecurityInsights.Models.Context right) { throw null; } + public override string ToString() { throw null; } + } public partial class Customs : Azure.ResourceManager.SecurityInsights.Models.CustomsPermission { public Customs() { } @@ -2998,6 +3213,24 @@ public IncidentPropertiesAction() { } public override string ToString() { throw null; } } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct IncidentTaskStatus : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public IncidentTaskStatus(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus Completed { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus New { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus left, Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus left, Azure.ResourceManager.SecurityInsights.Models.IncidentTaskStatus right) { throw null; } + public override string ToString() { throw null; } + } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct IngestionMode : System.IEquatable { private readonly object _dummy; @@ -3084,6 +3317,13 @@ internal InsightsTableResultColumnsItem() { } public string InsightsTableResultColumnsItemType { get { throw null; } } public string Name { get { throw null; } } } + public partial class Instructions + { + internal Instructions() { } + public string ActionsToBePerformed { get { throw null; } } + public string HowToPerformActionDetails { get { throw null; } } + public string RecommendationImportance { get { throw null; } } + } public partial class InstructionSteps { public InstructionSteps() { } @@ -3259,8 +3499,8 @@ public MalwareEntity() { } } public partial class ManualTriggerRequestBody { - public ManualTriggerRequestBody() { } - public string LogicAppsResourceId { get { throw null; } set { } } + public ManualTriggerRequestBody(string logicAppsResourceId) { } + public string LogicAppsResourceId { get { throw null; } } public System.Guid? TenantId { get { throw null; } set { } } } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] @@ -3496,9 +3736,11 @@ public NrtAlertRule() { } public string DisplayName { get { throw null; } set { } } public bool? Enabled { get { throw null; } set { } } public System.Collections.Generic.IList EntityMappings { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? EventGroupingAggregationKind { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.IncidentConfiguration IncidentConfiguration { get { throw null; } set { } } public System.DateTimeOffset? LastModifiedUtc { get { throw null; } } public string Query { get { throw null; } set { } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public System.TimeSpan? SuppressionDuration { get { throw null; } set { } } public bool? SuppressionEnabled { get { throw null; } set { } } @@ -3516,9 +3758,11 @@ public NrtAlertRuleTemplate() { } public string Description { get { throw null; } set { } } public string DisplayName { get { throw null; } set { } } public System.Collections.Generic.IList EntityMappings { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.EventGroupingAggregationKind? EventGroupingAggregationKind { get { throw null; } set { } } public System.DateTimeOffset? LastUpdatedDateUTC { get { throw null; } } public string Query { get { throw null; } set { } } public System.Collections.Generic.IList RequiredDataConnectors { get { throw null; } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.TemplateStatus? Status { get { throw null; } set { } } public System.Collections.Generic.IList Tactics { get { throw null; } } @@ -3700,6 +3944,25 @@ public PlaybookActionProperties() { } public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.PollingFrequency left, Azure.ResourceManager.SecurityInsights.Models.PollingFrequency right) { throw null; } public override string ToString() { throw null; } } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct Priority : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public Priority(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.Priority High { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Priority Low { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.Priority Medium { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.Priority other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.Priority left, Azure.ResourceManager.SecurityInsights.Models.Priority right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.Priority (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.Priority left, Azure.ResourceManager.SecurityInsights.Models.Priority right) { throw null; } + public override string ToString() { throw null; } + } public partial class ProcessEntity : Azure.ResourceManager.SecurityInsights.EntityData { public ProcessEntity() { } @@ -3720,6 +3983,11 @@ public partial class PropertyArrayChangedConditionProperties : Azure.ResourceMan public PropertyArrayChangedConditionProperties() { } public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayChangedValuesCondition ConditionProperties { get { throw null; } set { } } } + public partial class PropertyArrayConditionProperties : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleCondition + { + public PropertyArrayConditionProperties() { } + public Azure.ResourceManager.SecurityInsights.Models.AutomationRulePropertyArrayValuesCondition ConditionProperties { get { throw null; } set { } } + } public partial class PropertyChangedConditionProperties : Azure.ResourceManager.SecurityInsights.Models.AutomationRuleCondition { public PropertyChangedConditionProperties() { } @@ -3752,6 +4020,42 @@ public PropertyConditionProperties() { } public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.ProviderName left, Azure.ResourceManager.SecurityInsights.Models.ProviderName right) { throw null; } public override string ToString() { throw null; } } + public partial class Recommendation + { + internal Recommendation() { } + public System.Collections.Generic.IReadOnlyList Actions { get { throw null; } } + public System.Collections.Generic.IReadOnlyDictionary AdditionalProperties { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Category Category { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Content Content { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Context Context { get { throw null; } } + public string Description { get { throw null; } } + public System.DateTimeOffset? DisplayUntilTimeUtc { get { throw null; } } + public System.DateTimeOffset? HideUntilTimeUtc { get { throw null; } } + public System.Guid Id { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Instructions Instructions { get { throw null; } } + public System.DateTimeOffset LastEvaluatedTimeUtc { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Priority Priority { get { throw null; } } + public string RecommendationTypeId { get { throw null; } } + public string RecommendationTypeTitle { get { throw null; } } + public string ResourceId { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.State State { get { throw null; } } + public string Title { get { throw null; } } + public bool? Visible { get { throw null; } } + public System.Guid WorkspaceId { get { throw null; } } + } + public partial class RecommendationPatch + { + public RecommendationPatch() { } + public System.DateTimeOffset? HideUntilTimeUtc { get { throw null; } set { } } + public Azure.ResourceManager.SecurityInsights.Models.State? State { get { throw null; } set { } } + } + public partial class RecommendedAction + { + internal RecommendedAction() { } + public string LinkText { get { throw null; } } + public System.Uri LinkUri { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.Priority? State { get { throw null; } } + } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct RegistryHive : System.IEquatable { @@ -3900,6 +4204,7 @@ public ScheduledAlertRule() { } public string Query { get { throw null; } set { } } public System.TimeSpan? QueryFrequency { get { throw null; } set { } } public System.TimeSpan? QueryPeriod { get { throw null; } set { } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public System.TimeSpan? SuppressionDuration { get { throw null; } set { } } public bool? SuppressionEnabled { get { throw null; } set { } } @@ -3925,6 +4230,7 @@ public ScheduledAlertRuleTemplate() { } public System.TimeSpan? QueryFrequency { get { throw null; } set { } } public System.TimeSpan? QueryPeriod { get { throw null; } set { } } public System.Collections.Generic.IList RequiredDataConnectors { get { throw null; } } + public System.Collections.Generic.IList SentinelEntitiesMappings { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity? Severity { get { throw null; } set { } } public Azure.ResourceManager.SecurityInsights.Models.TemplateStatus? Status { get { throw null; } set { } } public System.Collections.Generic.IList Tactics { get { throw null; } } @@ -3978,9 +4284,11 @@ internal SecurityAlertTimelineItem() { } public string Description { get { throw null; } } public string DisplayName { get { throw null; } } public System.DateTimeOffset EndTimeUtc { get { throw null; } } + public Azure.ResourceManager.SecurityInsights.Models.KillChainIntent? Intent { get { throw null; } } public string ProductName { get { throw null; } } public Azure.ResourceManager.SecurityInsights.Models.AlertSeverity Severity { get { throw null; } } public System.DateTimeOffset StartTimeUtc { get { throw null; } } + public System.Collections.Generic.IReadOnlyList Techniques { get { throw null; } } public System.DateTimeOffset TimeGenerated { get { throw null; } } } public partial class SecurityGroupEntity : Azure.ResourceManager.SecurityInsights.EntityData @@ -4031,6 +4339,11 @@ public SecurityMLAnalyticsSettingsDataSource() { } public string ConnectorId { get { throw null; } set { } } public System.Collections.Generic.IList DataTypes { get { throw null; } } } + public partial class SentinelEntityMapping + { + public SentinelEntityMapping() { } + public string ColumnName { get { throw null; } set { } } + } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct SettingsStatus : System.IEquatable { @@ -4106,6 +4419,27 @@ public SecurityMLAnalyticsSettingsDataSource() { } public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.SourceType left, Azure.ResourceManager.SecurityInsights.Models.SourceType right) { throw null; } public override string ToString() { throw null; } } + [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] + public readonly partial struct State : System.IEquatable + { + private readonly object _dummy; + private readonly int _dummyPrimitive; + public State(string value) { throw null; } + public static Azure.ResourceManager.SecurityInsights.Models.State Active { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.State CompletedByAction { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.State CompletedByUser { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.State Disabled { get { throw null; } } + public static Azure.ResourceManager.SecurityInsights.Models.State Hidden { get { throw null; } } + public bool Equals(Azure.ResourceManager.SecurityInsights.Models.State other) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override bool Equals(object obj) { throw null; } + [System.ComponentModel.EditorBrowsableAttribute(System.ComponentModel.EditorBrowsableState.Never)] + public override int GetHashCode() { throw null; } + public static bool operator ==(Azure.ResourceManager.SecurityInsights.Models.State left, Azure.ResourceManager.SecurityInsights.Models.State right) { throw null; } + public static implicit operator Azure.ResourceManager.SecurityInsights.Models.State (string value) { throw null; } + public static bool operator !=(Azure.ResourceManager.SecurityInsights.Models.State left, Azure.ResourceManager.SecurityInsights.Models.State right) { throw null; } + public override string ToString() { throw null; } + } public partial class SubmissionMailEntity : Azure.ResourceManager.SecurityInsights.EntityData { public SubmissionMailEntity() { } @@ -4150,14 +4484,6 @@ public TeamInformation() { } public System.DateTimeOffset? TeamCreationTimeUtc { get { throw null; } } public string TeamId { get { throw null; } } } - public partial class TeamProperties - { - public TeamProperties(string teamName) { } - public System.Collections.Generic.IList GroupIds { get { throw null; } } - public System.Collections.Generic.IList MemberIds { get { throw null; } } - public string TeamDescription { get { throw null; } set { } } - public string TeamName { get { throw null; } } - } [System.Runtime.InteropServices.StructLayoutAttribute(System.Runtime.InteropServices.LayoutKind.Sequential)] public readonly partial struct TemplateStatus : System.IEquatable { diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/AutomationRuleData.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/AutomationRuleData.cs index 98320705447e9..c3d5e1fbb67bd 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/AutomationRuleData.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/AutomationRuleData.cs @@ -25,7 +25,7 @@ public partial class AutomationRuleData : ResourceData /// /// The actions to execute when the automation rule is triggered. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include and . + /// The available derived classes include , and . /// /// , or is null. public AutomationRuleData(string displayName, int order, AutomationRuleTriggeringLogic triggeringLogic, IEnumerable actions) @@ -51,7 +51,7 @@ public AutomationRuleData(string displayName, int order, AutomationRuleTriggerin /// /// The actions to execute when the automation rule is triggered. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include and . + /// The available derived classes include , and . /// /// The last time the automation rule was updated. /// The time the automation rule was created. @@ -80,7 +80,7 @@ internal AutomationRuleData(ResourceIdentifier id, string name, ResourceType res /// /// The actions to execute when the automation rule is triggered. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include and . + /// The available derived classes include , and . /// public IList Actions { get; } /// The last time the automation rule was updated. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/ResourceGroupResourceExtensionClient.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/ResourceGroupResourceExtensionClient.cs index e0a9b63ffcb61..9e2ce6fb729bd 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/ResourceGroupResourceExtensionClient.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/ResourceGroupResourceExtensionClient.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using System.Threading; using System.Threading.Tasks; using Azure; @@ -23,6 +24,12 @@ internal partial class ResourceGroupResourceExtensionClient : ArmResource private IPGeodataRestOperations _ipGeodataRestClient; private ClientDiagnostics _domainWhoisClientDiagnostics; private DomainWhoisRestOperations _domainWhoisRestClient; + private ClientDiagnostics _getRecommendationsClientDiagnostics; + private GetRecommendationsRestOperations _getRecommendationsRestClient; + private ClientDiagnostics _getClientDiagnostics; + private GetRestOperations _getRestClient; + private ClientDiagnostics _updateClientDiagnostics; + private UpdateRestOperations _updateRestClient; private ClientDiagnostics _sourceControlClientDiagnostics; private SourceControlRestOperations _sourceControlRestClient; private ClientDiagnostics _threatIntelligenceIndicatorClientDiagnostics; @@ -46,6 +53,12 @@ internal ResourceGroupResourceExtensionClient(ArmClient client, ResourceIdentifi private IPGeodataRestOperations IPGeodataRestClient => _ipGeodataRestClient ??= new IPGeodataRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); private ClientDiagnostics DomainWhoisClientDiagnostics => _domainWhoisClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); private DomainWhoisRestOperations DomainWhoisRestClient => _domainWhoisRestClient ??= new DomainWhoisRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); + private ClientDiagnostics GetRecommendationsClientDiagnostics => _getRecommendationsClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); + private GetRecommendationsRestOperations GetRecommendationsRestClient => _getRecommendationsRestClient ??= new GetRecommendationsRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); + private ClientDiagnostics GetClientDiagnostics => _getClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); + private GetRestOperations GetRestClient => _getRestClient ??= new GetRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); + private ClientDiagnostics UpdateClientDiagnostics => _updateClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); + private UpdateRestOperations UpdateRestClient => _updateRestClient ??= new UpdateRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); private ClientDiagnostics SourceControlClientDiagnostics => _sourceControlClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ProviderConstants.DefaultProviderNamespace, Diagnostics); private SourceControlRestOperations SourceControlRestClient => _sourceControlRestClient ??= new SourceControlRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint); private ClientDiagnostics ThreatIntelligenceIndicatorClientDiagnostics => _threatIntelligenceIndicatorClientDiagnostics ??= new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ThreatIntelligenceIndicatorResource.ResourceType.Namespace, Diagnostics); @@ -294,6 +307,168 @@ public virtual Response GetDomainWhoisInformation(string } } + /// + /// Gets a list of all recommendations. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations + /// Operation Id: GetRecommendations_List + /// + /// The name of the workspace. + /// The cancellation token to use. + /// An async collection of that may take multiple service requests to iterate over. + public virtual AsyncPageable GetGetRecommendationsAsync(string workspaceName, CancellationToken cancellationToken = default) + { + async Task> FirstPageFunc(int? pageSizeHint) + { + using var scope = GetRecommendationsClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.GetGetRecommendations"); + scope.Start(); + try + { + var response = await GetRecommendationsRestClient.ListAsync(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, cancellationToken: cancellationToken).ConfigureAwait(false); + return Page.FromValues(response.Value.Value, null, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + return PageableHelpers.CreateAsyncEnumerable(FirstPageFunc, null); + } + + /// + /// Gets a list of all recommendations. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations + /// Operation Id: GetRecommendations_List + /// + /// The name of the workspace. + /// The cancellation token to use. + /// A collection of that may take multiple service requests to iterate over. + public virtual Pageable GetGetRecommendations(string workspaceName, CancellationToken cancellationToken = default) + { + Page FirstPageFunc(int? pageSizeHint) + { + using var scope = GetRecommendationsClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.GetGetRecommendations"); + scope.Start(); + try + { + var response = GetRecommendationsRestClient.List(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, cancellationToken: cancellationToken); + return Page.FromValues(response.Value.Value, null, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + return PageableHelpers.CreateEnumerable(FirstPageFunc, null); + } + + /// + /// Gets a recommendation by its id. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Get_SingleRecommendation + /// + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + public virtual async Task> SingleRecommendationGetAsync(string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + using var scope = GetClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.SingleRecommendationGet"); + scope.Start(); + try + { + var response = await GetRestClient.SingleRecommendationAsync(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, cancellationToken).ConfigureAwait(false); + return response; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Gets a recommendation by its id. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Get_SingleRecommendation + /// + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + public virtual Response SingleRecommendationGet(string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + using var scope = GetClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.SingleRecommendationGet"); + scope.Start(); + try + { + var response = GetRestClient.SingleRecommendation(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, cancellationToken); + return response; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Patch a recommendation. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Update_Recommendation + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + public virtual async Task> RecommendationUpdateAsync(WaitUntil waitUntil, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + using var scope = UpdateClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.RecommendationUpdate"); + scope.Start(); + try + { + var response = await UpdateRestClient.RecommendationAsync(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, patch, cancellationToken).ConfigureAwait(false); + var operation = new SecurityInsightsArmOperation(new RecommendationOperationSource(), UpdateClientDiagnostics, Pipeline, UpdateRestClient.CreateRecommendationRequest(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, patch).Request, response, OperationFinalStateVia.Location); + if (waitUntil == WaitUntil.Completed) + await operation.WaitForCompletionAsync(cancellationToken).ConfigureAwait(false); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Patch a recommendation. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Update_Recommendation + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + public virtual ArmOperation RecommendationUpdate(WaitUntil waitUntil, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + using var scope = UpdateClientDiagnostics.CreateScope("ResourceGroupResourceExtensionClient.RecommendationUpdate"); + scope.Start(); + try + { + var response = UpdateRestClient.Recommendation(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, patch, cancellationToken); + var operation = new SecurityInsightsArmOperation(new RecommendationOperationSource(), UpdateClientDiagnostics, Pipeline, UpdateRestClient.CreateRecommendationRequest(Id.SubscriptionId, Id.ResourceGroupName, workspaceName, recommendationId, patch).Request, response, OperationFinalStateVia.Location); + if (waitUntil == WaitUntil.Completed) + operation.WaitForCompletion(cancellationToken); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + /// /// Gets a list of repositories metadata. /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/listRepositories diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/SecurityInsightsExtensions.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/SecurityInsightsExtensions.cs index 89517cfeb7f39..219e44b94f826 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/SecurityInsightsExtensions.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Extensions/SecurityInsightsExtensions.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using System.Threading; using System.Threading.Tasks; using Azure; @@ -933,6 +934,120 @@ public static Response GetDomainWhoisInformation(this Res return GetExtensionClient(resourceGroupResource).GetDomainWhoisInformation(domain, cancellationToken); } + /// + /// Gets a list of all recommendations. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations + /// Operation Id: GetRecommendations_List + /// + /// The instance the method will execute against. + /// The name of the workspace. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + /// An async collection of that may take multiple service requests to iterate over. + public static AsyncPageable GetGetRecommendationsAsync(this ResourceGroupResource resourceGroupResource, string workspaceName, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + return GetExtensionClient(resourceGroupResource).GetGetRecommendationsAsync(workspaceName, cancellationToken); + } + + /// + /// Gets a list of all recommendations. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations + /// Operation Id: GetRecommendations_List + /// + /// The instance the method will execute against. + /// The name of the workspace. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + /// A collection of that may take multiple service requests to iterate over. + public static Pageable GetGetRecommendations(this ResourceGroupResource resourceGroupResource, string workspaceName, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + return GetExtensionClient(resourceGroupResource).GetGetRecommendations(workspaceName, cancellationToken); + } + + /// + /// Gets a recommendation by its id. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Get_SingleRecommendation + /// + /// The instance the method will execute against. + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + public static async Task> SingleRecommendationGetAsync(this ResourceGroupResource resourceGroupResource, string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + return await GetExtensionClient(resourceGroupResource).SingleRecommendationGetAsync(workspaceName, recommendationId, cancellationToken).ConfigureAwait(false); + } + + /// + /// Gets a recommendation by its id. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Get_SingleRecommendation + /// + /// The instance the method will execute against. + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + public static Response SingleRecommendationGet(this ResourceGroupResource resourceGroupResource, string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + return GetExtensionClient(resourceGroupResource).SingleRecommendationGet(workspaceName, recommendationId, cancellationToken); + } + + /// + /// Patch a recommendation. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Update_Recommendation + /// + /// The instance the method will execute against. + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// or is null. + public static async Task> RecommendationUpdateAsync(this ResourceGroupResource resourceGroupResource, WaitUntil waitUntil, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNull(patch, nameof(patch)); + + return await GetExtensionClient(resourceGroupResource).RecommendationUpdateAsync(waitUntil, workspaceName, recommendationId, patch, cancellationToken).ConfigureAwait(false); + } + + /// + /// Patch a recommendation. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/recommendations/{recommendationId} + /// Operation Id: Update_Recommendation + /// + /// The instance the method will execute against. + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// or is null. + public static ArmOperation RecommendationUpdate(this ResourceGroupResource resourceGroupResource, WaitUntil waitUntil, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNull(patch, nameof(patch)); + + return GetExtensionClient(resourceGroupResource).RecommendationUpdate(waitUntil, workspaceName, recommendationId, patch, cancellationToken); + } + /// /// Gets a list of repositories metadata. /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/listRepositories @@ -1389,6 +1504,25 @@ public static IncidentCommentResource GetIncidentCommentResource(this ArmClient } #endregion + #region IncidentTaskResource + /// + /// Gets an object representing an along with the instance operations that can be performed on it but with no data. + /// You can use to create an from its components. + /// + /// The instance the method will execute against. + /// The resource ID of the resource to get. + /// Returns a object. + public static IncidentTaskResource GetIncidentTaskResource(this ArmClient client, ResourceIdentifier id) + { + return client.GetResourceClient(() => + { + IncidentTaskResource.ValidateResourceId(id); + return new IncidentTaskResource(client, id); + } + ); + } + #endregion + #region MetadataModelResource /// /// Gets an object representing a along with the instance operations that can be performed on it but with no data. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentCommentData.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentCommentData.cs index a3a7e74bb643d..1e7f775cc3f4c 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentCommentData.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentCommentData.cs @@ -26,26 +26,26 @@ public IncidentCommentData() /// The name. /// The resourceType. /// The systemData. + /// The comment message. /// The time the comment was created. /// The time the comment was updated. - /// The comment message. /// Describes the client that created the comment. /// Etag of the azure resource. - internal IncidentCommentData(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, DateTimeOffset? createdTimeUtc, DateTimeOffset? lastModifiedTimeUtc, string message, ClientInfo author, ETag? etag) : base(id, name, resourceType, systemData) + internal IncidentCommentData(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, string message, DateTimeOffset? createdTimeUtc, DateTimeOffset? lastModifiedTimeUtc, ClientInfo author, ETag? etag) : base(id, name, resourceType, systemData) { + Message = message; CreatedTimeUtc = createdTimeUtc; LastModifiedTimeUtc = lastModifiedTimeUtc; - Message = message; Author = author; ETag = etag; } + /// The comment message. + public string Message { get; set; } /// The time the comment was created. public DateTimeOffset? CreatedTimeUtc { get; } /// The time the comment was updated. public DateTimeOffset? LastModifiedTimeUtc { get; } - /// The comment message. - public string Message { get; set; } /// Describes the client that created the comment. public ClientInfo Author { get; } /// Etag of the azure resource. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentData.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentData.cs index 5f1eaedf35181..8703c3f9356ec 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentData.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentData.cs @@ -29,92 +29,92 @@ public IncidentData() /// The name. /// The resourceType. /// The systemData. - /// Additional data on the incident. + /// The title of the incident. + /// The description of the incident. + /// The severity of the incident. + /// The status of the incident. /// The reason the incident was closed. - /// Describes the reason the incident was closed. /// The classification reason the incident was closed with. - /// The time the incident was created. - /// The description of the incident. - /// The time of the first activity in the incident. - /// The deep-link url to the incident in Azure portal. - /// A sequential number. + /// Describes the reason the incident was closed. + /// Describes a user that the incident is assigned to. /// List of labels relevant to this incident. - /// The name of the source provider that generated the incident. - /// The incident ID assigned by the incident provider. + /// The time of the first activity in the incident. /// The time of the last activity in the incident. /// The last time the incident was updated. - /// Describes a user that the incident is assigned to. + /// The time the incident was created. + /// A sequential number. + /// Additional data on the incident. /// List of resource ids of Analytic rules related to the incident. - /// The severity of the incident. - /// The status of the incident. + /// The deep-link url to the incident in Azure portal. + /// The name of the source provider that generated the incident. + /// The incident ID assigned by the incident provider. /// Describes a team for the incident. - /// The title of the incident. /// Etag of the azure resource. - internal IncidentData(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, IncidentAdditionalData additionalData, IncidentClassification? classification, string classificationComment, IncidentClassificationReason? classificationReason, DateTimeOffset? createdTimeUtc, string description, DateTimeOffset? firstActivityTimeUtc, Uri incidentUri, int? incidentNumber, IList labels, string providerName, string providerIncidentId, DateTimeOffset? lastActivityTimeUtc, DateTimeOffset? lastModifiedTimeUtc, IncidentOwnerInfo owner, IReadOnlyList relatedAnalyticRuleIds, IncidentSeverity? severity, IncidentStatus? status, TeamInformation teamInformation, string title, ETag? etag) : base(id, name, resourceType, systemData) + internal IncidentData(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, string title, string description, IncidentSeverity? severity, IncidentStatus? status, IncidentClassification? classification, IncidentClassificationReason? classificationReason, string classificationComment, IncidentOwnerInfo owner, IList labels, DateTimeOffset? firstActivityTimeUtc, DateTimeOffset? lastActivityTimeUtc, DateTimeOffset? lastModifiedTimeUtc, DateTimeOffset? createdTimeUtc, int? incidentNumber, IncidentAdditionalData additionalData, IReadOnlyList relatedAnalyticRuleIds, Uri incidentUri, string providerName, string providerIncidentId, TeamInformation teamInformation, ETag? etag) : base(id, name, resourceType, systemData) { - AdditionalData = additionalData; + Title = title; + Description = description; + Severity = severity; + Status = status; Classification = classification; - ClassificationComment = classificationComment; ClassificationReason = classificationReason; - CreatedTimeUtc = createdTimeUtc; - Description = description; - FirstActivityTimeUtc = firstActivityTimeUtc; - IncidentUri = incidentUri; - IncidentNumber = incidentNumber; + ClassificationComment = classificationComment; + Owner = owner; Labels = labels; - ProviderName = providerName; - ProviderIncidentId = providerIncidentId; + FirstActivityTimeUtc = firstActivityTimeUtc; LastActivityTimeUtc = lastActivityTimeUtc; LastModifiedTimeUtc = lastModifiedTimeUtc; - Owner = owner; + CreatedTimeUtc = createdTimeUtc; + IncidentNumber = incidentNumber; + AdditionalData = additionalData; RelatedAnalyticRuleIds = relatedAnalyticRuleIds; - Severity = severity; - Status = status; + IncidentUri = incidentUri; + ProviderName = providerName; + ProviderIncidentId = providerIncidentId; TeamInformation = teamInformation; - Title = title; ETag = etag; } - /// Additional data on the incident. - public IncidentAdditionalData AdditionalData { get; } + /// The title of the incident. + public string Title { get; set; } + /// The description of the incident. + public string Description { get; set; } + /// The severity of the incident. + public IncidentSeverity? Severity { get; set; } + /// The status of the incident. + public IncidentStatus? Status { get; set; } /// The reason the incident was closed. public IncidentClassification? Classification { get; set; } - /// Describes the reason the incident was closed. - public string ClassificationComment { get; set; } /// The classification reason the incident was closed with. public IncidentClassificationReason? ClassificationReason { get; set; } - /// The time the incident was created. - public DateTimeOffset? CreatedTimeUtc { get; } - /// The description of the incident. - public string Description { get; set; } - /// The time of the first activity in the incident. - public DateTimeOffset? FirstActivityTimeUtc { get; set; } - /// The deep-link url to the incident in Azure portal. - public Uri IncidentUri { get; } - /// A sequential number. - public int? IncidentNumber { get; } + /// Describes the reason the incident was closed. + public string ClassificationComment { get; set; } + /// Describes a user that the incident is assigned to. + public IncidentOwnerInfo Owner { get; set; } /// List of labels relevant to this incident. public IList Labels { get; } - /// The name of the source provider that generated the incident. - public string ProviderName { get; set; } - /// The incident ID assigned by the incident provider. - public string ProviderIncidentId { get; set; } + /// The time of the first activity in the incident. + public DateTimeOffset? FirstActivityTimeUtc { get; set; } /// The time of the last activity in the incident. public DateTimeOffset? LastActivityTimeUtc { get; set; } /// The last time the incident was updated. public DateTimeOffset? LastModifiedTimeUtc { get; } - /// Describes a user that the incident is assigned to. - public IncidentOwnerInfo Owner { get; set; } + /// The time the incident was created. + public DateTimeOffset? CreatedTimeUtc { get; } + /// A sequential number. + public int? IncidentNumber { get; } + /// Additional data on the incident. + public IncidentAdditionalData AdditionalData { get; } /// List of resource ids of Analytic rules related to the incident. public IReadOnlyList RelatedAnalyticRuleIds { get; } - /// The severity of the incident. - public IncidentSeverity? Severity { get; set; } - /// The status of the incident. - public IncidentStatus? Status { get; set; } + /// The deep-link url to the incident in Azure portal. + public Uri IncidentUri { get; } + /// The name of the source provider that generated the incident. + public string ProviderName { get; set; } + /// The incident ID assigned by the incident provider. + public string ProviderIncidentId { get; set; } /// Describes a team for the incident. public TeamInformation TeamInformation { get; set; } - /// The title of the incident. - public string Title { get; set; } /// Etag of the azure resource. public ETag? ETag { get; set; } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentResource.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentResource.cs index 455c0f639a035..37cffd20e79bf 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentResource.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentResource.cs @@ -162,6 +162,43 @@ public virtual Response GetIncidentComment(string incid return GetIncidentComments().Get(incidentCommentId, cancellationToken); } + /// Gets a collection of IncidentTaskResources in the Incident. + /// An object representing collection of IncidentTaskResources and their operations over a IncidentTaskResource. + public virtual IncidentTaskCollection GetIncidentTasks() + { + return GetCachedClient(Client => new IncidentTaskCollection(Client, Id)); + } + + /// + /// Gets an incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Get + /// + /// Incident task ID. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + [ForwardsClientCalls] + public virtual async Task> GetIncidentTaskAsync(string incidentTaskId, CancellationToken cancellationToken = default) + { + return await GetIncidentTasks().GetAsync(incidentTaskId, cancellationToken).ConfigureAwait(false); + } + + /// + /// Gets an incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Get + /// + /// Incident task ID. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + [ForwardsClientCalls] + public virtual Response GetIncidentTask(string incidentTaskId, CancellationToken cancellationToken = default) + { + return GetIncidentTasks().Get(incidentTaskId, cancellationToken); + } + /// /// Gets an incident. /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId} @@ -376,7 +413,7 @@ public virtual Response RunPlaybook(ManualTriggerRequestBody request /// Team properties. /// The cancellation token to use. /// is null. - public virtual async Task> CreateTeamAsync(TeamProperties teamProperties, CancellationToken cancellationToken = default) + public virtual async Task> CreateTeamAsync(TeamInformation teamProperties, CancellationToken cancellationToken = default) { Argument.AssertNotNull(teamProperties, nameof(teamProperties)); @@ -402,7 +439,7 @@ public virtual async Task> CreateTeamAsync(TeamPropert /// Team properties. /// The cancellation token to use. /// is null. - public virtual Response CreateTeam(TeamProperties teamProperties, CancellationToken cancellationToken = default) + public virtual Response CreateTeam(TeamInformation teamProperties, CancellationToken cancellationToken = default) { Argument.AssertNotNull(teamProperties, nameof(teamProperties)); diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentTaskCollection.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentTaskCollection.cs new file mode 100644 index 0000000000000..3c2cd2827037d --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentTaskCollection.cs @@ -0,0 +1,333 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Collections; +using System.Collections.Generic; +using System.Globalization; +using System.Linq; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.Core.Pipeline; +using Azure.ResourceManager; + +namespace Azure.ResourceManager.SecurityInsights +{ + /// + /// A class representing a collection of and their operations. + /// Each in the collection will belong to the same instance of . + /// To get an instance call the GetIncidentTasks method from an instance of . + /// + public partial class IncidentTaskCollection : ArmCollection, IEnumerable, IAsyncEnumerable + { + private readonly ClientDiagnostics _incidentTaskClientDiagnostics; + private readonly IncidentTasksRestOperations _incidentTaskRestClient; + + /// Initializes a new instance of the class for mocking. + protected IncidentTaskCollection() + { + } + + /// Initializes a new instance of the class. + /// The client parameters to use in these operations. + /// The identifier of the parent resource that is the target of operations. + internal IncidentTaskCollection(ArmClient client, ResourceIdentifier id) : base(client, id) + { + _incidentTaskClientDiagnostics = new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", IncidentTaskResource.ResourceType.Namespace, Diagnostics); + TryGetApiVersion(IncidentTaskResource.ResourceType, out string incidentTaskApiVersion); + _incidentTaskRestClient = new IncidentTasksRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint, incidentTaskApiVersion); +#if DEBUG + ValidateResourceId(Id); +#endif + } + + internal static void ValidateResourceId(ResourceIdentifier id) + { + if (id.ResourceType != IncidentResource.ResourceType) + throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, "Invalid resource type {0} expected {1}", id.ResourceType, IncidentResource.ResourceType), nameof(id)); + } + + /// + /// Creates or updates the incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_CreateOrUpdate + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// Incident task ID. + /// The incident task. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// or is null. + public virtual async Task> CreateOrUpdateAsync(WaitUntil waitUntil, string incidentTaskId, IncidentTaskData data, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + Argument.AssertNotNull(data, nameof(data)); + + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.CreateOrUpdate"); + scope.Start(); + try + { + var response = await _incidentTaskRestClient.CreateOrUpdateAsync(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, incidentTaskId, data, cancellationToken).ConfigureAwait(false); + var operation = new SecurityInsightsArmOperation(Response.FromValue(new IncidentTaskResource(Client, response), response.GetRawResponse())); + if (waitUntil == WaitUntil.Completed) + await operation.WaitForCompletionAsync(cancellationToken).ConfigureAwait(false); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Creates or updates the incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_CreateOrUpdate + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// Incident task ID. + /// The incident task. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// or is null. + public virtual ArmOperation CreateOrUpdate(WaitUntil waitUntil, string incidentTaskId, IncidentTaskData data, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + Argument.AssertNotNull(data, nameof(data)); + + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.CreateOrUpdate"); + scope.Start(); + try + { + var response = _incidentTaskRestClient.CreateOrUpdate(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, incidentTaskId, data, cancellationToken); + var operation = new SecurityInsightsArmOperation(Response.FromValue(new IncidentTaskResource(Client, response), response.GetRawResponse())); + if (waitUntil == WaitUntil.Completed) + operation.WaitForCompletion(cancellationToken); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Gets an incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Get + /// + /// Incident task ID. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + public virtual async Task> GetAsync(string incidentTaskId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.Get"); + scope.Start(); + try + { + var response = await _incidentTaskRestClient.GetAsync(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, incidentTaskId, cancellationToken).ConfigureAwait(false); + if (response.Value == null) + throw new RequestFailedException(response.GetRawResponse()); + return Response.FromValue(new IncidentTaskResource(Client, response.Value), response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Gets an incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Get + /// + /// Incident task ID. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + public virtual Response Get(string incidentTaskId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.Get"); + scope.Start(); + try + { + var response = _incidentTaskRestClient.Get(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, incidentTaskId, cancellationToken); + if (response.Value == null) + throw new RequestFailedException(response.GetRawResponse()); + return Response.FromValue(new IncidentTaskResource(Client, response.Value), response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Gets all incident tasks. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks + /// Operation Id: IncidentTasks_List + /// + /// The cancellation token to use. + /// An async collection of that may take multiple service requests to iterate over. + public virtual AsyncPageable GetAllAsync(CancellationToken cancellationToken = default) + { + async Task> FirstPageFunc(int? pageSizeHint) + { + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.GetAll"); + scope.Start(); + try + { + var response = await _incidentTaskRestClient.ListAsync(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, cancellationToken: cancellationToken).ConfigureAwait(false); + return Page.FromValues(response.Value.Value.Select(value => new IncidentTaskResource(Client, value)), response.Value.NextLink, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + async Task> NextPageFunc(string nextLink, int? pageSizeHint) + { + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.GetAll"); + scope.Start(); + try + { + var response = await _incidentTaskRestClient.ListNextPageAsync(nextLink, Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, cancellationToken: cancellationToken).ConfigureAwait(false); + return Page.FromValues(response.Value.Value.Select(value => new IncidentTaskResource(Client, value)), response.Value.NextLink, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + return PageableHelpers.CreateAsyncEnumerable(FirstPageFunc, NextPageFunc); + } + + /// + /// Gets all incident tasks. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks + /// Operation Id: IncidentTasks_List + /// + /// The cancellation token to use. + /// A collection of that may take multiple service requests to iterate over. + public virtual Pageable GetAll(CancellationToken cancellationToken = default) + { + Page FirstPageFunc(int? pageSizeHint) + { + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.GetAll"); + scope.Start(); + try + { + var response = _incidentTaskRestClient.List(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, cancellationToken: cancellationToken); + return Page.FromValues(response.Value.Value.Select(value => new IncidentTaskResource(Client, value)), response.Value.NextLink, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + Page NextPageFunc(string nextLink, int? pageSizeHint) + { + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.GetAll"); + scope.Start(); + try + { + var response = _incidentTaskRestClient.ListNextPage(nextLink, Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, cancellationToken: cancellationToken); + return Page.FromValues(response.Value.Value.Select(value => new IncidentTaskResource(Client, value)), response.Value.NextLink, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + return PageableHelpers.CreateEnumerable(FirstPageFunc, NextPageFunc); + } + + /// + /// Checks to see if the resource exists in azure. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Get + /// + /// Incident task ID. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + public virtual async Task> ExistsAsync(string incidentTaskId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.Exists"); + scope.Start(); + try + { + var response = await _incidentTaskRestClient.GetAsync(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, incidentTaskId, cancellationToken: cancellationToken).ConfigureAwait(false); + return Response.FromValue(response.Value != null, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Checks to see if the resource exists in azure. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Get + /// + /// Incident task ID. + /// The cancellation token to use. + /// is an empty string, and was expected to be non-empty. + /// is null. + public virtual Response Exists(string incidentTaskId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskCollection.Exists"); + scope.Start(); + try + { + var response = _incidentTaskRestClient.Get(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Name, Id.Name, incidentTaskId, cancellationToken: cancellationToken); + return Response.FromValue(response.Value != null, response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + IEnumerator IEnumerable.GetEnumerator() + { + return GetAll().GetEnumerator(); + } + + IEnumerator IEnumerable.GetEnumerator() + { + return GetAll().GetEnumerator(); + } + + IAsyncEnumerator IAsyncEnumerable.GetAsyncEnumerator(CancellationToken cancellationToken) + { + return GetAllAsync(cancellationToken: cancellationToken).GetAsyncEnumerator(cancellationToken); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentTaskData.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentTaskData.cs new file mode 100644 index 0000000000000..5b11929e17aa3 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentTaskData.cs @@ -0,0 +1,73 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using Azure; +using Azure.Core; +using Azure.ResourceManager.Models; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + /// A class representing the IncidentTask data model. + public partial class IncidentTaskData : ResourceData + { + /// Initializes a new instance of IncidentTaskData. + /// The title of the task. + /// + /// is null. + public IncidentTaskData(string title, IncidentTaskStatus status) + { + Argument.AssertNotNull(title, nameof(title)); + + Title = title; + Status = status; + } + + /// Initializes a new instance of IncidentTaskData. + /// The id. + /// The name. + /// The resourceType. + /// The systemData. + /// The title of the task. + /// The description of the task. + /// + /// The time the task was created. + /// The last time the task was updated. + /// Information on the client (user or application) that made some action. + /// Information on the client (user or application) that made some action. + /// Etag of the azure resource. + internal IncidentTaskData(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, string title, string description, IncidentTaskStatus status, DateTimeOffset? createdTimeUtc, DateTimeOffset? lastModifiedTimeUtc, ClientInfo createdBy, ClientInfo lastModifiedBy, ETag? etag) : base(id, name, resourceType, systemData) + { + Title = title; + Description = description; + Status = status; + CreatedTimeUtc = createdTimeUtc; + LastModifiedTimeUtc = lastModifiedTimeUtc; + CreatedBy = createdBy; + LastModifiedBy = lastModifiedBy; + ETag = etag; + } + + /// The title of the task. + public string Title { get; set; } + /// The description of the task. + public string Description { get; set; } + /// Gets or sets the status. + public IncidentTaskStatus Status { get; set; } + /// The time the task was created. + public DateTimeOffset? CreatedTimeUtc { get; } + /// The last time the task was updated. + public DateTimeOffset? LastModifiedTimeUtc { get; } + /// Information on the client (user or application) that made some action. + public ClientInfo CreatedBy { get; set; } + /// Information on the client (user or application) that made some action. + public ClientInfo LastModifiedBy { get; set; } + /// Etag of the azure resource. + public ETag? ETag { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentTaskResource.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentTaskResource.cs new file mode 100644 index 0000000000000..41bb352f24d89 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/IncidentTaskResource.cs @@ -0,0 +1,249 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Globalization; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.Core.Pipeline; +using Azure.ResourceManager; + +namespace Azure.ResourceManager.SecurityInsights +{ + /// + /// A Class representing an IncidentTask along with the instance operations that can be performed on it. + /// If you have a you can construct an + /// from an instance of using the GetIncidentTaskResource method. + /// Otherwise you can get one from its parent resource using the GetIncidentTask method. + /// + public partial class IncidentTaskResource : ArmResource + { + /// Generate the resource identifier of a instance. + public static ResourceIdentifier CreateResourceIdentifier(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId) + { + var resourceId = $"/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId}"; + return new ResourceIdentifier(resourceId); + } + + private readonly ClientDiagnostics _incidentTaskClientDiagnostics; + private readonly IncidentTasksRestOperations _incidentTaskRestClient; + private readonly IncidentTaskData _data; + + /// Initializes a new instance of the class for mocking. + protected IncidentTaskResource() + { + } + + /// Initializes a new instance of the class. + /// The client parameters to use in these operations. + /// The resource that is the target of operations. + internal IncidentTaskResource(ArmClient client, IncidentTaskData data) : this(client, data.Id) + { + HasData = true; + _data = data; + } + + /// Initializes a new instance of the class. + /// The client parameters to use in these operations. + /// The identifier of the resource that is the target of operations. + internal IncidentTaskResource(ArmClient client, ResourceIdentifier id) : base(client, id) + { + _incidentTaskClientDiagnostics = new ClientDiagnostics("Azure.ResourceManager.SecurityInsights", ResourceType.Namespace, Diagnostics); + TryGetApiVersion(ResourceType, out string incidentTaskApiVersion); + _incidentTaskRestClient = new IncidentTasksRestOperations(Pipeline, Diagnostics.ApplicationId, Endpoint, incidentTaskApiVersion); +#if DEBUG + ValidateResourceId(Id); +#endif + } + + /// Gets the resource type for the operations. + public static readonly ResourceType ResourceType = "Microsoft.SecurityInsights/incidents/tasks"; + + /// Gets whether or not the current instance has data. + public virtual bool HasData { get; } + + /// Gets the data representing this Feature. + /// Throws if there is no data loaded in the current instance. + public virtual IncidentTaskData Data + { + get + { + if (!HasData) + throw new InvalidOperationException("The current instance does not have data, you must call Get first."); + return _data; + } + } + + internal static void ValidateResourceId(ResourceIdentifier id) + { + if (id.ResourceType != ResourceType) + throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, "Invalid resource type {0} expected {1}", id.ResourceType, ResourceType), nameof(id)); + } + + /// + /// Gets an incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Get + /// + /// The cancellation token to use. + public virtual async Task> GetAsync(CancellationToken cancellationToken = default) + { + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskResource.Get"); + scope.Start(); + try + { + var response = await _incidentTaskRestClient.GetAsync(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Parent.Name, Id.Parent.Name, Id.Name, cancellationToken).ConfigureAwait(false); + if (response.Value == null) + throw new RequestFailedException(response.GetRawResponse()); + return Response.FromValue(new IncidentTaskResource(Client, response.Value), response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Gets an incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Get + /// + /// The cancellation token to use. + public virtual Response Get(CancellationToken cancellationToken = default) + { + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskResource.Get"); + scope.Start(); + try + { + var response = _incidentTaskRestClient.Get(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Parent.Name, Id.Parent.Name, Id.Name, cancellationToken); + if (response.Value == null) + throw new RequestFailedException(response.GetRawResponse()); + return Response.FromValue(new IncidentTaskResource(Client, response.Value), response.GetRawResponse()); + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Delete the incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Delete + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The cancellation token to use. + public virtual async Task DeleteAsync(WaitUntil waitUntil, CancellationToken cancellationToken = default) + { + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskResource.Delete"); + scope.Start(); + try + { + var response = await _incidentTaskRestClient.DeleteAsync(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Parent.Name, Id.Parent.Name, Id.Name, cancellationToken).ConfigureAwait(false); + var operation = new SecurityInsightsArmOperation(response); + if (waitUntil == WaitUntil.Completed) + await operation.WaitForCompletionResponseAsync(cancellationToken).ConfigureAwait(false); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Delete the incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_Delete + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The cancellation token to use. + public virtual ArmOperation Delete(WaitUntil waitUntil, CancellationToken cancellationToken = default) + { + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskResource.Delete"); + scope.Start(); + try + { + var response = _incidentTaskRestClient.Delete(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Parent.Name, Id.Parent.Name, Id.Name, cancellationToken); + var operation = new SecurityInsightsArmOperation(response); + if (waitUntil == WaitUntil.Completed) + operation.WaitForCompletionResponse(cancellationToken); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Creates or updates the incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_CreateOrUpdate + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The incident task. + /// The cancellation token to use. + /// is null. + public virtual async Task> UpdateAsync(WaitUntil waitUntil, IncidentTaskData data, CancellationToken cancellationToken = default) + { + Argument.AssertNotNull(data, nameof(data)); + + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskResource.Update"); + scope.Start(); + try + { + var response = await _incidentTaskRestClient.CreateOrUpdateAsync(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Parent.Name, Id.Parent.Name, Id.Name, data, cancellationToken).ConfigureAwait(false); + var operation = new SecurityInsightsArmOperation(Response.FromValue(new IncidentTaskResource(Client, response), response.GetRawResponse())); + if (waitUntil == WaitUntil.Completed) + await operation.WaitForCompletionAsync(cancellationToken).ConfigureAwait(false); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + + /// + /// Creates or updates the incident task. + /// Request Path: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/tasks/{incidentTaskId} + /// Operation Id: IncidentTasks_CreateOrUpdate + /// + /// if the method should wait to return until the long-running operation has completed on the service; if it should return after starting the operation. For more information on long-running operations, please see Azure.Core Long-Running Operation samples. + /// The incident task. + /// The cancellation token to use. + /// is null. + public virtual ArmOperation Update(WaitUntil waitUntil, IncidentTaskData data, CancellationToken cancellationToken = default) + { + Argument.AssertNotNull(data, nameof(data)); + + using var scope = _incidentTaskClientDiagnostics.CreateScope("IncidentTaskResource.Update"); + scope.Start(); + try + { + var response = _incidentTaskRestClient.CreateOrUpdate(Id.SubscriptionId, Id.ResourceGroupName, Id.Parent.Parent.Name, Id.Parent.Name, Id.Name, data, cancellationToken); + var operation = new SecurityInsightsArmOperation(Response.FromValue(new IncidentTaskResource(Client, response), response.GetRawResponse())); + if (waitUntil == WaitUntil.Completed) + operation.WaitForCompletion(cancellationToken); + return operation; + } + catch (Exception e) + { + scope.Failed(e); + throw; + } + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/LongRunningOperation/RecommendationOperationSource.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/LongRunningOperation/RecommendationOperationSource.cs new file mode 100644 index 0000000000000..9dfceef4ccb5b --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/LongRunningOperation/RecommendationOperationSource.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + internal class RecommendationOperationSource : IOperationSource + { + Recommendation IOperationSource.CreateResult(Response response, CancellationToken cancellationToken) + { + using var document = JsonDocument.Parse(response.ContentStream); + return Recommendation.DeserializeRecommendation(document.RootElement); + } + + async ValueTask IOperationSource.CreateResultAsync(Response response, CancellationToken cancellationToken) + { + using var document = await JsonDocument.ParseAsync(response.ContentStream, default, cancellationToken).ConfigureAwait(false); + return Recommendation.DeserializeRecommendation(document.RootElement); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ActionType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ActionType.cs index 6205fc6401834..08600d86e2587 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ActionType.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ActionType.cs @@ -24,11 +24,14 @@ public ActionType(string value) private const string ModifyPropertiesValue = "ModifyProperties"; private const string RunPlaybookValue = "RunPlaybook"; + private const string AddIncidentTaskValue = "AddIncidentTask"; /// Modify an object's properties. public static ActionType ModifyProperties { get; } = new ActionType(ModifyPropertiesValue); /// Run a playbook on an object. public static ActionType RunPlaybook { get; } = new ActionType(RunPlaybookValue); + /// Add a task to an incident object. + public static ActionType AddIncidentTask { get; } = new ActionType(AddIncidentTaskValue); /// Determines if two values are the same. public static bool operator ==(ActionType left, ActionType right) => left.Equals(right); /// Determines if two values are not the same. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AddIncidentTaskActionProperties.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AddIncidentTaskActionProperties.Serialization.cs new file mode 100644 index 0000000000000..5063bbf62dd54 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AddIncidentTaskActionProperties.Serialization.cs @@ -0,0 +1,48 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AddIncidentTaskActionProperties : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + writer.WritePropertyName("title"); + writer.WriteStringValue(Title); + if (Optional.IsDefined(Description)) + { + writer.WritePropertyName("description"); + writer.WriteStringValue(Description); + } + writer.WriteEndObject(); + } + + internal static AddIncidentTaskActionProperties DeserializeAddIncidentTaskActionProperties(JsonElement element) + { + string title = default; + Optional description = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("title")) + { + title = property.Value.GetString(); + continue; + } + if (property.NameEquals("description")) + { + description = property.Value.GetString(); + continue; + } + } + return new AddIncidentTaskActionProperties(title, description.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AddIncidentTaskActionProperties.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AddIncidentTaskActionProperties.cs new file mode 100644 index 0000000000000..9ea23f968d98d --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AddIncidentTaskActionProperties.cs @@ -0,0 +1,40 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AddIncidentTaskActionProperties. + public partial class AddIncidentTaskActionProperties + { + /// Initializes a new instance of AddIncidentTaskActionProperties. + /// The title of the task. + /// is null. + public AddIncidentTaskActionProperties(string title) + { + Argument.AssertNotNull(title, nameof(title)); + + Title = title; + } + + /// Initializes a new instance of AddIncidentTaskActionProperties. + /// The title of the task. + /// The description of the task. + internal AddIncidentTaskActionProperties(string title, string description) + { + Title = title; + Description = description; + } + + /// The title of the task. + public string Title { get; set; } + /// The description of the task. + public string Description { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs index 7fdbbec084deb..ec2168f270354 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.Serialization.cs @@ -5,6 +5,7 @@ #nullable disable +using System.Collections.Generic; using System.Text.Json; using Azure.Core; @@ -35,6 +36,16 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertSeverityColumnName"); writer.WriteStringValue(AlertSeverityColumnName); } + if (Optional.IsCollectionDefined(AlertDynamicProperties)) + { + writer.WritePropertyName("alertDynamicProperties"); + writer.WriteStartArray(); + foreach (var item in AlertDynamicProperties) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); } @@ -44,6 +55,7 @@ internal static AlertDetailsOverride DeserializeAlertDetailsOverride(JsonElement Optional alertDescriptionFormat = default; Optional alertTacticsColumnName = default; Optional alertSeverityColumnName = default; + Optional> alertDynamicProperties = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("alertDisplayNameFormat")) @@ -66,8 +78,23 @@ internal static AlertDetailsOverride DeserializeAlertDetailsOverride(JsonElement alertSeverityColumnName = property.Value.GetString(); continue; } + if (property.NameEquals("alertDynamicProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(AlertPropertyMapping.DeserializeAlertPropertyMapping(item)); + } + alertDynamicProperties = array; + continue; + } } - return new AlertDetailsOverride(alertDisplayNameFormat.Value, alertDescriptionFormat.Value, alertTacticsColumnName.Value, alertSeverityColumnName.Value); + return new AlertDetailsOverride(alertDisplayNameFormat.Value, alertDescriptionFormat.Value, alertTacticsColumnName.Value, alertSeverityColumnName.Value, Optional.ToList(alertDynamicProperties)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs index e461da5f89945..04c5d5f84ff9b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertDetailsOverride.cs @@ -5,6 +5,9 @@ #nullable disable +using System.Collections.Generic; +using Azure.Core; + namespace Azure.ResourceManager.SecurityInsights.Models { /// Settings for how to dynamically override alert static details. @@ -13,6 +16,7 @@ public partial class AlertDetailsOverride /// Initializes a new instance of AlertDetailsOverride. public AlertDetailsOverride() { + AlertDynamicProperties = new ChangeTrackingList(); } /// Initializes a new instance of AlertDetailsOverride. @@ -20,12 +24,14 @@ public AlertDetailsOverride() /// the format containing columns name(s) to override the alert description. /// the column name to take the alert tactics from. /// the column name to take the alert severity from. - internal AlertDetailsOverride(string alertDisplayNameFormat, string alertDescriptionFormat, string alertTacticsColumnName, string alertSeverityColumnName) + /// List of additional dynamic properties to override. + internal AlertDetailsOverride(string alertDisplayNameFormat, string alertDescriptionFormat, string alertTacticsColumnName, string alertSeverityColumnName, IList alertDynamicProperties) { AlertDisplayNameFormat = alertDisplayNameFormat; AlertDescriptionFormat = alertDescriptionFormat; AlertTacticsColumnName = alertTacticsColumnName; AlertSeverityColumnName = alertSeverityColumnName; + AlertDynamicProperties = alertDynamicProperties; } /// the format containing columns name(s) to override the alert name. @@ -36,5 +42,7 @@ internal AlertDetailsOverride(string alertDisplayNameFormat, string alertDescrip public string AlertTacticsColumnName { get; set; } /// the column name to take the alert severity from. public string AlertSeverityColumnName { get; set; } + /// List of additional dynamic properties to override. + public IList AlertDynamicProperties { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertProperty.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertProperty.cs new file mode 100644 index 0000000000000..5e60dba30a0b9 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertProperty.cs @@ -0,0 +1,72 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The V3 alert property. + public readonly partial struct AlertProperty : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AlertProperty(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AlertLinkValue = "AlertLink"; + private const string ConfidenceLevelValue = "ConfidenceLevel"; + private const string ConfidenceScoreValue = "ConfidenceScore"; + private const string ExtendedLinksValue = "ExtendedLinks"; + private const string ProductNameValue = "ProductName"; + private const string ProviderNameValue = "ProviderName"; + private const string ProductComponentNameValue = "ProductComponentName"; + private const string RemediationStepsValue = "RemediationSteps"; + private const string TechniquesValue = "Techniques"; + + /// Alert's link. + public static AlertProperty AlertLink { get; } = new AlertProperty(AlertLinkValue); + /// Confidence level property. + public static AlertProperty ConfidenceLevel { get; } = new AlertProperty(ConfidenceLevelValue); + /// Confidence score. + public static AlertProperty ConfidenceScore { get; } = new AlertProperty(ConfidenceScoreValue); + /// Extended links to the alert. + public static AlertProperty ExtendedLinks { get; } = new AlertProperty(ExtendedLinksValue); + /// Product name alert property. + public static AlertProperty ProductName { get; } = new AlertProperty(ProductNameValue); + /// Provider name alert property. + public static AlertProperty ProviderName { get; } = new AlertProperty(ProviderNameValue); + /// Product component name alert property. + public static AlertProperty ProductComponentName { get; } = new AlertProperty(ProductComponentNameValue); + /// Remediation steps alert property. + public static AlertProperty RemediationSteps { get; } = new AlertProperty(RemediationStepsValue); + /// Techniques alert property. + public static AlertProperty Techniques { get; } = new AlertProperty(TechniquesValue); + /// Determines if two values are the same. + public static bool operator ==(AlertProperty left, AlertProperty right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AlertProperty left, AlertProperty right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AlertProperty(string value) => new AlertProperty(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AlertProperty other && Equals(other); + /// + public bool Equals(AlertProperty other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.Serialization.cs new file mode 100644 index 0000000000000..2d51e09e0af6a --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.Serialization.cs @@ -0,0 +1,56 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AlertPropertyMapping : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(AlertProperty)) + { + writer.WritePropertyName("alertProperty"); + writer.WriteStringValue(AlertProperty.Value.ToString()); + } + if (Optional.IsDefined(Value)) + { + writer.WritePropertyName("value"); + writer.WriteStringValue(Value); + } + writer.WriteEndObject(); + } + + internal static AlertPropertyMapping DeserializeAlertPropertyMapping(JsonElement element) + { + Optional alertProperty = default; + Optional value = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("alertProperty")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + alertProperty = new AlertProperty(property.Value.GetString()); + continue; + } + if (property.NameEquals("value")) + { + value = property.Value.GetString(); + continue; + } + } + return new AlertPropertyMapping(Optional.ToNullable(alertProperty), value.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.cs new file mode 100644 index 0000000000000..34e379b8cadef --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AlertPropertyMapping.cs @@ -0,0 +1,32 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// A single alert property mapping to override. + public partial class AlertPropertyMapping + { + /// Initializes a new instance of AlertPropertyMapping. + public AlertPropertyMapping() + { + } + + /// Initializes a new instance of AlertPropertyMapping. + /// The V3 alert property. + /// the column name to use to override this property. + internal AlertPropertyMapping(AlertProperty? alertProperty, string value) + { + AlertProperty = alertProperty; + Value = value; + } + + /// The V3 alert property. + public AlertProperty? AlertProperty { get; set; } + /// the column name to use to override this property. + public string Value { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAction.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAction.Serialization.cs index c0b57c4a523dd..a26fabeb9c2f4 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAction.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAction.Serialization.cs @@ -28,6 +28,7 @@ internal static AutomationRuleAction DeserializeAutomationRuleAction(JsonElement { switch (discriminator.GetString()) { + case "AddIncidentTask": return AutomationRuleAddIncidentTaskAction.DeserializeAutomationRuleAddIncidentTaskAction(element); case "ModifyProperties": return AutomationRuleModifyPropertiesAction.DeserializeAutomationRuleModifyPropertiesAction(element); case "RunPlaybook": return AutomationRuleRunPlaybookAction.DeserializeAutomationRuleRunPlaybookAction(element); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAction.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAction.cs index e2c33690a8d31..9569e3543c10c 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAction.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAction.cs @@ -10,7 +10,7 @@ namespace Azure.ResourceManager.SecurityInsights.Models /// /// Describes an automation rule action. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include and . + /// The available derived classes include , and . /// public abstract partial class AutomationRuleAction { diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAddIncidentTaskAction.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAddIncidentTaskAction.Serialization.cs new file mode 100644 index 0000000000000..ea36c39048af2 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAddIncidentTaskAction.Serialization.cs @@ -0,0 +1,61 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AutomationRuleAddIncidentTaskAction : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ActionConfiguration)) + { + writer.WritePropertyName("actionConfiguration"); + writer.WriteObjectValue(ActionConfiguration); + } + writer.WritePropertyName("order"); + writer.WriteNumberValue(Order); + writer.WritePropertyName("actionType"); + writer.WriteStringValue(ActionType.ToString()); + writer.WriteEndObject(); + } + + internal static AutomationRuleAddIncidentTaskAction DeserializeAutomationRuleAddIncidentTaskAction(JsonElement element) + { + Optional actionConfiguration = default; + int order = default; + ActionType actionType = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("actionConfiguration")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + actionConfiguration = AddIncidentTaskActionProperties.DeserializeAddIncidentTaskActionProperties(property.Value); + continue; + } + if (property.NameEquals("order")) + { + order = property.Value.GetInt32(); + continue; + } + if (property.NameEquals("actionType")) + { + actionType = new ActionType(property.Value.GetString()); + continue; + } + } + return new AutomationRuleAddIncidentTaskAction(order, actionType, actionConfiguration.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAddIncidentTaskAction.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAddIncidentTaskAction.cs new file mode 100644 index 0000000000000..f2cbaa9d0d035 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleAddIncidentTaskAction.cs @@ -0,0 +1,33 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Describes an automation rule action to add a task to an incident. + public partial class AutomationRuleAddIncidentTaskAction : AutomationRuleAction + { + /// Initializes a new instance of AutomationRuleAddIncidentTaskAction. + /// + public AutomationRuleAddIncidentTaskAction(int order) : base(order) + { + ActionType = ActionType.AddIncidentTask; + } + + /// Initializes a new instance of AutomationRuleAddIncidentTaskAction. + /// + /// The type of the automation rule action. + /// + internal AutomationRuleAddIncidentTaskAction(int order, ActionType actionType, AddIncidentTaskActionProperties actionConfiguration) : base(order, actionType) + { + ActionConfiguration = actionConfiguration; + ActionType = actionType; + } + + /// Gets or sets the action configuration. + public AddIncidentTaskActionProperties ActionConfiguration { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.Serialization.cs new file mode 100644 index 0000000000000..c90e163e2f0ce --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.Serialization.cs @@ -0,0 +1,72 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AutomationRuleBooleanCondition : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(Operator)) + { + writer.WritePropertyName("operator"); + writer.WriteStringValue(Operator.Value.ToString()); + } + if (Optional.IsCollectionDefined(InnerConditions)) + { + writer.WritePropertyName("innerConditions"); + writer.WriteStartArray(); + foreach (var item in InnerConditions) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } + writer.WriteEndObject(); + } + + internal static AutomationRuleBooleanCondition DeserializeAutomationRuleBooleanCondition(JsonElement element) + { + Optional @operator = default; + Optional> innerConditions = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("operator")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + @operator = new AutomationRuleBooleanConditionSupportedOperator(property.Value.GetString()); + continue; + } + if (property.NameEquals("innerConditions")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(AutomationRuleCondition.DeserializeAutomationRuleCondition(item)); + } + innerConditions = array; + continue; + } + } + return new AutomationRuleBooleanCondition(Optional.ToNullable(@operator), Optional.ToList(innerConditions)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.cs new file mode 100644 index 0000000000000..37632e7d03280 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanCondition.cs @@ -0,0 +1,42 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRuleBooleanCondition. + public partial class AutomationRuleBooleanCondition + { + /// Initializes a new instance of AutomationRuleBooleanCondition. + public AutomationRuleBooleanCondition() + { + InnerConditions = new ChangeTrackingList(); + } + + /// Initializes a new instance of AutomationRuleBooleanCondition. + /// + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + internal AutomationRuleBooleanCondition(AutomationRuleBooleanConditionSupportedOperator? @operator, IList innerConditions) + { + Operator = @operator; + InnerConditions = innerConditions; + } + + /// Gets or sets the operator. + public AutomationRuleBooleanConditionSupportedOperator? Operator { get; set; } + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + public IList InnerConditions { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanConditionSupportedOperator.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanConditionSupportedOperator.cs new file mode 100644 index 0000000000000..c7ac2c77e3d45 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleBooleanConditionSupportedOperator.cs @@ -0,0 +1,51 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRuleBooleanConditionSupportedOperator. + public readonly partial struct AutomationRuleBooleanConditionSupportedOperator : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AutomationRuleBooleanConditionSupportedOperator(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AndValue = "And"; + private const string OrValue = "Or"; + + /// Evaluates as true if all the item conditions are evaluated as true. + public static AutomationRuleBooleanConditionSupportedOperator And { get; } = new AutomationRuleBooleanConditionSupportedOperator(AndValue); + /// Evaluates as true if at least one of the item conditions are evaluated as true. + public static AutomationRuleBooleanConditionSupportedOperator Or { get; } = new AutomationRuleBooleanConditionSupportedOperator(OrValue); + /// Determines if two values are the same. + public static bool operator ==(AutomationRuleBooleanConditionSupportedOperator left, AutomationRuleBooleanConditionSupportedOperator right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AutomationRuleBooleanConditionSupportedOperator left, AutomationRuleBooleanConditionSupportedOperator right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AutomationRuleBooleanConditionSupportedOperator(string value) => new AutomationRuleBooleanConditionSupportedOperator(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AutomationRuleBooleanConditionSupportedOperator other && Equals(other); + /// + public bool Equals(AutomationRuleBooleanConditionSupportedOperator other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs index bea9964c8ac26..779799e225614 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.Serialization.cs @@ -26,7 +26,9 @@ internal static AutomationRuleCondition DeserializeAutomationRuleCondition(JsonE { switch (discriminator.GetString()) { + case "Boolean": return BooleanConditionProperties.DeserializeBooleanConditionProperties(element); case "Property": return PropertyConditionProperties.DeserializePropertyConditionProperties(element); + case "PropertyArray": return PropertyArrayConditionProperties.DeserializePropertyArrayConditionProperties(element); case "PropertyArrayChanged": return PropertyArrayChangedConditionProperties.DeserializePropertyArrayChangedConditionProperties(element); case "PropertyChanged": return PropertyChangedConditionProperties.DeserializePropertyChangedConditionProperties(element); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs index b5e7cd637d96c..363e1d580d121 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleCondition.cs @@ -10,7 +10,7 @@ namespace Azure.ResourceManager.SecurityInsights.Models /// /// Describes an automation rule condition. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include , and . + /// The available derived classes include , , , and . /// public abstract partial class AutomationRuleCondition { diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayConditionType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayConditionType.cs new file mode 100644 index 0000000000000..c800528f61aa0 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayConditionType.cs @@ -0,0 +1,48 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRulePropertyArrayConditionSupportedArrayConditionType. + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayConditionType : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AutomationRulePropertyArrayConditionSupportedArrayConditionType(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AnyItemValue = "AnyItem"; + + /// Evaluate the condition as true if any item fulfills it. + public static AutomationRulePropertyArrayConditionSupportedArrayConditionType AnyItem { get; } = new AutomationRulePropertyArrayConditionSupportedArrayConditionType(AnyItemValue); + /// Determines if two values are the same. + public static bool operator ==(AutomationRulePropertyArrayConditionSupportedArrayConditionType left, AutomationRulePropertyArrayConditionSupportedArrayConditionType right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AutomationRulePropertyArrayConditionSupportedArrayConditionType left, AutomationRulePropertyArrayConditionSupportedArrayConditionType right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AutomationRulePropertyArrayConditionSupportedArrayConditionType(string value) => new AutomationRulePropertyArrayConditionSupportedArrayConditionType(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AutomationRulePropertyArrayConditionSupportedArrayConditionType other && Equals(other); + /// + public bool Equals(AutomationRulePropertyArrayConditionSupportedArrayConditionType other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayType.cs new file mode 100644 index 0000000000000..a599c41f440c2 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayConditionSupportedArrayType.cs @@ -0,0 +1,51 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRulePropertyArrayConditionSupportedArrayType. + public readonly partial struct AutomationRulePropertyArrayConditionSupportedArrayType : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public AutomationRulePropertyArrayConditionSupportedArrayType(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string CustomDetailsValue = "CustomDetails"; + private const string CustomDetailValuesValue = "CustomDetailValues"; + + /// Evaluate the condition on the custom detail keys. + public static AutomationRulePropertyArrayConditionSupportedArrayType CustomDetails { get; } = new AutomationRulePropertyArrayConditionSupportedArrayType(CustomDetailsValue); + /// Evaluate the condition on a custom detail's values. + public static AutomationRulePropertyArrayConditionSupportedArrayType CustomDetailValues { get; } = new AutomationRulePropertyArrayConditionSupportedArrayType(CustomDetailValuesValue); + /// Determines if two values are the same. + public static bool operator ==(AutomationRulePropertyArrayConditionSupportedArrayType left, AutomationRulePropertyArrayConditionSupportedArrayType right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(AutomationRulePropertyArrayConditionSupportedArrayType left, AutomationRulePropertyArrayConditionSupportedArrayType right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator AutomationRulePropertyArrayConditionSupportedArrayType(string value) => new AutomationRulePropertyArrayConditionSupportedArrayType(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is AutomationRulePropertyArrayConditionSupportedArrayType other && Equals(other); + /// + public bool Equals(AutomationRulePropertyArrayConditionSupportedArrayType other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.Serialization.cs new file mode 100644 index 0000000000000..a214b36d93174 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.Serialization.cs @@ -0,0 +1,88 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class AutomationRulePropertyArrayValuesCondition : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ArrayType)) + { + writer.WritePropertyName("arrayType"); + writer.WriteStringValue(ArrayType.Value.ToString()); + } + if (Optional.IsDefined(ArrayConditionType)) + { + writer.WritePropertyName("arrayConditionType"); + writer.WriteStringValue(ArrayConditionType.Value.ToString()); + } + if (Optional.IsCollectionDefined(ItemConditions)) + { + writer.WritePropertyName("itemConditions"); + writer.WriteStartArray(); + foreach (var item in ItemConditions) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } + writer.WriteEndObject(); + } + + internal static AutomationRulePropertyArrayValuesCondition DeserializeAutomationRulePropertyArrayValuesCondition(JsonElement element) + { + Optional arrayType = default; + Optional arrayConditionType = default; + Optional> itemConditions = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("arrayType")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + arrayType = new AutomationRulePropertyArrayConditionSupportedArrayType(property.Value.GetString()); + continue; + } + if (property.NameEquals("arrayConditionType")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + arrayConditionType = new AutomationRulePropertyArrayConditionSupportedArrayConditionType(property.Value.GetString()); + continue; + } + if (property.NameEquals("itemConditions")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(AutomationRuleCondition.DeserializeAutomationRuleCondition(item)); + } + itemConditions = array; + continue; + } + } + return new AutomationRulePropertyArrayValuesCondition(Optional.ToNullable(arrayType), Optional.ToNullable(arrayConditionType), Optional.ToList(itemConditions)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.cs new file mode 100644 index 0000000000000..2af0e417d2930 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyArrayValuesCondition.cs @@ -0,0 +1,46 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The AutomationRulePropertyArrayValuesCondition. + public partial class AutomationRulePropertyArrayValuesCondition + { + /// Initializes a new instance of AutomationRulePropertyArrayValuesCondition. + public AutomationRulePropertyArrayValuesCondition() + { + ItemConditions = new ChangeTrackingList(); + } + + /// Initializes a new instance of AutomationRulePropertyArrayValuesCondition. + /// + /// + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + internal AutomationRulePropertyArrayValuesCondition(AutomationRulePropertyArrayConditionSupportedArrayType? arrayType, AutomationRulePropertyArrayConditionSupportedArrayConditionType? arrayConditionType, IList itemConditions) + { + ArrayType = arrayType; + ArrayConditionType = arrayConditionType; + ItemConditions = itemConditions; + } + + /// Gets or sets the array type. + public AutomationRulePropertyArrayConditionSupportedArrayType? ArrayType { get; set; } + /// Gets or sets the array condition type. + public AutomationRulePropertyArrayConditionSupportedArrayConditionType? ArrayConditionType { get; set; } + /// + /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. + /// The available derived classes include , , , and . + /// + public IList ItemConditions { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs index dea82c9b3ed07..00ad1fadfcaca 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRulePropertyConditionSupportedProperty.cs @@ -30,6 +30,9 @@ public AutomationRulePropertyConditionSupportedProperty(string value) private const string IncidentTacticsValue = "IncidentTactics"; private const string IncidentLabelValue = "IncidentLabel"; private const string IncidentProviderNameValue = "IncidentProviderName"; + private const string IncidentUpdatedBySourceValue = "IncidentUpdatedBySource"; + private const string IncidentCustomDetailsKeyValue = "IncidentCustomDetailsKey"; + private const string IncidentCustomDetailsValueValue = "IncidentCustomDetailsValue"; private const string AccountAadTenantIdValue = "AccountAadTenantId"; private const string AccountAadUserIdValue = "AccountAadUserId"; private const string AccountNameValue = "AccountName"; @@ -94,6 +97,12 @@ public AutomationRulePropertyConditionSupportedProperty(string value) public static AutomationRulePropertyConditionSupportedProperty IncidentLabel { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentLabelValue); /// The provider name of the incident. public static AutomationRulePropertyConditionSupportedProperty IncidentProviderName { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentProviderNameValue); + /// The update source of the incident. + public static AutomationRulePropertyConditionSupportedProperty IncidentUpdatedBySource { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentUpdatedBySourceValue); + /// The incident custom detail key. + public static AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsKey { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentCustomDetailsKeyValue); + /// The incident custom detail value. + public static AutomationRulePropertyConditionSupportedProperty IncidentCustomDetailsValue { get; } = new AutomationRulePropertyConditionSupportedProperty(IncidentCustomDetailsValueValue); /// The account Azure Active Directory tenant id. public static AutomationRulePropertyConditionSupportedProperty AccountAadTenantId { get; } = new AutomationRulePropertyConditionSupportedProperty(AccountAadTenantIdValue); /// The account Azure Active Directory user id. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs index f1b80992b80e1..3aa3d95b3ab53 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/AutomationRuleTriggeringLogic.cs @@ -34,7 +34,7 @@ public AutomationRuleTriggeringLogic(bool isEnabled, TriggersOn triggersOn, Trig /// /// The conditions to evaluate to determine if the automation rule should be triggered on a given object. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include , and . + /// The available derived classes include , , , and . /// internal AutomationRuleTriggeringLogic(bool isEnabled, DateTimeOffset? expirationTimeUtc, TriggersOn triggersOn, TriggersWhen triggersWhen, IList conditions) { @@ -56,7 +56,7 @@ internal AutomationRuleTriggeringLogic(bool isEnabled, DateTimeOffset? expiratio /// /// The conditions to evaluate to determine if the automation rule should be triggered on a given object. /// Please note is the base class. According to the scenario, a derived class of the base class might need to be assigned here, or this property needs to be casted to one of the possible derived classes. - /// The available derived classes include , and . + /// The available derived classes include , , , and . /// public IList Conditions { get; } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.Serialization.cs new file mode 100644 index 0000000000000..08f53e3058af8 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.Serialization.cs @@ -0,0 +1,53 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class BooleanConditionProperties : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ConditionProperties)) + { + writer.WritePropertyName("conditionProperties"); + writer.WriteObjectValue(ConditionProperties); + } + writer.WritePropertyName("conditionType"); + writer.WriteStringValue(ConditionType.ToString()); + writer.WriteEndObject(); + } + + internal static BooleanConditionProperties DeserializeBooleanConditionProperties(JsonElement element) + { + Optional conditionProperties = default; + ConditionType conditionType = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("conditionProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + conditionProperties = AutomationRuleBooleanCondition.DeserializeAutomationRuleBooleanCondition(property.Value); + continue; + } + if (property.NameEquals("conditionType")) + { + conditionType = new ConditionType(property.Value.GetString()); + continue; + } + } + return new BooleanConditionProperties(conditionType, conditionProperties.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.cs new file mode 100644 index 0000000000000..cfa8c8e1b3081 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/BooleanConditionProperties.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions. + public partial class BooleanConditionProperties : AutomationRuleCondition + { + /// Initializes a new instance of BooleanConditionProperties. + public BooleanConditionProperties() + { + ConditionType = ConditionType.Boolean; + } + + /// Initializes a new instance of BooleanConditionProperties. + /// + /// + internal BooleanConditionProperties(ConditionType conditionType, AutomationRuleBooleanCondition conditionProperties) : base(conditionType) + { + ConditionProperties = conditionProperties; + ConditionType = conditionType; + } + + /// Gets or sets the condition properties. + public AutomationRuleBooleanCondition ConditionProperties { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Category.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Category.cs new file mode 100644 index 0000000000000..6973a5061cedd --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Category.cs @@ -0,0 +1,60 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Categories of recommendations. + public readonly partial struct Category : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public Category(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string OnboardingValue = "Onboarding"; + private const string NewFeatureValue = "NewFeature"; + private const string SocEfficiencyValue = "SocEfficiency"; + private const string CostOptimizationValue = "CostOptimization"; + private const string DemoValue = "Demo"; + + /// Onboarding recommendation. + public static Category Onboarding { get; } = new Category(OnboardingValue); + /// New feature recommendation. + public static Category NewFeature { get; } = new Category(NewFeatureValue); + /// Soc Efficiency recommendation. + public static Category SocEfficiency { get; } = new Category(SocEfficiencyValue); + /// Cost optimization recommendation. + public static Category CostOptimization { get; } = new Category(CostOptimizationValue); + /// Demo recommendation. + public static Category Demo { get; } = new Category(DemoValue); + /// Determines if two values are the same. + public static bool operator ==(Category left, Category right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(Category left, Category right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator Category(string value) => new Category(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is Category other && Equals(other); + /// + public bool Equals(Category other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ClientInfo.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ClientInfo.Serialization.cs index e9fc83bc26a41..9c2bd98cf2f7c 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ClientInfo.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ClientInfo.Serialization.cs @@ -11,8 +11,34 @@ namespace Azure.ResourceManager.SecurityInsights.Models { - public partial class ClientInfo + public partial class ClientInfo : IUtf8JsonSerializable { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(Email)) + { + writer.WritePropertyName("email"); + writer.WriteStringValue(Email); + } + if (Optional.IsDefined(Name)) + { + writer.WritePropertyName("name"); + writer.WriteStringValue(Name); + } + if (Optional.IsDefined(ObjectId)) + { + writer.WritePropertyName("objectId"); + writer.WriteStringValue(ObjectId.Value); + } + if (Optional.IsDefined(UserPrincipalName)) + { + writer.WritePropertyName("userPrincipalName"); + writer.WriteStringValue(UserPrincipalName); + } + writer.WriteEndObject(); + } + internal static ClientInfo DeserializeClientInfo(JsonElement element) { Optional email = default; diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ClientInfo.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ClientInfo.cs index a48f92f187825..47d0d744f934c 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ClientInfo.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ClientInfo.cs @@ -13,7 +13,7 @@ namespace Azure.ResourceManager.SecurityInsights.Models public partial class ClientInfo { /// Initializes a new instance of ClientInfo. - internal ClientInfo() + public ClientInfo() { } @@ -31,12 +31,12 @@ internal ClientInfo(string email, string name, Guid? objectId, string userPrinci } /// The email of the client. - public string Email { get; } + public string Email { get; set; } /// The name of the client. - public string Name { get; } + public string Name { get; set; } /// The object id of the client. - public Guid? ObjectId { get; } + public Guid? ObjectId { get; set; } /// The user principal name of the client. - public string UserPrincipalName { get; } + public string UserPrincipalName { get; set; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs index c6f7287395fc9..583f92fe8e9b2 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ConditionType.cs @@ -23,15 +23,21 @@ public ConditionType(string value) } private const string PropertyValue = "Property"; + private const string PropertyArrayValue = "PropertyArray"; private const string PropertyChangedValue = "PropertyChanged"; private const string PropertyArrayChangedValue = "PropertyArrayChanged"; + private const string BooleanValue = "Boolean"; /// Evaluate an object property value. public static ConditionType Property { get; } = new ConditionType(PropertyValue); + /// Evaluate an object array property value. + public static ConditionType PropertyArray { get; } = new ConditionType(PropertyArrayValue); /// Evaluate an object property changed value. public static ConditionType PropertyChanged { get; } = new ConditionType(PropertyChangedValue); /// Evaluate an object array property changed value. public static ConditionType PropertyArrayChanged { get; } = new ConditionType(PropertyArrayChangedValue); + /// Apply a boolean operator (e.g AND, OR) to conditions. + public static ConditionType Boolean { get; } = new ConditionType(BooleanValue); /// Determines if two values are the same. public static bool operator ==(ConditionType left, ConditionType right) => left.Equals(right); /// Determines if two values are not the same. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.Serialization.cs new file mode 100644 index 0000000000000..5522bcfcb9c80 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.Serialization.cs @@ -0,0 +1,35 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class Content + { + internal static Content DeserializeContent(JsonElement element) + { + string title = default; + string description = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("title")) + { + title = property.Value.GetString(); + continue; + } + if (property.NameEquals("description")) + { + description = property.Value.GetString(); + continue; + } + } + return new Content(title, description); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.cs new file mode 100644 index 0000000000000..2c841d8e57668 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Content.cs @@ -0,0 +1,34 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Content section of the recommendation. + public partial class Content + { + /// Initializes a new instance of Content. + /// Title of the content. + /// Description of the content. + /// or is null. + internal Content(string title, string description) + { + Argument.AssertNotNull(title, nameof(title)); + Argument.AssertNotNull(description, nameof(description)); + + Title = title; + Description = description; + } + + /// Title of the content. + public string Title { get; } + /// Description of the content. + public string Description { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Context.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Context.cs new file mode 100644 index 0000000000000..52b61b2b06602 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Context.cs @@ -0,0 +1,57 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Context of recommendation. + public readonly partial struct Context : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public Context(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string AnalyticsValue = "Analytics"; + private const string IncidentsValue = "Incidents"; + private const string OverviewValue = "Overview"; + private const string NoneValue = "None"; + + /// Analytics context. + public static Context Analytics { get; } = new Context(AnalyticsValue); + /// Incidents context. + public static Context Incidents { get; } = new Context(IncidentsValue); + /// Overview context. + public static Context Overview { get; } = new Context(OverviewValue); + /// No context. + public static Context None { get; } = new Context(NoneValue); + /// Determines if two values are the same. + public static bool operator ==(Context left, Context right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(Context left, Context right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator Context(string value) => new Context(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is Context other && Equals(other); + /// + public bool Equals(Context other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentAdditionalData.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentAdditionalData.Serialization.cs index ad4dbebe49268..c7eb8f164f917 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentAdditionalData.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentAdditionalData.Serialization.cs @@ -20,9 +20,9 @@ internal static IncidentAdditionalData DeserializeIncidentAdditionalData(JsonEle Optional bookmarksCount = default; Optional commentsCount = default; Optional> alertProductNames = default; - Optional providerIncidentUrl = default; Optional> tactics = default; Optional> techniques = default; + Optional providerIncidentUrl = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("alertsCount")) @@ -70,16 +70,6 @@ internal static IncidentAdditionalData DeserializeIncidentAdditionalData(JsonEle alertProductNames = array; continue; } - if (property.NameEquals("providerIncidentUrl")) - { - if (property.Value.ValueKind == JsonValueKind.Null) - { - providerIncidentUrl = null; - continue; - } - providerIncidentUrl = new Uri(property.Value.GetString()); - continue; - } if (property.NameEquals("tactics")) { if (property.Value.ValueKind == JsonValueKind.Null) @@ -110,8 +100,18 @@ internal static IncidentAdditionalData DeserializeIncidentAdditionalData(JsonEle techniques = array; continue; } + if (property.NameEquals("providerIncidentUrl")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + providerIncidentUrl = null; + continue; + } + providerIncidentUrl = new Uri(property.Value.GetString()); + continue; + } } - return new IncidentAdditionalData(Optional.ToNullable(alertsCount), Optional.ToNullable(bookmarksCount), Optional.ToNullable(commentsCount), Optional.ToList(alertProductNames), providerIncidentUrl.Value, Optional.ToList(tactics), Optional.ToList(techniques)); + return new IncidentAdditionalData(Optional.ToNullable(alertsCount), Optional.ToNullable(bookmarksCount), Optional.ToNullable(commentsCount), Optional.ToList(alertProductNames), Optional.ToList(tactics), Optional.ToList(techniques), providerIncidentUrl.Value); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentAdditionalData.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentAdditionalData.cs index 2e83806c67538..5db0e20d49509 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentAdditionalData.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentAdditionalData.cs @@ -27,18 +27,18 @@ internal IncidentAdditionalData() /// The number of bookmarks in the incident. /// The number of comments in the incident. /// List of product names of alerts in the incident. - /// The provider incident url to the incident in Microsoft 365 Defender portal. /// The tactics associated with incident. - /// The techniques associated with incident's tactics'. - internal IncidentAdditionalData(int? alertsCount, int? bookmarksCount, int? commentsCount, IReadOnlyList alertProductNames, Uri providerIncidentUri, IReadOnlyList tactics, IReadOnlyList techniques) + /// The techniques associated with incident's tactics. + /// The provider incident url to the incident in Microsoft 365 Defender portal. + internal IncidentAdditionalData(int? alertsCount, int? bookmarksCount, int? commentsCount, IReadOnlyList alertProductNames, IReadOnlyList tactics, IReadOnlyList techniques, Uri providerIncidentUri) { AlertsCount = alertsCount; BookmarksCount = bookmarksCount; CommentsCount = commentsCount; AlertProductNames = alertProductNames; - ProviderIncidentUri = providerIncidentUri; Tactics = tactics; Techniques = techniques; + ProviderIncidentUri = providerIncidentUri; } /// The number of alerts in the incident. @@ -49,11 +49,11 @@ internal IncidentAdditionalData(int? alertsCount, int? bookmarksCount, int? comm public int? CommentsCount { get; } /// List of product names of alerts in the incident. public IReadOnlyList AlertProductNames { get; } - /// The provider incident url to the incident in Microsoft 365 Defender portal. - public Uri ProviderIncidentUri { get; } /// The tactics associated with incident. public IReadOnlyList Tactics { get; } - /// The techniques associated with incident's tactics'. + /// The techniques associated with incident's tactics. public IReadOnlyList Techniques { get; } + /// The provider incident url to the incident in Microsoft 365 Defender portal. + public Uri ProviderIncidentUri { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentData.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentData.Serialization.cs index 59ef41647abbf..a36dfa856daca 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentData.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentData.Serialization.cs @@ -42,9 +42,9 @@ internal static IncidentCommentData DeserializeIncidentCommentData(JsonElement e string name = default; ResourceType type = default; Optional systemData = default; + Optional message = default; Optional createdTimeUtc = default; Optional lastModifiedTimeUtc = default; - Optional message = default; Optional author = default; foreach (var property in element.EnumerateObject()) { @@ -92,6 +92,11 @@ internal static IncidentCommentData DeserializeIncidentCommentData(JsonElement e } foreach (var property0 in property.Value.EnumerateObject()) { + if (property0.NameEquals("message")) + { + message = property0.Value.GetString(); + continue; + } if (property0.NameEquals("createdTimeUtc")) { if (property0.Value.ValueKind == JsonValueKind.Null) @@ -112,11 +117,6 @@ internal static IncidentCommentData DeserializeIncidentCommentData(JsonElement e lastModifiedTimeUtc = property0.Value.GetDateTimeOffset("O"); continue; } - if (property0.NameEquals("message")) - { - message = property0.Value.GetString(); - continue; - } if (property0.NameEquals("author")) { if (property0.Value.ValueKind == JsonValueKind.Null) @@ -131,7 +131,7 @@ internal static IncidentCommentData DeserializeIncidentCommentData(JsonElement e continue; } } - return new IncidentCommentData(id, name, type, systemData.Value, Optional.ToNullable(createdTimeUtc), Optional.ToNullable(lastModifiedTimeUtc), message.Value, author.Value, Optional.ToNullable(etag)); + return new IncidentCommentData(id, name, type, systemData.Value, message.Value, Optional.ToNullable(createdTimeUtc), Optional.ToNullable(lastModifiedTimeUtc), author.Value, Optional.ToNullable(etag)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentList.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentList.Serialization.cs index fa787b99b4d98..7e15f7905d323 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentList.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentList.Serialization.cs @@ -16,15 +16,10 @@ internal partial class IncidentCommentList { internal static IncidentCommentList DeserializeIncidentCommentList(JsonElement element) { - Optional nextLink = default; IReadOnlyList value = default; + Optional nextLink = default; foreach (var property in element.EnumerateObject()) { - if (property.NameEquals("nextLink")) - { - nextLink = property.Value.GetString(); - continue; - } if (property.NameEquals("value")) { List array = new List(); @@ -35,8 +30,13 @@ internal static IncidentCommentList DeserializeIncidentCommentList(JsonElement e value = array; continue; } + if (property.NameEquals("nextLink")) + { + nextLink = property.Value.GetString(); + continue; + } } - return new IncidentCommentList(nextLink.Value, value); + return new IncidentCommentList(value, nextLink.Value); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentList.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentList.cs index f36f5c0652694..02f2e2efbc05e 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentList.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentCommentList.cs @@ -13,11 +13,11 @@ namespace Azure.ResourceManager.SecurityInsights.Models { - /// List of incident comments. + /// The IncidentCommentList. internal partial class IncidentCommentList { /// Initializes a new instance of IncidentCommentList. - /// Array of comments. + /// /// is null. internal IncidentCommentList(IEnumerable value) { @@ -27,17 +27,17 @@ internal IncidentCommentList(IEnumerable value) } /// Initializes a new instance of IncidentCommentList. - /// URL to fetch the next set of comments. - /// Array of comments. - internal IncidentCommentList(string nextLink, IReadOnlyList value) + /// + /// + internal IncidentCommentList(IReadOnlyList value, string nextLink) { - NextLink = nextLink; Value = value; + NextLink = nextLink; } - /// URL to fetch the next set of comments. - public string NextLink { get; } - /// Array of comments. + /// Gets the value. public IReadOnlyList Value { get; } + /// Gets the next link. + public string NextLink { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentData.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentData.Serialization.cs index 255c35009ea19..8c557ba597a02 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentData.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentData.Serialization.cs @@ -27,30 +27,45 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) } writer.WritePropertyName("properties"); writer.WriteStartObject(); + if (Optional.IsDefined(Title)) + { + writer.WritePropertyName("title"); + writer.WriteStringValue(Title); + } + if (Optional.IsDefined(Description)) + { + writer.WritePropertyName("description"); + writer.WriteStringValue(Description); + } + if (Optional.IsDefined(Severity)) + { + writer.WritePropertyName("severity"); + writer.WriteStringValue(Severity.Value.ToString()); + } + if (Optional.IsDefined(Status)) + { + writer.WritePropertyName("status"); + writer.WriteStringValue(Status.Value.ToString()); + } if (Optional.IsDefined(Classification)) { writer.WritePropertyName("classification"); writer.WriteStringValue(Classification.Value.ToString()); } - if (Optional.IsDefined(ClassificationComment)) - { - writer.WritePropertyName("classificationComment"); - writer.WriteStringValue(ClassificationComment); - } if (Optional.IsDefined(ClassificationReason)) { writer.WritePropertyName("classificationReason"); writer.WriteStringValue(ClassificationReason.Value.ToString()); } - if (Optional.IsDefined(Description)) + if (Optional.IsDefined(ClassificationComment)) { - writer.WritePropertyName("description"); - writer.WriteStringValue(Description); + writer.WritePropertyName("classificationComment"); + writer.WriteStringValue(ClassificationComment); } - if (Optional.IsDefined(FirstActivityTimeUtc)) + if (Optional.IsDefined(Owner)) { - writer.WritePropertyName("firstActivityTimeUtc"); - writer.WriteStringValue(FirstActivityTimeUtc.Value, "O"); + writer.WritePropertyName("owner"); + writer.WriteObjectValue(Owner); } if (Optional.IsCollectionDefined(Labels)) { @@ -62,46 +77,31 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) } writer.WriteEndArray(); } - if (Optional.IsDefined(ProviderName)) - { - writer.WritePropertyName("providerName"); - writer.WriteStringValue(ProviderName); - } - if (Optional.IsDefined(ProviderIncidentId)) + if (Optional.IsDefined(FirstActivityTimeUtc)) { - writer.WritePropertyName("providerIncidentId"); - writer.WriteStringValue(ProviderIncidentId); + writer.WritePropertyName("firstActivityTimeUtc"); + writer.WriteStringValue(FirstActivityTimeUtc.Value, "O"); } if (Optional.IsDefined(LastActivityTimeUtc)) { writer.WritePropertyName("lastActivityTimeUtc"); writer.WriteStringValue(LastActivityTimeUtc.Value, "O"); } - if (Optional.IsDefined(Owner)) - { - writer.WritePropertyName("owner"); - writer.WriteObjectValue(Owner); - } - if (Optional.IsDefined(Severity)) + if (Optional.IsDefined(ProviderName)) { - writer.WritePropertyName("severity"); - writer.WriteStringValue(Severity.Value.ToString()); + writer.WritePropertyName("providerName"); + writer.WriteStringValue(ProviderName); } - if (Optional.IsDefined(Status)) + if (Optional.IsDefined(ProviderIncidentId)) { - writer.WritePropertyName("status"); - writer.WriteStringValue(Status.Value.ToString()); + writer.WritePropertyName("providerIncidentId"); + writer.WriteStringValue(ProviderIncidentId); } if (Optional.IsDefined(TeamInformation)) { writer.WritePropertyName("teamInformation"); writer.WriteObjectValue(TeamInformation); } - if (Optional.IsDefined(Title)) - { - writer.WritePropertyName("title"); - writer.WriteStringValue(Title); - } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -113,26 +113,26 @@ internal static IncidentData DeserializeIncidentData(JsonElement element) string name = default; ResourceType type = default; Optional systemData = default; - Optional additionalData = default; + Optional title = default; + Optional description = default; + Optional severity = default; + Optional status = default; Optional classification = default; - Optional classificationComment = default; Optional classificationReason = default; - Optional createdTimeUtc = default; - Optional description = default; - Optional firstActivityTimeUtc = default; - Optional incidentUrl = default; - Optional incidentNumber = default; + Optional classificationComment = default; + Optional owner = default; Optional> labels = default; - Optional providerName = default; - Optional providerIncidentId = default; + Optional firstActivityTimeUtc = default; Optional lastActivityTimeUtc = default; Optional lastModifiedTimeUtc = default; - Optional owner = default; + Optional createdTimeUtc = default; + Optional incidentNumber = default; + Optional additionalData = default; Optional> relatedAnalyticRuleIds = default; - Optional severity = default; - Optional status = default; + Optional incidentUrl = default; + Optional providerName = default; + Optional providerIncidentId = default; Optional teamInformation = default; - Optional title = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("etag")) @@ -179,139 +179,144 @@ internal static IncidentData DeserializeIncidentData(JsonElement element) } foreach (var property0 in property.Value.EnumerateObject()) { - if (property0.NameEquals("additionalData")) + if (property0.NameEquals("title")) + { + title = property0.Value.GetString(); + continue; + } + if (property0.NameEquals("description")) + { + description = property0.Value.GetString(); + continue; + } + if (property0.NameEquals("severity")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - additionalData = IncidentAdditionalData.DeserializeIncidentAdditionalData(property0.Value); + severity = new IncidentSeverity(property0.Value.GetString()); continue; } - if (property0.NameEquals("classification")) + if (property0.NameEquals("status")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - classification = new IncidentClassification(property0.Value.GetString()); - continue; - } - if (property0.NameEquals("classificationComment")) - { - classificationComment = property0.Value.GetString(); + status = new IncidentStatus(property0.Value.GetString()); continue; } - if (property0.NameEquals("classificationReason")) + if (property0.NameEquals("classification")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - classificationReason = new IncidentClassificationReason(property0.Value.GetString()); + classification = new IncidentClassification(property0.Value.GetString()); continue; } - if (property0.NameEquals("createdTimeUtc")) + if (property0.NameEquals("classificationReason")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - createdTimeUtc = property0.Value.GetDateTimeOffset("O"); + classificationReason = new IncidentClassificationReason(property0.Value.GetString()); continue; } - if (property0.NameEquals("description")) + if (property0.NameEquals("classificationComment")) { - description = property0.Value.GetString(); + classificationComment = property0.Value.GetString(); continue; } - if (property0.NameEquals("firstActivityTimeUtc")) + if (property0.NameEquals("owner")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - firstActivityTimeUtc = property0.Value.GetDateTimeOffset("O"); + owner = IncidentOwnerInfo.DeserializeIncidentOwnerInfo(property0.Value); continue; } - if (property0.NameEquals("incidentUrl")) + if (property0.NameEquals("labels")) { if (property0.Value.ValueKind == JsonValueKind.Null) { - incidentUrl = null; + property0.ThrowNonNullablePropertyIsNull(); continue; } - incidentUrl = new Uri(property0.Value.GetString()); + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(IncidentLabel.DeserializeIncidentLabel(item)); + } + labels = array; continue; } - if (property0.NameEquals("incidentNumber")) + if (property0.NameEquals("firstActivityTimeUtc")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - incidentNumber = property0.Value.GetInt32(); + firstActivityTimeUtc = property0.Value.GetDateTimeOffset("O"); continue; } - if (property0.NameEquals("labels")) + if (property0.NameEquals("lastActivityTimeUtc")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - List array = new List(); - foreach (var item in property0.Value.EnumerateArray()) - { - array.Add(IncidentLabel.DeserializeIncidentLabel(item)); - } - labels = array; - continue; - } - if (property0.NameEquals("providerName")) - { - providerName = property0.Value.GetString(); + lastActivityTimeUtc = property0.Value.GetDateTimeOffset("O"); continue; } - if (property0.NameEquals("providerIncidentId")) + if (property0.NameEquals("lastModifiedTimeUtc")) { - providerIncidentId = property0.Value.GetString(); + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + lastModifiedTimeUtc = property0.Value.GetDateTimeOffset("O"); continue; } - if (property0.NameEquals("lastActivityTimeUtc")) + if (property0.NameEquals("createdTimeUtc")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - lastActivityTimeUtc = property0.Value.GetDateTimeOffset("O"); + createdTimeUtc = property0.Value.GetDateTimeOffset("O"); continue; } - if (property0.NameEquals("lastModifiedTimeUtc")) + if (property0.NameEquals("incidentNumber")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - lastModifiedTimeUtc = property0.Value.GetDateTimeOffset("O"); + incidentNumber = property0.Value.GetInt32(); continue; } - if (property0.NameEquals("owner")) + if (property0.NameEquals("additionalData")) { if (property0.Value.ValueKind == JsonValueKind.Null) { property0.ThrowNonNullablePropertyIsNull(); continue; } - owner = IncidentOwnerInfo.DeserializeIncidentOwnerInfo(property0.Value); + additionalData = IncidentAdditionalData.DeserializeIncidentAdditionalData(property0.Value); continue; } if (property0.NameEquals("relatedAnalyticRuleIds")) @@ -329,24 +334,24 @@ internal static IncidentData DeserializeIncidentData(JsonElement element) relatedAnalyticRuleIds = array; continue; } - if (property0.NameEquals("severity")) + if (property0.NameEquals("incidentUrl")) { if (property0.Value.ValueKind == JsonValueKind.Null) { - property0.ThrowNonNullablePropertyIsNull(); + incidentUrl = null; continue; } - severity = new IncidentSeverity(property0.Value.GetString()); + incidentUrl = new Uri(property0.Value.GetString()); continue; } - if (property0.NameEquals("status")) + if (property0.NameEquals("providerName")) { - if (property0.Value.ValueKind == JsonValueKind.Null) - { - property0.ThrowNonNullablePropertyIsNull(); - continue; - } - status = new IncidentStatus(property0.Value.GetString()); + providerName = property0.Value.GetString(); + continue; + } + if (property0.NameEquals("providerIncidentId")) + { + providerIncidentId = property0.Value.GetString(); continue; } if (property0.NameEquals("teamInformation")) @@ -359,16 +364,11 @@ internal static IncidentData DeserializeIncidentData(JsonElement element) teamInformation = TeamInformation.DeserializeTeamInformation(property0.Value); continue; } - if (property0.NameEquals("title")) - { - title = property0.Value.GetString(); - continue; - } } continue; } } - return new IncidentData(id, name, type, systemData.Value, additionalData.Value, Optional.ToNullable(classification), classificationComment.Value, Optional.ToNullable(classificationReason), Optional.ToNullable(createdTimeUtc), description.Value, Optional.ToNullable(firstActivityTimeUtc), incidentUrl.Value, Optional.ToNullable(incidentNumber), Optional.ToList(labels), providerName.Value, providerIncidentId.Value, Optional.ToNullable(lastActivityTimeUtc), Optional.ToNullable(lastModifiedTimeUtc), owner.Value, Optional.ToList(relatedAnalyticRuleIds), Optional.ToNullable(severity), Optional.ToNullable(status), teamInformation.Value, title.Value, Optional.ToNullable(etag)); + return new IncidentData(id, name, type, systemData.Value, title.Value, description.Value, Optional.ToNullable(severity), Optional.ToNullable(status), Optional.ToNullable(classification), Optional.ToNullable(classificationReason), classificationComment.Value, owner.Value, Optional.ToList(labels), Optional.ToNullable(firstActivityTimeUtc), Optional.ToNullable(lastActivityTimeUtc), Optional.ToNullable(lastModifiedTimeUtc), Optional.ToNullable(createdTimeUtc), Optional.ToNullable(incidentNumber), additionalData.Value, Optional.ToList(relatedAnalyticRuleIds), incidentUrl.Value, providerName.Value, providerIncidentId.Value, teamInformation.Value, Optional.ToNullable(etag)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentEntitiesResultsMetadata.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentEntitiesResultsMetadata.Serialization.cs index 35fbe15733983..fbb66b1082a13 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentEntitiesResultsMetadata.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentEntitiesResultsMetadata.Serialization.cs @@ -14,22 +14,22 @@ public partial class IncidentEntitiesResultsMetadata { internal static IncidentEntitiesResultsMetadata DeserializeIncidentEntitiesResultsMetadata(JsonElement element) { - int count = default; EntityKind entityKind = default; + int count = default; foreach (var property in element.EnumerateObject()) { - if (property.NameEquals("count")) + if (property.NameEquals("entityKind")) { - count = property.Value.GetInt32(); + entityKind = new EntityKind(property.Value.GetString()); continue; } - if (property.NameEquals("entityKind")) + if (property.NameEquals("count")) { - entityKind = new EntityKind(property.Value.GetString()); + count = property.Value.GetInt32(); continue; } } - return new IncidentEntitiesResultsMetadata(count, entityKind); + return new IncidentEntitiesResultsMetadata(entityKind, count); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentEntitiesResultsMetadata.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentEntitiesResultsMetadata.cs index 4a1d0b1dae177..445be0b53b3ae 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentEntitiesResultsMetadata.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentEntitiesResultsMetadata.cs @@ -11,17 +11,17 @@ namespace Azure.ResourceManager.SecurityInsights.Models public partial class IncidentEntitiesResultsMetadata { /// Initializes a new instance of IncidentEntitiesResultsMetadata. - /// Total number of aggregations of the given kind in the incident related entities result. /// The kind of the aggregated entity. - internal IncidentEntitiesResultsMetadata(int count, EntityKind entityKind) + /// Total number of aggregations of the given kind in the incident related entities result. + internal IncidentEntitiesResultsMetadata(EntityKind entityKind, int count) { - Count = count; EntityKind = entityKind; + Count = count; } - /// Total number of aggregations of the given kind in the incident related entities result. - public int Count { get; } /// The kind of the aggregated entity. public EntityKind EntityKind { get; } + /// Total number of aggregations of the given kind in the incident related entities result. + public int Count { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentList.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentList.Serialization.cs index d5644433f9ba0..204861a339159 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentList.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentList.Serialization.cs @@ -16,15 +16,10 @@ internal partial class IncidentList { internal static IncidentList DeserializeIncidentList(JsonElement element) { - Optional nextLink = default; IReadOnlyList value = default; + Optional nextLink = default; foreach (var property in element.EnumerateObject()) { - if (property.NameEquals("nextLink")) - { - nextLink = property.Value.GetString(); - continue; - } if (property.NameEquals("value")) { List array = new List(); @@ -35,8 +30,13 @@ internal static IncidentList DeserializeIncidentList(JsonElement element) value = array; continue; } + if (property.NameEquals("nextLink")) + { + nextLink = property.Value.GetString(); + continue; + } } - return new IncidentList(nextLink.Value, value); + return new IncidentList(value, nextLink.Value); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentList.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentList.cs index 553f41a218c34..6f30eb9a1eea3 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentList.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentList.cs @@ -17,7 +17,7 @@ namespace Azure.ResourceManager.SecurityInsights.Models internal partial class IncidentList { /// Initializes a new instance of IncidentList. - /// Array of incidents. + /// /// is null. internal IncidentList(IEnumerable value) { @@ -27,17 +27,17 @@ internal IncidentList(IEnumerable value) } /// Initializes a new instance of IncidentList. + /// /// URL to fetch the next set of incidents. - /// Array of incidents. - internal IncidentList(string nextLink, IReadOnlyList value) + internal IncidentList(IReadOnlyList value, string nextLink) { - NextLink = nextLink; Value = value; + NextLink = nextLink; } + /// Gets the value. + public IReadOnlyList Value { get; } /// URL to fetch the next set of incidents. public string NextLink { get; } - /// Array of incidents. - public IReadOnlyList Value { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskData.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskData.Serialization.cs new file mode 100644 index 0000000000000..62615b9c2eea1 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskData.Serialization.cs @@ -0,0 +1,174 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Text.Json; +using Azure; +using Azure.Core; +using Azure.ResourceManager.Models; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + public partial class IncidentTaskData : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ETag)) + { + writer.WritePropertyName("etag"); + writer.WriteStringValue(ETag.Value.ToString()); + } + writer.WritePropertyName("properties"); + writer.WriteStartObject(); + writer.WritePropertyName("title"); + writer.WriteStringValue(Title); + if (Optional.IsDefined(Description)) + { + writer.WritePropertyName("description"); + writer.WriteStringValue(Description); + } + writer.WritePropertyName("status"); + writer.WriteStringValue(Status.ToString()); + if (Optional.IsDefined(CreatedBy)) + { + writer.WritePropertyName("createdBy"); + writer.WriteObjectValue(CreatedBy); + } + if (Optional.IsDefined(LastModifiedBy)) + { + writer.WritePropertyName("lastModifiedBy"); + writer.WriteObjectValue(LastModifiedBy); + } + writer.WriteEndObject(); + writer.WriteEndObject(); + } + + internal static IncidentTaskData DeserializeIncidentTaskData(JsonElement element) + { + Optional etag = default; + ResourceIdentifier id = default; + string name = default; + ResourceType type = default; + Optional systemData = default; + string title = default; + Optional description = default; + IncidentTaskStatus status = default; + Optional createdTimeUtc = default; + Optional lastModifiedTimeUtc = default; + Optional createdBy = default; + Optional lastModifiedBy = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("etag")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + etag = new ETag(property.Value.GetString()); + continue; + } + if (property.NameEquals("id")) + { + id = new ResourceIdentifier(property.Value.GetString()); + continue; + } + if (property.NameEquals("name")) + { + name = property.Value.GetString(); + continue; + } + if (property.NameEquals("type")) + { + type = new ResourceType(property.Value.GetString()); + continue; + } + if (property.NameEquals("systemData")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + systemData = JsonSerializer.Deserialize(property.Value.ToString()); + continue; + } + if (property.NameEquals("properties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + foreach (var property0 in property.Value.EnumerateObject()) + { + if (property0.NameEquals("title")) + { + title = property0.Value.GetString(); + continue; + } + if (property0.NameEquals("description")) + { + description = property0.Value.GetString(); + continue; + } + if (property0.NameEquals("status")) + { + status = new IncidentTaskStatus(property0.Value.GetString()); + continue; + } + if (property0.NameEquals("createdTimeUtc")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + createdTimeUtc = property0.Value.GetDateTimeOffset("O"); + continue; + } + if (property0.NameEquals("lastModifiedTimeUtc")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + lastModifiedTimeUtc = property0.Value.GetDateTimeOffset("O"); + continue; + } + if (property0.NameEquals("createdBy")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + createdBy = ClientInfo.DeserializeClientInfo(property0.Value); + continue; + } + if (property0.NameEquals("lastModifiedBy")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + lastModifiedBy = ClientInfo.DeserializeClientInfo(property0.Value); + continue; + } + } + continue; + } + } + return new IncidentTaskData(id, name, type, systemData.Value, title, description.Value, status, Optional.ToNullable(createdTimeUtc), Optional.ToNullable(lastModifiedTimeUtc), createdBy.Value, lastModifiedBy.Value, Optional.ToNullable(etag)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskList.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskList.Serialization.cs new file mode 100644 index 0000000000000..bed46a6b1d882 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskList.Serialization.cs @@ -0,0 +1,47 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; +using Azure.ResourceManager.SecurityInsights; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + internal partial class IncidentTaskList + { + internal static IncidentTaskList DeserializeIncidentTaskList(JsonElement element) + { + Optional> value = default; + Optional nextLink = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("value")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(IncidentTaskData.DeserializeIncidentTaskData(item)); + } + value = array; + continue; + } + if (property.NameEquals("nextLink")) + { + nextLink = property.Value.GetString(); + continue; + } + } + return new IncidentTaskList(Optional.ToList(value), nextLink.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskList.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskList.cs new file mode 100644 index 0000000000000..80b0bed5c2f94 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskList.cs @@ -0,0 +1,37 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using Azure.Core; +using Azure.ResourceManager.SecurityInsights; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The IncidentTaskList. + internal partial class IncidentTaskList + { + /// Initializes a new instance of IncidentTaskList. + internal IncidentTaskList() + { + Value = new ChangeTrackingList(); + } + + /// Initializes a new instance of IncidentTaskList. + /// + /// + internal IncidentTaskList(IReadOnlyList value, string nextLink) + { + Value = value; + NextLink = nextLink; + } + + /// Gets the value. + public IReadOnlyList Value { get; } + /// Gets the next link. + public string NextLink { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskStatus.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskStatus.cs new file mode 100644 index 0000000000000..286996581d64d --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/IncidentTaskStatus.cs @@ -0,0 +1,51 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// The IncidentTaskStatus. + public readonly partial struct IncidentTaskStatus : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public IncidentTaskStatus(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string NewValue = "New"; + private const string CompletedValue = "Completed"; + + /// A new task. + public static IncidentTaskStatus New { get; } = new IncidentTaskStatus(NewValue); + /// A completed task. + public static IncidentTaskStatus Completed { get; } = new IncidentTaskStatus(CompletedValue); + /// Determines if two values are the same. + public static bool operator ==(IncidentTaskStatus left, IncidentTaskStatus right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(IncidentTaskStatus left, IncidentTaskStatus right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator IncidentTaskStatus(string value) => new IncidentTaskStatus(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is IncidentTaskStatus other && Equals(other); + /// + public bool Equals(IncidentTaskStatus other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.Serialization.cs new file mode 100644 index 0000000000000..4c15770f84eda --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.Serialization.cs @@ -0,0 +1,46 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class Instructions + { + internal static Instructions DeserializeInstructions(JsonElement element) + { + string actionsToBePerformed = default; + string recommendationImportance = default; + Optional howToPerformActionDetails = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("actionsToBePerformed")) + { + actionsToBePerformed = property.Value.GetString(); + continue; + } + if (property.NameEquals("recommendationImportance")) + { + recommendationImportance = property.Value.GetString(); + continue; + } + if (property.NameEquals("howToPerformActionDetails")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + howToPerformActionDetails = null; + continue; + } + howToPerformActionDetails = property.Value.GetString(); + continue; + } + } + return new Instructions(actionsToBePerformed, recommendationImportance, howToPerformActionDetails.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.cs new file mode 100644 index 0000000000000..5b5bbec66f34a --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Instructions.cs @@ -0,0 +1,47 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Instructions section of a recommendation. + public partial class Instructions + { + /// Initializes a new instance of Instructions. + /// What actions should be taken to complete the recommendation. + /// Explains why the recommendation is important. + /// or is null. + internal Instructions(string actionsToBePerformed, string recommendationImportance) + { + Argument.AssertNotNull(actionsToBePerformed, nameof(actionsToBePerformed)); + Argument.AssertNotNull(recommendationImportance, nameof(recommendationImportance)); + + ActionsToBePerformed = actionsToBePerformed; + RecommendationImportance = recommendationImportance; + } + + /// Initializes a new instance of Instructions. + /// What actions should be taken to complete the recommendation. + /// Explains why the recommendation is important. + /// How should the user complete the recommendation. + internal Instructions(string actionsToBePerformed, string recommendationImportance, string howToPerformActionDetails) + { + ActionsToBePerformed = actionsToBePerformed; + RecommendationImportance = recommendationImportance; + HowToPerformActionDetails = howToPerformActionDetails; + } + + /// What actions should be taken to complete the recommendation. + public string ActionsToBePerformed { get; } + /// Explains why the recommendation is important. + public string RecommendationImportance { get; } + /// How should the user complete the recommendation. + public string HowToPerformActionDetails { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs index 212fd76649420..55acc876d7b7b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/KillChainIntent.cs @@ -10,7 +10,7 @@ namespace Azure.ResourceManager.SecurityInsights.Models { - /// Holds the alert intent stage(s) mapping for this alert. + /// The intent of the alert. public readonly partial struct KillChainIntent : IEquatable { private readonly string _value; diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs index f39d6887f16aa..bb04c9018e8e1 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.Serialization.cs @@ -20,11 +20,8 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("tenantId"); writer.WriteStringValue(TenantId.Value); } - if (Optional.IsDefined(LogicAppsResourceId)) - { - writer.WritePropertyName("logicAppsResourceId"); - writer.WriteStringValue(LogicAppsResourceId); - } + writer.WritePropertyName("logicAppsResourceId"); + writer.WriteStringValue(LogicAppsResourceId); writer.WriteEndObject(); } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs index 1a35d5ad9dcc9..479330951d44e 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ManualTriggerRequestBody.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using Azure.Core; namespace Azure.ResourceManager.SecurityInsights.Models { @@ -13,13 +14,18 @@ namespace Azure.ResourceManager.SecurityInsights.Models public partial class ManualTriggerRequestBody { /// Initializes a new instance of ManualTriggerRequestBody. - public ManualTriggerRequestBody() + /// + /// is null. + public ManualTriggerRequestBody(string logicAppsResourceId) { + Argument.AssertNotNull(logicAppsResourceId, nameof(logicAppsResourceId)); + + LogicAppsResourceId = logicAppsResourceId; } /// Gets or sets the tenant id. public Guid? TenantId { get; set; } - /// Gets or sets the logic apps resource id. - public string LogicAppsResourceId { get; set; } + /// Gets the logic apps resource id. + public string LogicAppsResourceId { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs index e23a624f97bbd..9573798be8e6a 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.Serialization.cs @@ -124,6 +124,21 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsDefined(EventGroupingSettings)) + { + writer.WritePropertyName("eventGroupingSettings"); + writer.WriteObjectValue(EventGroupingSettings); + } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -152,6 +167,8 @@ internal static NrtAlertRule DeserializeNrtAlertRule(JsonElement element) Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional eventGroupingSettings = default; + Optional> sentinelEntitiesMappings = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("kind")) @@ -358,11 +375,36 @@ internal static NrtAlertRule DeserializeNrtAlertRule(JsonElement element) alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("eventGroupingSettings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + eventGroupingSettings = EventGroupingSettings.DeserializeEventGroupingSettings(property0.Value); + continue; + } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } } continue; } } - return new NrtAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), alertRuleTemplateName.Value, templateVersion.Value, description.Value, query.Value, Optional.ToList(tactics), Optional.ToList(techniques), displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToNullable(severity), incidentConfiguration.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value); + return new NrtAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), alertRuleTemplateName.Value, templateVersion.Value, description.Value, query.Value, Optional.ToList(tactics), Optional.ToList(techniques), displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToNullable(severity), incidentConfiguration.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, eventGroupingSettings.Value, Optional.ToList(sentinelEntitiesMappings)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs index b7b03ece5ab1b..9758717ed687b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRule.cs @@ -24,6 +24,7 @@ public NrtAlertRule() Techniques = new ChangeTrackingList(); CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Kind = AlertRuleKind.NRT; } @@ -50,7 +51,9 @@ public NrtAlertRule() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. - internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string alertRuleTemplateName, string templateVersion, string description, string query, IList tactics, IList techniques, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, AlertSeverity? severity, IncidentConfiguration incidentConfiguration, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride) : base(id, name, resourceType, systemData, kind, etag) + /// The event grouping settings. + /// Array of the sentinel entity mappings of the alert rule. + internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string alertRuleTemplateName, string templateVersion, string description, string query, IList tactics, IList techniques, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, AlertSeverity? severity, IncidentConfiguration incidentConfiguration, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, EventGroupingSettings eventGroupingSettings, IList sentinelEntitiesMappings) : base(id, name, resourceType, systemData, kind, etag) { AlertRuleTemplateName = alertRuleTemplateName; TemplateVersion = templateVersion; @@ -68,6 +71,8 @@ internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceT CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + EventGroupingSettings = eventGroupingSettings; + SentinelEntitiesMappings = sentinelEntitiesMappings; Kind = kind; } @@ -103,5 +108,21 @@ internal NrtAlertRule(ResourceIdentifier id, string name, ResourceType resourceT public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// The event grouping settings. + internal EventGroupingSettings EventGroupingSettings { get; set; } + /// The event grouping aggregation kinds. + public EventGroupingAggregationKind? EventGroupingAggregationKind + { + get => EventGroupingSettings is null ? default : EventGroupingSettings.AggregationKind; + set + { + if (EventGroupingSettings is null) + EventGroupingSettings = new EventGroupingSettings(); + EventGroupingSettings.AggregationKind = value; + } + } + + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs index c62697619b853..bd76698af0c2d 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.Serialization.cs @@ -113,6 +113,21 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsDefined(EventGroupingSettings)) + { + writer.WritePropertyName("eventGroupingSettings"); + writer.WriteObjectValue(EventGroupingSettings); + } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -139,6 +154,8 @@ internal static NrtAlertRuleTemplate DeserializeNrtAlertRuleTemplate(JsonElement Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional eventGroupingSettings = default; + Optional> sentinelEntitiesMappings = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("kind")) @@ -335,11 +352,36 @@ internal static NrtAlertRuleTemplate DeserializeNrtAlertRuleTemplate(JsonElement alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("eventGroupingSettings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + eventGroupingSettings = EventGroupingSettings.DeserializeEventGroupingSettings(property0.Value); + continue; + } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } } continue; } } - return new NrtAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(lastUpdatedDateUTC), Optional.ToNullable(createdDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), Optional.ToList(tactics), Optional.ToList(techniques), query.Value, Optional.ToNullable(severity), version.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value); + return new NrtAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(lastUpdatedDateUTC), Optional.ToNullable(createdDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), Optional.ToList(tactics), Optional.ToList(techniques), query.Value, Optional.ToNullable(severity), version.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, eventGroupingSettings.Value, Optional.ToList(sentinelEntitiesMappings)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs index ac500774fec7c..a532b6bab5258 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/NrtAlertRuleTemplate.cs @@ -24,6 +24,7 @@ public NrtAlertRuleTemplate() Techniques = new ChangeTrackingList(); CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Kind = AlertRuleKind.NRT; } @@ -48,7 +49,9 @@ public NrtAlertRuleTemplate() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. - internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? lastUpdatedDateUTC, DateTimeOffset? createdDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, IList tactics, IList techniques, string query, AlertSeverity? severity, string version, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride) : base(id, name, resourceType, systemData, kind) + /// The event grouping settings. + /// Array of the sentinel entity mappings of the alert rule. + internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? lastUpdatedDateUTC, DateTimeOffset? createdDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, IList tactics, IList techniques, string query, AlertSeverity? severity, string version, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, EventGroupingSettings eventGroupingSettings, IList sentinelEntitiesMappings) : base(id, name, resourceType, systemData, kind) { AlertRulesCreatedByTemplateCount = alertRulesCreatedByTemplateCount; LastUpdatedDateUTC = lastUpdatedDateUTC; @@ -65,6 +68,8 @@ internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType r CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + EventGroupingSettings = eventGroupingSettings; + SentinelEntitiesMappings = sentinelEntitiesMappings; Kind = kind; } @@ -98,5 +103,21 @@ internal NrtAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType r public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// The event grouping settings. + internal EventGroupingSettings EventGroupingSettings { get; set; } + /// The event grouping aggregation kinds. + public EventGroupingAggregationKind? EventGroupingAggregationKind + { + get => EventGroupingSettings is null ? default : EventGroupingSettings.AggregationKind; + set + { + if (EventGroupingSettings is null) + EventGroupingSettings = new EventGroupingSettings(); + EventGroupingSettings.AggregationKind = value; + } + } + + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Priority.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Priority.cs new file mode 100644 index 0000000000000..5725d0beb578e --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Priority.cs @@ -0,0 +1,54 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Priority of recommendation. + public readonly partial struct Priority : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public Priority(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string LowValue = "Low"; + private const string MediumValue = "Medium"; + private const string HighValue = "High"; + + /// Low priority for recommendation. + public static Priority Low { get; } = new Priority(LowValue); + /// Medium priority for recommendation. + public static Priority Medium { get; } = new Priority(MediumValue); + /// High priority for recommendation. + public static Priority High { get; } = new Priority(HighValue); + /// Determines if two values are the same. + public static bool operator ==(Priority left, Priority right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(Priority left, Priority right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator Priority(string value) => new Priority(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is Priority other && Equals(other); + /// + public bool Equals(Priority other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.Serialization.cs new file mode 100644 index 0000000000000..60a144a9090ea --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.Serialization.cs @@ -0,0 +1,53 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class PropertyArrayConditionProperties : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ConditionProperties)) + { + writer.WritePropertyName("conditionProperties"); + writer.WriteObjectValue(ConditionProperties); + } + writer.WritePropertyName("conditionType"); + writer.WriteStringValue(ConditionType.ToString()); + writer.WriteEndObject(); + } + + internal static PropertyArrayConditionProperties DeserializePropertyArrayConditionProperties(JsonElement element) + { + Optional conditionProperties = default; + ConditionType conditionType = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("conditionProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + conditionProperties = AutomationRulePropertyArrayValuesCondition.DeserializeAutomationRulePropertyArrayValuesCondition(property.Value); + continue; + } + if (property.NameEquals("conditionType")) + { + conditionType = new ConditionType(property.Value.GetString()); + continue; + } + } + return new PropertyArrayConditionProperties(conditionType, conditionProperties.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.cs new file mode 100644 index 0000000000000..612c029e63e7d --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/PropertyArrayConditionProperties.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Describes an automation rule condition that evaluates an array property's value. + public partial class PropertyArrayConditionProperties : AutomationRuleCondition + { + /// Initializes a new instance of PropertyArrayConditionProperties. + public PropertyArrayConditionProperties() + { + ConditionType = ConditionType.PropertyArray; + } + + /// Initializes a new instance of PropertyArrayConditionProperties. + /// + /// + internal PropertyArrayConditionProperties(ConditionType conditionType, AutomationRulePropertyArrayValuesCondition conditionProperties) : base(conditionType) + { + ConditionProperties = conditionProperties; + ConditionType = conditionType; + } + + /// Gets or sets the condition properties. + public AutomationRulePropertyArrayValuesCondition ConditionProperties { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.Serialization.cs new file mode 100644 index 0000000000000..d089899467fa1 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.Serialization.cs @@ -0,0 +1,179 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class Recommendation + { + internal static Recommendation DeserializeRecommendation(JsonElement element) + { + Guid id = default; + Instructions instructions = default; + Optional content = default; + Optional resourceId = default; + Optional> additionalProperties = default; + string title = default; + string description = default; + string recommendationTypeTitle = default; + string recommendationTypeId = default; + Category category = default; + Context context = default; + Guid workspaceId = default; + IReadOnlyList actions = default; + State state = default; + Priority priority = default; + DateTimeOffset lastEvaluatedTimeUtc = default; + Optional hideUntilTimeUtc = default; + Optional displayUntilTimeUtc = default; + Optional visible = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("id")) + { + id = property.Value.GetGuid(); + continue; + } + if (property.NameEquals("instructions")) + { + instructions = Instructions.DeserializeInstructions(property.Value); + continue; + } + if (property.NameEquals("content")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + content = null; + continue; + } + content = Content.DeserializeContent(property.Value); + continue; + } + if (property.NameEquals("resourceId")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + resourceId = null; + continue; + } + resourceId = property.Value.GetString(); + continue; + } + if (property.NameEquals("additionalProperties")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + additionalProperties = null; + continue; + } + Dictionary dictionary = new Dictionary(); + foreach (var property0 in property.Value.EnumerateObject()) + { + dictionary.Add(property0.Name, property0.Value.GetString()); + } + additionalProperties = dictionary; + continue; + } + if (property.NameEquals("title")) + { + title = property.Value.GetString(); + continue; + } + if (property.NameEquals("description")) + { + description = property.Value.GetString(); + continue; + } + if (property.NameEquals("recommendationTypeTitle")) + { + recommendationTypeTitle = property.Value.GetString(); + continue; + } + if (property.NameEquals("recommendationTypeId")) + { + recommendationTypeId = property.Value.GetString(); + continue; + } + if (property.NameEquals("category")) + { + category = new Category(property.Value.GetString()); + continue; + } + if (property.NameEquals("context")) + { + context = new Context(property.Value.GetString()); + continue; + } + if (property.NameEquals("workspaceId")) + { + workspaceId = property.Value.GetGuid(); + continue; + } + if (property.NameEquals("actions")) + { + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(RecommendedAction.DeserializeRecommendedAction(item)); + } + actions = array; + continue; + } + if (property.NameEquals("state")) + { + state = new State(property.Value.GetString()); + continue; + } + if (property.NameEquals("priority")) + { + priority = new Priority(property.Value.GetString()); + continue; + } + if (property.NameEquals("lastEvaluatedTimeUtc")) + { + lastEvaluatedTimeUtc = property.Value.GetDateTimeOffset("O"); + continue; + } + if (property.NameEquals("hideUntilTimeUtc")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + hideUntilTimeUtc = null; + continue; + } + hideUntilTimeUtc = property.Value.GetDateTimeOffset("O"); + continue; + } + if (property.NameEquals("displayUntilTimeUtc")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + displayUntilTimeUtc = null; + continue; + } + displayUntilTimeUtc = property.Value.GetDateTimeOffset("O"); + continue; + } + if (property.NameEquals("visible")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + visible = property.Value.GetBoolean(); + continue; + } + } + return new Recommendation(id, instructions, content.Value, resourceId.Value, Optional.ToDictionary(additionalProperties), title, description, recommendationTypeTitle, recommendationTypeId, category, context, workspaceId, actions, state, priority, lastEvaluatedTimeUtc, Optional.ToNullable(hideUntilTimeUtc), Optional.ToNullable(displayUntilTimeUtc), Optional.ToNullable(visible)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.cs new file mode 100644 index 0000000000000..ca8a389d0da23 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/Recommendation.cs @@ -0,0 +1,140 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Collections.Generic; +using System.Linq; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Recommendation object. + public partial class Recommendation + { + /// Initializes a new instance of Recommendation. + /// id of recommendation. + /// Instructions of the recommendation. + /// Title of the recommendation. + /// Description of the recommendation. + /// Title of the recommendation type. + /// Id of the recommendation type. + /// Category of the recommendation. + /// Context of the recommendation. + /// Id of the workspace this recommendation refers to. + /// List of actions to take for this recommendation. + /// State of the recommendation. + /// Priority of the recommendation. + /// The time stamp (UTC) when the recommendation was last evaluated. + /// , , , , or is null. + internal Recommendation(Guid id, Instructions instructions, string title, string description, string recommendationTypeTitle, string recommendationTypeId, Category category, Context context, Guid workspaceId, IEnumerable actions, State state, Priority priority, DateTimeOffset lastEvaluatedTimeUtc) + { + Argument.AssertNotNull(instructions, nameof(instructions)); + Argument.AssertNotNull(title, nameof(title)); + Argument.AssertNotNull(description, nameof(description)); + Argument.AssertNotNull(recommendationTypeTitle, nameof(recommendationTypeTitle)); + Argument.AssertNotNull(recommendationTypeId, nameof(recommendationTypeId)); + Argument.AssertNotNull(actions, nameof(actions)); + + Id = id; + Instructions = instructions; + AdditionalProperties = new ChangeTrackingDictionary(); + Title = title; + Description = description; + RecommendationTypeTitle = recommendationTypeTitle; + RecommendationTypeId = recommendationTypeId; + Category = category; + Context = context; + WorkspaceId = workspaceId; + Actions = actions.ToList(); + State = state; + Priority = priority; + LastEvaluatedTimeUtc = lastEvaluatedTimeUtc; + } + + /// Initializes a new instance of Recommendation. + /// id of recommendation. + /// Instructions of the recommendation. + /// Content of the recommendation. + /// Id of the resource this recommendation refers to. + /// Collection of additional properties for the recommendation. + /// Title of the recommendation. + /// Description of the recommendation. + /// Title of the recommendation type. + /// Id of the recommendation type. + /// Category of the recommendation. + /// Context of the recommendation. + /// Id of the workspace this recommendation refers to. + /// List of actions to take for this recommendation. + /// State of the recommendation. + /// Priority of the recommendation. + /// The time stamp (UTC) when the recommendation was last evaluated. + /// The time stamp (UTC) when the recommendation should be displayed again. + /// The timestamp (UTC) after which the recommendation should not be displayed anymore. + /// Value indicating if the recommendation should be displayed or not. + internal Recommendation(Guid id, Instructions instructions, Content content, string resourceId, IReadOnlyDictionary additionalProperties, string title, string description, string recommendationTypeTitle, string recommendationTypeId, Category category, Context context, Guid workspaceId, IReadOnlyList actions, State state, Priority priority, DateTimeOffset lastEvaluatedTimeUtc, DateTimeOffset? hideUntilTimeUtc, DateTimeOffset? displayUntilTimeUtc, bool? visible) + { + Id = id; + Instructions = instructions; + Content = content; + ResourceId = resourceId; + AdditionalProperties = additionalProperties; + Title = title; + Description = description; + RecommendationTypeTitle = recommendationTypeTitle; + RecommendationTypeId = recommendationTypeId; + Category = category; + Context = context; + WorkspaceId = workspaceId; + Actions = actions; + State = state; + Priority = priority; + LastEvaluatedTimeUtc = lastEvaluatedTimeUtc; + HideUntilTimeUtc = hideUntilTimeUtc; + DisplayUntilTimeUtc = displayUntilTimeUtc; + Visible = visible; + } + + /// id of recommendation. + public Guid Id { get; } + /// Instructions of the recommendation. + public Instructions Instructions { get; } + /// Content of the recommendation. + public Content Content { get; } + /// Id of the resource this recommendation refers to. + public string ResourceId { get; } + /// Collection of additional properties for the recommendation. + public IReadOnlyDictionary AdditionalProperties { get; } + /// Title of the recommendation. + public string Title { get; } + /// Description of the recommendation. + public string Description { get; } + /// Title of the recommendation type. + public string RecommendationTypeTitle { get; } + /// Id of the recommendation type. + public string RecommendationTypeId { get; } + /// Category of the recommendation. + public Category Category { get; } + /// Context of the recommendation. + public Context Context { get; } + /// Id of the workspace this recommendation refers to. + public Guid WorkspaceId { get; } + /// List of actions to take for this recommendation. + public IReadOnlyList Actions { get; } + /// State of the recommendation. + public State State { get; } + /// Priority of the recommendation. + public Priority Priority { get; } + /// The time stamp (UTC) when the recommendation was last evaluated. + public DateTimeOffset LastEvaluatedTimeUtc { get; } + /// The time stamp (UTC) when the recommendation should be displayed again. + public DateTimeOffset? HideUntilTimeUtc { get; } + /// The timestamp (UTC) after which the recommendation should not be displayed anymore. + public DateTimeOffset? DisplayUntilTimeUtc { get; } + /// Value indicating if the recommendation should be displayed or not. + public bool? Visible { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.Serialization.cs new file mode 100644 index 0000000000000..7cab8c678d917 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.Serialization.cs @@ -0,0 +1,40 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + internal partial class RecommendationList + { + internal static RecommendationList DeserializeRecommendationList(JsonElement element) + { + Optional> value = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("value")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(Recommendation.DeserializeRecommendation(item)); + } + value = array; + continue; + } + } + return new RecommendationList(Optional.ToList(value)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.cs new file mode 100644 index 0000000000000..56cd3a1b09454 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationList.cs @@ -0,0 +1,32 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Collections.Generic; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// A list of recommendations. + internal partial class RecommendationList + { + /// Initializes a new instance of RecommendationList. + internal RecommendationList() + { + Value = new ChangeTrackingList(); + } + + /// Initializes a new instance of RecommendationList. + /// An list of recommendations. + internal RecommendationList(IReadOnlyList value) + { + Value = value; + } + + /// An list of recommendations. + public IReadOnlyList Value { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.Serialization.cs new file mode 100644 index 0000000000000..54adb25a87a5a --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.Serialization.cs @@ -0,0 +1,31 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class RecommendationPatch : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(State)) + { + writer.WritePropertyName("state"); + writer.WriteStringValue(State.Value.ToString()); + } + if (Optional.IsDefined(HideUntilTimeUtc)) + { + writer.WritePropertyName("hideUntilTimeUtc"); + writer.WriteStringValue(HideUntilTimeUtc.Value, "O"); + } + writer.WriteEndObject(); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.cs new file mode 100644 index 0000000000000..d5f82f0c5e341 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendationPatch.cs @@ -0,0 +1,25 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// Recommendation Fields to update. + public partial class RecommendationPatch + { + /// Initializes a new instance of RecommendationPatch. + public RecommendationPatch() + { + } + + /// State of the recommendation. + public State? State { get; set; } + /// The time stamp (UTC) when the recommendation should be displayed again. + public DateTimeOffset? HideUntilTimeUtc { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.Serialization.cs new file mode 100644 index 0000000000000..9a7364e782fbe --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.Serialization.cs @@ -0,0 +1,47 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class RecommendedAction + { + internal static RecommendedAction DeserializeRecommendedAction(JsonElement element) + { + string linkText = default; + Uri linkUrl = default; + Optional state = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("linkText")) + { + linkText = property.Value.GetString(); + continue; + } + if (property.NameEquals("linkUrl")) + { + linkUrl = new Uri(property.Value.GetString()); + continue; + } + if (property.NameEquals("state")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + state = new Priority(property.Value.GetString()); + continue; + } + } + return new RecommendedAction(linkText, linkUrl, Optional.ToNullable(state)); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.cs new file mode 100644 index 0000000000000..c28096d093aee --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/RecommendedAction.cs @@ -0,0 +1,47 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// What actions should be taken to complete the recommendation. + public partial class RecommendedAction + { + /// Initializes a new instance of RecommendedAction. + /// Text of the link to complete the action. + /// The Link to complete the action. + /// or is null. + internal RecommendedAction(string linkText, Uri linkUri) + { + Argument.AssertNotNull(linkText, nameof(linkText)); + Argument.AssertNotNull(linkUri, nameof(linkUri)); + + LinkText = linkText; + LinkUri = linkUri; + } + + /// Initializes a new instance of RecommendedAction. + /// Text of the link to complete the action. + /// The Link to complete the action. + /// The state of the action. + internal RecommendedAction(string linkText, Uri linkUri, Priority? state) + { + LinkText = linkText; + LinkUri = linkUri; + State = state; + } + + /// Text of the link to complete the action. + public string LinkText { get; } + /// The Link to complete the action. + public Uri LinkUri { get; } + /// The state of the action. + public Priority? State { get; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs index 9082d9c998ba4..306e6e301fc24 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.Serialization.cs @@ -89,6 +89,16 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } if (Optional.IsDefined(AlertRuleTemplateName)) { writer.WritePropertyName("alertRuleTemplateName"); @@ -171,6 +181,7 @@ internal static ScheduledAlertRule DeserializeScheduledAlertRule(JsonElement ele Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional> sentinelEntitiesMappings = default; Optional alertRuleTemplateName = default; Optional templateVersion = default; Optional description = default; @@ -338,6 +349,21 @@ internal static ScheduledAlertRule DeserializeScheduledAlertRule(JsonElement ele alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } if (property0.NameEquals("alertRuleTemplateName")) { alertRuleTemplateName = property0.Value.GetString(); @@ -442,7 +468,7 @@ internal static ScheduledAlertRule DeserializeScheduledAlertRule(JsonElement ele continue; } } - return new ScheduledAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, alertRuleTemplateName.Value, templateVersion.Value, description.Value, displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToList(tactics), Optional.ToList(techniques), incidentConfiguration.Value); + return new ScheduledAlertRule(id, name, type, systemData.Value, kind, Optional.ToNullable(etag), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, Optional.ToList(sentinelEntitiesMappings), alertRuleTemplateName.Value, templateVersion.Value, description.Value, displayName.Value, Optional.ToNullable(enabled), Optional.ToNullable(lastModifiedUtc), Optional.ToNullable(suppressionDuration), Optional.ToNullable(suppressionEnabled), Optional.ToList(tactics), Optional.ToList(techniques), incidentConfiguration.Value); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs index 7c44306917b49..8b46f1a96b477 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRule.cs @@ -22,6 +22,7 @@ public ScheduledAlertRule() { CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Tactics = new ChangeTrackingList(); Techniques = new ChangeTrackingList(); Kind = AlertRuleKind.Scheduled; @@ -44,6 +45,7 @@ public ScheduledAlertRule() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. + /// Array of the sentinel entity mappings of the alert rule. /// The Name of the alert rule template used to create this rule. /// The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>. /// The description of the alert rule. @@ -55,7 +57,7 @@ public ScheduledAlertRule() /// The tactics of the alert rule. /// The techniques of the alert rule. /// The settings of the incidents that created from alerts triggered by this analytics rule. - internal ScheduledAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, string alertRuleTemplateName, string templateVersion, string description, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, IList tactics, IList techniques, IncidentConfiguration incidentConfiguration) : base(id, name, resourceType, systemData, kind, etag) + internal ScheduledAlertRule(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, ETag? etag, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, IList sentinelEntitiesMappings, string alertRuleTemplateName, string templateVersion, string description, string displayName, bool? enabled, DateTimeOffset? lastModifiedUtc, TimeSpan? suppressionDuration, bool? suppressionEnabled, IList tactics, IList techniques, IncidentConfiguration incidentConfiguration) : base(id, name, resourceType, systemData, kind, etag) { Query = query; QueryFrequency = queryFrequency; @@ -67,6 +69,7 @@ internal ScheduledAlertRule(ResourceIdentifier id, string name, ResourceType res CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + SentinelEntitiesMappings = sentinelEntitiesMappings; AlertRuleTemplateName = alertRuleTemplateName; TemplateVersion = templateVersion; Description = description; @@ -113,6 +116,8 @@ public EventGroupingAggregationKind? EventGroupingAggregationKind public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } /// The Name of the alert rule template used to create this rule. public string AlertRuleTemplateName { get; set; } /// The version of the alert rule template used to create this rule - in format <a.b.c>, where all are numbers, for example 0 <1.0.2>. diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs index d26e4ed871c9f..07f4756979da5 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.Serialization.cs @@ -138,6 +138,16 @@ void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) writer.WritePropertyName("alertDetailsOverride"); writer.WriteObjectValue(AlertDetailsOverride); } + if (Optional.IsCollectionDefined(SentinelEntitiesMappings)) + { + writer.WritePropertyName("sentinelEntitiesMappings"); + writer.WriteStartArray(); + foreach (var item in SentinelEntitiesMappings) + { + writer.WriteObjectValue(item); + } + writer.WriteEndArray(); + } writer.WriteEndObject(); writer.WriteEndObject(); } @@ -169,6 +179,7 @@ internal static ScheduledAlertRuleTemplate DeserializeScheduledAlertRuleTemplate Optional> customDetails = default; Optional> entityMappings = default; Optional alertDetailsOverride = default; + Optional> sentinelEntitiesMappings = default; foreach (var property in element.EnumerateObject()) { if (property.NameEquals("kind")) @@ -415,11 +426,26 @@ internal static ScheduledAlertRuleTemplate DeserializeScheduledAlertRuleTemplate alertDetailsOverride = AlertDetailsOverride.DeserializeAlertDetailsOverride(property0.Value); continue; } + if (property0.NameEquals("sentinelEntitiesMappings")) + { + if (property0.Value.ValueKind == JsonValueKind.Null) + { + property0.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property0.Value.EnumerateArray()) + { + array.Add(SentinelEntityMapping.DeserializeSentinelEntityMapping(item)); + } + sentinelEntitiesMappings = array; + continue; + } } continue; } } - return new ScheduledAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(createdDateUTC), Optional.ToNullable(lastUpdatedDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), Optional.ToList(tactics), Optional.ToList(techniques), version.Value, eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value); + return new ScheduledAlertRuleTemplate(id, name, type, systemData.Value, kind, Optional.ToNullable(alertRulesCreatedByTemplateCount), Optional.ToNullable(createdDateUTC), Optional.ToNullable(lastUpdatedDateUTC), description.Value, displayName.Value, Optional.ToList(requiredDataConnectors), Optional.ToNullable(status), query.Value, Optional.ToNullable(queryFrequency), Optional.ToNullable(queryPeriod), Optional.ToNullable(severity), Optional.ToNullable(triggerOperator), Optional.ToNullable(triggerThreshold), Optional.ToList(tactics), Optional.ToList(techniques), version.Value, eventGroupingSettings.Value, Optional.ToDictionary(customDetails), Optional.ToList(entityMappings), alertDetailsOverride.Value, Optional.ToList(sentinelEntitiesMappings)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs index 0c4776e44d4ec..06afef43f2a42 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/ScheduledAlertRuleTemplate.cs @@ -24,6 +24,7 @@ public ScheduledAlertRuleTemplate() Techniques = new ChangeTrackingList(); CustomDetails = new ChangeTrackingDictionary(); EntityMappings = new ChangeTrackingList(); + SentinelEntitiesMappings = new ChangeTrackingList(); Kind = AlertRuleKind.Scheduled; } @@ -53,7 +54,8 @@ public ScheduledAlertRuleTemplate() /// Dictionary of string key-value pairs of columns to be attached to the alert. /// Array of the entity mappings of the alert rule. /// The alert details override settings. - internal ScheduledAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? createdDateUTC, DateTimeOffset? lastUpdatedDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, IList tactics, IList techniques, string version, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride) : base(id, name, resourceType, systemData, kind) + /// Array of the sentinel entity mappings of the alert rule. + internal ScheduledAlertRuleTemplate(ResourceIdentifier id, string name, ResourceType resourceType, SystemData systemData, AlertRuleKind kind, int? alertRulesCreatedByTemplateCount, DateTimeOffset? createdDateUTC, DateTimeOffset? lastUpdatedDateUTC, string description, string displayName, IList requiredDataConnectors, TemplateStatus? status, string query, TimeSpan? queryFrequency, TimeSpan? queryPeriod, AlertSeverity? severity, TriggerOperator? triggerOperator, int? triggerThreshold, IList tactics, IList techniques, string version, EventGroupingSettings eventGroupingSettings, IDictionary customDetails, IList entityMappings, AlertDetailsOverride alertDetailsOverride, IList sentinelEntitiesMappings) : base(id, name, resourceType, systemData, kind) { AlertRulesCreatedByTemplateCount = alertRulesCreatedByTemplateCount; CreatedDateUTC = createdDateUTC; @@ -75,6 +77,7 @@ internal ScheduledAlertRuleTemplate(ResourceIdentifier id, string name, Resource CustomDetails = customDetails; EntityMappings = entityMappings; AlertDetailsOverride = alertDetailsOverride; + SentinelEntitiesMappings = sentinelEntitiesMappings; Kind = kind; } @@ -130,5 +133,7 @@ public EventGroupingAggregationKind? EventGroupingAggregationKind public IList EntityMappings { get; } /// The alert details override settings. public AlertDetailsOverride AlertDetailsOverride { get; set; } + /// Array of the sentinel entity mappings of the alert rule. + public IList SentinelEntitiesMappings { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs index 1e8a583416163..b70e8b7c94ecd 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.Serialization.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using System.Text.Json; using Azure.Core; @@ -24,6 +25,8 @@ internal static SecurityAlertTimelineItem DeserializeSecurityAlertTimelineItem(J DateTimeOffset startTimeUtc = default; DateTimeOffset timeGenerated = default; string alertType = default; + Optional intent = default; + Optional> techniques = default; EntityTimelineKind kind = default; foreach (var property in element.EnumerateObject()) { @@ -72,13 +75,38 @@ internal static SecurityAlertTimelineItem DeserializeSecurityAlertTimelineItem(J alertType = property.Value.GetString(); continue; } + if (property.NameEquals("intent")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + intent = new KillChainIntent(property.Value.GetString()); + continue; + } + if (property.NameEquals("techniques")) + { + if (property.Value.ValueKind == JsonValueKind.Null) + { + property.ThrowNonNullablePropertyIsNull(); + continue; + } + List array = new List(); + foreach (var item in property.Value.EnumerateArray()) + { + array.Add(item.GetString()); + } + techniques = array; + continue; + } if (property.NameEquals("kind")) { kind = new EntityTimelineKind(property.Value.GetString()); continue; } } - return new SecurityAlertTimelineItem(kind, azureResourceId, productName.Value, description.Value, displayName, severity, endTimeUtc, startTimeUtc, timeGenerated, alertType); + return new SecurityAlertTimelineItem(kind, azureResourceId, productName.Value, description.Value, displayName, severity, endTimeUtc, startTimeUtc, timeGenerated, alertType, Optional.ToNullable(intent), Optional.ToList(techniques)); } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs index c4060b2ce5901..15ef70047ad01 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SecurityAlertTimelineItem.cs @@ -6,6 +6,7 @@ #nullable disable using System; +using System.Collections.Generic; using Azure.Core; namespace Azure.ResourceManager.SecurityInsights.Models @@ -35,6 +36,7 @@ internal SecurityAlertTimelineItem(string azureResourceId, string displayName, A StartTimeUtc = startTimeUtc; TimeGenerated = timeGenerated; AlertType = alertType; + Techniques = new ChangeTrackingList(); Kind = EntityTimelineKind.SecurityAlert; } @@ -49,7 +51,9 @@ internal SecurityAlertTimelineItem(string azureResourceId, string displayName, A /// The alert start time. /// The alert generated time. /// The name of the alert type. - internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResourceId, string productName, string description, string displayName, AlertSeverity severity, DateTimeOffset endTimeUtc, DateTimeOffset startTimeUtc, DateTimeOffset timeGenerated, string alertType) : base(kind) + /// The intent of the alert. + /// The techniques of the alert. + internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResourceId, string productName, string description, string displayName, AlertSeverity severity, DateTimeOffset endTimeUtc, DateTimeOffset startTimeUtc, DateTimeOffset timeGenerated, string alertType, KillChainIntent? intent, IReadOnlyList techniques) : base(kind) { AzureResourceId = azureResourceId; ProductName = productName; @@ -60,6 +64,8 @@ internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResource StartTimeUtc = startTimeUtc; TimeGenerated = timeGenerated; AlertType = alertType; + Intent = intent; + Techniques = techniques; Kind = kind; } @@ -81,5 +87,9 @@ internal SecurityAlertTimelineItem(EntityTimelineKind kind, string azureResource public DateTimeOffset TimeGenerated { get; } /// The name of the alert type. public string AlertType { get; } + /// The intent of the alert. + public KillChainIntent? Intent { get; } + /// The techniques of the alert. + public IReadOnlyList Techniques { get; } } } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.Serialization.cs new file mode 100644 index 0000000000000..a63011a8366dc --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.Serialization.cs @@ -0,0 +1,40 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System.Text.Json; +using Azure.Core; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + public partial class SentinelEntityMapping : IUtf8JsonSerializable + { + void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) + { + writer.WriteStartObject(); + if (Optional.IsDefined(ColumnName)) + { + writer.WritePropertyName("columnName"); + writer.WriteStringValue(ColumnName); + } + writer.WriteEndObject(); + } + + internal static SentinelEntityMapping DeserializeSentinelEntityMapping(JsonElement element) + { + Optional columnName = default; + foreach (var property in element.EnumerateObject()) + { + if (property.NameEquals("columnName")) + { + columnName = property.Value.GetString(); + continue; + } + } + return new SentinelEntityMapping(columnName.Value); + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.cs new file mode 100644 index 0000000000000..40fd2f03084c3 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/SentinelEntityMapping.cs @@ -0,0 +1,28 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// A single sentinel entity mapping. + public partial class SentinelEntityMapping + { + /// Initializes a new instance of SentinelEntityMapping. + public SentinelEntityMapping() + { + } + + /// Initializes a new instance of SentinelEntityMapping. + /// the column name to be mapped to the SentinelEntities. + internal SentinelEntityMapping(string columnName) + { + ColumnName = columnName; + } + + /// the column name to be mapped to the SentinelEntities. + public string ColumnName { get; set; } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/State.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/State.cs new file mode 100644 index 0000000000000..9dd246a3386e9 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/State.cs @@ -0,0 +1,60 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.ComponentModel; + +namespace Azure.ResourceManager.SecurityInsights.Models +{ + /// State of recommendation. + public readonly partial struct State : IEquatable + { + private readonly string _value; + + /// Initializes a new instance of . + /// is null. + public State(string value) + { + _value = value ?? throw new ArgumentNullException(nameof(value)); + } + + private const string ActiveValue = "Active"; + private const string DisabledValue = "Disabled"; + private const string CompletedByUserValue = "CompletedByUser"; + private const string CompletedByActionValue = "CompletedByAction"; + private const string HiddenValue = "Hidden"; + + /// Recommendation is active. + public static State Active { get; } = new State(ActiveValue); + /// Recommendation is disabled. + public static State Disabled { get; } = new State(DisabledValue); + /// Recommendation has been completed by user. + public static State CompletedByUser { get; } = new State(CompletedByUserValue); + /// Recommendation has been completed by action. + public static State CompletedByAction { get; } = new State(CompletedByActionValue); + /// Recommendation is hidden. + public static State Hidden { get; } = new State(HiddenValue); + /// Determines if two values are the same. + public static bool operator ==(State left, State right) => left.Equals(right); + /// Determines if two values are not the same. + public static bool operator !=(State left, State right) => !left.Equals(right); + /// Converts a string to a . + public static implicit operator State(string value) => new State(value); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override bool Equals(object obj) => obj is State other && Equals(other); + /// + public bool Equals(State other) => string.Equals(_value, other._value, StringComparison.InvariantCultureIgnoreCase); + + /// + [EditorBrowsable(EditorBrowsableState.Never)] + public override int GetHashCode() => _value?.GetHashCode() ?? 0; + /// + public override string ToString() => _value; + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/TeamProperties.Serialization.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/TeamProperties.Serialization.cs deleted file mode 100644 index 3528494f6c9d1..0000000000000 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/TeamProperties.Serialization.cs +++ /dev/null @@ -1,48 +0,0 @@ -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. - -// - -#nullable disable - -using System.Text.Json; -using Azure.Core; - -namespace Azure.ResourceManager.SecurityInsights.Models -{ - public partial class TeamProperties : IUtf8JsonSerializable - { - void IUtf8JsonSerializable.Write(Utf8JsonWriter writer) - { - writer.WriteStartObject(); - writer.WritePropertyName("teamName"); - writer.WriteStringValue(TeamName); - if (Optional.IsDefined(TeamDescription)) - { - writer.WritePropertyName("teamDescription"); - writer.WriteStringValue(TeamDescription); - } - if (Optional.IsCollectionDefined(MemberIds)) - { - writer.WritePropertyName("memberIds"); - writer.WriteStartArray(); - foreach (var item in MemberIds) - { - writer.WriteStringValue(item); - } - writer.WriteEndArray(); - } - if (Optional.IsCollectionDefined(GroupIds)) - { - writer.WritePropertyName("groupIds"); - writer.WriteStartArray(); - foreach (var item in GroupIds) - { - writer.WriteStringValue(item); - } - writer.WriteEndArray(); - } - writer.WriteEndObject(); - } - } -} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/TeamProperties.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/TeamProperties.cs deleted file mode 100644 index 92b4f93392ecf..0000000000000 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/Models/TeamProperties.cs +++ /dev/null @@ -1,38 +0,0 @@ -// Copyright (c) Microsoft Corporation. All rights reserved. -// Licensed under the MIT License. - -// - -#nullable disable - -using System; -using System.Collections.Generic; -using Azure.Core; - -namespace Azure.ResourceManager.SecurityInsights.Models -{ - /// Describes team properties. - public partial class TeamProperties - { - /// Initializes a new instance of TeamProperties. - /// The name of the team. - /// is null. - public TeamProperties(string teamName) - { - Argument.AssertNotNull(teamName, nameof(teamName)); - - TeamName = teamName; - MemberIds = new ChangeTrackingList(); - GroupIds = new ChangeTrackingList(); - } - - /// The name of the team. - public string TeamName { get; } - /// The description of the team. - public string TeamDescription { get; set; } - /// List of member IDs to add to the team. - public IList MemberIds { get; } - /// List of group IDs to add their members to the team. - public IList GroupIds { get; } - } -} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs index d98d8c25e1254..50d410d5a48d0 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ActionsRestOperations.cs @@ -33,7 +33,7 @@ public ActionsRestOperations(HttpPipeline pipeline, string applicationId, Uri en { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs index 057689ec8fa91..994c0c8afb781 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRuleTemplatesRestOperations.cs @@ -33,7 +33,7 @@ public AlertRuleTemplatesRestOperations(HttpPipeline pipeline, string applicatio { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs index 49c7babcb41ea..1ba1a60df1d14 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AlertRulesRestOperations.cs @@ -33,7 +33,7 @@ public AlertRulesRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs index 2bae664c83a23..b063e6c9428b6 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/AutomationRulesRestOperations.cs @@ -33,7 +33,7 @@ public AutomationRulesRestOperations(HttpPipeline pipeline, string applicationId { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs index 0e5c65b7a4884..360e8a2eead72 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarkRelationsRestOperations.cs @@ -33,7 +33,7 @@ public BookmarkRelationsRestOperations(HttpPipeline pipeline, string application { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs index 362eb47037eea..fea768d6431ca 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/BookmarksRestOperations.cs @@ -33,7 +33,7 @@ public BookmarksRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs index 7e59c8ac70b9d..09c37352acc8c 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsCheckRequirementsRestOperations.cs @@ -33,7 +33,7 @@ public DataConnectorsCheckRequirementsRestOperations(HttpPipeline pipeline, stri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs index 3906f9aeea0ab..bfef24bcaf37b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DataConnectorsRestOperations.cs @@ -33,7 +33,7 @@ public DataConnectorsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs index efb1a21f975b2..c9924d0805d68 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/DomainWhoisRestOperations.cs @@ -33,7 +33,7 @@ public DomainWhoisRestOperations(HttpPipeline pipeline, string applicationId, Ur { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs index c134233ec275f..1865cc67f5dae 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesGetTimelineRestOperations.cs @@ -33,7 +33,7 @@ public EntitiesGetTimelineRestOperations(HttpPipeline pipeline, string applicati { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs index dccdcc5646b64..17b1e72eed450 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRelationsRestOperations.cs @@ -33,7 +33,7 @@ public EntitiesRelationsRestOperations(HttpPipeline pipeline, string application { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs index 887ed9f5441bb..5a70cce9fa3ec 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntitiesRestOperations.cs @@ -33,7 +33,7 @@ public EntitiesRestOperations(HttpPipeline pipeline, string applicationId, Uri e { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs index ec69b7786b4bb..7fd0348b1b463 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueriesRestOperations.cs @@ -33,7 +33,7 @@ public EntityQueriesRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs index 66ea776633dd1..8e0d77c2495e8 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityQueryTemplatesRestOperations.cs @@ -33,7 +33,7 @@ public EntityQueryTemplatesRestOperations(HttpPipeline pipeline, string applicat { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs index 5fa4e073de66e..296107d98efe8 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/EntityRelationsRestOperations.cs @@ -32,7 +32,7 @@ public EntityRelationsRestOperations(HttpPipeline pipeline, string applicationId { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs index e8f091bbf9837..879a2d13b040c 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/FileImportsRestOperations.cs @@ -33,7 +33,7 @@ public FileImportsRestOperations(HttpPipeline pipeline, string applicationId, Ur { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRecommendationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRecommendationsRestOperations.cs new file mode 100644 index 0000000000000..4ac1393eb92c4 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRecommendationsRestOperations.cs @@ -0,0 +1,119 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Text.Json; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.Core.Pipeline; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + internal partial class GetRecommendationsRestOperations + { + private readonly TelemetryDetails _userAgent; + private readonly HttpPipeline _pipeline; + private readonly Uri _endpoint; + private readonly string _apiVersion; + + /// Initializes a new instance of GetRecommendationsRestOperations. + /// The HTTP pipeline for sending and receiving REST requests and responses. + /// The application id to use for user agent. + /// server parameter. + /// Api Version. + /// or is null. + public GetRecommendationsRestOperations(HttpPipeline pipeline, string applicationId, Uri endpoint = null, string apiVersion = default) + { + _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); + _endpoint = endpoint ?? new Uri("https://management.azure.com"); + _apiVersion = apiVersion ?? "2022-12-01-preview"; + _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); + } + + internal HttpMessage CreateListRequest(string subscriptionId, string resourceGroupName, string workspaceName) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Get; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/recommendations", false); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + _userAgent.Apply(message); + return message; + } + + /// Gets a list of all recommendations. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// The cancellation token to use. + /// , or is null. + /// , or is an empty string, and was expected to be non-empty. + public async Task> ListAsync(string subscriptionId, string resourceGroupName, string workspaceName, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + using var message = CreateListRequest(subscriptionId, resourceGroupName, workspaceName); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 200: + { + RecommendationList value = default; + using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); + value = RecommendationList.DeserializeRecommendationList(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + + /// Gets a list of all recommendations. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// The cancellation token to use. + /// , or is null. + /// , or is an empty string, and was expected to be non-empty. + public Response List(string subscriptionId, string resourceGroupName, string workspaceName, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + using var message = CreateListRequest(subscriptionId, resourceGroupName, workspaceName); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 200: + { + RecommendationList value = default; + using var document = JsonDocument.Parse(message.Response.ContentStream); + value = RecommendationList.DeserializeRecommendationList(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRestOperations.cs new file mode 100644 index 0000000000000..72a662bcd2160 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/GetRestOperations.cs @@ -0,0 +1,122 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Text.Json; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.Core.Pipeline; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + internal partial class GetRestOperations + { + private readonly TelemetryDetails _userAgent; + private readonly HttpPipeline _pipeline; + private readonly Uri _endpoint; + private readonly string _apiVersion; + + /// Initializes a new instance of GetRestOperations. + /// The HTTP pipeline for sending and receiving REST requests and responses. + /// The application id to use for user agent. + /// server parameter. + /// Api Version. + /// or is null. + public GetRestOperations(HttpPipeline pipeline, string applicationId, Uri endpoint = null, string apiVersion = default) + { + _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); + _endpoint = endpoint ?? new Uri("https://management.azure.com"); + _apiVersion = apiVersion ?? "2022-12-01-preview"; + _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); + } + + internal HttpMessage CreateSingleRecommendationRequest(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Get; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/recommendations/", false); + uri.AppendPath(recommendationId, true); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + _userAgent.Apply(message); + return message; + } + + /// Gets a recommendation by its id. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + /// , or is null. + /// , or is an empty string, and was expected to be non-empty. + public async Task> SingleRecommendationAsync(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + using var message = CreateSingleRecommendationRequest(subscriptionId, resourceGroupName, workspaceName, recommendationId); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 200: + { + Recommendation value = default; + using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); + value = Recommendation.DeserializeRecommendation(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + + /// Gets a recommendation by its id. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Recommendation Id. + /// The cancellation token to use. + /// , or is null. + /// , or is an empty string, and was expected to be non-empty. + public Response SingleRecommendation(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + + using var message = CreateSingleRecommendationRequest(subscriptionId, resourceGroupName, workspaceName, recommendationId); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 200: + { + Recommendation value = default; + using var document = JsonDocument.Parse(message.Response.ContentStream); + value = Recommendation.DeserializeRecommendation(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs index 573ab7b8075c1..dcf687c1d5f86 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IPGeodataRestOperations.cs @@ -33,7 +33,7 @@ public IPGeodataRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs index d32e7c9d87e19..4a881b1e9dfae 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentCommentsRestOperations.cs @@ -33,7 +33,7 @@ public IncidentCommentsRestOperations(HttpPipeline pipeline, string applicationI { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs index 107cc625a17fe..910ad85c1e640 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentRelationsRestOperations.cs @@ -33,7 +33,7 @@ public IncidentRelationsRestOperations(HttpPipeline pipeline, string application { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentTasksRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentTasksRestOperations.cs new file mode 100644 index 0000000000000..f4bce78f34901 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentTasksRestOperations.cs @@ -0,0 +1,481 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Text.Json; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.Core.Pipeline; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + internal partial class IncidentTasksRestOperations + { + private readonly TelemetryDetails _userAgent; + private readonly HttpPipeline _pipeline; + private readonly Uri _endpoint; + private readonly string _apiVersion; + + /// Initializes a new instance of IncidentTasksRestOperations. + /// The HTTP pipeline for sending and receiving REST requests and responses. + /// The application id to use for user agent. + /// server parameter. + /// Api Version. + /// or is null. + public IncidentTasksRestOperations(HttpPipeline pipeline, string applicationId, Uri endpoint = null, string apiVersion = default) + { + _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); + _endpoint = endpoint ?? new Uri("https://management.azure.com"); + _apiVersion = apiVersion ?? "2022-12-01-preview"; + _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); + } + + internal HttpMessage CreateListRequest(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Get; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/incidents/", false); + uri.AppendPath(incidentId, true); + uri.AppendPath("/tasks", false); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + _userAgent.Apply(message); + return message; + } + + /// Gets all incident tasks. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// The cancellation token to use. + /// , , or is null. + /// , , or is an empty string, and was expected to be non-empty. + public async Task> ListAsync(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + + using var message = CreateListRequest(subscriptionId, resourceGroupName, workspaceName, incidentId); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 200: + { + IncidentTaskList value = default; + using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); + value = IncidentTaskList.DeserializeIncidentTaskList(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + + /// Gets all incident tasks. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// The cancellation token to use. + /// , , or is null. + /// , , or is an empty string, and was expected to be non-empty. + public Response List(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + + using var message = CreateListRequest(subscriptionId, resourceGroupName, workspaceName, incidentId); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 200: + { + IncidentTaskList value = default; + using var document = JsonDocument.Parse(message.Response.ContentStream); + value = IncidentTaskList.DeserializeIncidentTaskList(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + + internal HttpMessage CreateGetRequest(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Get; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/incidents/", false); + uri.AppendPath(incidentId, true); + uri.AppendPath("/tasks/", false); + uri.AppendPath(incidentTaskId, true); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + _userAgent.Apply(message); + return message; + } + + /// Gets an incident task. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// Incident task ID. + /// The cancellation token to use. + /// , , , or is null. + /// , , , or is an empty string, and was expected to be non-empty. + public async Task> GetAsync(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + + using var message = CreateGetRequest(subscriptionId, resourceGroupName, workspaceName, incidentId, incidentTaskId); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 200: + { + IncidentTaskData value = default; + using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); + value = IncidentTaskData.DeserializeIncidentTaskData(document.RootElement); + return Response.FromValue(value, message.Response); + } + case 404: + return Response.FromValue((IncidentTaskData)null, message.Response); + default: + throw new RequestFailedException(message.Response); + } + } + + /// Gets an incident task. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// Incident task ID. + /// The cancellation token to use. + /// , , , or is null. + /// , , , or is an empty string, and was expected to be non-empty. + public Response Get(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + + using var message = CreateGetRequest(subscriptionId, resourceGroupName, workspaceName, incidentId, incidentTaskId); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 200: + { + IncidentTaskData value = default; + using var document = JsonDocument.Parse(message.Response.ContentStream); + value = IncidentTaskData.DeserializeIncidentTaskData(document.RootElement); + return Response.FromValue(value, message.Response); + } + case 404: + return Response.FromValue((IncidentTaskData)null, message.Response); + default: + throw new RequestFailedException(message.Response); + } + } + + internal HttpMessage CreateCreateOrUpdateRequest(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId, IncidentTaskData data) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Put; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/incidents/", false); + uri.AppendPath(incidentId, true); + uri.AppendPath("/tasks/", false); + uri.AppendPath(incidentTaskId, true); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + request.Headers.Add("Content-Type", "application/json"); + var content = new Utf8JsonRequestContent(); + content.JsonWriter.WriteObjectValue(data); + request.Content = content; + _userAgent.Apply(message); + return message; + } + + /// Creates or updates the incident task. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// Incident task ID. + /// The incident task. + /// The cancellation token to use. + /// , , , , or is null. + /// , , , or is an empty string, and was expected to be non-empty. + public async Task> CreateOrUpdateAsync(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId, IncidentTaskData data, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + Argument.AssertNotNull(data, nameof(data)); + + using var message = CreateCreateOrUpdateRequest(subscriptionId, resourceGroupName, workspaceName, incidentId, incidentTaskId, data); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 200: + case 201: + { + IncidentTaskData value = default; + using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); + value = IncidentTaskData.DeserializeIncidentTaskData(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + + /// Creates or updates the incident task. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// Incident task ID. + /// The incident task. + /// The cancellation token to use. + /// , , , , or is null. + /// , , , or is an empty string, and was expected to be non-empty. + public Response CreateOrUpdate(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId, IncidentTaskData data, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + Argument.AssertNotNull(data, nameof(data)); + + using var message = CreateCreateOrUpdateRequest(subscriptionId, resourceGroupName, workspaceName, incidentId, incidentTaskId, data); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 200: + case 201: + { + IncidentTaskData value = default; + using var document = JsonDocument.Parse(message.Response.ContentStream); + value = IncidentTaskData.DeserializeIncidentTaskData(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + + internal HttpMessage CreateDeleteRequest(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Delete; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/incidents/", false); + uri.AppendPath(incidentId, true); + uri.AppendPath("/tasks/", false); + uri.AppendPath(incidentTaskId, true); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + _userAgent.Apply(message); + return message; + } + + /// Delete the incident task. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// Incident task ID. + /// The cancellation token to use. + /// , , , or is null. + /// , , , or is an empty string, and was expected to be non-empty. + public async Task DeleteAsync(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + + using var message = CreateDeleteRequest(subscriptionId, resourceGroupName, workspaceName, incidentId, incidentTaskId); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 200: + case 204: + return message.Response; + default: + throw new RequestFailedException(message.Response); + } + } + + /// Delete the incident task. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// Incident task ID. + /// The cancellation token to use. + /// , , , or is null. + /// , , , or is an empty string, and was expected to be non-empty. + public Response Delete(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, string incidentTaskId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + Argument.AssertNotNullOrEmpty(incidentTaskId, nameof(incidentTaskId)); + + using var message = CreateDeleteRequest(subscriptionId, resourceGroupName, workspaceName, incidentId, incidentTaskId); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 200: + case 204: + return message.Response; + default: + throw new RequestFailedException(message.Response); + } + } + + internal HttpMessage CreateListNextPageRequest(string nextLink, string subscriptionId, string resourceGroupName, string workspaceName, string incidentId) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Get; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendRawNextLink(nextLink, false); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + _userAgent.Apply(message); + return message; + } + + /// Gets all incident tasks. + /// The URL to the next page of results. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// The cancellation token to use. + /// , , , or is null. + /// , , or is an empty string, and was expected to be non-empty. + public async Task> ListNextPageAsync(string nextLink, string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNull(nextLink, nameof(nextLink)); + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + + using var message = CreateListNextPageRequest(nextLink, subscriptionId, resourceGroupName, workspaceName, incidentId); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 200: + { + IncidentTaskList value = default; + using var document = await JsonDocument.ParseAsync(message.Response.ContentStream, default, cancellationToken).ConfigureAwait(false); + value = IncidentTaskList.DeserializeIncidentTaskList(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + + /// Gets all incident tasks. + /// The URL to the next page of results. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Incident ID. + /// The cancellation token to use. + /// , , , or is null. + /// , , or is an empty string, and was expected to be non-empty. + public Response ListNextPage(string nextLink, string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, CancellationToken cancellationToken = default) + { + Argument.AssertNotNull(nextLink, nameof(nextLink)); + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNullOrEmpty(incidentId, nameof(incidentId)); + + using var message = CreateListNextPageRequest(nextLink, subscriptionId, resourceGroupName, workspaceName, incidentId); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 200: + { + IncidentTaskList value = default; + using var document = JsonDocument.Parse(message.Response.ContentStream); + value = IncidentTaskList.DeserializeIncidentTaskList(document.RootElement); + return Response.FromValue(value, message.Response); + } + default: + throw new RequestFailedException(message.Response); + } + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs index a8b5195fcb039..b0ecc92a249a7 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/IncidentsRestOperations.cs @@ -33,7 +33,7 @@ public IncidentsRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } @@ -490,7 +490,7 @@ public Response Delete(string subscriptionId, string resourceGroupName, string w } } - internal HttpMessage CreateCreateTeamRequest(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, TeamProperties teamProperties) + internal HttpMessage CreateCreateTeamRequest(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, TeamInformation teamProperties) { var message = _pipeline.CreateMessage(); var request = message.Request; @@ -526,7 +526,7 @@ internal HttpMessage CreateCreateTeamRequest(string subscriptionId, string resou /// The cancellation token to use. /// , , , or is null. /// , , or is an empty string, and was expected to be non-empty. - public async Task> CreateTeamAsync(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, TeamProperties teamProperties, CancellationToken cancellationToken = default) + public async Task> CreateTeamAsync(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, TeamInformation teamProperties, CancellationToken cancellationToken = default) { Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); @@ -559,7 +559,7 @@ public async Task> CreateTeamAsync(string subscription /// The cancellation token to use. /// , , , or is null. /// , , or is an empty string, and was expected to be non-empty. - public Response CreateTeam(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, TeamProperties teamProperties, CancellationToken cancellationToken = default) + public Response CreateTeam(string subscriptionId, string resourceGroupName, string workspaceName, string incidentId, TeamInformation teamProperties, CancellationToken cancellationToken = default) { Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs index a4c4d98537f3d..033fe963ea49e 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/MetadataRestOperations.cs @@ -33,7 +33,7 @@ public MetadataRestOperations(HttpPipeline pipeline, string applicationId, Uri e { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs index 902e11899ceb7..f57e62d5cae57 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/OfficeConsentsRestOperations.cs @@ -33,7 +33,7 @@ public OfficeConsentsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs index b8db7c6fd1778..c0760012c37af 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ProductSettingsRestOperations.cs @@ -33,7 +33,7 @@ public ProductSettingsRestOperations(HttpPipeline pipeline, string applicationId { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs index c8d5b60a3910d..504ac712a3c58 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SecurityMLAnalyticsSettingsRestOperations.cs @@ -33,7 +33,7 @@ public SecurityMLAnalyticsSettingsRestOperations(HttpPipeline pipeline, string a { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs index 523a58771d9b9..fe23a5d048057 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SentinelOnboardingStatesRestOperations.cs @@ -33,7 +33,7 @@ public SentinelOnboardingStatesRestOperations(HttpPipeline pipeline, string appl { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs index 18399fb858753..9a3a5224d205e 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlRestOperations.cs @@ -33,7 +33,7 @@ public SourceControlRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs index b06f8d2375350..88600e4dec844 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/SourceControlsRestOperations.cs @@ -33,7 +33,7 @@ public SourceControlsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs index 6a0fe5741fe72..e0612d7ed9965 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/ThreatIntelligenceIndicatorsRestOperations.cs @@ -33,7 +33,7 @@ public ThreatIntelligenceIndicatorsRestOperations(HttpPipeline pipeline, string { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/UpdateRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/UpdateRestOperations.cs new file mode 100644 index 0000000000000..a0b11cb321ae0 --- /dev/null +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/UpdateRestOperations.cs @@ -0,0 +1,125 @@ +// Copyright (c) Microsoft Corporation. All rights reserved. +// Licensed under the MIT License. + +// + +#nullable disable + +using System; +using System.Collections.Generic; +using System.Threading; +using System.Threading.Tasks; +using Azure; +using Azure.Core; +using Azure.Core.Pipeline; +using Azure.ResourceManager.SecurityInsights.Models; + +namespace Azure.ResourceManager.SecurityInsights +{ + internal partial class UpdateRestOperations + { + private readonly TelemetryDetails _userAgent; + private readonly HttpPipeline _pipeline; + private readonly Uri _endpoint; + private readonly string _apiVersion; + + /// Initializes a new instance of UpdateRestOperations. + /// The HTTP pipeline for sending and receiving REST requests and responses. + /// The application id to use for user agent. + /// server parameter. + /// Api Version. + /// or is null. + public UpdateRestOperations(HttpPipeline pipeline, string applicationId, Uri endpoint = null, string apiVersion = default) + { + _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); + _endpoint = endpoint ?? new Uri("https://management.azure.com"); + _apiVersion = apiVersion ?? "2022-12-01-preview"; + _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); + } + + internal HttpMessage CreateRecommendationRequest(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, IEnumerable patch) + { + var message = _pipeline.CreateMessage(); + var request = message.Request; + request.Method = RequestMethod.Patch; + var uri = new RawRequestUriBuilder(); + uri.Reset(_endpoint); + uri.AppendPath("/subscriptions/", false); + uri.AppendPath(subscriptionId, true); + uri.AppendPath("/resourceGroups/", false); + uri.AppendPath(resourceGroupName, true); + uri.AppendPath("/providers/Microsoft.OperationalInsights/workspaces/", false); + uri.AppendPath(workspaceName, true); + uri.AppendPath("/providers/Microsoft.SecurityInsights/recommendations/", false); + uri.AppendPath(recommendationId, true); + uri.AppendQuery("api-version", _apiVersion, true); + request.Uri = uri; + request.Headers.Add("Accept", "application/json"); + request.Headers.Add("Content-Type", "application/json"); + var content = new Utf8JsonRequestContent(); + content.JsonWriter.WriteStartArray(); + foreach (var item in patch) + { + content.JsonWriter.WriteObjectValue(item); + } + content.JsonWriter.WriteEndArray(); + request.Content = content; + _userAgent.Apply(message); + return message; + } + + /// Patch a recommendation. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + /// , , or is null. + /// , or is an empty string, and was expected to be non-empty. + public async Task RecommendationAsync(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNull(patch, nameof(patch)); + + using var message = CreateRecommendationRequest(subscriptionId, resourceGroupName, workspaceName, recommendationId, patch); + await _pipeline.SendAsync(message, cancellationToken).ConfigureAwait(false); + switch (message.Response.Status) + { + case 202: + return message.Response; + default: + throw new RequestFailedException(message.Response); + } + } + + /// Patch a recommendation. + /// The ID of the target subscription. + /// The name of the resource group. The name is case insensitive. + /// The name of the workspace. + /// Recommendation Id. + /// Recommendation Fields to Update. + /// The cancellation token to use. + /// , , or is null. + /// , or is an empty string, and was expected to be non-empty. + public Response Recommendation(string subscriptionId, string resourceGroupName, string workspaceName, Guid recommendationId, IEnumerable patch, CancellationToken cancellationToken = default) + { + Argument.AssertNotNullOrEmpty(subscriptionId, nameof(subscriptionId)); + Argument.AssertNotNullOrEmpty(resourceGroupName, nameof(resourceGroupName)); + Argument.AssertNotNullOrEmpty(workspaceName, nameof(workspaceName)); + Argument.AssertNotNull(patch, nameof(patch)); + + using var message = CreateRecommendationRequest(subscriptionId, resourceGroupName, workspaceName, recommendationId, patch); + _pipeline.Send(message, cancellationToken); + switch (message.Response.Status) + { + case 202: + return message.Response; + default: + throw new RequestFailedException(message.Response); + } + } + } +} diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs index 7ddb2f8caf956..99fe0c8abc21f 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistItemsRestOperations.cs @@ -33,7 +33,7 @@ public WatchlistItemsRestOperations(HttpPipeline pipeline, string applicationId, { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs index f09f5874f0d9c..15a6e7a6011f7 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/Generated/RestOperations/WatchlistsRestOperations.cs @@ -33,7 +33,7 @@ public WatchlistsRestOperations(HttpPipeline pipeline, string applicationId, Uri { _pipeline = pipeline ?? throw new ArgumentNullException(nameof(pipeline)); _endpoint = endpoint ?? new Uri("https://management.azure.com"); - _apiVersion = apiVersion ?? "2022-08-01-preview"; + _apiVersion = apiVersion ?? "2022-12-01-preview"; _userAgent = new TelemetryDetails(GetType().Assembly, applicationId); } diff --git a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md index 39d8e521580ae..e4560b7bf906b 100644 --- a/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md +++ b/sdk/securityinsights/Azure.ResourceManager.SecurityInsights/src/autorest.md @@ -9,7 +9,7 @@ csharp: true library-name: SecurityInsights namespace: Azure.ResourceManager.SecurityInsights # default tag is a preview version -require: https://github.com/Azure/azure-rest-api-specs/blob/53b1affe357b3bfbb53721d0a2002382a046d3b0/specification/securityinsights/resource-manager/readme.md +require: /mnt/vss/_work/1/s/azure-rest-api-specs/specification/securityinsights/resource-manager/readme.md output-folder: $(this-folder)/Generated clear-output-folder: true skip-csproj: true