diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/_meta.json b/sdk/securityinsight/azure-mgmt-securityinsight/_meta.json index fa7204443a7e..024be0c0850b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/_meta.json +++ b/sdk/securityinsight/azure-mgmt-securityinsight/_meta.json @@ -1,11 +1,11 @@ { - "commit": "89a9bf17524904e7670f0fd2d62ac882ca00d85c", + "commit": "c0bebfc776f0a657a4f8bac9c16d170eefe64100", "repository_url": "https://github.com/Azure/azure-rest-api-specs", "autorest": "3.9.2", "use": [ - "@autorest/python@6.2.7", + "@autorest/python@6.4.7", "@autorest/modelerfour@4.24.3" ], - "autorest_command": "autorest specification/securityinsights/resource-manager/readme.md --generate-sample=True --include-x-ms-examples-original-file=True --python --python-sdks-folder=/home/vsts/work/1/azure-sdk-for-python/sdk --use=@autorest/python@6.2.7 --use=@autorest/modelerfour@4.24.3 --version=3.9.2 --version-tolerant=False", + "autorest_command": "autorest specification/securityinsights/resource-manager/readme.md --generate-sample=True --include-x-ms-examples-original-file=True --python --python-sdks-folder=/mnt/vss/_work/1/s/azure-sdk-for-python/sdk --use=@autorest/python@6.4.7 --use=@autorest/modelerfour@4.24.3 --version=3.9.2 --version-tolerant=False", "readme": "specification/securityinsights/resource-manager/readme.md" } \ No newline at end of file diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_configuration.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_configuration.py index 9b68f6af78ea..297780c7ceba 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_configuration.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_configuration.py @@ -6,7 +6,6 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, TYPE_CHECKING from azure.core.configuration import Configuration @@ -15,11 +14,6 @@ from ._version import VERSION -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports - if TYPE_CHECKING: # pylint: disable=unused-import,ungrouped-imports from azure.core.credentials import TokenCredential @@ -35,14 +29,14 @@ class SecurityInsightsConfiguration(Configuration): # pylint: disable=too-many- :type credential: ~azure.core.credentials.TokenCredential :param subscription_id: The ID of the target subscription. Required. :type subscription_id: str - :keyword api_version: Api Version. Default value is "2022-12-01-preview". Note that overriding + :keyword api_version: Api Version. Default value is "2023-04-01-preview". Note that overriding this default value may result in unsupported behavior. :paramtype api_version: str """ def __init__(self, credential: "TokenCredential", subscription_id: str, **kwargs: Any) -> None: super(SecurityInsightsConfiguration, self).__init__(**kwargs) - api_version: Literal["2022-12-01-preview"] = kwargs.pop("api_version", "2022-12-01-preview") + api_version: str = kwargs.pop("api_version", "2023-04-01-preview") if credential is None: raise ValueError("Parameter 'credential' must not be None.") diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_security_insights.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_security_insights.py index 3cde4c860447..6d61365aa434 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_security_insights.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_security_insights.py @@ -17,12 +17,17 @@ from ._serialization import Deserializer, Serializer from .operations import ( ActionsOperations, + AlertRuleOperations, AlertRuleTemplatesOperations, AlertRulesOperations, AutomationRulesOperations, BookmarkOperations, BookmarkRelationsOperations, BookmarksOperations, + ContentPackageOperations, + ContentPackagesOperations, + ContentTemplateOperations, + ContentTemplatesOperations, DataConnectorsCheckRequirementsOperations, DataConnectorsOperations, DomainWhoisOperations, @@ -35,6 +40,10 @@ FileImportsOperations, GetOperations, GetRecommendationsOperations, + GetTriggeredAnalyticsRuleRunsOperations, + HuntCommentsOperations, + HuntRelationsOperations, + HuntsOperations, IPGeodataOperations, IncidentCommentsOperations, IncidentRelationsOperations, @@ -43,7 +52,11 @@ MetadataOperations, OfficeConsentsOperations, Operations, + ProductPackageOperations, + ProductPackagesOperations, ProductSettingsOperations, + ProductTemplateOperations, + ProductTemplatesOperations, SecurityMLAnalyticsSettingsOperations, SentinelOnboardingStatesOperations, SourceControlOperations, @@ -51,9 +64,15 @@ ThreatIntelligenceIndicatorMetricsOperations, ThreatIntelligenceIndicatorOperations, ThreatIntelligenceIndicatorsOperations, + TriggeredAnalyticsRuleRunOperations, UpdateOperations, WatchlistItemsOperations, WatchlistsOperations, + WorkspaceManagerAssignmentJobsOperations, + WorkspaceManagerAssignmentsOperations, + WorkspaceManagerConfigurationsOperations, + WorkspaceManagerGroupsOperations, + WorkspaceManagerMembersOperations, ) if TYPE_CHECKING: @@ -73,6 +92,8 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to azure.mgmt.securityinsight.operations.AlertRuleTemplatesOperations :ivar automation_rules: AutomationRulesOperations operations :vartype automation_rules: azure.mgmt.securityinsight.operations.AutomationRulesOperations + :ivar entities: EntitiesOperations operations + :vartype entities: azure.mgmt.securityinsight.operations.EntitiesOperations :ivar incidents: IncidentsOperations operations :vartype incidents: azure.mgmt.securityinsight.operations.IncidentsOperations :ivar bookmarks: BookmarksOperations operations @@ -81,12 +102,26 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to :vartype bookmark_relations: azure.mgmt.securityinsight.operations.BookmarkRelationsOperations :ivar bookmark: BookmarkOperations operations :vartype bookmark: azure.mgmt.securityinsight.operations.BookmarkOperations + :ivar content_packages: ContentPackagesOperations operations + :vartype content_packages: azure.mgmt.securityinsight.operations.ContentPackagesOperations + :ivar content_package: ContentPackageOperations operations + :vartype content_package: azure.mgmt.securityinsight.operations.ContentPackageOperations + :ivar product_packages: ProductPackagesOperations operations + :vartype product_packages: azure.mgmt.securityinsight.operations.ProductPackagesOperations + :ivar product_package: ProductPackageOperations operations + :vartype product_package: azure.mgmt.securityinsight.operations.ProductPackageOperations + :ivar product_templates: ProductTemplatesOperations operations + :vartype product_templates: azure.mgmt.securityinsight.operations.ProductTemplatesOperations + :ivar product_template: ProductTemplateOperations operations + :vartype product_template: azure.mgmt.securityinsight.operations.ProductTemplateOperations + :ivar content_templates: ContentTemplatesOperations operations + :vartype content_templates: azure.mgmt.securityinsight.operations.ContentTemplatesOperations + :ivar content_template: ContentTemplateOperations operations + :vartype content_template: azure.mgmt.securityinsight.operations.ContentTemplateOperations :ivar ip_geodata: IPGeodataOperations operations :vartype ip_geodata: azure.mgmt.securityinsight.operations.IPGeodataOperations :ivar domain_whois: DomainWhoisOperations operations :vartype domain_whois: azure.mgmt.securityinsight.operations.DomainWhoisOperations - :ivar entities: EntitiesOperations operations - :vartype entities: azure.mgmt.securityinsight.operations.EntitiesOperations :ivar entities_get_timeline: EntitiesGetTimelineOperations operations :vartype entities_get_timeline: azure.mgmt.securityinsight.operations.EntitiesGetTimelineOperations @@ -101,6 +136,12 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to azure.mgmt.securityinsight.operations.EntityQueryTemplatesOperations :ivar file_imports: FileImportsOperations operations :vartype file_imports: azure.mgmt.securityinsight.operations.FileImportsOperations + :ivar hunts: HuntsOperations operations + :vartype hunts: azure.mgmt.securityinsight.operations.HuntsOperations + :ivar hunt_relations: HuntRelationsOperations operations + :vartype hunt_relations: azure.mgmt.securityinsight.operations.HuntRelationsOperations + :ivar hunt_comments: HuntCommentsOperations operations + :vartype hunt_comments: azure.mgmt.securityinsight.operations.HuntCommentsOperations :ivar incident_comments: IncidentCommentsOperations operations :vartype incident_comments: azure.mgmt.securityinsight.operations.IncidentCommentsOperations :ivar incident_relations: IncidentRelationsOperations operations @@ -140,10 +181,33 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to operations :vartype threat_intelligence_indicator_metrics: azure.mgmt.securityinsight.operations.ThreatIntelligenceIndicatorMetricsOperations + :ivar triggered_analytics_rule_run: TriggeredAnalyticsRuleRunOperations operations + :vartype triggered_analytics_rule_run: + azure.mgmt.securityinsight.operations.TriggeredAnalyticsRuleRunOperations + :ivar get_triggered_analytics_rule_runs: GetTriggeredAnalyticsRuleRunsOperations operations + :vartype get_triggered_analytics_rule_runs: + azure.mgmt.securityinsight.operations.GetTriggeredAnalyticsRuleRunsOperations + :ivar alert_rule: AlertRuleOperations operations + :vartype alert_rule: azure.mgmt.securityinsight.operations.AlertRuleOperations :ivar watchlists: WatchlistsOperations operations :vartype watchlists: azure.mgmt.securityinsight.operations.WatchlistsOperations :ivar watchlist_items: WatchlistItemsOperations operations :vartype watchlist_items: azure.mgmt.securityinsight.operations.WatchlistItemsOperations + :ivar workspace_manager_groups: WorkspaceManagerGroupsOperations operations + :vartype workspace_manager_groups: + azure.mgmt.securityinsight.operations.WorkspaceManagerGroupsOperations + :ivar workspace_manager_assignments: WorkspaceManagerAssignmentsOperations operations + :vartype workspace_manager_assignments: + azure.mgmt.securityinsight.operations.WorkspaceManagerAssignmentsOperations + :ivar workspace_manager_assignment_jobs: WorkspaceManagerAssignmentJobsOperations operations + :vartype workspace_manager_assignment_jobs: + azure.mgmt.securityinsight.operations.WorkspaceManagerAssignmentJobsOperations + :ivar workspace_manager_configurations: WorkspaceManagerConfigurationsOperations operations + :vartype workspace_manager_configurations: + azure.mgmt.securityinsight.operations.WorkspaceManagerConfigurationsOperations + :ivar workspace_manager_members: WorkspaceManagerMembersOperations operations + :vartype workspace_manager_members: + azure.mgmt.securityinsight.operations.WorkspaceManagerMembersOperations :ivar data_connectors: DataConnectorsOperations operations :vartype data_connectors: azure.mgmt.securityinsight.operations.DataConnectorsOperations :ivar data_connectors_check_requirements: DataConnectorsCheckRequirementsOperations operations @@ -157,7 +221,7 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to :type subscription_id: str :param base_url: Service URL. Default value is "https://management.azure.com". :type base_url: str - :keyword api_version: Api Version. Default value is "2022-12-01-preview". Note that overriding + :keyword api_version: Api Version. Default value is "2023-04-01-preview". Note that overriding this default value may result in unsupported behavior. :paramtype api_version: str :keyword int polling_interval: Default waiting time between two polls for LRO operations if no @@ -172,7 +236,7 @@ def __init__( **kwargs: Any ) -> None: self._config = SecurityInsightsConfiguration(credential=credential, subscription_id=subscription_id, **kwargs) - self._client = ARMPipelineClient(base_url=base_url, config=self._config, **kwargs) + self._client: ARMPipelineClient = ARMPipelineClient(base_url=base_url, config=self._config, **kwargs) client_models = {k: v for k, v in _models.__dict__.items() if isinstance(v, type)} self._serialize = Serializer(client_models) @@ -186,15 +250,35 @@ def __init__( self.automation_rules = AutomationRulesOperations( self._client, self._config, self._serialize, self._deserialize ) + self.entities = EntitiesOperations(self._client, self._config, self._serialize, self._deserialize) self.incidents = IncidentsOperations(self._client, self._config, self._serialize, self._deserialize) self.bookmarks = BookmarksOperations(self._client, self._config, self._serialize, self._deserialize) self.bookmark_relations = BookmarkRelationsOperations( self._client, self._config, self._serialize, self._deserialize ) self.bookmark = BookmarkOperations(self._client, self._config, self._serialize, self._deserialize) + self.content_packages = ContentPackagesOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.content_package = ContentPackageOperations(self._client, self._config, self._serialize, self._deserialize) + self.product_packages = ProductPackagesOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.product_package = ProductPackageOperations(self._client, self._config, self._serialize, self._deserialize) + self.product_templates = ProductTemplatesOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.product_template = ProductTemplateOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.content_templates = ContentTemplatesOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.content_template = ContentTemplateOperations( + self._client, self._config, self._serialize, self._deserialize + ) self.ip_geodata = IPGeodataOperations(self._client, self._config, self._serialize, self._deserialize) self.domain_whois = DomainWhoisOperations(self._client, self._config, self._serialize, self._deserialize) - self.entities = EntitiesOperations(self._client, self._config, self._serialize, self._deserialize) self.entities_get_timeline = EntitiesGetTimelineOperations( self._client, self._config, self._serialize, self._deserialize ) @@ -209,6 +293,9 @@ def __init__( self._client, self._config, self._serialize, self._deserialize ) self.file_imports = FileImportsOperations(self._client, self._config, self._serialize, self._deserialize) + self.hunts = HuntsOperations(self._client, self._config, self._serialize, self._deserialize) + self.hunt_relations = HuntRelationsOperations(self._client, self._config, self._serialize, self._deserialize) + self.hunt_comments = HuntCommentsOperations(self._client, self._config, self._serialize, self._deserialize) self.incident_comments = IncidentCommentsOperations( self._client, self._config, self._serialize, self._deserialize ) @@ -243,8 +330,30 @@ def __init__( self.threat_intelligence_indicator_metrics = ThreatIntelligenceIndicatorMetricsOperations( self._client, self._config, self._serialize, self._deserialize ) + self.triggered_analytics_rule_run = TriggeredAnalyticsRuleRunOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.get_triggered_analytics_rule_runs = GetTriggeredAnalyticsRuleRunsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.alert_rule = AlertRuleOperations(self._client, self._config, self._serialize, self._deserialize) self.watchlists = WatchlistsOperations(self._client, self._config, self._serialize, self._deserialize) self.watchlist_items = WatchlistItemsOperations(self._client, self._config, self._serialize, self._deserialize) + self.workspace_manager_groups = WorkspaceManagerGroupsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.workspace_manager_assignments = WorkspaceManagerAssignmentsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.workspace_manager_assignment_jobs = WorkspaceManagerAssignmentJobsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.workspace_manager_configurations = WorkspaceManagerConfigurationsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.workspace_manager_members = WorkspaceManagerMembersOperations( + self._client, self._config, self._serialize, self._deserialize + ) self.data_connectors = DataConnectorsOperations(self._client, self._config, self._serialize, self._deserialize) self.data_connectors_check_requirements = DataConnectorsCheckRequirementsOperations( self._client, self._config, self._serialize, self._deserialize @@ -280,5 +389,5 @@ def __enter__(self) -> "SecurityInsights": self._client.__enter__() return self - def __exit__(self, *exc_details) -> None: + def __exit__(self, *exc_details: Any) -> None: self._client.__exit__(*exc_details) diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_serialization.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_serialization.py index 2c170e28dbca..842ae727fbbc 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_serialization.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_serialization.py @@ -38,7 +38,22 @@ import re import sys import codecs -from typing import Optional, Union, AnyStr, IO, Mapping +from typing import ( + Dict, + Any, + cast, + Optional, + Union, + AnyStr, + IO, + Mapping, + Callable, + TypeVar, + MutableMapping, + Type, + List, + Mapping, +) try: from urllib import quote # type: ignore @@ -48,12 +63,14 @@ import isodate # type: ignore -from typing import Dict, Any, cast - from azure.core.exceptions import DeserializationError, SerializationError, raise_with_traceback +from azure.core.serialization import NULL as AzureCoreNull _BOM = codecs.BOM_UTF8.decode(encoding="utf-8") +ModelType = TypeVar("ModelType", bound="Model") +JSON = MutableMapping[str, Any] + class RawDeserializer: @@ -277,8 +294,8 @@ class Model(object): _attribute_map: Dict[str, Dict[str, Any]] = {} _validation: Dict[str, Dict[str, Any]] = {} - def __init__(self, **kwargs): - self.additional_properties = {} + def __init__(self, **kwargs: Any) -> None: + self.additional_properties: Dict[str, Any] = {} for k in kwargs: if k not in self._attribute_map: _LOGGER.warning("%s is not a known attribute of class %s and will be ignored", k, self.__class__) @@ -287,25 +304,25 @@ def __init__(self, **kwargs): else: setattr(self, k, kwargs[k]) - def __eq__(self, other): + def __eq__(self, other: Any) -> bool: """Compare objects by comparing all attributes.""" if isinstance(other, self.__class__): return self.__dict__ == other.__dict__ return False - def __ne__(self, other): + def __ne__(self, other: Any) -> bool: """Compare objects by comparing all attributes.""" return not self.__eq__(other) - def __str__(self): + def __str__(self) -> str: return str(self.__dict__) @classmethod - def enable_additional_properties_sending(cls): + def enable_additional_properties_sending(cls) -> None: cls._attribute_map["additional_properties"] = {"key": "", "type": "{object}"} @classmethod - def is_xml_model(cls): + def is_xml_model(cls) -> bool: try: cls._xml_map # type: ignore except AttributeError: @@ -322,7 +339,7 @@ def _create_xml_node(cls): return _create_xml_node(xml_map.get("name", cls.__name__), xml_map.get("prefix", None), xml_map.get("ns", None)) - def serialize(self, keep_readonly=False, **kwargs): + def serialize(self, keep_readonly: bool = False, **kwargs: Any) -> JSON: """Return the JSON that would be sent to azure from this model. This is an alias to `as_dict(full_restapi_key_transformer, keep_readonly=False)`. @@ -336,8 +353,13 @@ def serialize(self, keep_readonly=False, **kwargs): serializer = Serializer(self._infer_class_models()) return serializer._serialize(self, keep_readonly=keep_readonly, **kwargs) - def as_dict(self, keep_readonly=True, key_transformer=attribute_transformer, **kwargs): - """Return a dict that can be JSONify using json.dump. + def as_dict( + self, + keep_readonly: bool = True, + key_transformer: Callable[[str, Dict[str, Any], Any], Any] = attribute_transformer, + **kwargs: Any + ) -> JSON: + """Return a dict that can be serialized using json.dump. Advanced usage might optionally use a callback as parameter: @@ -384,7 +406,7 @@ def _infer_class_models(cls): return client_models @classmethod - def deserialize(cls, data, content_type=None): + def deserialize(cls: Type[ModelType], data: Any, content_type: Optional[str] = None) -> ModelType: """Parse a str using the RestAPI syntax and return a model. :param str data: A str using RestAPI structure. JSON by default. @@ -396,7 +418,12 @@ def deserialize(cls, data, content_type=None): return deserializer(cls.__name__, data, content_type=content_type) @classmethod - def from_dict(cls, data, key_extractors=None, content_type=None): + def from_dict( + cls: Type[ModelType], + data: Any, + key_extractors: Optional[Callable[[str, Dict[str, Any], Any], Any]] = None, + content_type: Optional[str] = None, + ) -> ModelType: """Parse a dict using given key extractor return a model. By default consider key @@ -409,8 +436,8 @@ def from_dict(cls, data, key_extractors=None, content_type=None): :raises: DeserializationError if something went wrong """ deserializer = Deserializer(cls._infer_class_models()) - deserializer.key_extractors = ( - [ + deserializer.key_extractors = ( # type: ignore + [ # type: ignore attribute_key_case_insensitive_extractor, rest_key_case_insensitive_extractor, last_rest_key_case_insensitive_extractor, @@ -518,7 +545,7 @@ class Serializer(object): "multiple": lambda x, y: x % y != 0, } - def __init__(self, classes=None): + def __init__(self, classes: Optional[Mapping[str, Type[ModelType]]] = None): self.serialize_type = { "iso-8601": Serializer.serialize_iso, "rfc-1123": Serializer.serialize_rfc, @@ -534,7 +561,7 @@ def __init__(self, classes=None): "[]": self.serialize_iter, "{}": self.serialize_dict, } - self.dependencies = dict(classes) if classes else {} + self.dependencies: Dict[str, Type[ModelType]] = dict(classes) if classes else {} self.key_transformer = full_restapi_key_transformer self.client_side_validation = True @@ -602,7 +629,7 @@ def _serialize(self, target_obj, data_type=None, **kwargs): if xml_desc.get("attr", False): if xml_ns: ET.register_namespace(xml_prefix, xml_ns) - xml_name = "{}{}".format(xml_ns, xml_name) + xml_name = "{{{}}}{}".format(xml_ns, xml_name) serialized.set(xml_name, new_attr) # type: ignore continue if xml_desc.get("text", False): @@ -626,8 +653,7 @@ def _serialize(self, target_obj, data_type=None, **kwargs): serialized.append(local_node) # type: ignore else: # JSON for k in reversed(keys): # type: ignore - unflattened = {k: new_attr} - new_attr = unflattened + new_attr = {k: new_attr} _new_attr = new_attr _serialized = serialized @@ -656,8 +682,8 @@ def body(self, data, data_type, **kwargs): """ # Just in case this is a dict - internal_data_type = data_type.strip("[]{}") - internal_data_type = self.dependencies.get(internal_data_type, None) + internal_data_type_str = data_type.strip("[]{}") + internal_data_type = self.dependencies.get(internal_data_type_str, None) try: is_xml_model_serialization = kwargs["is_xml"] except KeyError: @@ -777,6 +803,8 @@ def serialize_data(self, data, data_type, **kwargs): raise ValueError("No value for given attribute") try: + if data is AzureCoreNull: + return None if data_type in self.basic_types.values(): return self.serialize_basic(data, data_type, **kwargs) @@ -1161,7 +1189,8 @@ def rest_key_extractor(attr, attr_desc, data): working_data = data while "." in key: - dict_keys = _FLATTEN.split(key) + # Need the cast, as for some reasons "split" is typed as list[str | Any] + dict_keys = cast(List[str], _FLATTEN.split(key)) if len(dict_keys) == 1: key = _decode_attribute_map_key(dict_keys[0]) break @@ -1242,7 +1271,7 @@ def _extract_name_from_internal_type(internal_type): xml_name = internal_type_xml_map.get("name", internal_type.__name__) xml_ns = internal_type_xml_map.get("ns", None) if xml_ns: - xml_name = "{}{}".format(xml_ns, xml_name) + xml_name = "{{{}}}{}".format(xml_ns, xml_name) return xml_name @@ -1266,7 +1295,7 @@ def xml_key_extractor(attr, attr_desc, data): # Integrate namespace if necessary xml_ns = xml_desc.get("ns", internal_type_xml_map.get("ns", None)) if xml_ns: - xml_name = "{}{}".format(xml_ns, xml_name) + xml_name = "{{{}}}{}".format(xml_ns, xml_name) # If it's an attribute, that's simple if xml_desc.get("attr", False): @@ -1332,7 +1361,7 @@ class Deserializer(object): valid_date = re.compile(r"\d{4}[-]\d{2}[-]\d{2}T\d{2}:\d{2}:\d{2}" r"\.?\d*Z?[-+]?[\d{2}]?:?[\d{2}]?") - def __init__(self, classes=None): + def __init__(self, classes: Optional[Mapping[str, Type[ModelType]]] = None): self.deserialize_type = { "iso-8601": Deserializer.deserialize_iso, "rfc-1123": Deserializer.deserialize_rfc, @@ -1352,7 +1381,7 @@ def __init__(self, classes=None): "duration": (isodate.Duration, datetime.timedelta), "iso-8601": (datetime.datetime), } - self.dependencies = dict(classes) if classes else {} + self.dependencies: Dict[str, Type[ModelType]] = dict(classes) if classes else {} self.key_extractors = [rest_key_extractor, xml_key_extractor] # Additional properties only works if the "rest_key_extractor" is used to # extract the keys. Making it to work whatever the key extractor is too much @@ -1471,7 +1500,7 @@ def _classify_target(self, target, data): Once classification has been determined, initialize object. :param str target: The target object type to deserialize to. - :param str/dict data: The response data to deseralize. + :param str/dict data: The response data to deserialize. """ if target is None: return None, None @@ -1486,7 +1515,7 @@ def _classify_target(self, target, data): target = target._classify(data, self.dependencies) except AttributeError: pass # Target is not a Model, no classify - return target, target.__class__.__name__ + return target, target.__class__.__name__ # type: ignore def failsafe_deserialize(self, target_obj, data, content_type=None): """Ignores any errors encountered in deserialization, @@ -1496,7 +1525,7 @@ def failsafe_deserialize(self, target_obj, data, content_type=None): a deserialization error. :param str target_obj: The target object type to deserialize to. - :param str/dict data: The response data to deseralize. + :param str/dict data: The response data to deserialize. :param str content_type: Swagger "produces" if available. """ try: diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_vendor.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_vendor.py index 9aad73fc743e..bd0df84f5319 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_vendor.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_vendor.py @@ -5,6 +5,8 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- +from typing import List, cast + from azure.core.pipeline.transport import HttpRequest @@ -22,6 +24,7 @@ def _format_url_section(template, **kwargs): try: return template.format(**kwargs) except KeyError as key: - formatted_components = template.split("/") + # Need the cast, as for some reasons "split" is typed as list[str | Any] + formatted_components = cast(List[str], template.split("/")) components = [c for c in formatted_components if "{}".format(key.args[0]) not in c] template = "/".join(components) diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_version.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_version.py index 2eda20789583..e5754a47ce68 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_version.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/_version.py @@ -6,4 +6,4 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -VERSION = "2.0.0b2" +VERSION = "1.0.0b1" diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/_configuration.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/_configuration.py index e334994b3258..d6816fedada1 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/_configuration.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/_configuration.py @@ -6,7 +6,6 @@ # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, TYPE_CHECKING from azure.core.configuration import Configuration @@ -15,11 +14,6 @@ from .._version import VERSION -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports - if TYPE_CHECKING: # pylint: disable=unused-import,ungrouped-imports from azure.core.credentials_async import AsyncTokenCredential @@ -35,14 +29,14 @@ class SecurityInsightsConfiguration(Configuration): # pylint: disable=too-many- :type credential: ~azure.core.credentials_async.AsyncTokenCredential :param subscription_id: The ID of the target subscription. Required. :type subscription_id: str - :keyword api_version: Api Version. Default value is "2022-12-01-preview". Note that overriding + :keyword api_version: Api Version. Default value is "2023-04-01-preview". Note that overriding this default value may result in unsupported behavior. :paramtype api_version: str """ def __init__(self, credential: "AsyncTokenCredential", subscription_id: str, **kwargs: Any) -> None: super(SecurityInsightsConfiguration, self).__init__(**kwargs) - api_version: Literal["2022-12-01-preview"] = kwargs.pop("api_version", "2022-12-01-preview") + api_version: str = kwargs.pop("api_version", "2023-04-01-preview") if credential is None: raise ValueError("Parameter 'credential' must not be None.") diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/_security_insights.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/_security_insights.py index 6a0f5faa2f24..021537d2364b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/_security_insights.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/_security_insights.py @@ -17,12 +17,17 @@ from ._configuration import SecurityInsightsConfiguration from .operations import ( ActionsOperations, + AlertRuleOperations, AlertRuleTemplatesOperations, AlertRulesOperations, AutomationRulesOperations, BookmarkOperations, BookmarkRelationsOperations, BookmarksOperations, + ContentPackageOperations, + ContentPackagesOperations, + ContentTemplateOperations, + ContentTemplatesOperations, DataConnectorsCheckRequirementsOperations, DataConnectorsOperations, DomainWhoisOperations, @@ -35,6 +40,10 @@ FileImportsOperations, GetOperations, GetRecommendationsOperations, + GetTriggeredAnalyticsRuleRunsOperations, + HuntCommentsOperations, + HuntRelationsOperations, + HuntsOperations, IPGeodataOperations, IncidentCommentsOperations, IncidentRelationsOperations, @@ -43,7 +52,11 @@ MetadataOperations, OfficeConsentsOperations, Operations, + ProductPackageOperations, + ProductPackagesOperations, ProductSettingsOperations, + ProductTemplateOperations, + ProductTemplatesOperations, SecurityMLAnalyticsSettingsOperations, SentinelOnboardingStatesOperations, SourceControlOperations, @@ -51,9 +64,15 @@ ThreatIntelligenceIndicatorMetricsOperations, ThreatIntelligenceIndicatorOperations, ThreatIntelligenceIndicatorsOperations, + TriggeredAnalyticsRuleRunOperations, UpdateOperations, WatchlistItemsOperations, WatchlistsOperations, + WorkspaceManagerAssignmentJobsOperations, + WorkspaceManagerAssignmentsOperations, + WorkspaceManagerConfigurationsOperations, + WorkspaceManagerGroupsOperations, + WorkspaceManagerMembersOperations, ) if TYPE_CHECKING: @@ -73,6 +92,8 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to azure.mgmt.securityinsight.aio.operations.AlertRuleTemplatesOperations :ivar automation_rules: AutomationRulesOperations operations :vartype automation_rules: azure.mgmt.securityinsight.aio.operations.AutomationRulesOperations + :ivar entities: EntitiesOperations operations + :vartype entities: azure.mgmt.securityinsight.aio.operations.EntitiesOperations :ivar incidents: IncidentsOperations operations :vartype incidents: azure.mgmt.securityinsight.aio.operations.IncidentsOperations :ivar bookmarks: BookmarksOperations operations @@ -82,12 +103,28 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to azure.mgmt.securityinsight.aio.operations.BookmarkRelationsOperations :ivar bookmark: BookmarkOperations operations :vartype bookmark: azure.mgmt.securityinsight.aio.operations.BookmarkOperations + :ivar content_packages: ContentPackagesOperations operations + :vartype content_packages: azure.mgmt.securityinsight.aio.operations.ContentPackagesOperations + :ivar content_package: ContentPackageOperations operations + :vartype content_package: azure.mgmt.securityinsight.aio.operations.ContentPackageOperations + :ivar product_packages: ProductPackagesOperations operations + :vartype product_packages: azure.mgmt.securityinsight.aio.operations.ProductPackagesOperations + :ivar product_package: ProductPackageOperations operations + :vartype product_package: azure.mgmt.securityinsight.aio.operations.ProductPackageOperations + :ivar product_templates: ProductTemplatesOperations operations + :vartype product_templates: + azure.mgmt.securityinsight.aio.operations.ProductTemplatesOperations + :ivar product_template: ProductTemplateOperations operations + :vartype product_template: azure.mgmt.securityinsight.aio.operations.ProductTemplateOperations + :ivar content_templates: ContentTemplatesOperations operations + :vartype content_templates: + azure.mgmt.securityinsight.aio.operations.ContentTemplatesOperations + :ivar content_template: ContentTemplateOperations operations + :vartype content_template: azure.mgmt.securityinsight.aio.operations.ContentTemplateOperations :ivar ip_geodata: IPGeodataOperations operations :vartype ip_geodata: azure.mgmt.securityinsight.aio.operations.IPGeodataOperations :ivar domain_whois: DomainWhoisOperations operations :vartype domain_whois: azure.mgmt.securityinsight.aio.operations.DomainWhoisOperations - :ivar entities: EntitiesOperations operations - :vartype entities: azure.mgmt.securityinsight.aio.operations.EntitiesOperations :ivar entities_get_timeline: EntitiesGetTimelineOperations operations :vartype entities_get_timeline: azure.mgmt.securityinsight.aio.operations.EntitiesGetTimelineOperations @@ -103,6 +140,12 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to azure.mgmt.securityinsight.aio.operations.EntityQueryTemplatesOperations :ivar file_imports: FileImportsOperations operations :vartype file_imports: azure.mgmt.securityinsight.aio.operations.FileImportsOperations + :ivar hunts: HuntsOperations operations + :vartype hunts: azure.mgmt.securityinsight.aio.operations.HuntsOperations + :ivar hunt_relations: HuntRelationsOperations operations + :vartype hunt_relations: azure.mgmt.securityinsight.aio.operations.HuntRelationsOperations + :ivar hunt_comments: HuntCommentsOperations operations + :vartype hunt_comments: azure.mgmt.securityinsight.aio.operations.HuntCommentsOperations :ivar incident_comments: IncidentCommentsOperations operations :vartype incident_comments: azure.mgmt.securityinsight.aio.operations.IncidentCommentsOperations @@ -144,10 +187,33 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to operations :vartype threat_intelligence_indicator_metrics: azure.mgmt.securityinsight.aio.operations.ThreatIntelligenceIndicatorMetricsOperations + :ivar triggered_analytics_rule_run: TriggeredAnalyticsRuleRunOperations operations + :vartype triggered_analytics_rule_run: + azure.mgmt.securityinsight.aio.operations.TriggeredAnalyticsRuleRunOperations + :ivar get_triggered_analytics_rule_runs: GetTriggeredAnalyticsRuleRunsOperations operations + :vartype get_triggered_analytics_rule_runs: + azure.mgmt.securityinsight.aio.operations.GetTriggeredAnalyticsRuleRunsOperations + :ivar alert_rule: AlertRuleOperations operations + :vartype alert_rule: azure.mgmt.securityinsight.aio.operations.AlertRuleOperations :ivar watchlists: WatchlistsOperations operations :vartype watchlists: azure.mgmt.securityinsight.aio.operations.WatchlistsOperations :ivar watchlist_items: WatchlistItemsOperations operations :vartype watchlist_items: azure.mgmt.securityinsight.aio.operations.WatchlistItemsOperations + :ivar workspace_manager_groups: WorkspaceManagerGroupsOperations operations + :vartype workspace_manager_groups: + azure.mgmt.securityinsight.aio.operations.WorkspaceManagerGroupsOperations + :ivar workspace_manager_assignments: WorkspaceManagerAssignmentsOperations operations + :vartype workspace_manager_assignments: + azure.mgmt.securityinsight.aio.operations.WorkspaceManagerAssignmentsOperations + :ivar workspace_manager_assignment_jobs: WorkspaceManagerAssignmentJobsOperations operations + :vartype workspace_manager_assignment_jobs: + azure.mgmt.securityinsight.aio.operations.WorkspaceManagerAssignmentJobsOperations + :ivar workspace_manager_configurations: WorkspaceManagerConfigurationsOperations operations + :vartype workspace_manager_configurations: + azure.mgmt.securityinsight.aio.operations.WorkspaceManagerConfigurationsOperations + :ivar workspace_manager_members: WorkspaceManagerMembersOperations operations + :vartype workspace_manager_members: + azure.mgmt.securityinsight.aio.operations.WorkspaceManagerMembersOperations :ivar data_connectors: DataConnectorsOperations operations :vartype data_connectors: azure.mgmt.securityinsight.aio.operations.DataConnectorsOperations :ivar data_connectors_check_requirements: DataConnectorsCheckRequirementsOperations operations @@ -161,7 +227,7 @@ class SecurityInsights: # pylint: disable=client-accepts-api-version-keyword,to :type subscription_id: str :param base_url: Service URL. Default value is "https://management.azure.com". :type base_url: str - :keyword api_version: Api Version. Default value is "2022-12-01-preview". Note that overriding + :keyword api_version: Api Version. Default value is "2023-04-01-preview". Note that overriding this default value may result in unsupported behavior. :paramtype api_version: str :keyword int polling_interval: Default waiting time between two polls for LRO operations if no @@ -176,7 +242,7 @@ def __init__( **kwargs: Any ) -> None: self._config = SecurityInsightsConfiguration(credential=credential, subscription_id=subscription_id, **kwargs) - self._client = AsyncARMPipelineClient(base_url=base_url, config=self._config, **kwargs) + self._client: AsyncARMPipelineClient = AsyncARMPipelineClient(base_url=base_url, config=self._config, **kwargs) client_models = {k: v for k, v in _models.__dict__.items() if isinstance(v, type)} self._serialize = Serializer(client_models) @@ -190,15 +256,35 @@ def __init__( self.automation_rules = AutomationRulesOperations( self._client, self._config, self._serialize, self._deserialize ) + self.entities = EntitiesOperations(self._client, self._config, self._serialize, self._deserialize) self.incidents = IncidentsOperations(self._client, self._config, self._serialize, self._deserialize) self.bookmarks = BookmarksOperations(self._client, self._config, self._serialize, self._deserialize) self.bookmark_relations = BookmarkRelationsOperations( self._client, self._config, self._serialize, self._deserialize ) self.bookmark = BookmarkOperations(self._client, self._config, self._serialize, self._deserialize) + self.content_packages = ContentPackagesOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.content_package = ContentPackageOperations(self._client, self._config, self._serialize, self._deserialize) + self.product_packages = ProductPackagesOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.product_package = ProductPackageOperations(self._client, self._config, self._serialize, self._deserialize) + self.product_templates = ProductTemplatesOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.product_template = ProductTemplateOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.content_templates = ContentTemplatesOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.content_template = ContentTemplateOperations( + self._client, self._config, self._serialize, self._deserialize + ) self.ip_geodata = IPGeodataOperations(self._client, self._config, self._serialize, self._deserialize) self.domain_whois = DomainWhoisOperations(self._client, self._config, self._serialize, self._deserialize) - self.entities = EntitiesOperations(self._client, self._config, self._serialize, self._deserialize) self.entities_get_timeline = EntitiesGetTimelineOperations( self._client, self._config, self._serialize, self._deserialize ) @@ -213,6 +299,9 @@ def __init__( self._client, self._config, self._serialize, self._deserialize ) self.file_imports = FileImportsOperations(self._client, self._config, self._serialize, self._deserialize) + self.hunts = HuntsOperations(self._client, self._config, self._serialize, self._deserialize) + self.hunt_relations = HuntRelationsOperations(self._client, self._config, self._serialize, self._deserialize) + self.hunt_comments = HuntCommentsOperations(self._client, self._config, self._serialize, self._deserialize) self.incident_comments = IncidentCommentsOperations( self._client, self._config, self._serialize, self._deserialize ) @@ -247,8 +336,30 @@ def __init__( self.threat_intelligence_indicator_metrics = ThreatIntelligenceIndicatorMetricsOperations( self._client, self._config, self._serialize, self._deserialize ) + self.triggered_analytics_rule_run = TriggeredAnalyticsRuleRunOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.get_triggered_analytics_rule_runs = GetTriggeredAnalyticsRuleRunsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.alert_rule = AlertRuleOperations(self._client, self._config, self._serialize, self._deserialize) self.watchlists = WatchlistsOperations(self._client, self._config, self._serialize, self._deserialize) self.watchlist_items = WatchlistItemsOperations(self._client, self._config, self._serialize, self._deserialize) + self.workspace_manager_groups = WorkspaceManagerGroupsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.workspace_manager_assignments = WorkspaceManagerAssignmentsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.workspace_manager_assignment_jobs = WorkspaceManagerAssignmentJobsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.workspace_manager_configurations = WorkspaceManagerConfigurationsOperations( + self._client, self._config, self._serialize, self._deserialize + ) + self.workspace_manager_members = WorkspaceManagerMembersOperations( + self._client, self._config, self._serialize, self._deserialize + ) self.data_connectors = DataConnectorsOperations(self._client, self._config, self._serialize, self._deserialize) self.data_connectors_check_requirements = DataConnectorsCheckRequirementsOperations( self._client, self._config, self._serialize, self._deserialize @@ -284,5 +395,5 @@ async def __aenter__(self) -> "SecurityInsights": await self._client.__aenter__() return self - async def __aexit__(self, *exc_details) -> None: + async def __aexit__(self, *exc_details: Any) -> None: await self._client.__aexit__(*exc_details) diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/__init__.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/__init__.py index 802d895ef601..54bb2e1de07e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/__init__.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/__init__.py @@ -10,19 +10,30 @@ from ._actions_operations import ActionsOperations from ._alert_rule_templates_operations import AlertRuleTemplatesOperations from ._automation_rules_operations import AutomationRulesOperations +from ._entities_operations import EntitiesOperations from ._incidents_operations import IncidentsOperations from ._bookmarks_operations import BookmarksOperations from ._bookmark_relations_operations import BookmarkRelationsOperations from ._bookmark_operations import BookmarkOperations +from ._content_packages_operations import ContentPackagesOperations +from ._content_package_operations import ContentPackageOperations +from ._product_packages_operations import ProductPackagesOperations +from ._product_package_operations import ProductPackageOperations +from ._product_templates_operations import ProductTemplatesOperations +from ._product_template_operations import ProductTemplateOperations +from ._content_templates_operations import ContentTemplatesOperations +from ._content_template_operations import ContentTemplateOperations from ._ip_geodata_operations import IPGeodataOperations from ._domain_whois_operations import DomainWhoisOperations -from ._entities_operations import EntitiesOperations from ._entities_get_timeline_operations import EntitiesGetTimelineOperations from ._entities_relations_operations import EntitiesRelationsOperations from ._entity_relations_operations import EntityRelationsOperations from ._entity_queries_operations import EntityQueriesOperations from ._entity_query_templates_operations import EntityQueryTemplatesOperations from ._file_imports_operations import FileImportsOperations +from ._hunts_operations import HuntsOperations +from ._hunt_relations_operations import HuntRelationsOperations +from ._hunt_comments_operations import HuntCommentsOperations from ._incident_comments_operations import IncidentCommentsOperations from ._incident_relations_operations import IncidentRelationsOperations from ._incident_tasks_operations import IncidentTasksOperations @@ -39,8 +50,16 @@ from ._threat_intelligence_indicator_operations import ThreatIntelligenceIndicatorOperations from ._threat_intelligence_indicators_operations import ThreatIntelligenceIndicatorsOperations from ._threat_intelligence_indicator_metrics_operations import ThreatIntelligenceIndicatorMetricsOperations +from ._triggered_analytics_rule_run_operations import TriggeredAnalyticsRuleRunOperations +from ._get_triggered_analytics_rule_runs_operations import GetTriggeredAnalyticsRuleRunsOperations +from ._alert_rule_operations import AlertRuleOperations from ._watchlists_operations import WatchlistsOperations from ._watchlist_items_operations import WatchlistItemsOperations +from ._workspace_manager_groups_operations import WorkspaceManagerGroupsOperations +from ._workspace_manager_assignments_operations import WorkspaceManagerAssignmentsOperations +from ._workspace_manager_assignment_jobs_operations import WorkspaceManagerAssignmentJobsOperations +from ._workspace_manager_configurations_operations import WorkspaceManagerConfigurationsOperations +from ._workspace_manager_members_operations import WorkspaceManagerMembersOperations from ._data_connectors_operations import DataConnectorsOperations from ._data_connectors_check_requirements_operations import DataConnectorsCheckRequirementsOperations from ._operations import Operations @@ -54,19 +73,30 @@ "ActionsOperations", "AlertRuleTemplatesOperations", "AutomationRulesOperations", + "EntitiesOperations", "IncidentsOperations", "BookmarksOperations", "BookmarkRelationsOperations", "BookmarkOperations", + "ContentPackagesOperations", + "ContentPackageOperations", + "ProductPackagesOperations", + "ProductPackageOperations", + "ProductTemplatesOperations", + "ProductTemplateOperations", + "ContentTemplatesOperations", + "ContentTemplateOperations", "IPGeodataOperations", "DomainWhoisOperations", - "EntitiesOperations", "EntitiesGetTimelineOperations", "EntitiesRelationsOperations", "EntityRelationsOperations", "EntityQueriesOperations", "EntityQueryTemplatesOperations", "FileImportsOperations", + "HuntsOperations", + "HuntRelationsOperations", + "HuntCommentsOperations", "IncidentCommentsOperations", "IncidentRelationsOperations", "IncidentTasksOperations", @@ -83,8 +113,16 @@ "ThreatIntelligenceIndicatorOperations", "ThreatIntelligenceIndicatorsOperations", "ThreatIntelligenceIndicatorMetricsOperations", + "TriggeredAnalyticsRuleRunOperations", + "GetTriggeredAnalyticsRuleRunsOperations", + "AlertRuleOperations", "WatchlistsOperations", "WatchlistItemsOperations", + "WorkspaceManagerGroupsOperations", + "WorkspaceManagerAssignmentsOperations", + "WorkspaceManagerAssignmentJobsOperations", + "WorkspaceManagerConfigurationsOperations", + "WorkspaceManagerMembersOperations", "DataConnectorsOperations", "DataConnectorsCheckRequirementsOperations", "Operations", diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_actions_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_actions_operations.py index 9e3b782688be..d93c21836811 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_actions_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_actions_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_by_alert_rule_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -85,9 +80,7 @@ def list_by_alert_rule( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ActionsList] = kwargs.pop("cls", None) error_map = { @@ -142,8 +135,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -190,9 +184,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ActionResponse] = kwargs.pop("cls", None) request = build_get_request( @@ -209,8 +201,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -319,7 +312,7 @@ async def create_or_update( :type rule_id: str :param action_id: Action ID. Required. :type action_id: str - :param action: The action. Is either a model type or a IO type. Required. + :param action: The action. Is either a ActionRequest type or a IO type. Required. :type action: ~azure.mgmt.securityinsight.models.ActionRequest or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -340,9 +333,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ActionResponse] = kwargs.pop("cls", None) @@ -371,8 +362,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -427,9 +419,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -446,8 +436,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rule_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rule_operations.py new file mode 100644 index 000000000000..f6c982d3a286 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rule_operations.py @@ -0,0 +1,286 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, cast, overload + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.polling import AsyncLROPoller, AsyncNoPolling, AsyncPollingMethod +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat +from azure.mgmt.core.polling.async_arm_polling import AsyncARMPolling + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._alert_rule_operations import build_trigger_rule_run_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class AlertRuleOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`alert_rule` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + async def _trigger_rule_run_initial( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + rule_id: str, + analytics_rule_run_trigger_parameter: Union[_models.AnalyticsRuleRunTrigger, IO], + **kwargs: Any + ) -> None: + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[None] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(analytics_rule_run_trigger_parameter, (IO, bytes)): + _content = analytics_rule_run_trigger_parameter + else: + _json = self._serialize.body(analytics_rule_run_trigger_parameter, "AnalyticsRuleRunTrigger") + + request = build_trigger_rule_run_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + rule_id=rule_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self._trigger_rule_run_initial.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [202]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + response_headers = {} + response_headers["Location"] = self._deserialize("str", response.headers.get("Location")) + + if cls: + return cls(pipeline_response, None, response_headers) + + _trigger_rule_run_initial.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/triggerRuleRun" + } + + @overload + async def begin_trigger_rule_run( + self, + resource_group_name: str, + workspace_name: str, + rule_id: str, + analytics_rule_run_trigger_parameter: _models.AnalyticsRuleRunTrigger, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> AsyncLROPoller[None]: + """triggers analytics rule run. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param rule_id: Alert rule ID. Required. + :type rule_id: str + :param analytics_rule_run_trigger_parameter: The Analytics Rule Run Trigger parameter. + Required. + :type analytics_rule_run_trigger_parameter: + ~azure.mgmt.securityinsight.models.AnalyticsRuleRunTrigger + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :keyword str continuation_token: A continuation token to restart a poller from a saved state. + :keyword polling: By default, your polling method will be AsyncARMPolling. Pass in False for + this operation to not poll, or pass in your own initialized polling object for a personal + polling strategy. + :paramtype polling: bool or ~azure.core.polling.AsyncPollingMethod + :keyword int polling_interval: Default waiting time between two polls for LRO operations if no + Retry-After header is present. + :return: An instance of AsyncLROPoller that returns either None or the result of cls(response) + :rtype: ~azure.core.polling.AsyncLROPoller[None] + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def begin_trigger_rule_run( + self, + resource_group_name: str, + workspace_name: str, + rule_id: str, + analytics_rule_run_trigger_parameter: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> AsyncLROPoller[None]: + """triggers analytics rule run. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param rule_id: Alert rule ID. Required. + :type rule_id: str + :param analytics_rule_run_trigger_parameter: The Analytics Rule Run Trigger parameter. + Required. + :type analytics_rule_run_trigger_parameter: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :keyword str continuation_token: A continuation token to restart a poller from a saved state. + :keyword polling: By default, your polling method will be AsyncARMPolling. Pass in False for + this operation to not poll, or pass in your own initialized polling object for a personal + polling strategy. + :paramtype polling: bool or ~azure.core.polling.AsyncPollingMethod + :keyword int polling_interval: Default waiting time between two polls for LRO operations if no + Retry-After header is present. + :return: An instance of AsyncLROPoller that returns either None or the result of cls(response) + :rtype: ~azure.core.polling.AsyncLROPoller[None] + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def begin_trigger_rule_run( + self, + resource_group_name: str, + workspace_name: str, + rule_id: str, + analytics_rule_run_trigger_parameter: Union[_models.AnalyticsRuleRunTrigger, IO], + **kwargs: Any + ) -> AsyncLROPoller[None]: + """triggers analytics rule run. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param rule_id: Alert rule ID. Required. + :type rule_id: str + :param analytics_rule_run_trigger_parameter: The Analytics Rule Run Trigger parameter. Is + either a AnalyticsRuleRunTrigger type or a IO type. Required. + :type analytics_rule_run_trigger_parameter: + ~azure.mgmt.securityinsight.models.AnalyticsRuleRunTrigger or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :keyword str continuation_token: A continuation token to restart a poller from a saved state. + :keyword polling: By default, your polling method will be AsyncARMPolling. Pass in False for + this operation to not poll, or pass in your own initialized polling object for a personal + polling strategy. + :paramtype polling: bool or ~azure.core.polling.AsyncPollingMethod + :keyword int polling_interval: Default waiting time between two polls for LRO operations if no + Retry-After header is present. + :return: An instance of AsyncLROPoller that returns either None or the result of cls(response) + :rtype: ~azure.core.polling.AsyncLROPoller[None] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[None] = kwargs.pop("cls", None) + polling: Union[bool, AsyncPollingMethod] = kwargs.pop("polling", True) + lro_delay = kwargs.pop("polling_interval", self._config.polling_interval) + cont_token: Optional[str] = kwargs.pop("continuation_token", None) + if cont_token is None: + raw_result = await self._trigger_rule_run_initial( # type: ignore + resource_group_name=resource_group_name, + workspace_name=workspace_name, + rule_id=rule_id, + analytics_rule_run_trigger_parameter=analytics_rule_run_trigger_parameter, + api_version=api_version, + content_type=content_type, + cls=lambda x, y, z: x, + headers=_headers, + params=_params, + **kwargs + ) + kwargs.pop("error_map", None) + + def get_long_running_output(pipeline_response): # pylint: disable=inconsistent-return-statements + if cls: + return cls(pipeline_response, None, {}) + + if polling is True: + polling_method: AsyncPollingMethod = cast( + AsyncPollingMethod, AsyncARMPolling(lro_delay, lro_options={"final-state-via": "location"}, **kwargs) + ) + elif polling is False: + polling_method = cast(AsyncPollingMethod, AsyncNoPolling()) + else: + polling_method = polling + if cont_token: + return AsyncLROPoller.from_continuation_token( + polling_method=polling_method, + continuation_token=cont_token, + client=self._client, + deserialization_callback=get_long_running_output, + ) + return AsyncLROPoller(self._client, raw_result, get_long_running_output, polling_method) # type: ignore + + begin_trigger_rule_run.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/triggerRuleRun" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rule_templates_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rule_templates_operations.py index c4517e99abe7..a0bcf9d8d054 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rule_templates_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rule_templates_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar import urllib.parse @@ -31,10 +30,6 @@ from ..._vendor import _convert_request from ...operations._alert_rule_templates_operations import build_get_request, build_list_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -78,9 +73,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AlertRuleTemplatesList] = kwargs.pop("cls", None) error_map = { @@ -134,8 +127,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -180,9 +174,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AlertRuleTemplate] = kwargs.pop("cls", None) request = build_get_request( @@ -198,8 +190,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rules_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rules_operations.py index 856b3843f35a..ab8c8365b19b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rules_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_alert_rules_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -80,9 +75,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AlertRulesList] = kwargs.pop("cls", None) error_map = { @@ -136,8 +129,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -182,9 +176,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AlertRule] = kwargs.pop("cls", None) request = build_get_request( @@ -200,8 +192,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -301,7 +294,7 @@ async def create_or_update( :type workspace_name: str :param rule_id: Alert rule ID. Required. :type rule_id: str - :param alert_rule: The alert rule. Is either a model type or a IO type. Required. + :param alert_rule: The alert rule. Is either a AlertRule type or a IO type. Required. :type alert_rule: ~azure.mgmt.securityinsight.models.AlertRule or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -322,9 +315,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.AlertRule] = kwargs.pop("cls", None) @@ -352,8 +343,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -406,9 +398,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -424,8 +414,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_automation_rules_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_automation_rules_operations.py index 9040a09fd9bf..f85fb04ab04c 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_automation_rules_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_automation_rules_operations.py @@ -40,10 +40,6 @@ from collections.abc import MutableMapping else: from typing import MutableMapping # type: ignore # pylint: disable=ungrouped-imports -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports JSON = MutableMapping[str, Any] # pylint: disable=unsubscriptable-object T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -97,9 +93,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AutomationRule] = kwargs.pop("cls", None) request = build_get_request( @@ -115,8 +109,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -216,8 +211,8 @@ async def create_or_update( :type workspace_name: str :param automation_rule_id: Automation rule ID. Required. :type automation_rule_id: str - :param automation_rule_to_upsert: The automation rule. Is either a model type or a IO type. - Default value is None. + :param automation_rule_to_upsert: The automation rule. Is either a AutomationRule type or a IO + type. Default value is None. :type automation_rule_to_upsert: ~azure.mgmt.securityinsight.models.AutomationRule or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -238,9 +233,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.AutomationRule] = kwargs.pop("cls", None) @@ -271,8 +264,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -325,9 +319,7 @@ async def delete( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[JSON] = kwargs.pop("cls", None) request = build_delete_request( @@ -343,8 +335,9 @@ async def delete( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -388,9 +381,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AutomationRulesList] = kwargs.pop("cls", None) error_map = { @@ -444,8 +435,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmark_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmark_operations.py index e87871dba5df..5f0a0d2952cb 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmark_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmark_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from ..._vendor import _convert_request from ...operations._bookmark_operations import build_expand_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -138,7 +133,7 @@ async def expand( :param bookmark_id: Bookmark ID. Required. :type bookmark_id: str :param parameters: The parameters required to execute an expand operation on the given - bookmark. Is either a model type or a IO type. Required. + bookmark. Is either a BookmarkExpandParameters type or a IO type. Required. :type parameters: ~azure.mgmt.securityinsight.models.BookmarkExpandParameters or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -159,9 +154,7 @@ async def expand( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.BookmarkExpandResponse] = kwargs.pop("cls", None) @@ -189,8 +182,9 @@ async def expand( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmark_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmark_relations_operations.py index 237aca3682c1..659dc69399c7 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmark_relations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmark_relations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -104,9 +99,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.RelationList] = kwargs.pop("cls", None) error_map = { @@ -165,8 +158,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -213,9 +207,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) request = build_get_request( @@ -232,8 +224,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -342,7 +335,7 @@ async def create_or_update( :type bookmark_id: str :param relation_name: Relation Name. Required. :type relation_name: str - :param relation: The relation model. Is either a model type or a IO type. Required. + :param relation: The relation model. Is either a Relation type or a IO type. Required. :type relation: ~azure.mgmt.securityinsight.models.Relation or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -363,9 +356,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) @@ -394,8 +385,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -450,9 +442,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -469,8 +459,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmarks_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmarks_operations.py index b9783e8fa1e7..4d75759dc86e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmarks_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_bookmarks_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -80,9 +75,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.BookmarkList] = kwargs.pop("cls", None) error_map = { @@ -136,8 +129,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -182,9 +176,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Bookmark] = kwargs.pop("cls", None) request = build_get_request( @@ -200,8 +192,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -301,7 +294,7 @@ async def create_or_update( :type workspace_name: str :param bookmark_id: Bookmark ID. Required. :type bookmark_id: str - :param bookmark: The bookmark. Is either a model type or a IO type. Required. + :param bookmark: The bookmark. Is either a Bookmark type or a IO type. Required. :type bookmark: ~azure.mgmt.securityinsight.models.Bookmark or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -322,9 +315,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Bookmark] = kwargs.pop("cls", None) @@ -352,8 +343,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -406,9 +398,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -424,8 +414,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_package_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_package_operations.py new file mode 100644 index 000000000000..653972cec972 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_package_operations.py @@ -0,0 +1,270 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._content_package_operations import build_install_request, build_uninstall_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class ContentPackageOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`content_package` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @overload + async def install( + self, + resource_group_name: str, + workspace_name: str, + package_id: str, + package_installation_properties: _models.PackageModel, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.PackageModel: + """Install a package to the workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :param package_installation_properties: Package installation properties. Required. + :type package_installation_properties: ~azure.mgmt.securityinsight.models.PackageModel + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def install( + self, + resource_group_name: str, + workspace_name: str, + package_id: str, + package_installation_properties: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.PackageModel: + """Install a package to the workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :param package_installation_properties: Package installation properties. Required. + :type package_installation_properties: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def install( + self, + resource_group_name: str, + workspace_name: str, + package_id: str, + package_installation_properties: Union[_models.PackageModel, IO], + **kwargs: Any + ) -> _models.PackageModel: + """Install a package to the workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :param package_installation_properties: Package installation properties. Is either a + PackageModel type or a IO type. Required. + :type package_installation_properties: ~azure.mgmt.securityinsight.models.PackageModel or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.PackageModel] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(package_installation_properties, (IO, bytes)): + _content = package_installation_properties + else: + _json = self._serialize.body(package_installation_properties, "PackageModel") + + request = build_install_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + package_id=package_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.install.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("PackageModel", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("PackageModel", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + install.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + } + + @distributed_trace_async + async def uninstall( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, package_id: str, **kwargs: Any + ) -> None: + """Uninstall a package from the workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_uninstall_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + package_id=package_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.uninstall.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + uninstall.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_packages_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_packages_operations.py new file mode 100644 index 000000000000..35f290407300 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_packages_operations.py @@ -0,0 +1,236 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._content_packages_operations import build_get_request, build_list_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class ContentPackagesOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`content_packages` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.PackageModel"]: + """Gets all installed packages. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either PackageModel or the result of cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.PackageModel] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.PackageList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("PackageList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages" + } + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, package_id: str, **kwargs: Any + ) -> _models.PackageModel: + """Gets an installed packages by its id. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.PackageModel] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + package_id=package_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("PackageModel", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_template_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_template_operations.py new file mode 100644 index 000000000000..7e594fa6ae04 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_template_operations.py @@ -0,0 +1,339 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._content_template_operations import build_delete_request, build_get_request, build_install_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class ContentTemplateOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`content_template` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @overload + async def install( + self, + resource_group_name: str, + workspace_name: str, + template_id: str, + template_installation_properties: _models.TemplateModelAutoGenerated, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.TemplateModelAutoGenerated: + """Install a template. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :param template_installation_properties: Template installation properties. Required. + :type template_installation_properties: + ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def install( + self, + resource_group_name: str, + workspace_name: str, + template_id: str, + template_installation_properties: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.TemplateModelAutoGenerated: + """Install a template. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :param template_installation_properties: Template installation properties. Required. + :type template_installation_properties: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def install( + self, + resource_group_name: str, + workspace_name: str, + template_id: str, + template_installation_properties: Union[_models.TemplateModelAutoGenerated, IO], + **kwargs: Any + ) -> _models.TemplateModelAutoGenerated: + """Install a template. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :param template_installation_properties: Template installation properties. Is either a + TemplateModelAutoGenerated type or a IO type. Required. + :type template_installation_properties: + ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.TemplateModelAutoGenerated] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(template_installation_properties, (IO, bytes)): + _content = template_installation_properties + else: + _json = self._serialize.body(template_installation_properties, "TemplateModelAutoGenerated") + + request = build_install_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + template_id=template_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.install.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("TemplateModelAutoGenerated", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("TemplateModelAutoGenerated", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + install.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + } + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, template_id: str, **kwargs: Any + ) -> _models.TemplateModelAutoGenerated: + """Gets a template byt its identifier. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TemplateModelAutoGenerated] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + template_id=template_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("TemplateModelAutoGenerated", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + } + + @distributed_trace_async + async def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, template_id: str, **kwargs: Any + ) -> None: + """Delete an installed template. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + template_id=template_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_templates_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_templates_operations.py new file mode 100644 index 000000000000..ff9167f2d776 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_content_templates_operations.py @@ -0,0 +1,169 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._content_templates_operations import build_list_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class ContentTemplatesOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`content_templates` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.TemplateModelAutoGenerated"]: + """Gets all installed templates. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either TemplateModelAutoGenerated or the result of + cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TemplateListAutoGenerated] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("TemplateListAutoGenerated", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_data_connectors_check_requirements_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_data_connectors_check_requirements_operations.py index ad27dbca1787..3bbfe6969a13 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_data_connectors_check_requirements_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_data_connectors_check_requirements_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from ..._vendor import _convert_request from ...operations._data_connectors_check_requirements_operations import build_post_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -130,7 +125,7 @@ async def post( :param workspace_name: The name of the workspace. Required. :type workspace_name: str :param data_connectors_check_requirements: The parameters for requirements check message. Is - either a model type or a IO type. Required. + either a DataConnectorsCheckRequirements type or a IO type. Required. :type data_connectors_check_requirements: ~azure.mgmt.securityinsight.models.DataConnectorsCheckRequirements or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -152,9 +147,7 @@ async def post( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.DataConnectorRequirementsState] = kwargs.pop("cls", None) @@ -181,8 +174,9 @@ async def post( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_data_connectors_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_data_connectors_operations.py index 3e9a9ea01f82..f97bdef1f837 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_data_connectors_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_data_connectors_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -38,10 +37,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -85,9 +80,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.DataConnectorList] = kwargs.pop("cls", None) error_map = { @@ -141,8 +134,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -187,9 +181,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.DataConnector] = kwargs.pop("cls", None) request = build_get_request( @@ -205,8 +197,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -306,7 +299,8 @@ async def create_or_update( :type workspace_name: str :param data_connector_id: Connector ID. Required. :type data_connector_id: str - :param data_connector: The data connector. Is either a model type or a IO type. Required. + :param data_connector: The data connector. Is either a DataConnector type or a IO type. + Required. :type data_connector: ~azure.mgmt.securityinsight.models.DataConnector or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -327,9 +321,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.DataConnector] = kwargs.pop("cls", None) @@ -357,8 +349,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -411,9 +404,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -429,8 +420,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -526,7 +518,8 @@ async def connect( # pylint: disable=inconsistent-return-statements :type workspace_name: str :param data_connector_id: Connector ID. Required. :type data_connector_id: str - :param connect_body: The data connector. Is either a model type or a IO type. Required. + :param connect_body: The data connector. Is either a DataConnectorConnectBody type or a IO + type. Required. :type connect_body: ~azure.mgmt.securityinsight.models.DataConnectorConnectBody or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -547,9 +540,7 @@ async def connect( # pylint: disable=inconsistent-return-statements _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[None] = kwargs.pop("cls", None) @@ -577,8 +568,9 @@ async def connect( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -623,9 +615,7 @@ async def disconnect( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_disconnect_request( @@ -641,8 +631,9 @@ async def disconnect( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_domain_whois_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_domain_whois_operations.py index 30b1d059703f..a2164cdfb3c7 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_domain_whois_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_domain_whois_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from ..._vendor import _convert_request from ...operations._domain_whois_operations import build_get_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -80,9 +75,7 @@ async def get(self, resource_group_name: str, domain: str, **kwargs: Any) -> _mo _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EnrichmentDomainWhois] = kwargs.pop("cls", None) request = build_get_request( @@ -97,8 +90,9 @@ async def get(self, resource_group_name: str, domain: str, **kwargs: Any) -> _mo request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_get_timeline_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_get_timeline_operations.py index 62111c6a7259..330159ac0f4d 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_get_timeline_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_get_timeline_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from ..._vendor import _convert_request from ...operations._entities_get_timeline_operations import build_list_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -138,7 +133,7 @@ async def list( :param entity_id: entity ID. Required. :type entity_id: str :param parameters: The parameters required to execute an timeline operation on the given - entity. Is either a model type or a IO type. Required. + entity. Is either a EntityTimelineParameters type or a IO type. Required. :type parameters: ~azure.mgmt.securityinsight.models.EntityTimelineParameters or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -159,9 +154,7 @@ async def list( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.EntityTimelineResponse] = kwargs.pop("cls", None) @@ -189,8 +182,9 @@ async def list( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_operations.py index ddabc83cb09f..c0a5601cadf7 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -35,12 +34,9 @@ build_get_request, build_list_request, build_queries_request, + build_run_playbook_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -64,6 +60,159 @@ def __init__(self, *args, **kwargs) -> None: self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + @overload + async def run_playbook( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + entity_identifier: str, + request_body: Optional[_models.EntityManualTriggerRequestBody] = None, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> None: + """Triggers playbook on a specific entity. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param entity_identifier: Entity identifier. Required. + :type entity_identifier: str + :param request_body: Describes the request body for triggering a playbook on an entity. Default + value is None. + :type request_body: ~azure.mgmt.securityinsight.models.EntityManualTriggerRequestBody + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def run_playbook( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + entity_identifier: str, + request_body: Optional[IO] = None, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> None: + """Triggers playbook on a specific entity. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param entity_identifier: Entity identifier. Required. + :type entity_identifier: str + :param request_body: Describes the request body for triggering a playbook on an entity. Default + value is None. + :type request_body: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def run_playbook( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + entity_identifier: str, + request_body: Optional[Union[_models.EntityManualTriggerRequestBody, IO]] = None, + **kwargs: Any + ) -> None: + """Triggers playbook on a specific entity. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param entity_identifier: Entity identifier. Required. + :type entity_identifier: str + :param request_body: Describes the request body for triggering a playbook on an entity. Is + either a EntityManualTriggerRequestBody type or a IO type. Default value is None. + :type request_body: ~azure.mgmt.securityinsight.models.EntityManualTriggerRequestBody or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[None] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(request_body, (IO, bytes)): + _content = request_body + else: + if request_body is not None: + _json = self._serialize.body(request_body, "EntityManualTriggerRequestBody") + else: + _json = None + + request = build_run_playbook_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + entity_identifier=entity_identifier, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.run_playbook.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + run_playbook.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityIdentifier}/runPlaybook" + } + @distributed_trace def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> AsyncIterable["_models.Entity"]: """Gets all entities. @@ -81,9 +230,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityList] = kwargs.pop("cls", None) error_map = { @@ -137,8 +284,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -181,9 +329,7 @@ async def get(self, resource_group_name: str, workspace_name: str, entity_id: st _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Entity] = kwargs.pop("cls", None) request = build_get_request( @@ -199,8 +345,9 @@ async def get(self, resource_group_name: str, workspace_name: str, entity_id: st request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -303,7 +450,7 @@ async def expand( :param entity_id: entity ID. Required. :type entity_id: str :param parameters: The parameters required to execute an expand operation on the given entity. - Is either a model type or a IO type. Required. + Is either a EntityExpandParameters type or a IO type. Required. :type parameters: ~azure.mgmt.securityinsight.models.EntityExpandParameters or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -324,9 +471,7 @@ async def expand( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.EntityExpandResponse] = kwargs.pop("cls", None) @@ -354,8 +499,9 @@ async def expand( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -411,9 +557,7 @@ async def queries( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.GetQueriesResponse] = kwargs.pop("cls", None) request = build_queries_request( @@ -430,8 +574,9 @@ async def queries( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -532,7 +677,7 @@ async def get_insights( :param entity_id: entity ID. Required. :type entity_id: str :param parameters: The parameters required to execute insights on the given entity. Is either a - model type or a IO type. Required. + EntityGetInsightsParameters type or a IO type. Required. :type parameters: ~azure.mgmt.securityinsight.models.EntityGetInsightsParameters or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -553,9 +698,7 @@ async def get_insights( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.EntityGetInsightsResponse] = kwargs.pop("cls", None) @@ -583,8 +726,9 @@ async def get_insights( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_relations_operations.py index d232b818621f..49bc5d6ea8b9 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_relations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entities_relations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar import urllib.parse @@ -30,10 +29,6 @@ from ..._vendor import _convert_request from ...operations._entities_relations_operations import build_list_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -98,9 +93,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.RelationList] = kwargs.pop("cls", None) error_map = { @@ -159,8 +152,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_queries_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_queries_operations.py index 2a53846738ea..57b4acba93ac 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_queries_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_queries_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -68,7 +63,7 @@ def list( self, resource_group_name: str, workspace_name: str, - kind: Optional[Union[str, _models.Enum13]] = None, + kind: Optional[Union[str, _models.Enum19]] = None, **kwargs: Any ) -> AsyncIterable["_models.EntityQuery"]: """Gets all entity queries. @@ -80,7 +75,7 @@ def list( :type workspace_name: str :param kind: The entity query kind we want to fetch. Known values are: "Expansion" and "Activity". Default value is None. - :type kind: str or ~azure.mgmt.securityinsight.models.Enum13 + :type kind: str or ~azure.mgmt.securityinsight.models.Enum19 :keyword callable cls: A custom type or function that will be passed the direct response :return: An iterator like instance of either EntityQuery or the result of cls(response) :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.EntityQuery] @@ -89,9 +84,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityQueryList] = kwargs.pop("cls", None) error_map = { @@ -146,8 +139,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -192,9 +186,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityQuery] = kwargs.pop("cls", None) request = build_get_request( @@ -210,8 +202,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -311,8 +304,8 @@ async def create_or_update( :type workspace_name: str :param entity_query_id: entity query ID. Required. :type entity_query_id: str - :param entity_query: The entity query we want to create or update. Is either a model type or a - IO type. Required. + :param entity_query: The entity query we want to create or update. Is either a + CustomEntityQuery type or a IO type. Required. :type entity_query: ~azure.mgmt.securityinsight.models.CustomEntityQuery or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -333,9 +326,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.EntityQuery] = kwargs.pop("cls", None) @@ -363,8 +354,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -417,9 +409,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -435,8 +425,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_query_templates_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_query_templates_operations.py index e2f34e18fc04..db7ff8718d1b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_query_templates_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_query_templates_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar, Union import urllib.parse @@ -31,10 +30,6 @@ from ..._vendor import _convert_request from ...operations._entity_query_templates_operations import build_get_request, build_list_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -63,7 +58,7 @@ def list( self, resource_group_name: str, workspace_name: str, - kind: Optional[Union[str, _models.Enum15]] = None, + kind: Optional[Union[str, _models.Enum21]] = None, **kwargs: Any ) -> AsyncIterable["_models.EntityQueryTemplate"]: """Gets all entity query templates. @@ -74,7 +69,7 @@ def list( :param workspace_name: The name of the workspace. Required. :type workspace_name: str :param kind: The entity template query kind we want to fetch. "Activity" Default value is None. - :type kind: str or ~azure.mgmt.securityinsight.models.Enum15 + :type kind: str or ~azure.mgmt.securityinsight.models.Enum21 :keyword callable cls: A custom type or function that will be passed the direct response :return: An iterator like instance of either EntityQueryTemplate or the result of cls(response) :rtype: @@ -84,9 +79,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityQueryTemplateList] = kwargs.pop("cls", None) error_map = { @@ -141,8 +134,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -187,9 +181,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityQueryTemplate] = kwargs.pop("cls", None) request = build_get_request( @@ -205,8 +197,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_relations_operations.py index 9cb8ac64c04b..1327848f537e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_relations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_entity_relations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from ..._vendor import _convert_request from ...operations._entity_relations_operations import build_get_relation_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -86,9 +81,7 @@ async def get_relation( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) request = build_get_relation_request( @@ -105,8 +98,9 @@ async def get_relation( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_file_imports_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_file_imports_operations.py index 5636b9487428..4f893285bcdb 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_file_imports_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_file_imports_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, cast, overload import urllib.parse @@ -38,10 +37,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -103,9 +98,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.FileImportList] = kwargs.pop("cls", None) error_map = { @@ -163,8 +156,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -209,9 +203,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.FileImport] = kwargs.pop("cls", None) request = build_get_request( @@ -227,8 +219,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -328,7 +321,7 @@ async def create( :type workspace_name: str :param file_import_id: File import ID. Required. :type file_import_id: str - :param file_import: The file import. Is either a model type or a IO type. Required. + :param file_import: The file import. Is either a FileImport type or a IO type. Required. :type file_import: ~azure.mgmt.securityinsight.models.FileImport or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -349,9 +342,7 @@ async def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.FileImport] = kwargs.pop("cls", None) @@ -379,8 +370,9 @@ async def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -414,9 +406,7 @@ async def _delete_initial( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[Optional[_models.FileImport]] = kwargs.pop("cls", None) request = build_delete_request( @@ -432,8 +422,9 @@ async def _delete_initial( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -484,9 +475,7 @@ async def begin_delete( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.FileImport] = kwargs.pop("cls", None) polling: Union[bool, AsyncPollingMethod] = kwargs.pop("polling", True) lro_delay = kwargs.pop("polling_interval", self._config.polling_interval) diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_operations.py index 015f667e45a7..013a6ddb21ed 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from ..._vendor import _convert_request from ...operations._get_operations import build_single_recommendation_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -84,9 +79,7 @@ async def single_recommendation( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Recommendation] = kwargs.pop("cls", None) request = build_single_recommendation_request( @@ -102,8 +95,9 @@ async def single_recommendation( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_recommendations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_recommendations_operations.py index e46e68a6f58a..6120eb8f0ad8 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_recommendations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_recommendations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from ..._vendor import _convert_request from ...operations._get_recommendations_operations import build_list_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -80,9 +75,7 @@ async def list(self, resource_group_name: str, workspace_name: str, **kwargs: An _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.RecommendationList] = kwargs.pop("cls", None) request = build_list_request( @@ -97,8 +90,9 @@ async def list(self, resource_group_name: str, workspace_name: str, **kwargs: An request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_triggered_analytics_rule_runs_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_triggered_analytics_rule_runs_operations.py new file mode 100644 index 000000000000..103226cf45fd --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_get_triggered_analytics_rule_runs_operations.py @@ -0,0 +1,146 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._get_triggered_analytics_rule_runs_operations import build_list_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class GetTriggeredAnalyticsRuleRunsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`get_triggered_analytics_rule_runs` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, resource_group_name: str, workspace_name: str, **kwargs: Any + ) -> AsyncIterable["_models.TriggeredAnalyticsRuleRun"]: + """Gets the triggered analytics rule runs. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either TriggeredAnalyticsRuleRun or the result of + cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.TriggeredAnalyticsRuleRun] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TriggeredAnalyticsRuleRuns] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("TriggeredAnalyticsRuleRuns", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_hunt_comments_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_hunt_comments_operations.py new file mode 100644 index 000000000000..6d2f44088dde --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_hunt_comments_operations.py @@ -0,0 +1,478 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._hunt_comments_operations import ( + build_create_or_update_request, + build_delete_request, + build_get_request, + build_list_request, +) + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class HuntCommentsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`hunt_comments` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.HuntComment"]: + """Gets all hunt comments. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either HuntComment or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.HuntComment] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntCommentList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("HuntCommentList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments" + } + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt_comment_id: str, **kwargs: Any + ) -> _models.HuntComment: + """Gets a hunt comment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntComment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntComment + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntComment] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_comment_id=hunt_comment_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("HuntComment", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + } + + @distributed_trace_async + async def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt_comment_id: str, **kwargs: Any + ) -> None: + """Delete a hunt comment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_comment_id=hunt_comment_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + } + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_comment_id: str, + hunt_comment: _models.HuntComment, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.HuntComment: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :param hunt_comment: The hunt comment. Required. + :type hunt_comment: ~azure.mgmt.securityinsight.models.HuntComment + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntComment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntComment + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_comment_id: str, + hunt_comment: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.HuntComment: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :param hunt_comment: The hunt comment. Required. + :type hunt_comment: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntComment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntComment + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_comment_id: str, + hunt_comment: Union[_models.HuntComment, IO], + **kwargs: Any + ) -> _models.HuntComment: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :param hunt_comment: The hunt comment. Is either a HuntComment type or a IO type. Required. + :type hunt_comment: ~azure.mgmt.securityinsight.models.HuntComment or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntComment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntComment + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.HuntComment] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(hunt_comment, (IO, bytes)): + _content = hunt_comment + else: + _json = self._serialize.body(hunt_comment, "HuntComment") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_comment_id=hunt_comment_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("HuntComment", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("HuntComment", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_hunt_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_hunt_relations_operations.py new file mode 100644 index 000000000000..3a7f79df4b43 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_hunt_relations_operations.py @@ -0,0 +1,479 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._hunt_relations_operations import ( + build_create_or_update_request, + build_delete_request, + build_get_request, + build_list_request, +) + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class HuntRelationsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`hunt_relations` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.HuntRelation"]: + """Gets all hunt relations. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either HuntRelation or the result of cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.HuntRelation] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntRelationList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("HuntRelationList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations" + } + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt_relation_id: str, **kwargs: Any + ) -> _models.HuntRelation: + """Gets a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntRelation or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntRelation + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntRelation] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_relation_id=hunt_relation_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("HuntRelation", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + } + + @distributed_trace_async + async def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt_relation_id: str, **kwargs: Any + ) -> None: + """Delete a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_relation_id=hunt_relation_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + } + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_relation_id: str, + hunt_relation: _models.HuntRelation, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.HuntRelation: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :param hunt_relation: The hunt relation. Required. + :type hunt_relation: ~azure.mgmt.securityinsight.models.HuntRelation + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntRelation or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntRelation + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_relation_id: str, + hunt_relation: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.HuntRelation: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :param hunt_relation: The hunt relation. Required. + :type hunt_relation: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntRelation or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntRelation + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_relation_id: str, + hunt_relation: Union[_models.HuntRelation, IO], + **kwargs: Any + ) -> _models.HuntRelation: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :param hunt_relation: The hunt relation. Is either a HuntRelation type or a IO type. Required. + :type hunt_relation: ~azure.mgmt.securityinsight.models.HuntRelation or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntRelation or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntRelation + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.HuntRelation] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(hunt_relation, (IO, bytes)): + _content = hunt_relation + else: + _json = self._serialize.body(hunt_relation, "HuntRelation") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_relation_id=hunt_relation_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("HuntRelation", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("HuntRelation", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_hunts_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_hunts_operations.py new file mode 100644 index 000000000000..300a896e31c5 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_hunts_operations.py @@ -0,0 +1,451 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._hunts_operations import ( + build_create_or_update_request, + build_delete_request, + build_get_request, + build_list_request, +) + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class HuntsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`hunts` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.Hunt"]: + """Gets all hunts, without relations and comments. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either Hunt or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.Hunt] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("HuntList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts" + } + + @distributed_trace_async + async def get(self, resource_group_name: str, workspace_name: str, hunt_id: str, **kwargs: Any) -> _models.Hunt: + """Gets a hunt, without relations and comments. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Hunt or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Hunt + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.Hunt] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("Hunt", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + } + + @distributed_trace_async + async def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, hunt_id: str, **kwargs: Any + ) -> None: + """Delete a hunt. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + } + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt: _models.Hunt, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.Hunt: + """Create or update a hunt. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt: The hunt. Required. + :type hunt: ~azure.mgmt.securityinsight.models.Hunt + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Hunt or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Hunt + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.Hunt: + """Create or update a hunt. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt: The hunt. Required. + :type hunt: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Hunt or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Hunt + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def create_or_update( + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt: Union[_models.Hunt, IO], **kwargs: Any + ) -> _models.Hunt: + """Create or update a hunt. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt: The hunt. Is either a Hunt type or a IO type. Required. + :type hunt: ~azure.mgmt.securityinsight.models.Hunt or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Hunt or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Hunt + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.Hunt] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(hunt, (IO, bytes)): + _content = hunt + else: + _json = self._serialize.body(hunt, "Hunt") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("Hunt", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("Hunt", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_comments_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_comments_operations.py index 0a69a9384b3f..d7f00868076c 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_comments_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_comments_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -105,9 +100,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentCommentList] = kwargs.pop("cls", None) error_map = { @@ -166,8 +159,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -214,9 +208,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentComment] = kwargs.pop("cls", None) request = build_get_request( @@ -233,8 +225,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -343,7 +336,8 @@ async def create_or_update( :type incident_id: str :param incident_comment_id: Incident comment ID. Required. :type incident_comment_id: str - :param incident_comment: The incident comment. Is either a model type or a IO type. Required. + :param incident_comment: The incident comment. Is either a IncidentComment type or a IO type. + Required. :type incident_comment: ~azure.mgmt.securityinsight.models.IncidentComment or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -364,9 +358,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.IncidentComment] = kwargs.pop("cls", None) @@ -395,8 +387,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -451,9 +444,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -470,8 +461,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_relations_operations.py index 3fa719c8adf6..90ed99b05448 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_relations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_relations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -104,9 +99,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.RelationList] = kwargs.pop("cls", None) error_map = { @@ -165,8 +158,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -213,9 +207,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) request = build_get_request( @@ -232,8 +224,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -342,7 +335,7 @@ async def create_or_update( :type incident_id: str :param relation_name: Relation Name. Required. :type relation_name: str - :param relation: The relation model. Is either a model type or a IO type. Required. + :param relation: The relation model. Is either a Relation type or a IO type. Required. :type relation: ~azure.mgmt.securityinsight.models.Relation or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -363,9 +356,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) @@ -394,8 +385,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -450,9 +442,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -469,8 +459,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_tasks_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_tasks_operations.py index 3ab32b7e4d51..2bebdd2da8cc 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_tasks_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incident_tasks_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -85,9 +80,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentTaskList] = kwargs.pop("cls", None) error_map = { @@ -142,8 +135,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -190,9 +184,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentTask] = kwargs.pop("cls", None) request = build_get_request( @@ -209,8 +201,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -319,7 +312,7 @@ async def create_or_update( :type incident_id: str :param incident_task_id: Incident task ID. Required. :type incident_task_id: str - :param incident_task: The incident task. Is either a model type or a IO type. Required. + :param incident_task: The incident task. Is either a IncidentTask type or a IO type. Required. :type incident_task: ~azure.mgmt.securityinsight.models.IncidentTask or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -340,9 +333,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.IncidentTask] = kwargs.pop("cls", None) @@ -371,8 +362,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -427,9 +419,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -446,8 +436,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incidents_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incidents_operations.py index a0452b513c88..1606f41df802 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incidents_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_incidents_operations.py @@ -45,10 +45,6 @@ from collections.abc import MutableMapping else: from typing import MutableMapping # type: ignore # pylint: disable=ungrouped-imports -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports JSON = MutableMapping[str, Any] # pylint: disable=unsubscriptable-object T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -153,7 +149,8 @@ async def run_playbook( :type workspace_name: str :param incident_identifier: Required. :type incident_identifier: str - :param request_body: Is either a model type or a IO type. Default value is None. + :param request_body: Is either a ManualTriggerRequestBody type or a IO type. Default value is + None. :type request_body: ~azure.mgmt.securityinsight.models.ManualTriggerRequestBody or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -174,9 +171,7 @@ async def run_playbook( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[JSON] = kwargs.pop("cls", None) @@ -207,8 +202,9 @@ async def run_playbook( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -266,9 +262,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentList] = kwargs.pop("cls", None) error_map = { @@ -326,8 +320,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -372,9 +367,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Incident] = kwargs.pop("cls", None) request = build_get_request( @@ -390,8 +383,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -491,7 +485,7 @@ async def create_or_update( :type workspace_name: str :param incident_id: Incident ID. Required. :type incident_id: str - :param incident: The incident. Is either a model type or a IO type. Required. + :param incident: The incident. Is either a Incident type or a IO type. Required. :type incident: ~azure.mgmt.securityinsight.models.Incident or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -512,9 +506,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Incident] = kwargs.pop("cls", None) @@ -542,8 +534,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -596,9 +589,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -614,8 +605,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -714,7 +706,8 @@ async def create_team( :type workspace_name: str :param incident_id: Incident ID. Required. :type incident_id: str - :param team_properties: Team properties. Is either a model type or a IO type. Required. + :param team_properties: Team properties. Is either a TeamInformation type or a IO type. + Required. :type team_properties: ~azure.mgmt.securityinsight.models.TeamInformation or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -735,9 +728,7 @@ async def create_team( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.TeamInformation] = kwargs.pop("cls", None) @@ -765,8 +756,9 @@ async def create_team( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -815,9 +807,7 @@ async def list_alerts( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentAlertList] = kwargs.pop("cls", None) request = build_list_alerts_request( @@ -833,8 +823,9 @@ async def list_alerts( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -883,9 +874,7 @@ async def list_bookmarks( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentBookmarkList] = kwargs.pop("cls", None) request = build_list_bookmarks_request( @@ -901,8 +890,9 @@ async def list_bookmarks( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -951,9 +941,7 @@ async def list_entities( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentEntitiesResponse] = kwargs.pop("cls", None) request = build_list_entities_request( @@ -969,8 +957,9 @@ async def list_entities( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_ip_geodata_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_ip_geodata_operations.py index e1f7121e301e..e00105460c38 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_ip_geodata_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_ip_geodata_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from ..._vendor import _convert_request from ...operations._ip_geodata_operations import build_get_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -80,9 +75,7 @@ async def get(self, resource_group_name: str, ip_address: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EnrichmentIpGeodata] = kwargs.pop("cls", None) request = build_get_request( @@ -97,8 +90,9 @@ async def get(self, resource_group_name: str, ip_address: str, **kwargs: Any) -> request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_metadata_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_metadata_operations.py index f9d87e686bcd..aa04fb111ced 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_metadata_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_metadata_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -37,10 +36,6 @@ build_update_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -101,9 +96,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.MetadataList] = kwargs.pop("cls", None) error_map = { @@ -161,8 +154,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -207,9 +201,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.MetadataModel] = kwargs.pop("cls", None) request = build_get_request( @@ -225,8 +217,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -275,9 +268,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -293,8 +284,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -390,7 +382,7 @@ async def create( :type workspace_name: str :param metadata_name: The Metadata name. Required. :type metadata_name: str - :param metadata: Metadata resource. Is either a model type or a IO type. Required. + :param metadata: Metadata resource. Is either a MetadataModel type or a IO type. Required. :type metadata: ~azure.mgmt.securityinsight.models.MetadataModel or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -411,9 +403,7 @@ async def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.MetadataModel] = kwargs.pop("cls", None) @@ -441,8 +431,9 @@ async def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -546,7 +537,8 @@ async def update( :type workspace_name: str :param metadata_name: The Metadata name. Required. :type metadata_name: str - :param metadata_patch: Partial metadata request. Is either a model type or a IO type. Required. + :param metadata_patch: Partial metadata request. Is either a MetadataPatch type or a IO type. + Required. :type metadata_patch: ~azure.mgmt.securityinsight.models.MetadataPatch or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -567,9 +559,7 @@ async def update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.MetadataModel] = kwargs.pop("cls", None) @@ -597,8 +587,9 @@ async def update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_office_consents_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_office_consents_operations.py index fffada186187..06c618c659ee 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_office_consents_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_office_consents_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar import urllib.parse @@ -31,10 +30,6 @@ from ..._vendor import _convert_request from ...operations._office_consents_operations import build_delete_request, build_get_request, build_list_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -78,9 +73,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.OfficeConsentList] = kwargs.pop("cls", None) error_map = { @@ -134,8 +127,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -180,9 +174,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.OfficeConsent] = kwargs.pop("cls", None) request = build_get_request( @@ -198,8 +190,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -248,9 +241,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -266,8 +257,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_operations.py index 376f9dc326f2..126066cd2908 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar import urllib.parse @@ -30,10 +29,6 @@ from ..._vendor import _convert_request from ...operations._operations import build_list_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -69,9 +64,7 @@ def list(self, **kwargs: Any) -> AsyncIterable["_models.Operation"]: _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.OperationsList] = kwargs.pop("cls", None) error_map = { @@ -122,8 +115,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_package_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_package_operations.py new file mode 100644 index 000000000000..e4ce1ff705de --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_package_operations.py @@ -0,0 +1,118 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Optional, TypeVar + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._product_package_operations import build_get_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class ProductPackageOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`product_package` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, package_id: str, **kwargs: Any + ) -> _models.PackageModelAutoGenerated: + """Gets a package by its identifier from the catalog. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.PackageModelAutoGenerated] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + package_id=package_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("PackageModelAutoGenerated", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages/{packageId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_packages_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_packages_operations.py new file mode 100644 index 000000000000..bdb962cef6bf --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_packages_operations.py @@ -0,0 +1,169 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._product_packages_operations import build_list_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class ProductPackagesOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`product_packages` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.PackageModelAutoGenerated"]: + """Gets all packages from the catalog. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either PackageModelAutoGenerated or the result of + cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.PackageModelAutoGenerated] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.PackageListAutoGenerated] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("PackageListAutoGenerated", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_settings_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_settings_operations.py index 3324a16bab68..1d1e481cf130 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_settings_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_settings_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -33,10 +32,6 @@ build_update_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -85,9 +80,7 @@ async def list(self, resource_group_name: str, workspace_name: str, **kwargs: An _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SettingList] = kwargs.pop("cls", None) request = build_list_request( @@ -102,8 +95,9 @@ async def list(self, resource_group_name: str, workspace_name: str, **kwargs: An request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -153,9 +147,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Settings] = kwargs.pop("cls", None) request = build_get_request( @@ -171,8 +163,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -222,9 +215,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -240,8 +231,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -340,7 +332,7 @@ async def update( :param settings_name: The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba. Required. :type settings_name: str - :param settings: The setting. Is either a model type or a IO type. Required. + :param settings: The setting. Is either a Settings type or a IO type. Required. :type settings: ~azure.mgmt.securityinsight.models.Settings or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -361,9 +353,7 @@ async def update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Settings] = kwargs.pop("cls", None) @@ -391,8 +381,9 @@ async def update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_template_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_template_operations.py new file mode 100644 index 000000000000..5b8607abc00e --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_template_operations.py @@ -0,0 +1,118 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Optional, TypeVar + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._product_template_operations import build_get_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class ProductTemplateOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`product_template` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, template_id: str, **kwargs: Any + ) -> _models.TemplateModel: + """Gets a template by its identifier. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TemplateModel] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + template_id=template_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("TemplateModel", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentproducttemplates/{templateId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_templates_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_templates_operations.py new file mode 100644 index 000000000000..117c19db7a8e --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_product_templates_operations.py @@ -0,0 +1,168 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._product_templates_operations import build_list_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class ProductTemplatesOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`product_templates` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.TemplateModel"]: + """Gets all templates in the catalog. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either TemplateModel or the result of cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.TemplateModel] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TemplateList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("TemplateList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductTemplates" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_security_ml_analytics_settings_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_security_ml_analytics_settings_operations.py index eb537fb84c40..2d5320f9ec80 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_security_ml_analytics_settings_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_security_ml_analytics_settings_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -84,9 +79,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SecurityMLAnalyticsSettingsList] = kwargs.pop("cls", None) error_map = { @@ -140,8 +133,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -186,9 +180,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SecurityMLAnalyticsSetting] = kwargs.pop("cls", None) request = build_get_request( @@ -204,8 +196,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -306,8 +299,8 @@ async def create_or_update( :type workspace_name: str :param settings_resource_name: Security ML Analytics Settings resource name. Required. :type settings_resource_name: str - :param security_ml_analytics_setting: The security ML Analytics setting. Is either a model type - or a IO type. Required. + :param security_ml_analytics_setting: The security ML Analytics setting. Is either a + SecurityMLAnalyticsSetting type or a IO type. Required. :type security_ml_analytics_setting: ~azure.mgmt.securityinsight.models.SecurityMLAnalyticsSetting or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -329,9 +322,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.SecurityMLAnalyticsSetting] = kwargs.pop("cls", None) @@ -359,8 +350,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -413,9 +405,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -431,8 +421,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_sentinel_onboarding_states_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_sentinel_onboarding_states_operations.py index aac64f7fdd94..559a338d093c 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_sentinel_onboarding_states_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_sentinel_onboarding_states_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -33,10 +32,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -90,9 +85,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SentinelOnboardingState] = kwargs.pop("cls", None) request = build_get_request( @@ -108,8 +101,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -216,7 +210,7 @@ async def create( Required. :type sentinel_onboarding_state_name: str :param sentinel_onboarding_state_parameter: The Sentinel onboarding state parameter. Is either - a model type or a IO type. Default value is None. + a SentinelOnboardingState type or a IO type. Default value is None. :type sentinel_onboarding_state_parameter: ~azure.mgmt.securityinsight.models.SentinelOnboardingState or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -238,9 +232,7 @@ async def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.SentinelOnboardingState] = kwargs.pop("cls", None) @@ -271,8 +263,9 @@ async def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -326,9 +319,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -344,8 +335,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -388,9 +380,7 @@ async def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SentinelOnboardingStatesList] = kwargs.pop("cls", None) request = build_list_request( @@ -405,8 +395,9 @@ async def list( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_source_control_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_source_control_operations.py index 121de431e0c8..d112b8a28798 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_source_control_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_source_control_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar, Union import urllib.parse @@ -30,10 +29,6 @@ from ..._vendor import _convert_request from ...operations._source_control_operations import build_list_repositories_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -78,9 +73,7 @@ def list_repositories( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: str = kwargs.pop("content_type", _headers.pop("Content-Type", "application/json")) cls: ClsType[_models.RepoList] = kwargs.pop("cls", None) @@ -138,8 +131,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_source_controls_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_source_controls_operations.py index a2a445e2e5e2..bf9dd833c9c6 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_source_controls_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_source_controls_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -83,9 +78,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SourceControlList] = kwargs.pop("cls", None) error_map = { @@ -139,8 +132,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -185,9 +179,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SourceControl] = kwargs.pop("cls", None) request = build_get_request( @@ -203,8 +195,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -253,9 +246,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -271,8 +262,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -368,7 +360,8 @@ async def create( :type workspace_name: str :param source_control_id: Source control Id. Required. :type source_control_id: str - :param source_control: The SourceControl. Is either a model type or a IO type. Required. + :param source_control: The SourceControl. Is either a SourceControl type or a IO type. + Required. :type source_control: ~azure.mgmt.securityinsight.models.SourceControl or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -389,9 +382,7 @@ async def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.SourceControl] = kwargs.pop("cls", None) @@ -419,8 +410,9 @@ async def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicator_metrics_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicator_metrics_operations.py index 5847ff70bdcb..6978118f5076 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicator_metrics_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicator_metrics_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from ..._vendor import _convert_request from ...operations._threat_intelligence_indicator_metrics_operations import build_list_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -82,9 +77,7 @@ async def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ThreatIntelligenceMetricsList] = kwargs.pop("cls", None) request = build_list_request( @@ -99,8 +92,9 @@ async def list( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicator_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicator_operations.py index e33a32402aa2..add3fea5ff42 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicator_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicator_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -39,10 +38,6 @@ build_replace_tags_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -141,7 +136,7 @@ async def create_indicator( :param workspace_name: The name of the workspace. Required. :type workspace_name: str :param threat_intelligence_properties: Properties of threat intelligence indicators to create - and update. Is either a model type or a IO type. Required. + and update. Is either a ThreatIntelligenceIndicatorModel type or a IO type. Required. :type threat_intelligence_properties: ~azure.mgmt.securityinsight.models.ThreatIntelligenceIndicatorModel or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -163,9 +158,7 @@ async def create_indicator( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ThreatIntelligenceInformation] = kwargs.pop("cls", None) @@ -192,8 +185,9 @@ async def create_indicator( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -246,9 +240,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ThreatIntelligenceInformation] = kwargs.pop("cls", None) request = build_get_request( @@ -264,8 +256,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -369,7 +362,7 @@ async def create( :param name: Threat intelligence indicator name field. Required. :type name: str :param threat_intelligence_properties: Properties of threat intelligence indicators to create - and update. Is either a model type or a IO type. Required. + and update. Is either a ThreatIntelligenceIndicatorModel type or a IO type. Required. :type threat_intelligence_properties: ~azure.mgmt.securityinsight.models.ThreatIntelligenceIndicatorModel or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -391,9 +384,7 @@ async def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ThreatIntelligenceInformation] = kwargs.pop("cls", None) @@ -421,8 +412,9 @@ async def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -475,9 +467,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -493,8 +483,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -589,7 +580,8 @@ def query_indicators( :param workspace_name: The name of the workspace. Required. :type workspace_name: str :param threat_intelligence_filtering_criteria: Filtering criteria for querying threat - intelligence indicators. Is either a model type or a IO type. Required. + intelligence indicators. Is either a ThreatIntelligenceFilteringCriteria type or a IO type. + Required. :type threat_intelligence_filtering_criteria: ~azure.mgmt.securityinsight.models.ThreatIntelligenceFilteringCriteria or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -605,9 +597,7 @@ def query_indicators( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ThreatIntelligenceInformationList] = kwargs.pop("cls", None) @@ -672,8 +662,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -773,7 +764,7 @@ async def append_tags( # pylint: disable=inconsistent-return-statements :param name: Threat intelligence indicator name field. Required. :type name: str :param threat_intelligence_append_tags: The threat intelligence append tags request body. Is - either a model type or a IO type. Required. + either a ThreatIntelligenceAppendTags type or a IO type. Required. :type threat_intelligence_append_tags: ~azure.mgmt.securityinsight.models.ThreatIntelligenceAppendTags or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -795,9 +786,7 @@ async def append_tags( # pylint: disable=inconsistent-return-statements _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[None] = kwargs.pop("cls", None) @@ -825,8 +814,9 @@ async def append_tags( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -926,7 +916,7 @@ async def replace_tags( :param name: Threat intelligence indicator name field. Required. :type name: str :param threat_intelligence_replace_tags: Tags in the threat intelligence indicator to be - replaced. Is either a model type or a IO type. Required. + replaced. Is either a ThreatIntelligenceIndicatorModel type or a IO type. Required. :type threat_intelligence_replace_tags: ~azure.mgmt.securityinsight.models.ThreatIntelligenceIndicatorModel or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -948,9 +938,7 @@ async def replace_tags( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ThreatIntelligenceInformation] = kwargs.pop("cls", None) @@ -978,8 +966,9 @@ async def replace_tags( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicators_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicators_operations.py index 43499935ceb1..e748fc3edbf9 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicators_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_threat_intelligence_indicators_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar import urllib.parse @@ -30,10 +29,6 @@ from ..._vendor import _convert_request from ...operations._threat_intelligence_indicators_operations import build_list_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -97,9 +92,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ThreatIntelligenceInformationList] = kwargs.pop("cls", None) error_map = { @@ -157,8 +150,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_triggered_analytics_rule_run_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_triggered_analytics_rule_run_operations.py new file mode 100644 index 000000000000..38205bcfa831 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_triggered_analytics_rule_run_operations.py @@ -0,0 +1,118 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Optional, TypeVar + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._triggered_analytics_rule_run_operations import build_get_request + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class TriggeredAnalyticsRuleRunOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`triggered_analytics_rule_run` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, rule_run_id: str, **kwargs: Any + ) -> _models.TriggeredAnalyticsRuleRun: + """Gets the triggered analytics rule run. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param rule_run_id: the triggered rule id. Required. + :type rule_run_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TriggeredAnalyticsRuleRun or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TriggeredAnalyticsRuleRun + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TriggeredAnalyticsRuleRun] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + rule_run_id=rule_run_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("TriggeredAnalyticsRuleRun", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns/{ruleRunId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_update_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_update_operations.py index 18154771938c..8857d6721a5e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_update_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_update_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, List, Optional, TypeVar, Union, cast, overload from azure.core.exceptions import ( @@ -30,10 +29,6 @@ from ..._vendor import _convert_request from ...operations._update_operations import build_recommendation_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -76,9 +71,7 @@ async def _recommendation_initial( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Recommendation] = kwargs.pop("cls", None) @@ -106,8 +99,9 @@ async def _recommendation_initial( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -223,8 +217,8 @@ async def begin_recommendation( :type workspace_name: str :param recommendation_id: Recommendation Id. Required. :type recommendation_id: str - :param recommendation_patch: Recommendation Fields to Update. Is either a list type or a IO - type. Required. + :param recommendation_patch: Recommendation Fields to Update. Is either a [RecommendationPatch] + type or a IO type. Required. :type recommendation_patch: list[~azure.mgmt.securityinsight.models.RecommendationPatch] or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -245,9 +239,7 @@ async def begin_recommendation( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Recommendation] = kwargs.pop("cls", None) polling: Union[bool, AsyncPollingMethod] = kwargs.pop("polling", True) diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_watchlist_items_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_watchlist_items_operations.py index 913eefeee849..eb86c2233d7b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_watchlist_items_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_watchlist_items_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -95,9 +90,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.WatchlistItemList] = kwargs.pop("cls", None) error_map = { @@ -153,8 +146,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -201,9 +195,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.WatchlistItem] = kwargs.pop("cls", None) request = build_get_request( @@ -220,8 +212,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -272,9 +265,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -291,8 +282,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -397,7 +389,8 @@ async def create_or_update( :type watchlist_alias: str :param watchlist_item_id: Watchlist Item Id (GUID). Required. :type watchlist_item_id: str - :param watchlist_item: The watchlist item. Is either a model type or a IO type. Required. + :param watchlist_item: The watchlist item. Is either a WatchlistItem type or a IO type. + Required. :type watchlist_item: ~azure.mgmt.securityinsight.models.WatchlistItem or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -418,9 +411,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.WatchlistItem] = kwargs.pop("cls", None) @@ -449,8 +440,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_watchlists_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_watchlists_operations.py index 2028bb0b5458..470df3e39030 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_watchlists_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_watchlists_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload import urllib.parse @@ -36,10 +35,6 @@ build_list_request, ) -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] @@ -87,9 +82,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.WatchlistList] = kwargs.pop("cls", None) error_map = { @@ -144,8 +137,9 @@ async def extract_data(pipeline_response): async def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -190,9 +184,7 @@ async def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Watchlist] = kwargs.pop("cls", None) request = build_get_request( @@ -208,8 +200,9 @@ async def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -258,9 +251,7 @@ async def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -276,8 +267,9 @@ async def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -394,7 +386,7 @@ async def create_or_update( :type workspace_name: str :param watchlist_alias: Watchlist Alias. Required. :type watchlist_alias: str - :param watchlist: The watchlist. Is either a model type or a IO type. Required. + :param watchlist: The watchlist. Is either a Watchlist type or a IO type. Required. :type watchlist: ~azure.mgmt.securityinsight.models.Watchlist or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -415,9 +407,7 @@ async def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Watchlist] = kwargs.pop("cls", None) @@ -445,8 +435,9 @@ async def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_assignment_jobs_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_assignment_jobs_operations.py new file mode 100644 index 000000000000..22b6d7cce4d8 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_assignment_jobs_operations.py @@ -0,0 +1,393 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, Optional, TypeVar +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._workspace_manager_assignment_jobs_operations import ( + build_create_request, + build_delete_request, + build_get_request, + build_list_request, +) + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class WorkspaceManagerAssignmentJobsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`workspace_manager_assignment_jobs` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.Job"]: + """Get all jobs for the specified workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either Job or the result of cls(response) + :rtype: ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.Job] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.JobList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("JobList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs" + } + + @distributed_trace_async + async def create( + self, resource_group_name: str, workspace_name: str, workspace_manager_assignment_name: str, **kwargs: Any + ) -> _models.Job: + """Create a job for the specified workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Job or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Job + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.Job] = kwargs.pop("cls", None) + + request = build_create_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.create.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("Job", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + create.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs" + } + + @distributed_trace_async + async def get( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + job_name: str, + **kwargs: Any + ) -> _models.Job: + """Gets a job. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param job_name: The job name. Required. + :type job_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Job or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Job + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.Job] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + job_name=job_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("Job", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}" + } + + @distributed_trace_async + async def delete( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + job_name: str, + **kwargs: Any + ) -> None: + """Deletes the specified job from the specified workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param job_name: The job name. Required. + :type job_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + job_name=job_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_assignments_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_assignments_operations.py new file mode 100644 index 000000000000..41d9244776ea --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_assignments_operations.py @@ -0,0 +1,467 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._workspace_manager_assignments_operations import ( + build_create_or_update_request, + build_delete_request, + build_get_request, + build_list_request, +) + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class WorkspaceManagerAssignmentsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`workspace_manager_assignments` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.WorkspaceManagerAssignment"]: + """Get all workspace manager assignments for the Sentinel workspace manager. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either WorkspaceManagerAssignment or the result of + cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerAssignmentList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("WorkspaceManagerAssignmentList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments" + } + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, workspace_manager_assignment_name: str, **kwargs: Any + ) -> _models.WorkspaceManagerAssignment: + """Gets a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerAssignment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerAssignment] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("WorkspaceManagerAssignment", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + } + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + workspace_manager_assignment: _models.WorkspaceManagerAssignment, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerAssignment: + """Creates or updates a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param workspace_manager_assignment: The workspace manager assignment. Required. + :type workspace_manager_assignment: + ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerAssignment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + workspace_manager_assignment: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerAssignment: + """Creates or updates a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param workspace_manager_assignment: The workspace manager assignment. Required. + :type workspace_manager_assignment: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerAssignment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + workspace_manager_assignment: Union[_models.WorkspaceManagerAssignment, IO], + **kwargs: Any + ) -> _models.WorkspaceManagerAssignment: + """Creates or updates a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param workspace_manager_assignment: The workspace manager assignment. Is either a + WorkspaceManagerAssignment type or a IO type. Required. + :type workspace_manager_assignment: + ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerAssignment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.WorkspaceManagerAssignment] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(workspace_manager_assignment, (IO, bytes)): + _content = workspace_manager_assignment + else: + _json = self._serialize.body(workspace_manager_assignment, "WorkspaceManagerAssignment") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("WorkspaceManagerAssignment", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("WorkspaceManagerAssignment", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + } + + @distributed_trace_async + async def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, workspace_manager_assignment_name: str, **kwargs: Any + ) -> None: + """Deletes a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_configurations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_configurations_operations.py new file mode 100644 index 000000000000..00891a72b8aa --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_configurations_operations.py @@ -0,0 +1,467 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._workspace_manager_configurations_operations import ( + build_create_or_update_request, + build_delete_request, + build_get_request, + build_list_request, +) + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class WorkspaceManagerConfigurationsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`workspace_manager_configurations` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.WorkspaceManagerConfiguration"]: + """Gets all workspace manager configurations for a Sentinel workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either WorkspaceManagerConfiguration or the result of + cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerConfigurationList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("WorkspaceManagerConfigurationList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations" + } + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, workspace_manager_configuration_name: str, **kwargs: Any + ) -> _models.WorkspaceManagerConfiguration: + """Gets a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerConfiguration or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerConfiguration] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_configuration_name=workspace_manager_configuration_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("WorkspaceManagerConfiguration", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + } + + @distributed_trace_async + async def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, workspace_manager_configuration_name: str, **kwargs: Any + ) -> None: + """Deletes a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_configuration_name=workspace_manager_configuration_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + } + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_configuration_name: str, + workspace_manager_configuration: _models.WorkspaceManagerConfiguration, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerConfiguration: + """Creates or updates a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :param workspace_manager_configuration: The workspace manager configuration. Required. + :type workspace_manager_configuration: + ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerConfiguration or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_configuration_name: str, + workspace_manager_configuration: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerConfiguration: + """Creates or updates a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :param workspace_manager_configuration: The workspace manager configuration. Required. + :type workspace_manager_configuration: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerConfiguration or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_configuration_name: str, + workspace_manager_configuration: Union[_models.WorkspaceManagerConfiguration, IO], + **kwargs: Any + ) -> _models.WorkspaceManagerConfiguration: + """Creates or updates a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :param workspace_manager_configuration: The workspace manager configuration. Is either a + WorkspaceManagerConfiguration type or a IO type. Required. + :type workspace_manager_configuration: + ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerConfiguration or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.WorkspaceManagerConfiguration] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(workspace_manager_configuration, (IO, bytes)): + _content = workspace_manager_configuration + else: + _json = self._serialize.body(workspace_manager_configuration, "WorkspaceManagerConfiguration") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_configuration_name=workspace_manager_configuration_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("WorkspaceManagerConfiguration", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("WorkspaceManagerConfiguration", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_groups_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_groups_operations.py new file mode 100644 index 000000000000..6259fc9c0aaf --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_groups_operations.py @@ -0,0 +1,460 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._workspace_manager_groups_operations import ( + build_create_or_update_request, + build_delete_request, + build_get_request, + build_list_request, +) + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class WorkspaceManagerGroupsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`workspace_manager_groups` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.WorkspaceManagerGroup"]: + """Gets all workspace manager groups in the Sentinel workspace manager. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either WorkspaceManagerGroup or the result of + cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.WorkspaceManagerGroup] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerGroupList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("WorkspaceManagerGroupList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups" + } + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, workspace_manager_group_name: str, **kwargs: Any + ) -> _models.WorkspaceManagerGroup: + """Gets a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerGroup or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerGroup] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_group_name=workspace_manager_group_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("WorkspaceManagerGroup", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + } + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_group_name: str, + workspace_manager_group: _models.WorkspaceManagerGroup, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerGroup: + """Creates or updates a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :param workspace_manager_group: The workspace manager group object. Required. + :type workspace_manager_group: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerGroup or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_group_name: str, + workspace_manager_group: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerGroup: + """Creates or updates a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :param workspace_manager_group: The workspace manager group object. Required. + :type workspace_manager_group: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerGroup or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_group_name: str, + workspace_manager_group: Union[_models.WorkspaceManagerGroup, IO], + **kwargs: Any + ) -> _models.WorkspaceManagerGroup: + """Creates or updates a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :param workspace_manager_group: The workspace manager group object. Is either a + WorkspaceManagerGroup type or a IO type. Required. + :type workspace_manager_group: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerGroup or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.WorkspaceManagerGroup] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(workspace_manager_group, (IO, bytes)): + _content = workspace_manager_group + else: + _json = self._serialize.body(workspace_manager_group, "WorkspaceManagerGroup") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_group_name=workspace_manager_group_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("WorkspaceManagerGroup", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("WorkspaceManagerGroup", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + } + + @distributed_trace_async + async def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, workspace_manager_group_name: str, **kwargs: Any + ) -> None: + """Deletes a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_group_name=workspace_manager_group_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_members_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_members_operations.py new file mode 100644 index 000000000000..f458d68bc890 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/aio/operations/_workspace_manager_members_operations.py @@ -0,0 +1,460 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, AsyncIterable, Callable, Dict, IO, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.async_paging import AsyncItemPaged, AsyncList +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import AsyncHttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.tracing.decorator_async import distributed_trace_async +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from ... import models as _models +from ..._vendor import _convert_request +from ...operations._workspace_manager_members_operations import ( + build_create_or_update_request, + build_delete_request, + build_get_request, + build_list_request, +) + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, AsyncHttpResponse], T, Dict[str, Any]], Any]] + + +class WorkspaceManagerMembersOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.aio.SecurityInsights`'s + :attr:`workspace_manager_members` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs) -> None: + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> AsyncIterable["_models.WorkspaceManagerMember"]: + """Gets all workspace manager members that exist for the given Sentinel workspace manager. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either WorkspaceManagerMember or the result of + cls(response) + :rtype: + ~azure.core.async_paging.AsyncItemPaged[~azure.mgmt.securityinsight.models.WorkspaceManagerMember] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerMembersList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + async def extract_data(pipeline_response): + deserialized = self._deserialize("WorkspaceManagerMembersList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, AsyncList(list_of_elem) + + async def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return AsyncItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/" + } + + @distributed_trace_async + async def get( + self, resource_group_name: str, workspace_name: str, workspace_manager_member_name: str, **kwargs: Any + ) -> _models.WorkspaceManagerMember: + """Gets a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerMember or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerMember] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_member_name=workspace_manager_member_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("WorkspaceManagerMember", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + } + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_member_name: str, + workspace_manager_member: _models.WorkspaceManagerMember, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerMember: + """Creates or updates a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :param workspace_manager_member: The workspace manager member object. Required. + :type workspace_manager_member: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerMember or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_member_name: str, + workspace_manager_member: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerMember: + """Creates or updates a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :param workspace_manager_member: The workspace manager member object. Required. + :type workspace_manager_member: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerMember or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace_async + async def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_member_name: str, + workspace_manager_member: Union[_models.WorkspaceManagerMember, IO], + **kwargs: Any + ) -> _models.WorkspaceManagerMember: + """Creates or updates a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :param workspace_manager_member: The workspace manager member object. Is either a + WorkspaceManagerMember type or a IO type. Required. + :type workspace_manager_member: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerMember or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.WorkspaceManagerMember] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(workspace_manager_member, (IO, bytes)): + _content = workspace_manager_member + else: + _json = self._serialize.body(workspace_manager_member, "WorkspaceManagerMember") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_member_name=workspace_manager_member_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("WorkspaceManagerMember", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("WorkspaceManagerMember", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + } + + @distributed_trace_async + async def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, workspace_manager_member_name: str, **kwargs: Any + ) -> None: + """Deletes a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_member_name=workspace_manager_member_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = await self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py index 805bb3d2b327..50a341cd75f3 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/__init__.py @@ -42,9 +42,11 @@ from ._models_py3 import AlertRuleTemplatesList from ._models_py3 import AlertRulesList from ._models_py3 import AlertsDataTypeOfDataConnector +from ._models_py3 import AnalyticsRuleRunTrigger from ._models_py3 import Anomalies from ._models_py3 import AnomalySecurityMLAnalyticsSettings from ._models_py3 import AnomalyTimelineItem +from ._models_py3 import AssignmentItem from ._models_py3 import AutomationRule from ._models_py3 import AutomationRuleAction from ._models_py3 import AutomationRuleAddIncidentTaskAction @@ -68,6 +70,7 @@ from ._models_py3 import AwsS3DataConnectorDataTypes from ._models_py3 import AwsS3DataConnectorDataTypesLogs from ._models_py3 import AzureDevOpsResourceInfo +from ._models_py3 import AzureEntityResource from ._models_py3 import AzureResourceEntity from ._models_py3 import AzureResourceEntityProperties from ._models_py3 import Bookmark @@ -141,6 +144,7 @@ from ._models_py3 import EntityInsightItem from ._models_py3 import EntityInsightItemQueryTimeInterval from ._models_py3 import EntityList +from ._models_py3 import EntityManualTriggerRequestBody from ._models_py3 import EntityMapping from ._models_py3 import EntityQuery from ._models_py3 import EntityQueryItem @@ -152,6 +156,10 @@ from ._models_py3 import EntityTimelineItem from ._models_py3 import EntityTimelineParameters from ._models_py3 import EntityTimelineResponse +from ._models_py3 import Error +from ._models_py3 import ErrorAdditionalInfo +from ._models_py3 import ErrorDetail +from ._models_py3 import ErrorResponse from ._models_py3 import EventGroupingSettings from ._models_py3 import ExpansionEntityQuery from ._models_py3 import ExpansionResultAggregation @@ -184,6 +192,13 @@ from ._models_py3 import GroupingConfiguration from ._models_py3 import HostEntity from ._models_py3 import HostEntityProperties +from ._models_py3 import Hunt +from ._models_py3 import HuntComment +from ._models_py3 import HuntCommentList +from ._models_py3 import HuntList +from ._models_py3 import HuntOwner +from ._models_py3 import HuntRelation +from ._models_py3 import HuntRelationList from ._models_py3 import HuntingBookmark from ._models_py3 import HuntingBookmarkProperties from ._models_py3 import Incident @@ -223,6 +238,9 @@ from ._models_py3 import IoTDeviceEntityProperties from ._models_py3 import IpEntity from ._models_py3 import IpEntityProperties +from ._models_py3 import Job +from ._models_py3 import JobItem +from ._models_py3 import JobList from ._models_py3 import LastDataReceivedDataType from ._models_py3 import MCASCheckRequirements from ._models_py3 import MCASCheckRequirementsProperties @@ -240,12 +258,12 @@ from ._models_py3 import MSTICheckRequirementsProperties from ._models_py3 import MSTIDataConnector from ._models_py3 import MSTIDataConnectorDataTypes -from ._models_py3 import MSTIDataConnectorDataTypesBingSafetyPhishingURL from ._models_py3 import MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed from ._models_py3 import MSTIDataConnectorProperties from ._models_py3 import MTPCheckRequirementsProperties from ._models_py3 import MTPDataConnector from ._models_py3 import MTPDataConnectorDataTypes +from ._models_py3 import MTPDataConnectorDataTypesAlerts from ._models_py3 import MTPDataConnectorDataTypesIncidents from ._models_py3 import MTPDataConnectorProperties from ._models_py3 import MailClusterEntity @@ -260,17 +278,26 @@ from ._models_py3 import MetadataAuthor from ._models_py3 import MetadataCategories from ._models_py3 import MetadataDependencies +from ._models_py3 import MetadataDependenciesAutoGenerated +from ._models_py3 import MetadataDependenciesAutoGenerated2 from ._models_py3 import MetadataList from ._models_py3 import MetadataModel from ._models_py3 import MetadataPatch from ._models_py3 import MetadataSource from ._models_py3 import MetadataSupport +from ._models_py3 import MicrosoftPurviewInformationProtectionCheckRequirements +from ._models_py3 import MicrosoftPurviewInformationProtectionCheckRequirementsProperties +from ._models_py3 import MicrosoftPurviewInformationProtectionConnectorDataTypes +from ._models_py3 import MicrosoftPurviewInformationProtectionConnectorDataTypesLogs +from ._models_py3 import MicrosoftPurviewInformationProtectionDataConnector +from ._models_py3 import MicrosoftPurviewInformationProtectionDataConnectorProperties from ._models_py3 import MicrosoftSecurityIncidentCreationAlertRule from ._models_py3 import MicrosoftSecurityIncidentCreationAlertRuleCommonProperties from ._models_py3 import MicrosoftSecurityIncidentCreationAlertRuleProperties from ._models_py3 import MicrosoftSecurityIncidentCreationAlertRuleTemplate from ._models_py3 import MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties from ._models_py3 import MtpCheckRequirements +from ._models_py3 import MtpFilteredProviders from ._models_py3 import NicEntity from ._models_py3 import NicEntityProperties from ._models_py3 import NrtAlertRule @@ -307,6 +334,10 @@ from ._models_py3 import Operation from ._models_py3 import OperationDisplay from ._models_py3 import OperationsList +from ._models_py3 import PackageList +from ._models_py3 import PackageListAutoGenerated +from ._models_py3 import PackageModel +from ._models_py3 import PackageModelAutoGenerated from ._models_py3 import Permissions from ._models_py3 import PermissionsCustomsItem from ._models_py3 import PermissionsResourceProviderItem @@ -368,6 +399,10 @@ from ._models_py3 import TIDataConnectorProperties from ._models_py3 import TeamInformation from ._models_py3 import TeamProperties +from ._models_py3 import TemplateList +from ._models_py3 import TemplateListAutoGenerated +from ._models_py3 import TemplateModel +from ._models_py3 import TemplateModelAutoGenerated from ._models_py3 import ThreatIntelligence from ._models_py3 import ThreatIntelligenceAlertRule from ._models_py3 import ThreatIntelligenceAlertRuleTemplate @@ -397,6 +432,8 @@ from ._models_py3 import TimelineAggregation from ._models_py3 import TimelineError from ._models_py3 import TimelineResultsMetadata +from ._models_py3 import TriggeredAnalyticsRuleRun +from ._models_py3 import TriggeredAnalyticsRuleRuns from ._models_py3 import Ueba from ._models_py3 import UrlEntity from ._models_py3 import UrlEntityProperties @@ -407,6 +444,14 @@ from ._models_py3 import WatchlistItemList from ._models_py3 import WatchlistList from ._models_py3 import Webhook +from ._models_py3 import WorkspaceManagerAssignment +from ._models_py3 import WorkspaceManagerAssignmentList +from ._models_py3 import WorkspaceManagerConfiguration +from ._models_py3 import WorkspaceManagerConfigurationList +from ._models_py3 import WorkspaceManagerGroup +from ._models_py3 import WorkspaceManagerGroupList +from ._models_py3 import WorkspaceManagerMember +from ._models_py3 import WorkspaceManagerMembersList from ._security_insights_enums import ActionType from ._security_insights_enums import AlertDetail @@ -448,21 +493,23 @@ from ._security_insights_enums import DeviceImportance from ._security_insights_enums import ElevationToken from ._security_insights_enums import EntityItemQueryKind -from ._security_insights_enums import EntityKind +from ._security_insights_enums import EntityKindEnum from ._security_insights_enums import EntityMappingType from ._security_insights_enums import EntityProviders from ._security_insights_enums import EntityQueryKind from ._security_insights_enums import EntityQueryTemplateKind from ._security_insights_enums import EntityTimelineKind from ._security_insights_enums import EntityType -from ._security_insights_enums import Enum13 -from ._security_insights_enums import Enum15 +from ._security_insights_enums import Enum19 +from ._security_insights_enums import Enum21 from ._security_insights_enums import EventGroupingAggregationKind from ._security_insights_enums import FileFormat from ._security_insights_enums import FileHashAlgorithm from ._security_insights_enums import FileImportContentType from ._security_insights_enums import FileImportState +from ._security_insights_enums import Flag from ._security_insights_enums import GetInsightsError +from ._security_insights_enums import HypothesisStatus from ._security_insights_enums import IncidentClassification from ._security_insights_enums import IncidentClassificationReason from ._security_insights_enums import IncidentLabelType @@ -474,14 +521,18 @@ from ._security_insights_enums import Kind from ._security_insights_enums import MatchingMethod from ._security_insights_enums import MicrosoftSecurityProductName +from ._security_insights_enums import Mode +from ._security_insights_enums import MtpProvider from ._security_insights_enums import OSFamily from ._security_insights_enums import Operator from ._security_insights_enums import OutputType from ._security_insights_enums import OwnerType +from ._security_insights_enums import PackageKind from ._security_insights_enums import PermissionProviderScope from ._security_insights_enums import PollingFrequency from ._security_insights_enums import Priority from ._security_insights_enums import ProviderName +from ._security_insights_enums import ProvisioningState from ._security_insights_enums import RegistryHive from ._security_insights_enums import RegistryValueKind from ._security_insights_enums import RepoType @@ -492,10 +543,11 @@ from ._security_insights_enums import SourceKind from ._security_insights_enums import SourceType from ._security_insights_enums import State +from ._security_insights_enums import Status from ._security_insights_enums import SupportTier from ._security_insights_enums import TemplateStatus -from ._security_insights_enums import ThreatIntelligenceResourceKindEnum -from ._security_insights_enums import ThreatIntelligenceSortingCriteriaEnum +from ._security_insights_enums import ThreatIntelligenceResourceInnerKind +from ._security_insights_enums import ThreatIntelligenceSortingOrder from ._security_insights_enums import TriggerOperator from ._security_insights_enums import TriggersOn from ._security_insights_enums import TriggersWhen @@ -542,9 +594,11 @@ "AlertRuleTemplatesList", "AlertRulesList", "AlertsDataTypeOfDataConnector", + "AnalyticsRuleRunTrigger", "Anomalies", "AnomalySecurityMLAnalyticsSettings", "AnomalyTimelineItem", + "AssignmentItem", "AutomationRule", "AutomationRuleAction", "AutomationRuleAddIncidentTaskAction", @@ -568,6 +622,7 @@ "AwsS3DataConnectorDataTypes", "AwsS3DataConnectorDataTypesLogs", "AzureDevOpsResourceInfo", + "AzureEntityResource", "AzureResourceEntity", "AzureResourceEntityProperties", "Bookmark", @@ -641,6 +696,7 @@ "EntityInsightItem", "EntityInsightItemQueryTimeInterval", "EntityList", + "EntityManualTriggerRequestBody", "EntityMapping", "EntityQuery", "EntityQueryItem", @@ -652,6 +708,10 @@ "EntityTimelineItem", "EntityTimelineParameters", "EntityTimelineResponse", + "Error", + "ErrorAdditionalInfo", + "ErrorDetail", + "ErrorResponse", "EventGroupingSettings", "ExpansionEntityQuery", "ExpansionResultAggregation", @@ -684,6 +744,13 @@ "GroupingConfiguration", "HostEntity", "HostEntityProperties", + "Hunt", + "HuntComment", + "HuntCommentList", + "HuntList", + "HuntOwner", + "HuntRelation", + "HuntRelationList", "HuntingBookmark", "HuntingBookmarkProperties", "Incident", @@ -723,6 +790,9 @@ "IoTDeviceEntityProperties", "IpEntity", "IpEntityProperties", + "Job", + "JobItem", + "JobList", "LastDataReceivedDataType", "MCASCheckRequirements", "MCASCheckRequirementsProperties", @@ -740,12 +810,12 @@ "MSTICheckRequirementsProperties", "MSTIDataConnector", "MSTIDataConnectorDataTypes", - "MSTIDataConnectorDataTypesBingSafetyPhishingURL", "MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed", "MSTIDataConnectorProperties", "MTPCheckRequirementsProperties", "MTPDataConnector", "MTPDataConnectorDataTypes", + "MTPDataConnectorDataTypesAlerts", "MTPDataConnectorDataTypesIncidents", "MTPDataConnectorProperties", "MailClusterEntity", @@ -760,17 +830,26 @@ "MetadataAuthor", "MetadataCategories", "MetadataDependencies", + "MetadataDependenciesAutoGenerated", + "MetadataDependenciesAutoGenerated2", "MetadataList", "MetadataModel", "MetadataPatch", "MetadataSource", "MetadataSupport", + "MicrosoftPurviewInformationProtectionCheckRequirements", + "MicrosoftPurviewInformationProtectionCheckRequirementsProperties", + "MicrosoftPurviewInformationProtectionConnectorDataTypes", + "MicrosoftPurviewInformationProtectionConnectorDataTypesLogs", + "MicrosoftPurviewInformationProtectionDataConnector", + "MicrosoftPurviewInformationProtectionDataConnectorProperties", "MicrosoftSecurityIncidentCreationAlertRule", "MicrosoftSecurityIncidentCreationAlertRuleCommonProperties", "MicrosoftSecurityIncidentCreationAlertRuleProperties", "MicrosoftSecurityIncidentCreationAlertRuleTemplate", "MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties", "MtpCheckRequirements", + "MtpFilteredProviders", "NicEntity", "NicEntityProperties", "NrtAlertRule", @@ -807,6 +886,10 @@ "Operation", "OperationDisplay", "OperationsList", + "PackageList", + "PackageListAutoGenerated", + "PackageModel", + "PackageModelAutoGenerated", "Permissions", "PermissionsCustomsItem", "PermissionsResourceProviderItem", @@ -868,6 +951,10 @@ "TIDataConnectorProperties", "TeamInformation", "TeamProperties", + "TemplateList", + "TemplateListAutoGenerated", + "TemplateModel", + "TemplateModelAutoGenerated", "ThreatIntelligence", "ThreatIntelligenceAlertRule", "ThreatIntelligenceAlertRuleTemplate", @@ -897,6 +984,8 @@ "TimelineAggregation", "TimelineError", "TimelineResultsMetadata", + "TriggeredAnalyticsRuleRun", + "TriggeredAnalyticsRuleRuns", "Ueba", "UrlEntity", "UrlEntityProperties", @@ -907,6 +996,14 @@ "WatchlistItemList", "WatchlistList", "Webhook", + "WorkspaceManagerAssignment", + "WorkspaceManagerAssignmentList", + "WorkspaceManagerConfiguration", + "WorkspaceManagerConfigurationList", + "WorkspaceManagerGroup", + "WorkspaceManagerGroupList", + "WorkspaceManagerMember", + "WorkspaceManagerMembersList", "ActionType", "AlertDetail", "AlertProperty", @@ -947,21 +1044,23 @@ "DeviceImportance", "ElevationToken", "EntityItemQueryKind", - "EntityKind", + "EntityKindEnum", "EntityMappingType", "EntityProviders", "EntityQueryKind", "EntityQueryTemplateKind", "EntityTimelineKind", "EntityType", - "Enum13", - "Enum15", + "Enum19", + "Enum21", "EventGroupingAggregationKind", "FileFormat", "FileHashAlgorithm", "FileImportContentType", "FileImportState", + "Flag", "GetInsightsError", + "HypothesisStatus", "IncidentClassification", "IncidentClassificationReason", "IncidentLabelType", @@ -973,14 +1072,18 @@ "Kind", "MatchingMethod", "MicrosoftSecurityProductName", + "Mode", + "MtpProvider", "OSFamily", "Operator", "OutputType", "OwnerType", + "PackageKind", "PermissionProviderScope", "PollingFrequency", "Priority", "ProviderName", + "ProvisioningState", "RegistryHive", "RegistryValueKind", "RepoType", @@ -991,10 +1094,11 @@ "SourceKind", "SourceType", "State", + "Status", "SupportTier", "TemplateStatus", - "ThreatIntelligenceResourceKindEnum", - "ThreatIntelligenceSortingCriteriaEnum", + "ThreatIntelligenceResourceInnerKind", + "ThreatIntelligenceSortingOrder", "TriggerOperator", "TriggersOn", "TriggersWhen", diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/_models_py3.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/_models_py3.py index 5a15e9c34571..34b43e384c25 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/_models_py3.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/_models_py3.py @@ -34,7 +34,8 @@ class DataConnectorsCheckRequirements(_serialization.Model): You probably want to use the sub-classes and not this class directly. Known sub-classes are: AwsCloudTrailCheckRequirements, AwsS3CheckRequirements, AADCheckRequirements, AATPCheckRequirements, ASCCheckRequirements, Dynamics365CheckRequirements, - IoTCheckRequirements, MCASCheckRequirements, MDATPCheckRequirements, MSTICheckRequirements, + IoTCheckRequirements, MCASCheckRequirements, MDATPCheckRequirements, + MicrosoftPurviewInformationProtectionCheckRequirements, MSTICheckRequirements, MtpCheckRequirements, Office365ProjectCheckRequirements, OfficeATPCheckRequirements, OfficeIRMCheckRequirements, OfficePowerBICheckRequirements, TICheckRequirements, TiTaxiiCheckRequirements @@ -44,10 +45,10 @@ class DataConnectorsCheckRequirements(_serialization.Model): :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind """ @@ -70,6 +71,7 @@ class DataConnectorsCheckRequirements(_serialization.Model): "IOT": "IoTCheckRequirements", "MicrosoftCloudAppSecurity": "MCASCheckRequirements", "MicrosoftDefenderAdvancedThreatProtection": "MDATPCheckRequirements", + "MicrosoftPurviewInformationProtection": "MicrosoftPurviewInformationProtectionCheckRequirements", "MicrosoftThreatIntelligence": "MSTICheckRequirements", "MicrosoftThreatProtection": "MtpCheckRequirements", "Office365Project": "Office365ProjectCheckRequirements", @@ -81,24 +83,24 @@ class DataConnectorsCheckRequirements(_serialization.Model): } } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: Optional[str] = None class AADCheckRequirements(DataConnectorsCheckRequirements): - """Represents AAD (Azure Active Directory) requirements check request. + """Represents AADIP (Azure Active Directory Identity Protection) requirements check request. All required parameters must be populated in order to send to Azure. :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -113,7 +115,7 @@ class AADCheckRequirements(DataConnectorsCheckRequirements): "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str @@ -140,7 +142,7 @@ class DataConnectorTenantId(_serialization.Model): "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -150,7 +152,7 @@ def __init__(self, *, tenant_id: str, **kwargs): class AADCheckRequirementsProperties(DataConnectorTenantId): - """AAD (Azure Active Directory) requirements check properties. + """AADIP (Azure Active Directory Identity Protection) requirements check properties. All required parameters must be populated in order to send to Azure. @@ -166,7 +168,7 @@ class AADCheckRequirementsProperties(DataConnectorTenantId): "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -206,7 +208,7 @@ class Resource(_serialization.Model): "system_data": {"key": "systemData", "type": "SystemData"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.id = None @@ -250,7 +252,7 @@ class ResourceWithEtag(Resource): "etag": {"key": "etag", "type": "str"}, } - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -266,9 +268,9 @@ class DataConnector(ResourceWithEtag): CodelessApiPollingDataConnector, AwsCloudTrailDataConnector, AwsS3DataConnector, AADDataConnector, AATPDataConnector, ASCDataConnector, Dynamics365DataConnector, CodelessUiDataConnector, IoTDataConnector, MCASDataConnector, MDATPDataConnector, - MSTIDataConnector, MTPDataConnector, OfficeDataConnector, Office365ProjectDataConnector, - OfficeATPDataConnector, OfficeIRMDataConnector, OfficePowerBIDataConnector, TIDataConnector, - TiTaxiiDataConnector + MicrosoftPurviewInformationProtectionDataConnector, MSTIDataConnector, MTPDataConnector, + OfficeDataConnector, Office365ProjectDataConnector, OfficeATPDataConnector, + OfficeIRMDataConnector, OfficePowerBIDataConnector, TIDataConnector, TiTaxiiDataConnector Variables are only populated by the server, and will be ignored when sending a request. @@ -290,10 +292,10 @@ class DataConnector(ResourceWithEtag): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind """ @@ -327,6 +329,7 @@ class DataConnector(ResourceWithEtag): "IOT": "IoTDataConnector", "MicrosoftCloudAppSecurity": "MCASDataConnector", "MicrosoftDefenderAdvancedThreatProtection": "MDATPDataConnector", + "MicrosoftPurviewInformationProtection": "MicrosoftPurviewInformationProtectionDataConnector", "MicrosoftThreatIntelligence": "MSTIDataConnector", "MicrosoftThreatProtection": "MTPDataConnector", "Office365": "OfficeDataConnector", @@ -339,7 +342,7 @@ class DataConnector(ResourceWithEtag): } } - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -349,7 +352,7 @@ def __init__(self, *, etag: Optional[str] = None, **kwargs): class AADDataConnector(DataConnector): - """Represents AAD (Azure Active Directory) data connector. + """Represents AADIP (Azure Active Directory Identity Protection) data connector. Variables are only populated by the server, and will be ignored when sending a request. @@ -371,10 +374,10 @@ class AADDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -407,8 +410,8 @@ def __init__( etag: Optional[str] = None, tenant_id: Optional[str] = None, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -434,7 +437,7 @@ class DataConnectorWithAlertsProperties(_serialization.Model): "data_types": {"key": "dataTypes", "type": "AlertsDataTypeOfDataConnector"}, } - def __init__(self, *, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs): + def __init__(self, *, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs: Any) -> None: """ :keyword data_types: The available data types for the connector. :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector @@ -444,7 +447,7 @@ def __init__(self, *, data_types: Optional["_models.AlertsDataTypeOfDataConnecto class AADDataConnectorProperties(DataConnectorTenantId, DataConnectorWithAlertsProperties): - """AAD (Azure Active Directory) data connector properties. + """AADIP (Azure Active Directory Identity Protection) data connector properties. All required parameters must be populated in order to send to Azure. @@ -464,8 +467,8 @@ class AADDataConnectorProperties(DataConnectorTenantId, DataConnectorWithAlertsP } def __init__( - self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs - ): + self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs: Any + ) -> None: """ :keyword data_types: The available data types for the connector. :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector @@ -485,10 +488,10 @@ class AATPCheckRequirements(DataConnectorsCheckRequirements): :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -503,7 +506,7 @@ class AATPCheckRequirements(DataConnectorsCheckRequirements): "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str @@ -530,7 +533,7 @@ class AATPCheckRequirementsProperties(DataConnectorTenantId): "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -561,10 +564,10 @@ class AATPDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -597,8 +600,8 @@ def __init__( etag: Optional[str] = None, tenant_id: Optional[str] = None, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -634,8 +637,8 @@ class AATPDataConnectorProperties(DataConnectorTenantId, DataConnectorWithAlerts } def __init__( - self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs - ): + self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs: Any + ) -> None: """ :keyword data_types: The available data types for the connector. :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector @@ -675,7 +678,7 @@ class Entity(Resource): "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum """ _validation = { @@ -721,7 +724,7 @@ class Entity(Resource): } } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: Optional[str] = None @@ -749,7 +752,7 @@ class AccountEntity(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -831,7 +834,7 @@ class AccountEntity(Entity): # pylint: disable=too-many-instance-attributes "dns_domain": {"key": "properties.dnsDomain", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "Account" @@ -874,7 +877,7 @@ class EntityCommonProperties(_serialization.Model): "friendly_name": {"key": "friendlyName", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.additional_data = None @@ -957,7 +960,7 @@ class AccountEntityProperties(EntityCommonProperties): # pylint: disable=too-ma "dns_domain": {"key": "dnsDomain", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.aad_tenant_id = None @@ -993,7 +996,7 @@ class ActionPropertiesBase(_serialization.Model): "logic_app_resource_id": {"key": "logicAppResourceId", "type": "str"}, } - def __init__(self, *, logic_app_resource_id: str, **kwargs): + def __init__(self, *, logic_app_resource_id: str, **kwargs: Any) -> None: """ :keyword logic_app_resource_id: Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. @@ -1052,8 +1055,8 @@ def __init__( etag: Optional[str] = None, logic_app_resource_id: Optional[str] = None, trigger_uri: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -1091,7 +1094,7 @@ class ActionRequestProperties(ActionPropertiesBase): "trigger_uri": {"key": "triggerUri", "type": "str"}, } - def __init__(self, *, logic_app_resource_id: str, trigger_uri: str, **kwargs): + def __init__(self, *, logic_app_resource_id: str, trigger_uri: str, **kwargs: Any) -> None: """ :keyword logic_app_resource_id: Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. @@ -1152,8 +1155,8 @@ def __init__( etag: Optional[str] = None, logic_app_resource_id: Optional[str] = None, workflow_id: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -1190,7 +1193,7 @@ class ActionResponseProperties(ActionPropertiesBase): "workflow_id": {"key": "workflowId", "type": "str"}, } - def __init__(self, *, logic_app_resource_id: str, workflow_id: Optional[str] = None, **kwargs): + def __init__(self, *, logic_app_resource_id: str, workflow_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword logic_app_resource_id: Logic App Resource Id, /subscriptions/{my-subscription}/resourceGroups/{my-resource-group}/providers/Microsoft.Logic/workflows/{my-workflow-id}. @@ -1226,7 +1229,7 @@ class ActionsList(_serialization.Model): "value": {"key": "value", "type": "[ActionResponse]"}, } - def __init__(self, *, value: List["_models.ActionResponse"], **kwargs): + def __init__(self, *, value: List["_models.ActionResponse"], **kwargs: Any) -> None: """ :keyword value: Array of actions. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.ActionResponse] @@ -1282,7 +1285,7 @@ class CustomEntityQuery(ResourceWithEtag): _subtype_map = {"kind": {"Activity": "ActivityCustomEntityQuery"}} - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -1389,8 +1392,8 @@ def __init__( entities_filter: Optional[Dict[str, List[str]]] = None, template_name: Optional[str] = None, enabled: Optional[bool] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -1445,7 +1448,7 @@ class ActivityEntityQueriesPropertiesQueryDefinitions(_serialization.Model): "query": {"key": "query", "type": "str"}, } - def __init__(self, *, query: Optional[str] = None, **kwargs): + def __init__(self, *, query: Optional[str] = None, **kwargs: Any) -> None: """ :keyword query: The Activity query to run on a given entity. :paramtype query: str @@ -1501,7 +1504,7 @@ class EntityQuery(ResourceWithEtag): _subtype_map = {"kind": {"Activity": "ActivityEntityQuery", "Expansion": "ExpansionEntityQuery"}} - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -1609,8 +1612,8 @@ def __init__( entities_filter: Optional[Dict[str, List[str]]] = None, template_name: Optional[str] = None, enabled: Optional[bool] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -1697,7 +1700,7 @@ class EntityQueryTemplate(Resource): _subtype_map = {"kind": {"Activity": "ActivityEntityQueryTemplate"}} - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: Optional[str] = None @@ -1785,8 +1788,8 @@ def __init__( input_entity_type: Optional[Union[str, "_models.EntityType"]] = None, required_input_fields_sets: Optional[List[List[str]]] = None, entities_filter: Optional[Dict[str, List[str]]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword title: The entity query title. :paramtype title: str @@ -1838,7 +1841,7 @@ class ActivityEntityQueryTemplatePropertiesQueryDefinitions(_serialization.Model "summarize_by": {"key": "summarizeBy", "type": "str"}, } - def __init__(self, *, query: Optional[str] = None, summarize_by: Optional[str] = None, **kwargs): + def __init__(self, *, query: Optional[str] = None, summarize_by: Optional[str] = None, **kwargs: Any) -> None: """ :keyword query: The Activity query to run on a given entity. :paramtype query: str @@ -1881,7 +1884,7 @@ class EntityTimelineItem(_serialization.Model): } } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: Optional[str] = None @@ -1943,8 +1946,8 @@ def __init__( last_activity_time_utc: datetime.datetime, content: str, title: str, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword query_id: The activity query id. Required. :paramtype query_id: str @@ -1994,7 +1997,7 @@ class AddIncidentTaskActionProperties(_serialization.Model): "description": {"key": "description", "type": "str"}, } - def __init__(self, *, title: str, description: Optional[str] = None, **kwargs): + def __init__(self, *, title: str, description: Optional[str] = None, **kwargs: Any) -> None: """ :keyword title: The title of the task. Required. :paramtype title: str @@ -2040,8 +2043,8 @@ def __init__( alert_tactics_column_name: Optional[str] = None, alert_severity_column_name: Optional[str] = None, alert_dynamic_properties: Optional[List["_models.AlertPropertyMapping"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword alert_display_name_format: the format containing columns name(s) to override the alert name. @@ -2086,8 +2089,8 @@ def __init__( *, alert_property: Optional[Union[str, "_models.AlertProperty"]] = None, value: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword alert_property: The V3 alert property. Known values are: "AlertLink", "ConfidenceLevel", "ConfidenceScore", "ExtendedLinks", "ProductName", "ProviderName", @@ -2159,7 +2162,7 @@ class AlertRule(ResourceWithEtag): } } - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -2191,7 +2194,7 @@ class AlertRulesList(_serialization.Model): "value": {"key": "value", "type": "[AlertRule]"}, } - def __init__(self, *, value: List["_models.AlertRule"], **kwargs): + def __init__(self, *, value: List["_models.AlertRule"], **kwargs: Any) -> None: """ :keyword value: Array of alert rules. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.AlertRule] @@ -2257,7 +2260,7 @@ class AlertRuleTemplate(Resource): } } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: Optional[str] = None @@ -2277,7 +2280,9 @@ class AlertRuleTemplateDataSource(_serialization.Model): "data_types": {"key": "dataTypes", "type": "[str]"}, } - def __init__(self, *, connector_id: Optional[str] = None, data_types: Optional[List[str]] = None, **kwargs): + def __init__( + self, *, connector_id: Optional[str] = None, data_types: Optional[List[str]] = None, **kwargs: Any + ) -> None: """ :keyword connector_id: The connector id that provides the following data types. :paramtype connector_id: str @@ -2336,8 +2341,8 @@ def __init__( display_name: Optional[str] = None, required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, status: Optional[Union[str, "_models.TemplateStatus"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword alert_rules_created_by_template_count: the number of alert rules that were created by this template. @@ -2386,7 +2391,7 @@ class AlertRuleTemplatesList(_serialization.Model): "value": {"key": "value", "type": "[AlertRuleTemplate]"}, } - def __init__(self, *, value: List["_models.AlertRuleTemplate"], **kwargs): + def __init__(self, *, value: List["_models.AlertRuleTemplate"], **kwargs: Any) -> None: """ :keyword value: Array of alert rule templates. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.AlertRuleTemplate] @@ -2451,8 +2456,8 @@ def __init__( status: Optional[Union[str, "_models.TemplateStatus"]] = None, tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, techniques: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword alert_rules_created_by_template_count: the number of alert rules that were created by this template. @@ -2501,7 +2506,7 @@ class AlertsDataTypeOfDataConnector(_serialization.Model): "alerts": {"key": "alerts", "type": "DataConnectorDataTypeCommon"}, } - def __init__(self, *, alerts: "_models.DataConnectorDataTypeCommon", **kwargs): + def __init__(self, *, alerts: "_models.DataConnectorDataTypeCommon", **kwargs: Any) -> None: """ :keyword alerts: Alerts data type connection. Required. :paramtype alerts: ~azure.mgmt.securityinsight.models.DataConnectorDataTypeCommon @@ -2510,6 +2515,32 @@ def __init__(self, *, alerts: "_models.DataConnectorDataTypeCommon", **kwargs): self.alerts = alerts +class AnalyticsRuleRunTrigger(_serialization.Model): + """Analytics Rule Run Trigger request. + + All required parameters must be populated in order to send to Azure. + + :ivar execution_time_utc: Required. + :vartype execution_time_utc: ~datetime.datetime + """ + + _validation = { + "execution_time_utc": {"required": True}, + } + + _attribute_map = { + "execution_time_utc": {"key": "properties.executionTimeUtc", "type": "iso-8601"}, + } + + def __init__(self, *, execution_time_utc: datetime.datetime, **kwargs: Any) -> None: + """ + :keyword execution_time_utc: Required. + :paramtype execution_time_utc: ~datetime.datetime + """ + super().__init__(**kwargs) + self.execution_time_utc = execution_time_utc + + class Settings(ResourceWithEtag): """The Setting. @@ -2559,7 +2590,7 @@ class Settings(ResourceWithEtag): "kind": {"Anomalies": "Anomalies", "EntityAnalytics": "EntityAnalytics", "EyesOn": "EyesOn", "Ueba": "Ueba"} } - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -2614,7 +2645,7 @@ class Anomalies(Settings): "is_enabled": {"key": "properties.isEnabled", "type": "bool"}, } - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -2670,7 +2701,7 @@ class SecurityMLAnalyticsSetting(ResourceWithEtag): _subtype_map = {"kind": {"Anomaly": "AnomalySecurityMLAnalyticsSettings"}} - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -2788,8 +2819,8 @@ def __init__( is_default_settings: Optional[bool] = None, anomaly_settings_version: Optional[int] = None, settings_definition_id: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -2915,8 +2946,8 @@ def __init__( intent: Optional[str] = None, techniques: Optional[List[str]] = None, reasons: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword azure_resource_id: The anomaly azure resource id. Required. :paramtype azure_resource_id: str @@ -2964,10 +2995,10 @@ class ASCCheckRequirements(DataConnectorsCheckRequirements): :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar subscription_id: The subscription id to connect to, and get the data from. :vartype subscription_id: str @@ -2982,7 +3013,7 @@ class ASCCheckRequirements(DataConnectorsCheckRequirements): "subscription_id": {"key": "properties.subscriptionId", "type": "str"}, } - def __init__(self, *, subscription_id: Optional[str] = None, **kwargs): + def __init__(self, *, subscription_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword subscription_id: The subscription id to connect to, and get the data from. :paramtype subscription_id: str @@ -3015,10 +3046,10 @@ class ASCDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar data_types: The available data types for the connector. :vartype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector @@ -3051,8 +3082,8 @@ def __init__( etag: Optional[str] = None, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, subscription_id: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -3086,8 +3117,8 @@ def __init__( *, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, subscription_id: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword data_types: The available data types for the connector. :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector @@ -3098,6 +3129,26 @@ def __init__( self.subscription_id = subscription_id +class AssignmentItem(_serialization.Model): + """An entity describing a content item. + + :ivar resource_id: The resource id of the content item. + :vartype resource_id: str + """ + + _attribute_map = { + "resource_id": {"key": "resourceId", "type": "str"}, + } + + def __init__(self, *, resource_id: Optional[str] = None, **kwargs: Any) -> None: + """ + :keyword resource_id: The resource id of the content item. + :paramtype resource_id: str + """ + super().__init__(**kwargs) + self.resource_id = resource_id + + class AutomationRule(ResourceWithEtag): # pylint: disable=too-many-instance-attributes """AutomationRule. @@ -3175,8 +3226,8 @@ def __init__( triggering_logic: "_models.AutomationRuleTriggeringLogic", actions: List["_models.AutomationRuleAction"], etag: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -3234,7 +3285,7 @@ class AutomationRuleAction(_serialization.Model): } } - def __init__(self, *, order: int, **kwargs): + def __init__(self, *, order: int, **kwargs: Any) -> None: """ :keyword order: Required. :paramtype order: int @@ -3271,8 +3322,12 @@ class AutomationRuleAddIncidentTaskAction(AutomationRuleAction): } def __init__( - self, *, order: int, action_configuration: Optional["_models.AddIncidentTaskActionProperties"] = None, **kwargs - ): + self, + *, + order: int, + action_configuration: Optional["_models.AddIncidentTaskActionProperties"] = None, + **kwargs: Any + ) -> None: """ :keyword order: Required. :paramtype order: int @@ -3288,7 +3343,7 @@ def __init__( class AutomationRuleBooleanCondition(_serialization.Model): """AutomationRuleBooleanCondition. - :ivar operator: Known values are: "And" and "Or". + :ivar operator: Known values are: "And", "Or", "And", and "Or". :vartype operator: str or ~azure.mgmt.securityinsight.models.AutomationRuleBooleanConditionSupportedOperator :ivar inner_conditions: @@ -3309,10 +3364,10 @@ def __init__( *, operator: Optional[Union[str, "_models.AutomationRuleBooleanConditionSupportedOperator"]] = None, inner_conditions: Optional[List["_models.AutomationRuleCondition"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ - :keyword operator: Known values are: "And" and "Or". + :keyword operator: Known values are: "And", "Or", "And", and "Or". :paramtype operator: str or ~azure.mgmt.securityinsight.models.AutomationRuleBooleanConditionSupportedOperator :keyword inner_conditions: @@ -3355,7 +3410,7 @@ class AutomationRuleCondition(_serialization.Model): } } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.condition_type: Optional[str] = None @@ -3387,8 +3442,8 @@ class AutomationRuleModifyPropertiesAction(AutomationRuleAction): } def __init__( - self, *, order: int, action_configuration: Optional["_models.IncidentPropertiesAction"] = None, **kwargs - ): + self, *, order: int, action_configuration: Optional["_models.IncidentPropertiesAction"] = None, **kwargs: Any + ) -> None: """ :keyword order: Required. :paramtype order: int @@ -3425,8 +3480,8 @@ def __init__( change_type: Optional[ Union[str, "_models.AutomationRulePropertyArrayChangedConditionSupportedChangeType"] ] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword array_type: Known values are: "Alerts", "Labels", "Tactics", and "Comments". :paramtype array_type: str or @@ -3471,8 +3526,8 @@ def __init__( Union[str, "_models.AutomationRulePropertyArrayConditionSupportedArrayConditionType"] ] = None, item_conditions: Optional[List["_models.AutomationRuleCondition"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword array_type: Known values are: "CustomDetails" and "CustomDetailValues". :paramtype array_type: str or @@ -3523,8 +3578,8 @@ def __init__( change_type: Optional[Union[str, "_models.AutomationRulePropertyChangedConditionSupportedChangedType"]] = None, operator: Optional[Union[str, "_models.AutomationRulePropertyConditionSupportedOperator"]] = None, property_values: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword property_name: Known values are: "IncidentSeverity", "IncidentStatus", and "IncidentOwner". @@ -3588,8 +3643,8 @@ def __init__( property_name: Optional[Union[str, "_models.AutomationRulePropertyConditionSupportedProperty"]] = None, operator: Optional[Union[str, "_models.AutomationRulePropertyConditionSupportedOperator"]] = None, property_values: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword property_name: The property to evaluate in an automation rule property condition. Known values are: "IncidentTitle", "IncidentDescription", "IncidentSeverity", "IncidentStatus", @@ -3648,8 +3703,8 @@ class AutomationRuleRunPlaybookAction(AutomationRuleAction): } def __init__( - self, *, order: int, action_configuration: Optional["_models.PlaybookActionProperties"] = None, **kwargs - ): + self, *, order: int, action_configuration: Optional["_models.PlaybookActionProperties"] = None, **kwargs: Any + ) -> None: """ :keyword order: Required. :paramtype order: int @@ -3676,8 +3731,8 @@ class AutomationRulesList(_serialization.Model): } def __init__( - self, *, value: Optional[List["_models.AutomationRule"]] = None, next_link: Optional[str] = None, **kwargs - ): + self, *, value: Optional[List["_models.AutomationRule"]] = None, next_link: Optional[str] = None, **kwargs: Any + ) -> None: """ :keyword value: :paramtype value: list[~azure.mgmt.securityinsight.models.AutomationRule] @@ -3731,8 +3786,8 @@ def __init__( triggers_when: Union[str, "_models.TriggersWhen"], expiration_time_utc: Optional[datetime.datetime] = None, conditions: Optional[List["_models.AutomationRuleCondition"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword is_enabled: Determines whether the automation rule is enabled or disabled. Required. :paramtype is_enabled: bool @@ -3769,7 +3824,9 @@ class Availability(_serialization.Model): "is_preview": {"key": "isPreview", "type": "bool"}, } - def __init__(self, *, status: Optional[Literal[1]] = None, is_preview: Optional[bool] = None, **kwargs): + def __init__( + self, *, status: Optional[Literal[1]] = None, is_preview: Optional[bool] = None, **kwargs: Any + ) -> None: """ :keyword status: The connector Availability Status. Default value is 1. :paramtype status: int @@ -3789,10 +3846,10 @@ class AwsCloudTrailCheckRequirements(DataConnectorsCheckRequirements): :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind """ @@ -3804,7 +3861,7 @@ class AwsCloudTrailCheckRequirements(DataConnectorsCheckRequirements): "kind": {"key": "kind", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "AmazonWebServicesCloudTrail" @@ -3833,10 +3890,10 @@ class AwsCloudTrailDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar aws_role_arn: The Aws Role Arn (with CloudTrailReadOnly policy) that is used to access the Aws account. @@ -3870,8 +3927,8 @@ def __init__( etag: Optional[str] = None, aws_role_arn: Optional[str] = None, data_types: Optional["_models.AwsCloudTrailDataConnectorDataTypes"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -3904,7 +3961,7 @@ class AwsCloudTrailDataConnectorDataTypes(_serialization.Model): "logs": {"key": "logs", "type": "AwsCloudTrailDataConnectorDataTypesLogs"}, } - def __init__(self, *, logs: "_models.AwsCloudTrailDataConnectorDataTypesLogs", **kwargs): + def __init__(self, *, logs: "_models.AwsCloudTrailDataConnectorDataTypesLogs", **kwargs: Any) -> None: """ :keyword logs: Logs data type. Required. :paramtype logs: ~azure.mgmt.securityinsight.models.AwsCloudTrailDataConnectorDataTypesLogs @@ -3931,7 +3988,7 @@ class DataConnectorDataTypeCommon(_serialization.Model): "state": {"key": "state", "type": "str"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ :keyword state: Describe whether this data type connection is enabled or not. Required. Known values are: "Enabled" and "Disabled". @@ -3959,7 +4016,7 @@ class AwsCloudTrailDataConnectorDataTypesLogs(DataConnectorDataTypeCommon): "state": {"key": "state", "type": "str"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ :keyword state: Describe whether this data type connection is enabled or not. Required. Known values are: "Enabled" and "Disabled". @@ -3976,10 +4033,10 @@ class AwsS3CheckRequirements(DataConnectorsCheckRequirements): :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind """ @@ -3991,7 +4048,7 @@ class AwsS3CheckRequirements(DataConnectorsCheckRequirements): "kind": {"key": "kind", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "AmazonWebServicesS3" @@ -4020,10 +4077,10 @@ class AwsS3DataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar destination_table: The logs destination table name in LogAnalytics. :vartype destination_table: str @@ -4064,8 +4121,8 @@ def __init__( sqs_urls: Optional[List[str]] = None, role_arn: Optional[str] = None, data_types: Optional["_models.AwsS3DataConnectorDataTypes"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -4103,7 +4160,7 @@ class AwsS3DataConnectorDataTypes(_serialization.Model): "logs": {"key": "logs", "type": "AwsS3DataConnectorDataTypesLogs"}, } - def __init__(self, *, logs: "_models.AwsS3DataConnectorDataTypesLogs", **kwargs): + def __init__(self, *, logs: "_models.AwsS3DataConnectorDataTypesLogs", **kwargs: Any) -> None: """ :keyword logs: Logs data type. Required. :paramtype logs: ~azure.mgmt.securityinsight.models.AwsS3DataConnectorDataTypesLogs @@ -4130,7 +4187,7 @@ class AwsS3DataConnectorDataTypesLogs(DataConnectorDataTypeCommon): "state": {"key": "state", "type": "str"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ :keyword state: Describe whether this data type connection is enabled or not. Required. Known values are: "Enabled" and "Disabled". @@ -4153,7 +4210,9 @@ class AzureDevOpsResourceInfo(_serialization.Model): "service_connection_id": {"key": "serviceConnectionId", "type": "str"}, } - def __init__(self, *, pipeline_id: Optional[str] = None, service_connection_id: Optional[str] = None, **kwargs): + def __init__( + self, *, pipeline_id: Optional[str] = None, service_connection_id: Optional[str] = None, **kwargs: Any + ) -> None: """ :keyword pipeline_id: Id of the pipeline created for the source-control. :paramtype pipeline_id: str @@ -4165,6 +4224,48 @@ def __init__(self, *, pipeline_id: Optional[str] = None, service_connection_id: self.service_connection_id = service_connection_id +class AzureEntityResource(Resource): + """The resource model definition for an Azure Resource Manager resource with an etag. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Resource Etag. + :vartype etag: str + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "etag": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + } + + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.etag = None + + class AzureResourceEntity(Entity): """Represents an azure resource entity. @@ -4187,7 +4288,7 @@ class AzureResourceEntity(Entity): "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -4224,7 +4325,7 @@ class AzureResourceEntity(Entity): "subscription_id": {"key": "properties.subscriptionId", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "AzureResource" @@ -4265,7 +4366,7 @@ class AzureResourceEntityProperties(EntityCommonProperties): "subscription_id": {"key": "subscriptionId", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.resource_id = None @@ -4375,8 +4476,8 @@ def __init__( entity_mappings: Optional[List["_models.BookmarkEntityMappings"]] = None, tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, techniques: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -4451,8 +4552,8 @@ def __init__( *, entity_type: Optional[str] = None, field_mappings: Optional[List["_models.EntityFieldMapping"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword entity_type: The entity type. :paramtype entity_type: str @@ -4489,8 +4590,8 @@ def __init__( end_time: Optional[datetime.datetime] = None, expansion_id: Optional[str] = None, start_time: Optional[datetime.datetime] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword end_time: The end date filter, so the only expansion results returned are before this date. @@ -4526,8 +4627,8 @@ def __init__( *, meta_data: Optional["_models.ExpansionResultsMetadata"] = None, value: Optional["_models.BookmarkExpandResponseValue"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword meta_data: The metadata from the expansion operation results. :paramtype meta_data: ~azure.mgmt.securityinsight.models.ExpansionResultsMetadata @@ -4558,8 +4659,8 @@ def __init__( *, entities: Optional[List["_models.Entity"]] = None, edges: Optional[List["_models.ConnectedEntity"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword entities: Array of the expansion result entities. :paramtype entities: list[~azure.mgmt.securityinsight.models.Entity] @@ -4594,7 +4695,7 @@ class BookmarkList(_serialization.Model): "value": {"key": "value", "type": "[Bookmark]"}, } - def __init__(self, *, value: List["_models.Bookmark"], **kwargs): + def __init__(self, *, value: List["_models.Bookmark"], **kwargs: Any) -> None: """ :keyword value: Array of bookmarks. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.Bookmark] @@ -4658,8 +4759,8 @@ def __init__( event_time: Optional[datetime.datetime] = None, created_by: Optional["_models.UserInfo"] = None, labels: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword azure_resource_id: The bookmark azure resource id. Required. :paramtype azure_resource_id: str @@ -4691,7 +4792,8 @@ def __init__( class BooleanConditionProperties(AutomationRuleCondition): - """Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to conditions. + """Describes an automation rule condition that applies a boolean operator (e.g AND, OR) to + conditions. All required parameters must be populated in order to send to Azure. @@ -4712,7 +4814,9 @@ class BooleanConditionProperties(AutomationRuleCondition): "condition_properties": {"key": "conditionProperties", "type": "AutomationRuleBooleanCondition"}, } - def __init__(self, *, condition_properties: Optional["_models.AutomationRuleBooleanCondition"] = None, **kwargs): + def __init__( + self, *, condition_properties: Optional["_models.AutomationRuleBooleanCondition"] = None, **kwargs: Any + ) -> None: """ :keyword condition_properties: :paramtype condition_properties: @@ -4750,8 +4854,8 @@ def __init__( name: Optional[str] = None, object_id: Optional[str] = None, user_principal_name: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword email: The email of the client. :paramtype email: str @@ -4791,7 +4895,7 @@ class CloudApplicationEntity(Entity): "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -4833,7 +4937,7 @@ class CloudApplicationEntity(Entity): "instance_name": {"key": "properties.instanceName", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "CloudApplication" @@ -4880,7 +4984,7 @@ class CloudApplicationEntityProperties(EntityCommonProperties): "instance_name": {"key": "instanceName", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.app_id = None @@ -4911,7 +5015,7 @@ class CloudErrorBody(_serialization.Model): "message": {"key": "message", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.code = None @@ -4941,10 +5045,10 @@ class CodelessApiPollingDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar connector_ui_config: Config to describe the instructions blade. :vartype connector_ui_config: @@ -4979,8 +5083,8 @@ def __init__( etag: Optional[str] = None, connector_ui_config: Optional["_models.CodelessUiConnectorConfigProperties"] = None, polling_config: Optional["_models.CodelessConnectorPollingConfigProperties"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -5070,8 +5174,8 @@ def __init__( token_endpoint_query_parameters: Optional[JSON] = None, is_client_secret_in_header: Optional[bool] = None, scope: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword auth_type: The authentication type. Required. :paramtype auth_type: str @@ -5161,8 +5265,8 @@ def __init__( is_active: Optional[bool] = None, paging: Optional["_models.CodelessConnectorPollingPagingProperties"] = None, response: Optional["_models.CodelessConnectorPollingResponseProperties"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword is_active: The poller active status. :paramtype is_active: bool @@ -5243,8 +5347,8 @@ def __init__( search_the_latest_time_stamp_from_events_list: Optional[str] = None, page_size_para_name: Optional[str] = None, page_size: Optional[int] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword paging_type: Describes the type. could be 'None', 'PageToken', 'PageCount', 'TimeStamp'. Required. @@ -5352,8 +5456,8 @@ def __init__( query_parameters_template: Optional[str] = None, start_time_attribute_name: Optional[str] = None, end_time_attribute_name: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword api_endpoint: Describe the endpoint we should pull the data from. Required. :paramtype api_endpoint: str @@ -5437,8 +5541,8 @@ def __init__( success_status_json_path: Optional[str] = None, success_status_value: Optional[str] = None, is_gzip_compressed: Optional[bool] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword events_json_paths: Describes the path we should extract the data in the response. Required. @@ -5547,8 +5651,8 @@ def __init__( permissions: "_models.Permissions", instruction_steps: List["_models.CodelessUiConnectorConfigPropertiesInstructionStepsItem"], custom_image: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword title: Connector blade title. Required. :paramtype title: str @@ -5616,8 +5720,8 @@ def __init__( *, type: Optional[Union[str, "_models.ConnectivityType"]] = None, value: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword type: type of connectivity. "IsConnectedQuery" :paramtype type: str or ~azure.mgmt.securityinsight.models.ConnectivityType @@ -5648,8 +5752,8 @@ def __init__( *, type: Optional[Union[str, "_models.ConnectivityType"]] = None, value: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword type: type of connectivity. "IsConnectedQuery" :paramtype type: str or ~azure.mgmt.securityinsight.models.ConnectivityType @@ -5674,7 +5778,9 @@ class LastDataReceivedDataType(_serialization.Model): "last_data_received_query": {"key": "lastDataReceivedQuery", "type": "str"}, } - def __init__(self, *, name: Optional[str] = None, last_data_received_query: Optional[str] = None, **kwargs): + def __init__( + self, *, name: Optional[str] = None, last_data_received_query: Optional[str] = None, **kwargs: Any + ) -> None: """ :keyword name: Name of the data type to show in the graph. can be use with {{graphQueriesTableName}} placeholder. @@ -5702,7 +5808,9 @@ class CodelessUiConnectorConfigPropertiesDataTypesItem(LastDataReceivedDataType) "last_data_received_query": {"key": "lastDataReceivedQuery", "type": "str"}, } - def __init__(self, *, name: Optional[str] = None, last_data_received_query: Optional[str] = None, **kwargs): + def __init__( + self, *, name: Optional[str] = None, last_data_received_query: Optional[str] = None, **kwargs: Any + ) -> None: """ :keyword name: Name of the data type to show in the graph. can be use with {{graphQueriesTableName}} placeholder. @@ -5736,8 +5844,8 @@ def __init__( metric_name: Optional[str] = None, legend: Optional[str] = None, base_query: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword metric_name: the metric that the query is checking. :paramtype metric_name: str @@ -5775,8 +5883,8 @@ def __init__( metric_name: Optional[str] = None, legend: Optional[str] = None, base_query: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword metric_name: the metric that the query is checking. :paramtype metric_name: str @@ -5812,8 +5920,8 @@ def __init__( title: Optional[str] = None, description: Optional[str] = None, instructions: Optional[List["_models.InstructionStepsInstructionsItem"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword title: Instruction step title. :paramtype title: str @@ -5853,8 +5961,8 @@ def __init__( title: Optional[str] = None, description: Optional[str] = None, instructions: Optional[List["_models.InstructionStepsInstructionsItem"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword title: Instruction step title. :paramtype title: str @@ -5881,7 +5989,7 @@ class SampleQueries(_serialization.Model): "query": {"key": "query", "type": "str"}, } - def __init__(self, *, description: Optional[str] = None, query: Optional[str] = None, **kwargs): + def __init__(self, *, description: Optional[str] = None, query: Optional[str] = None, **kwargs: Any) -> None: """ :keyword description: The sample query description. :paramtype description: str @@ -5907,7 +6015,7 @@ class CodelessUiConnectorConfigPropertiesSampleQueriesItem(SampleQueries): "query": {"key": "query", "type": "str"}, } - def __init__(self, *, description: Optional[str] = None, query: Optional[str] = None, **kwargs): + def __init__(self, *, description: Optional[str] = None, query: Optional[str] = None, **kwargs: Any) -> None: """ :keyword description: The sample query description. :paramtype description: str @@ -5940,10 +6048,10 @@ class CodelessUiDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar connector_ui_config: Config to describe the instructions blade. :vartype connector_ui_config: @@ -5973,8 +6081,8 @@ def __init__( *, etag: Optional[str] = None, connector_ui_config: Optional["_models.CodelessUiConnectorConfigProperties"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -6001,7 +6109,9 @@ class ConnectedEntity(_serialization.Model): "additional_data": {"key": "additionalData", "type": "object"}, } - def __init__(self, *, target_entity_id: Optional[str] = None, additional_data: Optional[JSON] = None, **kwargs): + def __init__( + self, *, target_entity_id: Optional[str] = None, additional_data: Optional[JSON] = None, **kwargs: Any + ) -> None: """ :keyword target_entity_id: Entity Id of the connected entity. :paramtype target_entity_id: str @@ -6034,7 +6144,9 @@ class ConnectorInstructionModelBase(_serialization.Model): "type": {"key": "type", "type": "str"}, } - def __init__(self, *, type: Union[str, "_models.SettingType"], parameters: Optional[JSON] = None, **kwargs): + def __init__( + self, *, type: Union[str, "_models.SettingType"], parameters: Optional[JSON] = None, **kwargs: Any + ) -> None: """ :keyword parameters: The parameters for the setting. :paramtype parameters: JSON @@ -6068,7 +6180,7 @@ class Content(_serialization.Model): "description": {"key": "description", "type": "str"}, } - def __init__(self, *, title: str, description: str, **kwargs): + def __init__(self, *, title: str, description: str, **kwargs: Any) -> None: """ :keyword title: Title of the content. Required. :paramtype title: str @@ -6095,8 +6207,12 @@ class ContentPathMap(_serialization.Model): } def __init__( - self, *, content_type: Optional[Union[str, "_models.ContentType"]] = None, path: Optional[str] = None, **kwargs - ): + self, + *, + content_type: Optional[Union[str, "_models.ContentType"]] = None, + path: Optional[str] = None, + **kwargs: Any + ) -> None: """ :keyword content_type: Content type. Known values are: "AnalyticRule" and "Workbook". :paramtype content_type: str or ~azure.mgmt.securityinsight.models.ContentType @@ -6122,7 +6238,7 @@ class CustomsPermission(_serialization.Model): "description": {"key": "description", "type": "str"}, } - def __init__(self, *, name: Optional[str] = None, description: Optional[str] = None, **kwargs): + def __init__(self, *, name: Optional[str] = None, description: Optional[str] = None, **kwargs: Any) -> None: """ :keyword name: Customs permissions name. :paramtype name: str @@ -6148,7 +6264,7 @@ class Customs(CustomsPermission): "description": {"key": "description", "type": "str"}, } - def __init__(self, *, name: Optional[str] = None, description: Optional[str] = None, **kwargs): + def __init__(self, *, name: Optional[str] = None, description: Optional[str] = None, **kwargs: Any) -> None: """ :keyword name: Customs permissions name. :paramtype name: str @@ -6217,8 +6333,8 @@ def __init__( user_name: Optional[str] = None, password: Optional[str] = None, request_config_user_input_values: Optional[List[JSON]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword kind: The authentication kind used to poll the data. Known values are: "Basic", "OAuth2", and "APIKey". @@ -6285,7 +6401,7 @@ class DataConnectorList(_serialization.Model): "value": {"key": "value", "type": "[DataConnector]"}, } - def __init__(self, *, value: List["_models.DataConnector"], **kwargs): + def __init__(self, *, value: List["_models.DataConnector"], **kwargs: Any) -> None: """ :keyword value: Array of data connectors. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.DataConnector] @@ -6317,8 +6433,8 @@ def __init__( *, authorization_state: Optional[Union[str, "_models.DataConnectorAuthorizationState"]] = None, license_state: Optional[Union[str, "_models.DataConnectorLicenseState"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword authorization_state: Authorization state for this connector. Known values are: "Valid" and "Invalid". @@ -6344,7 +6460,7 @@ class DataTypeDefinitions(_serialization.Model): "data_type": {"key": "dataType", "type": "str"}, } - def __init__(self, *, data_type: Optional[str] = None, **kwargs): + def __init__(self, *, data_type: Optional[str] = None, **kwargs: Any) -> None: """ :keyword data_type: The data type name. :paramtype data_type: str @@ -6386,8 +6502,8 @@ def __init__( deployment_result: Optional[Union[str, "_models.DeploymentResult"]] = None, deployment_time: Optional[datetime.datetime] = None, deployment_logs_url: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword deployment_id: Deployment identifier. :paramtype deployment_id: str @@ -6435,8 +6551,8 @@ def __init__( deployment_fetch_status: Optional[Union[str, "_models.DeploymentFetchStatus"]] = None, deployment: Optional["_models.Deployment"] = None, message: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword deployment_fetch_status: Status while fetching the last deployment. Known values are: "Success", "Unauthorized", and "NotFound". @@ -6475,7 +6591,7 @@ class DnsEntity(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -6520,7 +6636,7 @@ class DnsEntity(Entity): # pylint: disable=too-many-instance-attributes "ip_address_entity_ids": {"key": "properties.ipAddressEntityIds", "type": "[str]"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "DnsResolution" @@ -6571,7 +6687,7 @@ class DnsEntityProperties(EntityCommonProperties): "ip_address_entity_ids": {"key": "ipAddressEntityIds", "type": "[str]"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.dns_server_ip_entity_id = None @@ -6588,10 +6704,10 @@ class Dynamics365CheckRequirements(DataConnectorsCheckRequirements): :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -6606,7 +6722,7 @@ class Dynamics365CheckRequirements(DataConnectorsCheckRequirements): "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str @@ -6633,7 +6749,7 @@ class Dynamics365CheckRequirementsProperties(DataConnectorTenantId): "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -6664,10 +6780,10 @@ class Dynamics365DataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -6700,8 +6816,8 @@ def __init__( etag: Optional[str] = None, tenant_id: Optional[str] = None, data_types: Optional["_models.Dynamics365DataConnectorDataTypes"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -6741,8 +6857,8 @@ def __init__( self, *, dynamics365_cds_activities: "_models.Dynamics365DataConnectorDataTypesDynamics365CdsActivities", - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword dynamics365_cds_activities: Common Data Service data type connection. Required. :paramtype dynamics365_cds_activities: @@ -6770,7 +6886,7 @@ class Dynamics365DataConnectorDataTypesDynamics365CdsActivities(DataConnectorDat "state": {"key": "state", "type": "str"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ :keyword state: Describe whether this data type connection is enabled or not. Required. Known values are: "Enabled" and "Disabled". @@ -6800,7 +6916,9 @@ class Dynamics365DataConnectorProperties(DataConnectorTenantId): "data_types": {"key": "dataTypes", "type": "Dynamics365DataConnectorDataTypes"}, } - def __init__(self, *, tenant_id: str, data_types: "_models.Dynamics365DataConnectorDataTypes", **kwargs): + def __init__( + self, *, tenant_id: str, data_types: "_models.Dynamics365DataConnectorDataTypes", **kwargs: Any + ) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -6846,8 +6964,8 @@ def __init__( updated: Optional[datetime.datetime] = None, expires: Optional[datetime.datetime] = None, parsed_whois: Optional["_models.EnrichmentDomainWhoisDetails"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword domain: The domain for this whois record. :paramtype domain: str @@ -6922,8 +7040,8 @@ def __init__( phone: Optional[str] = None, fax: Optional[str] = None, email: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword name: The name of this contact. :paramtype name: str @@ -6986,8 +7104,8 @@ def __init__( billing: Optional["_models.EnrichmentDomainWhoisContact"] = None, registrant: Optional["_models.EnrichmentDomainWhoisContact"] = None, tech: Optional["_models.EnrichmentDomainWhoisContact"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword admin: The admin contact for this whois record. :paramtype admin: ~azure.mgmt.securityinsight.models.EnrichmentDomainWhoisContact @@ -7032,8 +7150,8 @@ def __init__( contacts: Optional["_models.EnrichmentDomainWhoisContacts"] = None, name_servers: Optional[List[str]] = None, statuses: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword registrar: The registrar associated with this domain. :paramtype registrar: ~azure.mgmt.securityinsight.models.EnrichmentDomainWhoisRegistrarDetails @@ -7086,8 +7204,8 @@ def __init__( iana_id: Optional[str] = None, url: Optional[str] = None, whois_server: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword name: The name of this registrar. :paramtype name: str @@ -7193,8 +7311,8 @@ def __init__( state: Optional[str] = None, state_cf: Optional[int] = None, state_code: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword asn: The autonomous system number associated with this IP address. :paramtype asn: str @@ -7305,8 +7423,8 @@ def __init__( *, etag: Optional[str] = None, entity_providers: Optional[List[Union[str, "_models.EntityProviders"]]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -7334,8 +7452,8 @@ class EntityEdges(_serialization.Model): } def __init__( - self, *, target_entity_id: Optional[str] = None, additional_data: Optional[Dict[str, Any]] = None, **kwargs - ): + self, *, target_entity_id: Optional[str] = None, additional_data: Optional[Dict[str, Any]] = None, **kwargs: Any + ) -> None: """ :keyword target_entity_id: The target entity Id. :paramtype target_entity_id: str @@ -7373,8 +7491,8 @@ def __init__( end_time: Optional[datetime.datetime] = None, expansion_id: Optional[str] = None, start_time: Optional[datetime.datetime] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword end_time: The end date filter, so the only expansion results returned are before this date. @@ -7410,8 +7528,8 @@ def __init__( *, meta_data: Optional["_models.ExpansionResultsMetadata"] = None, value: Optional["_models.EntityExpandResponseValue"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword meta_data: The metadata from the expansion operation results. :paramtype meta_data: ~azure.mgmt.securityinsight.models.ExpansionResultsMetadata @@ -7442,8 +7560,8 @@ def __init__( *, entities: Optional[List["_models.Entity"]] = None, edges: Optional[List["_models.EntityEdges"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword entities: Array of the expansion result entities. :paramtype entities: list[~azure.mgmt.securityinsight.models.Entity] @@ -7469,7 +7587,7 @@ class EntityFieldMapping(_serialization.Model): "value": {"key": "value", "type": "str"}, } - def __init__(self, *, identifier: Optional[str] = None, value: Optional[str] = None, **kwargs): + def __init__(self, *, identifier: Optional[str] = None, value: Optional[str] = None, **kwargs: Any) -> None: """ :keyword identifier: Alert V3 identifier. :paramtype identifier: str @@ -7518,8 +7636,8 @@ def __init__( end_time: datetime.datetime, add_default_extended_time_range: Optional[bool] = None, insight_query_ids: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword start_time: The start timeline date, so the results returned are after this date. Required. @@ -7560,8 +7678,8 @@ def __init__( *, meta_data: Optional["_models.GetInsightsResultsMetadata"] = None, value: Optional[List["_models.EntityInsightItem"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword meta_data: The metadata from the get insights operation results. :paramtype meta_data: ~azure.mgmt.securityinsight.models.GetInsightsResultsMetadata @@ -7601,8 +7719,8 @@ def __init__( query_time_interval: Optional["_models.EntityInsightItemQueryTimeInterval"] = None, table_query_results: Optional["_models.InsightsTableResult"] = None, chart_query_results: Optional[List["_models.InsightsTableResult"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword query_id: The query id of the insight. :paramtype query_id: str @@ -7636,8 +7754,12 @@ class EntityInsightItemQueryTimeInterval(_serialization.Model): } def __init__( - self, *, start_time: Optional[datetime.datetime] = None, end_time: Optional[datetime.datetime] = None, **kwargs - ): + self, + *, + start_time: Optional[datetime.datetime] = None, + end_time: Optional[datetime.datetime] = None, + **kwargs: Any + ) -> None: """ :keyword start_time: Insight query start time. :paramtype start_time: ~datetime.datetime @@ -7672,7 +7794,7 @@ class EntityList(_serialization.Model): "value": {"key": "value", "type": "[Entity]"}, } - def __init__(self, *, value: List["_models.Entity"], **kwargs): + def __init__(self, *, value: List["_models.Entity"], **kwargs: Any) -> None: """ :keyword value: Array of entities. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.Entity] @@ -7682,6 +7804,51 @@ def __init__(self, *, value: List["_models.Entity"], **kwargs): self.value = value +class EntityManualTriggerRequestBody(_serialization.Model): + """Describes the request body for triggering a playbook on an entity. + + All required parameters must be populated in order to send to Azure. + + :ivar incident_arm_id: Incident ARM id. + :vartype incident_arm_id: str + :ivar tenant_id: The tenant id of the playbook resource. + :vartype tenant_id: str + :ivar logic_apps_resource_id: The resource id of the playbook resource. Required. + :vartype logic_apps_resource_id: str + """ + + _validation = { + "logic_apps_resource_id": {"required": True}, + } + + _attribute_map = { + "incident_arm_id": {"key": "incidentArmId", "type": "str"}, + "tenant_id": {"key": "tenantId", "type": "str"}, + "logic_apps_resource_id": {"key": "logicAppsResourceId", "type": "str"}, + } + + def __init__( + self, + *, + logic_apps_resource_id: str, + incident_arm_id: Optional[str] = None, + tenant_id: Optional[str] = None, + **kwargs: Any + ) -> None: + """ + :keyword incident_arm_id: Incident ARM id. + :paramtype incident_arm_id: str + :keyword tenant_id: The tenant id of the playbook resource. + :paramtype tenant_id: str + :keyword logic_apps_resource_id: The resource id of the playbook resource. Required. + :paramtype logic_apps_resource_id: str + """ + super().__init__(**kwargs) + self.incident_arm_id = incident_arm_id + self.tenant_id = tenant_id + self.logic_apps_resource_id = logic_apps_resource_id + + class EntityMapping(_serialization.Model): """Single entity mapping for the alert rule. @@ -7704,8 +7871,8 @@ def __init__( *, entity_type: Optional[Union[str, "_models.EntityMappingType"]] = None, field_mappings: Optional[List["_models.FieldMapping"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword entity_type: The V3 type of the mapped entity. Known values are: "Account", "Host", "IP", "Malware", "File", "Process", "CloudApplication", "DNS", "AzureResource", "FileHash", @@ -7755,7 +7922,7 @@ class EntityQueryItem(_serialization.Model): _subtype_map = {"kind": {"Insight": "InsightQueryItem"}} - def __init__(self, *, name: Optional[str] = None, type: Optional[str] = None, **kwargs): + def __init__(self, *, name: Optional[str] = None, type: Optional[str] = None, **kwargs: Any) -> None: """ :keyword name: Query Template ARM Name. :paramtype name: str @@ -7800,8 +7967,8 @@ def __init__( input_entity_type: Optional[Union[str, "_models.EntityType"]] = None, required_input_fields_sets: Optional[List[List[str]]] = None, entities_filter: Optional[JSON] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword data_types: Data types for template. :paramtype data_types: @@ -7834,7 +8001,7 @@ class EntityQueryItemPropertiesDataTypesItem(_serialization.Model): "data_type": {"key": "dataType", "type": "str"}, } - def __init__(self, *, data_type: Optional[str] = None, **kwargs): + def __init__(self, *, data_type: Optional[str] = None, **kwargs: Any) -> None: """ :keyword data_type: Data type name. :paramtype data_type: str @@ -7866,7 +8033,7 @@ class EntityQueryList(_serialization.Model): "value": {"key": "value", "type": "[EntityQuery]"}, } - def __init__(self, *, value: List["_models.EntityQuery"], **kwargs): + def __init__(self, *, value: List["_models.EntityQuery"], **kwargs: Any) -> None: """ :keyword value: Array of entity queries. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.EntityQuery] @@ -7899,7 +8066,7 @@ class EntityQueryTemplateList(_serialization.Model): "value": {"key": "value", "type": "[EntityQueryTemplate]"}, } - def __init__(self, *, value: List["_models.EntityQueryTemplate"], **kwargs): + def __init__(self, *, value: List["_models.EntityQueryTemplate"], **kwargs: Any) -> None: """ :keyword value: Array of entity query templates. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.EntityQueryTemplate] @@ -7944,8 +8111,8 @@ def __init__( end_time: datetime.datetime, kinds: Optional[List[Union[str, "_models.EntityTimelineKind"]]] = None, number_of_bucket: Optional[int] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword kinds: Array of timeline Item kinds. :paramtype kinds: list[str or ~azure.mgmt.securityinsight.models.EntityTimelineKind] @@ -7984,8 +8151,8 @@ def __init__( *, meta_data: Optional["_models.TimelineResultsMetadata"] = None, value: Optional[List["_models.EntityTimelineItem"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword meta_data: The metadata from the timeline operation results. :paramtype meta_data: ~azure.mgmt.securityinsight.models.TimelineResultsMetadata @@ -7997,6 +8164,133 @@ def __init__( self.value = value +class Error(_serialization.Model): + """The error description for why a publication failed. + + All required parameters must be populated in order to send to Azure. + + :ivar member_resource_name: The member resource name for which the publication error occured. + Required. + :vartype member_resource_name: str + :ivar error_message: The error message. Required. + :vartype error_message: str + """ + + _validation = { + "member_resource_name": {"required": True}, + "error_message": {"required": True}, + } + + _attribute_map = { + "member_resource_name": {"key": "memberResourceName", "type": "str"}, + "error_message": {"key": "errorMessage", "type": "str"}, + } + + def __init__(self, *, member_resource_name: str, error_message: str, **kwargs: Any) -> None: + """ + :keyword member_resource_name: The member resource name for which the publication error + occured. Required. + :paramtype member_resource_name: str + :keyword error_message: The error message. Required. + :paramtype error_message: str + """ + super().__init__(**kwargs) + self.member_resource_name = member_resource_name + self.error_message = error_message + + +class ErrorAdditionalInfo(_serialization.Model): + """The resource management error additional info. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar type: The additional info type. + :vartype type: str + :ivar info: The additional info. + :vartype info: JSON + """ + + _validation = { + "type": {"readonly": True}, + "info": {"readonly": True}, + } + + _attribute_map = { + "type": {"key": "type", "type": "str"}, + "info": {"key": "info", "type": "object"}, + } + + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.type = None + self.info = None + + +class ErrorDetail(_serialization.Model): + """The error detail. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar code: The error code. + :vartype code: str + :ivar message: The error message. + :vartype message: str + :ivar target: The error target. + :vartype target: str + :ivar details: The error details. + :vartype details: list[~azure.mgmt.securityinsight.models.ErrorDetail] + :ivar additional_info: The error additional info. + :vartype additional_info: list[~azure.mgmt.securityinsight.models.ErrorAdditionalInfo] + """ + + _validation = { + "code": {"readonly": True}, + "message": {"readonly": True}, + "target": {"readonly": True}, + "details": {"readonly": True}, + "additional_info": {"readonly": True}, + } + + _attribute_map = { + "code": {"key": "code", "type": "str"}, + "message": {"key": "message", "type": "str"}, + "target": {"key": "target", "type": "str"}, + "details": {"key": "details", "type": "[ErrorDetail]"}, + "additional_info": {"key": "additionalInfo", "type": "[ErrorAdditionalInfo]"}, + } + + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.code = None + self.message = None + self.target = None + self.details = None + self.additional_info = None + + +class ErrorResponse(_serialization.Model): + """Common error response for all Azure Resource Manager APIs to return error details for failed + operations. (This also follows the OData error response format.). + + :ivar error: The error object. + :vartype error: ~azure.mgmt.securityinsight.models.ErrorDetail + """ + + _attribute_map = { + "error": {"key": "error", "type": "ErrorDetail"}, + } + + def __init__(self, *, error: Optional["_models.ErrorDetail"] = None, **kwargs: Any) -> None: + """ + :keyword error: The error object. + :paramtype error: ~azure.mgmt.securityinsight.models.ErrorDetail + """ + super().__init__(**kwargs) + self.error = error + + class EventGroupingSettings(_serialization.Model): """Event grouping settings property bag. @@ -8011,8 +8305,8 @@ class EventGroupingSettings(_serialization.Model): } def __init__( - self, *, aggregation_kind: Optional[Union[str, "_models.EventGroupingAggregationKind"]] = None, **kwargs - ): + self, *, aggregation_kind: Optional[Union[str, "_models.EventGroupingAggregationKind"]] = None, **kwargs: Any + ) -> None: """ :keyword aggregation_kind: The event grouping aggregation kinds. Known values are: "SingleAlert" and "AlertPerResult". @@ -8097,8 +8391,8 @@ def __init__( input_fields: Optional[List[str]] = None, output_entity_types: Optional[List[Union[str, "_models.EntityType"]]] = None, query_template: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -8148,7 +8442,7 @@ class ExpansionResultAggregation(_serialization.Model): "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum """ _validation = { @@ -8167,11 +8461,11 @@ def __init__( self, *, count: int, - entity_kind: Union[str, "_models.EntityKind"], + entity_kind: Union[str, "_models.EntityKindEnum"], aggregation_type: Optional[str] = None, display_name: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword aggregation_type: The common type of the aggregation. (for e.g. entity field name). :paramtype aggregation_type: str @@ -8185,7 +8479,7 @@ def __init__( "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :paramtype entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :paramtype entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum """ super().__init__(**kwargs) self.aggregation_type = aggregation_type @@ -8205,7 +8499,9 @@ class ExpansionResultsMetadata(_serialization.Model): "aggregations": {"key": "aggregations", "type": "[ExpansionResultAggregation]"}, } - def __init__(self, *, aggregations: Optional[List["_models.ExpansionResultAggregation"]] = None, **kwargs): + def __init__( + self, *, aggregations: Optional[List["_models.ExpansionResultAggregation"]] = None, **kwargs: Any + ) -> None: """ :keyword aggregations: Information of the aggregated nodes in the expansion result. :paramtype aggregations: list[~azure.mgmt.securityinsight.models.ExpansionResultAggregation] @@ -8260,7 +8556,7 @@ class EyesOn(Settings): "is_enabled": {"key": "properties.isEnabled", "type": "bool"}, } - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -8284,7 +8580,7 @@ class FieldMapping(_serialization.Model): "column_name": {"key": "columnName", "type": "str"}, } - def __init__(self, *, identifier: Optional[str] = None, column_name: Optional[str] = None, **kwargs): + def __init__(self, *, identifier: Optional[str] = None, column_name: Optional[str] = None, **kwargs: Any) -> None: """ :keyword identifier: the V3 identifier of the entity. :paramtype identifier: str @@ -8318,7 +8614,7 @@ class FileEntity(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -8363,7 +8659,7 @@ class FileEntity(Entity): # pylint: disable=too-many-instance-attributes "host_entity_id": {"key": "properties.hostEntityId", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "File" @@ -8414,7 +8710,7 @@ class FileEntityProperties(EntityCommonProperties): "host_entity_id": {"key": "hostEntityId", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.directory = None @@ -8445,7 +8741,7 @@ class FileHashEntity(Entity): "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -8483,7 +8779,7 @@ class FileHashEntity(Entity): "hash_value": {"key": "properties.hashValue", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "FileHash" @@ -8525,7 +8821,7 @@ class FileHashEntityProperties(EntityCommonProperties): "hash_value": {"key": "hashValue", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.algorithm = None @@ -8626,8 +8922,8 @@ def __init__( content_type: Optional[Union[str, "_models.FileImportContentType"]] = None, import_file: Optional["_models.FileMetadata"] = None, source: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword ingestion_mode: Describes how to ingest the records in the file. Known values are: "IngestOnlyIfAllAreValid", "IngestAnyValidRecords", and "Unspecified". @@ -8679,7 +8975,7 @@ class FileImportList(_serialization.Model): "value": {"key": "value", "type": "[FileImport]"}, } - def __init__(self, *, value: List["_models.FileImport"], **kwargs): + def __init__(self, *, value: List["_models.FileImport"], **kwargs: Any) -> None: """ :keyword value: Array of file imports. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.FileImport] @@ -8726,8 +9022,8 @@ def __init__( file_format: Optional[Union[str, "_models.FileFormat"]] = None, file_name: Optional[str] = None, file_size: Optional[int] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword file_format: The format of the file. Known values are: "CSV", "JSON", and "Unspecified". @@ -8837,8 +9133,8 @@ def __init__( enabled: Optional[bool] = None, source_settings: Optional[List["_models.FusionSourceSettings"]] = None, scenario_exclusion_patterns: Optional[List["_models.FusionScenarioExclusionPattern"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -8961,8 +9257,8 @@ def __init__( tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, techniques: Optional[List[str]] = None, source_settings: Optional[List["_models.FusionTemplateSourceSetting"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword alert_rules_created_by_template_count: the number of alert rules that were created by this template. @@ -9025,7 +9321,7 @@ class FusionScenarioExclusionPattern(_serialization.Model): "date_added_in_utc": {"key": "dateAddedInUTC", "type": "str"}, } - def __init__(self, *, exclusion_pattern: str, date_added_in_utc: str, **kwargs): + def __init__(self, *, exclusion_pattern: str, date_added_in_utc: str, **kwargs: Any) -> None: """ :keyword exclusion_pattern: Scenario exclusion pattern. Required. :paramtype exclusion_pattern: str @@ -9070,8 +9366,8 @@ def __init__( enabled: bool, source_name: str, source_sub_types: Optional[List["_models.FusionSourceSubTypeSetting"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword enabled: Determines whether this source signal is enabled or disabled in Fusion detection. Required. @@ -9131,8 +9427,8 @@ def __init__( enabled: bool, source_sub_type_name: str, severity_filters: "_models.FusionSubTypeSeverityFilter", - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword enabled: Determines whether this source subtype under source signal is enabled or disabled in Fusion detection. Required. @@ -9173,7 +9469,9 @@ class FusionSubTypeSeverityFilter(_serialization.Model): "filters": {"key": "filters", "type": "[FusionSubTypeSeverityFiltersItem]"}, } - def __init__(self, *, filters: Optional[List["_models.FusionSubTypeSeverityFiltersItem"]] = None, **kwargs): + def __init__( + self, *, filters: Optional[List["_models.FusionSubTypeSeverityFiltersItem"]] = None, **kwargs: Any + ) -> None: """ :keyword filters: Individual Severity configuration settings for a given source subtype consumed in Fusion detection. @@ -9207,7 +9505,7 @@ class FusionSubTypeSeverityFiltersItem(_serialization.Model): "enabled": {"key": "enabled", "type": "bool"}, } - def __init__(self, *, severity: Union[str, "_models.AlertSeverity"], enabled: bool, **kwargs): + def __init__(self, *, severity: Union[str, "_models.AlertSeverity"], enabled: bool, **kwargs: Any) -> None: """ :keyword severity: The Severity for a given source subtype consumed in Fusion detection. Required. Known values are: "High", "Medium", "Low", and "Informational". @@ -9247,8 +9545,8 @@ def __init__( *, source_name: str, source_sub_types: Optional[List["_models.FusionTemplateSourceSubType"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword source_name: The name of a source signal consumed in Fusion detection. Required. :paramtype source_name: str @@ -9294,8 +9592,12 @@ class FusionTemplateSourceSubType(_serialization.Model): } def __init__( - self, *, source_sub_type_name: str, severity_filter: "_models.FusionTemplateSubTypeSeverityFilter", **kwargs - ): + self, + *, + source_sub_type_name: str, + severity_filter: "_models.FusionTemplateSubTypeSeverityFilter", + **kwargs: Any + ) -> None: """ :keyword source_sub_type_name: The name of source subtype under a source signal consumed in Fusion detection. Required. @@ -9338,8 +9640,8 @@ def __init__( *, is_supported: bool, severity_filters: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword is_supported: Determines whether severity configuration is supported for this source subtype consumed in Fusion detection. Required. @@ -9367,13 +9669,11 @@ class GeoLocation(_serialization.Model): :ivar country_name: Country name according to ISO 3166 Alpha 2: the lowercase of the English Short Name. :vartype country_name: str - :ivar latitude: The longitude of the identified location, expressed as a floating point number - with range of -180 to 180, with positive numbers representing East and negative numbers - representing West. Latitude and longitude are derived from the city or postal code. + :ivar latitude: The latitude of the identified location, expressed as a floating point number + with range of - 90 to 90. Latitude and longitude are derived from the city or postal code. :vartype latitude: float - :ivar longitude: The latitude of the identified location, expressed as a floating point number - with range of - 90 to 90, with positive numbers representing North and negative numbers - representing South. Latitude and longitude are derived from the city or postal code. + :ivar longitude: The longitude of the identified location, expressed as a floating point number + with range of -180 to 180. Latitude and longitude are derived from the city or postal code. :vartype longitude: float :ivar state: State name. :vartype state: str @@ -9399,7 +9699,7 @@ class GeoLocation(_serialization.Model): "state": {"key": "state", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.asn = None @@ -9441,8 +9741,8 @@ def __init__( kind: Union[str, "_models.GetInsightsError"], error_message: str, query_id: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword kind: the query kind. Required. "Insight" :paramtype kind: str or ~azure.mgmt.securityinsight.models.GetInsightsError @@ -9477,7 +9777,9 @@ class GetInsightsResultsMetadata(_serialization.Model): "errors": {"key": "errors", "type": "[GetInsightsErrorKind]"}, } - def __init__(self, *, total_count: int, errors: Optional[List["_models.GetInsightsErrorKind"]] = None, **kwargs): + def __init__( + self, *, total_count: int, errors: Optional[List["_models.GetInsightsErrorKind"]] = None, **kwargs: Any + ) -> None: """ :keyword total_count: the total items found for the insights request. Required. :paramtype total_count: int @@ -9500,7 +9802,7 @@ class GetQueriesResponse(_serialization.Model): "value": {"key": "value", "type": "[EntityQueryItem]"}, } - def __init__(self, *, value: Optional[List["_models.EntityQueryItem"]] = None, **kwargs): + def __init__(self, *, value: Optional[List["_models.EntityQueryItem"]] = None, **kwargs: Any) -> None: """ :keyword value: The query result values. :paramtype value: list[~azure.mgmt.securityinsight.models.EntityQueryItem] @@ -9520,7 +9822,7 @@ class GitHubResourceInfo(_serialization.Model): "app_installation_id": {"key": "appInstallationId", "type": "str"}, } - def __init__(self, *, app_installation_id: Optional[str] = None, **kwargs): + def __init__(self, *, app_installation_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword app_installation_id: GitHub application installation id. :paramtype app_installation_id: str @@ -9583,8 +9885,8 @@ def __init__( group_by_entities: Optional[List[Union[str, "_models.EntityMappingType"]]] = None, group_by_alert_details: Optional[List[Union[str, "_models.AlertDetail"]]] = None, group_by_custom_details: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword enabled: Grouping enabled. Required. :paramtype enabled: bool @@ -9639,7 +9941,7 @@ class HostEntity(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -9707,7 +10009,7 @@ class HostEntity(Entity): # pylint: disable=too-many-instance-attributes "os_version": {"key": "properties.osVersion", "type": "str"}, } - def __init__(self, *, os_family: Optional[Union[str, "_models.OSFamily"]] = None, **kwargs): + def __init__(self, *, os_family: Optional[Union[str, "_models.OSFamily"]] = None, **kwargs: Any) -> None: """ :keyword os_family: The operating system type. Known values are: "Linux", "Windows", "Android", "IOS", and "Unknown". @@ -9790,7 +10092,7 @@ class HostEntityProperties(EntityCommonProperties): # pylint: disable=too-many- "os_version": {"key": "osVersion", "type": "str"}, } - def __init__(self, *, os_family: Optional[Union[str, "_models.OSFamily"]] = None, **kwargs): + def __init__(self, *, os_family: Optional[Union[str, "_models.OSFamily"]] = None, **kwargs: Any) -> None: """ :keyword os_family: The operating system type. Known values are: "Linux", "Windows", "Android", "IOS", and "Unknown". @@ -9808,13 +10110,11 @@ def __init__(self, *, os_family: Optional[Union[str, "_models.OSFamily"]] = None self.os_version = None -class HuntingBookmark(Entity): # pylint: disable=too-many-instance-attributes - """Represents a Hunting bookmark entity. +class Hunt(ResourceWithEtag): # pylint: disable=too-many-instance-attributes + """Represents a Hunt in Azure Security Insights. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - :ivar id: Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. :vartype id: str @@ -9826,39 +10126,26 @@ class HuntingBookmark(Entity): # pylint: disable=too-many-instance-attributes :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy information. :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", - "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", - "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", - "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar created: The time the bookmark was created. - :vartype created: ~datetime.datetime - :ivar created_by: Describes a user that created the bookmark. - :vartype created_by: ~azure.mgmt.securityinsight.models.UserInfo - :ivar display_name: The display name of the bookmark. + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar display_name: The display name of the hunt. :vartype display_name: str - :ivar event_time: The time of the event. - :vartype event_time: ~datetime.datetime - :ivar labels: List of labels relevant to this bookmark. + :ivar description: The description of the hunt. + :vartype description: str + :ivar status: The status of the hunt. Known values are: "New", "Active", "Closed", "Succeeded", + "Failed", and "InProgress". + :vartype status: str or ~azure.mgmt.securityinsight.models.Status + :ivar hypothesis_status: The hypothesis status of the hunt. Known values are: "Unknown", + "Invalidated", and "Validated". + :vartype hypothesis_status: str or ~azure.mgmt.securityinsight.models.HypothesisStatus + :ivar attack_tactics: A list of mitre attack tactics the hunt is associated with. + :vartype attack_tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :ivar attack_techniques: A list of a mitre attack techniques the hunt is associated with. + :vartype attack_techniques: list[str] + :ivar labels: List of labels relevant to this hunt. :vartype labels: list[str] - :ivar notes: The notes of the bookmark. - :vartype notes: str - :ivar query: The query of the bookmark. - :vartype query: str - :ivar query_result: The query result of the bookmark. - :vartype query_result: str - :ivar updated: The last time the bookmark was updated. - :vartype updated: ~datetime.datetime - :ivar updated_by: Describes a user that updated the bookmark. - :vartype updated_by: ~azure.mgmt.securityinsight.models.UserInfo - :ivar incident_info: Describes an incident that relates to bookmark. - :vartype incident_info: ~azure.mgmt.securityinsight.models.IncidentInfo + :ivar owner: Describes a user that the hunt is assigned to. + :vartype owner: ~azure.mgmt.securityinsight.models.HuntOwner """ _validation = { @@ -9866,9 +10153,6 @@ class HuntingBookmark(Entity): # pylint: disable=too-many-instance-attributes "name": {"readonly": True}, "type": {"readonly": True}, "system_data": {"readonly": True}, - "kind": {"required": True}, - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, } _attribute_map = { @@ -9876,29 +10160,237 @@ class HuntingBookmark(Entity): # pylint: disable=too-many-instance-attributes "name": {"key": "name", "type": "str"}, "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, - "kind": {"key": "kind", "type": "str"}, - "additional_data": {"key": "properties.additionalData", "type": "{object}"}, - "friendly_name": {"key": "properties.friendlyName", "type": "str"}, - "created": {"key": "properties.created", "type": "iso-8601"}, - "created_by": {"key": "properties.createdBy", "type": "UserInfo"}, + "etag": {"key": "etag", "type": "str"}, "display_name": {"key": "properties.displayName", "type": "str"}, - "event_time": {"key": "properties.eventTime", "type": "iso-8601"}, + "description": {"key": "properties.description", "type": "str"}, + "status": {"key": "properties.status", "type": "str"}, + "hypothesis_status": {"key": "properties.hypothesisStatus", "type": "str"}, + "attack_tactics": {"key": "properties.attackTactics", "type": "[str]"}, + "attack_techniques": {"key": "properties.attackTechniques", "type": "[str]"}, "labels": {"key": "properties.labels", "type": "[str]"}, - "notes": {"key": "properties.notes", "type": "str"}, - "query": {"key": "properties.query", "type": "str"}, - "query_result": {"key": "properties.queryResult", "type": "str"}, - "updated": {"key": "properties.updated", "type": "iso-8601"}, - "updated_by": {"key": "properties.updatedBy", "type": "UserInfo"}, - "incident_info": {"key": "properties.incidentInfo", "type": "IncidentInfo"}, + "owner": {"key": "properties.owner", "type": "HuntOwner"}, } def __init__( self, *, - created: Optional[datetime.datetime] = None, - created_by: Optional["_models.UserInfo"] = None, + etag: Optional[str] = None, display_name: Optional[str] = None, - event_time: Optional[datetime.datetime] = None, + description: Optional[str] = None, + status: Optional[Union[str, "_models.Status"]] = None, + hypothesis_status: Union[str, "_models.HypothesisStatus"] = "Unknown", + attack_tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, + attack_techniques: Optional[List[str]] = None, + labels: Optional[List[str]] = None, + owner: Optional["_models.HuntOwner"] = None, + **kwargs: Any + ) -> None: + """ + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword display_name: The display name of the hunt. + :paramtype display_name: str + :keyword description: The description of the hunt. + :paramtype description: str + :keyword status: The status of the hunt. Known values are: "New", "Active", "Closed", + "Succeeded", "Failed", and "InProgress". + :paramtype status: str or ~azure.mgmt.securityinsight.models.Status + :keyword hypothesis_status: The hypothesis status of the hunt. Known values are: "Unknown", + "Invalidated", and "Validated". + :paramtype hypothesis_status: str or ~azure.mgmt.securityinsight.models.HypothesisStatus + :keyword attack_tactics: A list of mitre attack tactics the hunt is associated with. + :paramtype attack_tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :keyword attack_techniques: A list of a mitre attack techniques the hunt is associated with. + :paramtype attack_techniques: list[str] + :keyword labels: List of labels relevant to this hunt. + :paramtype labels: list[str] + :keyword owner: Describes a user that the hunt is assigned to. + :paramtype owner: ~azure.mgmt.securityinsight.models.HuntOwner + """ + super().__init__(etag=etag, **kwargs) + self.display_name = display_name + self.description = description + self.status = status + self.hypothesis_status = hypothesis_status + self.attack_tactics = attack_tactics + self.attack_techniques = attack_techniques + self.labels = labels + self.owner = owner + + +class HuntComment(ResourceWithEtag): + """Represents a Hunt Comment in Azure Security Insights. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar message: The message for the comment. + :vartype message: str + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "message": {"key": "properties.message", "type": "str"}, + } + + def __init__(self, *, etag: Optional[str] = None, message: Optional[str] = None, **kwargs: Any) -> None: + """ + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword message: The message for the comment. + :paramtype message: str + """ + super().__init__(etag=etag, **kwargs) + self.message = message + + +class HuntCommentList(_serialization.Model): + """List of all hunt comments. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of hunt comments. + :vartype next_link: str + :ivar value: Array of hunt comments. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.HuntComment] + """ + + _validation = { + "next_link": {"readonly": True}, + "value": {"required": True}, + } + + _attribute_map = { + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[HuntComment]"}, + } + + def __init__(self, *, value: List["_models.HuntComment"], **kwargs: Any) -> None: + """ + :keyword value: Array of hunt comments. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.HuntComment] + """ + super().__init__(**kwargs) + self.next_link = None + self.value = value + + +class HuntingBookmark(Entity): # pylint: disable=too-many-instance-attributes + """Represents a Hunting bookmark entity. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", + "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", + "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", + "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar created: The time the bookmark was created. + :vartype created: ~datetime.datetime + :ivar created_by: Describes a user that created the bookmark. + :vartype created_by: ~azure.mgmt.securityinsight.models.UserInfo + :ivar display_name: The display name of the bookmark. + :vartype display_name: str + :ivar event_time: The time of the event. + :vartype event_time: ~datetime.datetime + :ivar labels: List of labels relevant to this bookmark. + :vartype labels: list[str] + :ivar notes: The notes of the bookmark. + :vartype notes: str + :ivar query: The query of the bookmark. + :vartype query: str + :ivar query_result: The query result of the bookmark. + :vartype query_result: str + :ivar updated: The last time the bookmark was updated. + :vartype updated: ~datetime.datetime + :ivar updated_by: Describes a user that updated the bookmark. + :vartype updated_by: ~azure.mgmt.securityinsight.models.UserInfo + :ivar incident_info: Describes an incident that relates to bookmark. + :vartype incident_info: ~azure.mgmt.securityinsight.models.IncidentInfo + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "kind": {"key": "kind", "type": "str"}, + "additional_data": {"key": "properties.additionalData", "type": "{object}"}, + "friendly_name": {"key": "properties.friendlyName", "type": "str"}, + "created": {"key": "properties.created", "type": "iso-8601"}, + "created_by": {"key": "properties.createdBy", "type": "UserInfo"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "event_time": {"key": "properties.eventTime", "type": "iso-8601"}, + "labels": {"key": "properties.labels", "type": "[str]"}, + "notes": {"key": "properties.notes", "type": "str"}, + "query": {"key": "properties.query", "type": "str"}, + "query_result": {"key": "properties.queryResult", "type": "str"}, + "updated": {"key": "properties.updated", "type": "iso-8601"}, + "updated_by": {"key": "properties.updatedBy", "type": "UserInfo"}, + "incident_info": {"key": "properties.incidentInfo", "type": "IncidentInfo"}, + } + + def __init__( + self, + *, + created: Optional[datetime.datetime] = None, + created_by: Optional["_models.UserInfo"] = None, + display_name: Optional[str] = None, + event_time: Optional[datetime.datetime] = None, labels: Optional[List[str]] = None, notes: Optional[str] = None, query: Optional[str] = None, @@ -9906,8 +10398,8 @@ def __init__( updated: Optional[datetime.datetime] = None, updated_by: Optional["_models.UserInfo"] = None, incident_info: Optional["_models.IncidentInfo"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword created: The time the bookmark was created. :paramtype created: ~datetime.datetime @@ -10023,8 +10515,8 @@ def __init__( updated: Optional[datetime.datetime] = None, updated_by: Optional["_models.UserInfo"] = None, incident_info: Optional["_models.IncidentInfo"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword created: The time the bookmark was created. :paramtype created: ~datetime.datetime @@ -10063,8 +10555,96 @@ def __init__( self.incident_info = incident_info -class Incident(ResourceWithEtag): # pylint: disable=too-many-instance-attributes - """Incident. +class HuntList(_serialization.Model): + """List all the hunts. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of hunts. + :vartype next_link: str + :ivar value: Array of hunts. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.Hunt] + """ + + _validation = { + "next_link": {"readonly": True}, + "value": {"required": True}, + } + + _attribute_map = { + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[Hunt]"}, + } + + def __init__(self, *, value: List["_models.Hunt"], **kwargs: Any) -> None: + """ + :keyword value: Array of hunts. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.Hunt] + """ + super().__init__(**kwargs) + self.next_link = None + self.value = value + + +class HuntOwner(_serialization.Model): + """Describes a user that the hunt is assigned to. + + :ivar email: The email of the user the hunt is assigned to. + :vartype email: str + :ivar assigned_to: The name of the user the hunt is assigned to. + :vartype assigned_to: str + :ivar object_id: The object id of the user the hunt is assigned to. + :vartype object_id: str + :ivar user_principal_name: The user principal name of the user the hunt is assigned to. + :vartype user_principal_name: str + :ivar owner_type: The type of the owner the hunt is assigned to. Known values are: "Unknown", + "User", and "Group". + :vartype owner_type: str or ~azure.mgmt.securityinsight.models.OwnerType + """ + + _attribute_map = { + "email": {"key": "email", "type": "str"}, + "assigned_to": {"key": "assignedTo", "type": "str"}, + "object_id": {"key": "objectId", "type": "str"}, + "user_principal_name": {"key": "userPrincipalName", "type": "str"}, + "owner_type": {"key": "ownerType", "type": "str"}, + } + + def __init__( + self, + *, + email: Optional[str] = None, + assigned_to: Optional[str] = None, + object_id: Optional[str] = None, + user_principal_name: Optional[str] = None, + owner_type: Optional[Union[str, "_models.OwnerType"]] = None, + **kwargs: Any + ) -> None: + """ + :keyword email: The email of the user the hunt is assigned to. + :paramtype email: str + :keyword assigned_to: The name of the user the hunt is assigned to. + :paramtype assigned_to: str + :keyword object_id: The object id of the user the hunt is assigned to. + :paramtype object_id: str + :keyword user_principal_name: The user principal name of the user the hunt is assigned to. + :paramtype user_principal_name: str + :keyword owner_type: The type of the owner the hunt is assigned to. Known values are: + "Unknown", "User", and "Group". + :paramtype owner_type: str or ~azure.mgmt.securityinsight.models.OwnerType + """ + super().__init__(**kwargs) + self.email = email + self.assigned_to = assigned_to + self.object_id = object_id + self.user_principal_name = user_principal_name + self.owner_type = owner_type + + +class HuntRelation(ResourceWithEtag): + """Represents a Hunt Relation in Azure Security Insights. Variables are only populated by the server, and will be ignored when sending a request. @@ -10081,21 +10661,131 @@ class Incident(ResourceWithEtag): # pylint: disable=too-many-instance-attribute :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData :ivar etag: Etag of the azure resource. :vartype etag: str - :ivar title: The title of the incident. - :vartype title: str - :ivar description: The description of the incident. - :vartype description: str - :ivar severity: The severity of the incident. Known values are: "High", "Medium", "Low", and - "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.IncidentSeverity - :ivar status: The status of the incident. Known values are: "New", "Active", and "Closed". - :vartype status: str or ~azure.mgmt.securityinsight.models.IncidentStatus - :ivar classification: The reason the incident was closed. Known values are: "Undetermined", - "TruePositive", "BenignPositive", and "FalsePositive". - :vartype classification: str or ~azure.mgmt.securityinsight.models.IncidentClassification - :ivar classification_reason: The classification reason the incident was closed with. Known - values are: "SuspiciousActivity", "SuspiciousButExpected", "IncorrectAlertLogic", and - "InaccurateData". + :ivar related_resource_id: The id of the related resource. + :vartype related_resource_id: str + :ivar related_resource_name: The name of the related resource. + :vartype related_resource_name: str + :ivar relation_type: The type of the hunt relation. + :vartype relation_type: str + :ivar related_resource_kind: The resource that the relation is related to. + :vartype related_resource_kind: str + :ivar labels: List of labels relevant to this hunt. + :vartype labels: list[str] + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "related_resource_name": {"readonly": True}, + "relation_type": {"readonly": True}, + "related_resource_kind": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "related_resource_id": {"key": "properties.relatedResourceId", "type": "str"}, + "related_resource_name": {"key": "properties.relatedResourceName", "type": "str"}, + "relation_type": {"key": "properties.relationType", "type": "str"}, + "related_resource_kind": {"key": "properties.relatedResourceKind", "type": "str"}, + "labels": {"key": "properties.labels", "type": "[str]"}, + } + + def __init__( + self, + *, + etag: Optional[str] = None, + related_resource_id: Optional[str] = None, + labels: Optional[List[str]] = None, + **kwargs: Any + ) -> None: + """ + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword related_resource_id: The id of the related resource. + :paramtype related_resource_id: str + :keyword labels: List of labels relevant to this hunt. + :paramtype labels: list[str] + """ + super().__init__(etag=etag, **kwargs) + self.related_resource_id = related_resource_id + self.related_resource_name = None + self.relation_type = None + self.related_resource_kind = None + self.labels = labels + + +class HuntRelationList(_serialization.Model): + """List of all the hunt relations. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of hunt relations. + :vartype next_link: str + :ivar value: Array of hunt relations. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.HuntRelation] + """ + + _validation = { + "next_link": {"readonly": True}, + "value": {"required": True}, + } + + _attribute_map = { + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[HuntRelation]"}, + } + + def __init__(self, *, value: List["_models.HuntRelation"], **kwargs: Any) -> None: + """ + :keyword value: Array of hunt relations. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.HuntRelation] + """ + super().__init__(**kwargs) + self.next_link = None + self.value = value + + +class Incident(ResourceWithEtag): # pylint: disable=too-many-instance-attributes + """Incident. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar title: The title of the incident. + :vartype title: str + :ivar description: The description of the incident. + :vartype description: str + :ivar severity: The severity of the incident. Known values are: "High", "Medium", "Low", and + "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.IncidentSeverity + :ivar status: The status of the incident. Known values are: "New", "Active", and "Closed". + :vartype status: str or ~azure.mgmt.securityinsight.models.IncidentStatus + :ivar classification: The reason the incident was closed. Known values are: "Undetermined", + "TruePositive", "BenignPositive", and "FalsePositive". + :vartype classification: str or ~azure.mgmt.securityinsight.models.IncidentClassification + :ivar classification_reason: The classification reason the incident was closed with. Known + values are: "SuspiciousActivity", "SuspiciousButExpected", "IncorrectAlertLogic", and + "InaccurateData". :vartype classification_reason: str or ~azure.mgmt.securityinsight.models.IncidentClassificationReason :ivar classification_comment: Describes the reason the incident was closed. @@ -10140,6 +10830,8 @@ class Incident(ResourceWithEtag): # pylint: disable=too-many-instance-attribute "additional_data": {"readonly": True}, "related_analytic_rule_ids": {"readonly": True}, "incident_url": {"readonly": True}, + "provider_name": {"readonly": True}, + "provider_incident_id": {"readonly": True}, } _attribute_map = { @@ -10185,11 +10877,9 @@ def __init__( # pylint: disable=too-many-locals labels: Optional[List["_models.IncidentLabel"]] = None, first_activity_time_utc: Optional[datetime.datetime] = None, last_activity_time_utc: Optional[datetime.datetime] = None, - provider_name: Optional[str] = None, - provider_incident_id: Optional[str] = None, team_information: Optional["_models.TeamInformation"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -10220,10 +10910,6 @@ def __init__( # pylint: disable=too-many-locals :paramtype first_activity_time_utc: ~datetime.datetime :keyword last_activity_time_utc: The time of the last activity in the incident. :paramtype last_activity_time_utc: ~datetime.datetime - :keyword provider_name: The name of the source provider that generated the incident. - :paramtype provider_name: str - :keyword provider_incident_id: The incident ID assigned by the incident provider. - :paramtype provider_incident_id: str :keyword team_information: Describes a team for the incident. :paramtype team_information: ~azure.mgmt.securityinsight.models.TeamInformation """ @@ -10245,8 +10931,8 @@ def __init__( # pylint: disable=too-many-locals self.additional_data = None self.related_analytic_rule_ids = None self.incident_url = None - self.provider_name = provider_name - self.provider_incident_id = provider_incident_id + self.provider_name = None + self.provider_incident_id = None self.team_information = team_information @@ -10292,7 +10978,7 @@ class IncidentAdditionalData(_serialization.Model): "provider_incident_url": {"key": "providerIncidentUrl", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.alerts_count = None @@ -10321,7 +11007,7 @@ class IncidentAlertList(_serialization.Model): "value": {"key": "value", "type": "[SecurityAlert]"}, } - def __init__(self, *, value: List["_models.SecurityAlert"], **kwargs): + def __init__(self, *, value: List["_models.SecurityAlert"], **kwargs: Any) -> None: """ :keyword value: Array of incident alerts. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.SecurityAlert] @@ -10347,7 +11033,7 @@ class IncidentBookmarkList(_serialization.Model): "value": {"key": "value", "type": "[HuntingBookmark]"}, } - def __init__(self, *, value: List["_models.HuntingBookmark"], **kwargs): + def __init__(self, *, value: List["_models.HuntingBookmark"], **kwargs: Any) -> None: """ :keyword value: Array of incident bookmarks. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.HuntingBookmark] @@ -10406,7 +11092,7 @@ class IncidentComment(ResourceWithEtag): "author": {"key": "properties.author", "type": "ClientInfo"}, } - def __init__(self, *, etag: Optional[str] = None, message: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, message: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -10443,7 +11129,7 @@ class IncidentCommentList(_serialization.Model): "next_link": {"key": "nextLink", "type": "str"}, } - def __init__(self, *, value: List["_models.IncidentComment"], **kwargs): + def __init__(self, *, value: List["_models.IncidentComment"], **kwargs: Any) -> None: """ :keyword value: Required. :paramtype value: list[~azure.mgmt.securityinsight.models.IncidentComment] @@ -10479,8 +11165,8 @@ def __init__( *, create_incident: bool, grouping_configuration: Optional["_models.GroupingConfiguration"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword create_incident: Create incidents from alerts triggered by this analytics rule. Required. @@ -10513,8 +11199,8 @@ def __init__( *, entities: Optional[List["_models.Entity"]] = None, meta_data: Optional[List["_models.IncidentEntitiesResultsMetadata"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword entities: Array of the incident related entities. :paramtype entities: list[~azure.mgmt.securityinsight.models.Entity] @@ -10536,7 +11222,7 @@ class IncidentEntitiesResultsMetadata(_serialization.Model): "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar count: Total number of aggregations of the given kind in the incident related entities result. Required. :vartype count: int @@ -10552,14 +11238,14 @@ class IncidentEntitiesResultsMetadata(_serialization.Model): "count": {"key": "count", "type": "int"}, } - def __init__(self, *, entity_kind: Union[str, "_models.EntityKind"], count: int, **kwargs): + def __init__(self, *, entity_kind: Union[str, "_models.EntityKindEnum"], count: int, **kwargs: Any) -> None: """ :keyword entity_kind: The kind of the aggregated entity. Required. Known values are: "Account", "Host", "File", "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :paramtype entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :paramtype entity_kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :keyword count: Total number of aggregations of the given kind in the incident related entities result. Required. :paramtype count: int @@ -10597,8 +11283,8 @@ def __init__( severity: Optional[Union[str, "_models.IncidentSeverity"]] = None, title: Optional[str] = None, relation_name: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword incident_id: Incident Id. :paramtype incident_id: str @@ -10640,7 +11326,7 @@ class IncidentLabel(_serialization.Model): "label_type": {"key": "labelType", "type": "str"}, } - def __init__(self, *, label_name: str, **kwargs): + def __init__(self, *, label_name: str, **kwargs: Any) -> None: """ :keyword label_name: The name of the label. Required. :paramtype label_name: str @@ -10673,7 +11359,7 @@ class IncidentList(_serialization.Model): "next_link": {"key": "nextLink", "type": "str"}, } - def __init__(self, *, value: List["_models.Incident"], **kwargs): + def __init__(self, *, value: List["_models.Incident"], **kwargs: Any) -> None: """ :keyword value: Required. :paramtype value: list[~azure.mgmt.securityinsight.models.Incident] @@ -10715,8 +11401,8 @@ def __init__( object_id: Optional[str] = None, user_principal_name: Optional[str] = None, owner_type: Optional[Union[str, "_models.OwnerType"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword email: The email of the user the incident is assigned to. :paramtype email: str @@ -10782,8 +11468,8 @@ def __init__( classification_comment: Optional[str] = None, owner: Optional["_models.IncidentOwnerInfo"] = None, labels: Optional[List["_models.IncidentLabel"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword severity: The severity of the incident. Known values are: "High", "Medium", "Low", and "Informational". @@ -10886,8 +11572,8 @@ def __init__( description: Optional[str] = None, created_by: Optional["_models.ClientInfo"] = None, last_modified_by: Optional["_models.ClientInfo"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -10928,8 +11614,8 @@ class IncidentTaskList(_serialization.Model): } def __init__( - self, *, value: Optional[List["_models.IncidentTask"]] = None, next_link: Optional[str] = None, **kwargs - ): + self, *, value: Optional[List["_models.IncidentTask"]] = None, next_link: Optional[str] = None, **kwargs: Any + ) -> None: """ :keyword value: :paramtype value: list[~azure.mgmt.securityinsight.models.IncidentTask] @@ -10980,8 +11666,8 @@ def __init__( name: Optional[str] = None, type: Optional[str] = None, properties: Optional["_models.InsightQueryItemProperties"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword name: Query Template ARM Name. :paramtype name: str @@ -11061,8 +11747,8 @@ def __init__( additional_query: Optional["_models.InsightQueryItemPropertiesAdditionalQuery"] = None, default_time_range: Optional["_models.InsightQueryItemPropertiesDefaultTimeRange"] = None, reference_time_range: Optional["_models.InsightQueryItemPropertiesReferenceTimeRange"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword data_types: Data types for template. :paramtype data_types: @@ -11127,7 +11813,7 @@ class InsightQueryItemPropertiesAdditionalQuery(_serialization.Model): "text": {"key": "text", "type": "str"}, } - def __init__(self, *, query: Optional[str] = None, text: Optional[str] = None, **kwargs): + def __init__(self, *, query: Optional[str] = None, text: Optional[str] = None, **kwargs: Any) -> None: """ :keyword query: The insight query. :paramtype query: str @@ -11153,7 +11839,7 @@ class InsightQueryItemPropertiesDefaultTimeRange(_serialization.Model): "after_range": {"key": "afterRange", "type": "str"}, } - def __init__(self, *, before_range: Optional[str] = None, after_range: Optional[str] = None, **kwargs): + def __init__(self, *, before_range: Optional[str] = None, after_range: Optional[str] = None, **kwargs: Any) -> None: """ :keyword before_range: The padding for the start time of the query. :paramtype before_range: str @@ -11176,7 +11862,7 @@ class InsightQueryItemPropertiesReferenceTimeRange(_serialization.Model): "before_range": {"key": "beforeRange", "type": "str"}, } - def __init__(self, *, before_range: Optional[str] = None, **kwargs): + def __init__(self, *, before_range: Optional[str] = None, **kwargs: Any) -> None: """ :keyword before_range: Additional query time for looking back. :paramtype before_range: str @@ -11216,8 +11902,8 @@ def __init__( queries_definitions: Optional[ List["_models.InsightQueryItemPropertiesTableQueryQueriesDefinitionsItem"] ] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword columns_definitions: List of insight column definitions. :paramtype columns_definitions: @@ -11255,8 +11941,8 @@ def __init__( header: Optional[str] = None, output_type: Optional[Union[str, "_models.OutputType"]] = None, support_deep_link: Optional[bool] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword header: Insight column header. :paramtype header: str @@ -11305,8 +11991,8 @@ def __init__( link_columns_definitions: Optional[ List["_models.InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem"] ] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword filter: Insight column header. :paramtype filter: str @@ -11339,7 +12025,7 @@ class InsightQueryItemPropertiesTableQueryQueriesDefinitionsPropertiesItemsItem( "query": {"key": "Query", "type": "str"}, } - def __init__(self, *, projected_name: Optional[str] = None, query: Optional[str] = None, **kwargs): + def __init__(self, *, projected_name: Optional[str] = None, query: Optional[str] = None, **kwargs: Any) -> None: """ :keyword projected_name: Insight Link Definition Projected Name. :paramtype projected_name: str @@ -11370,8 +12056,8 @@ def __init__( *, columns: Optional[List["_models.InsightsTableResultColumnsItem"]] = None, rows: Optional[List[List[str]]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword columns: Columns Metadata of the table. :paramtype columns: list[~azure.mgmt.securityinsight.models.InsightsTableResultColumnsItem] @@ -11397,7 +12083,7 @@ class InsightsTableResultColumnsItem(_serialization.Model): "name": {"key": "name", "type": "str"}, } - def __init__(self, *, type: Optional[str] = None, name: Optional[str] = None, **kwargs): + def __init__(self, *, type: Optional[str] = None, name: Optional[str] = None, **kwargs: Any) -> None: """ :keyword type: the type of the colum. :paramtype type: str @@ -11440,8 +12126,8 @@ def __init__( actions_to_be_performed: str, recommendation_importance: str, how_to_perform_action_details: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword actions_to_be_performed: What actions should be taken to complete the recommendation. Required. @@ -11478,7 +12164,9 @@ class InstructionStepsInstructionsItem(ConnectorInstructionModelBase): "type": {"key": "type", "type": "str"}, } - def __init__(self, *, type: Union[str, "_models.SettingType"], parameters: Optional[JSON] = None, **kwargs): + def __init__( + self, *, type: Union[str, "_models.SettingType"], parameters: Optional[JSON] = None, **kwargs: Any + ) -> None: """ :keyword parameters: The parameters for the setting. :paramtype parameters: JSON @@ -11497,10 +12185,10 @@ class IoTCheckRequirements(DataConnectorsCheckRequirements): :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar subscription_id: The subscription id to connect to, and get the data from. :vartype subscription_id: str @@ -11515,7 +12203,7 @@ class IoTCheckRequirements(DataConnectorsCheckRequirements): "subscription_id": {"key": "properties.subscriptionId", "type": "str"}, } - def __init__(self, *, subscription_id: Optional[str] = None, **kwargs): + def __init__(self, *, subscription_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword subscription_id: The subscription id to connect to, and get the data from. :paramtype subscription_id: str @@ -11548,10 +12236,10 @@ class IoTDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar data_types: The available data types for the connector. :vartype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector @@ -11584,8 +12272,8 @@ def __init__( etag: Optional[str] = None, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, subscription_id: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -11619,8 +12307,8 @@ def __init__( *, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, subscription_id: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword data_types: The available data types for the connector. :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector @@ -11653,7 +12341,7 @@ class IoTDeviceEntity(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -11795,8 +12483,8 @@ class IoTDeviceEntity(Entity): # pylint: disable=too-many-instance-attributes } def __init__( # pylint: disable=too-many-locals - self, *, importance: Optional[Union[str, "_models.DeviceImportance"]] = None, **kwargs - ): + self, *, importance: Optional[Union[str, "_models.DeviceImportance"]] = None, **kwargs: Any + ) -> None: """ :keyword importance: Device importance, determines if the device classified as 'crown jewel'. Known values are: "Unknown", "Low", "Normal", and "High". @@ -11972,8 +12660,8 @@ class IoTDeviceEntityProperties(EntityCommonProperties): # pylint: disable=too- } def __init__( # pylint: disable=too-many-locals - self, *, importance: Optional[Union[str, "_models.DeviceImportance"]] = None, **kwargs - ): + self, *, importance: Optional[Union[str, "_models.DeviceImportance"]] = None, **kwargs: Any + ) -> None: """ :keyword importance: Device importance, determines if the device classified as 'crown jewel'. Known values are: "Unknown", "Low", "Normal", and "High". @@ -12032,7 +12720,7 @@ class IpEntity(Entity): "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -12073,7 +12761,7 @@ class IpEntity(Entity): "threat_intelligence": {"key": "properties.threatIntelligence", "type": "[ThreatIntelligence]"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "Ip" @@ -12119,7 +12807,7 @@ class IpEntityProperties(EntityCommonProperties): "threat_intelligence": {"key": "threatIntelligence", "type": "[ThreatIntelligence]"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.address = None @@ -12127,6 +12815,155 @@ def __init__(self, **kwargs): self.threat_intelligence = None +class Job(ResourceWithEtag): + """The assignment job. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar end_time: The time the job completed. + :vartype end_time: ~datetime.datetime + :ivar items: List of items published by the job. + :vartype items: list[~azure.mgmt.securityinsight.models.JobItem] + :ivar provisioning_state: State of the job. Known values are: "Accepted", "InProgress", + "Succeeded", "Failed", and "Canceled". + :vartype provisioning_state: str or ~azure.mgmt.securityinsight.models.ProvisioningState + :ivar start_time: The time the job started. + :vartype start_time: ~datetime.datetime + :ivar error_message: Message to describe error, if an error exists. + :vartype error_message: str + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "end_time": {"readonly": True}, + "provisioning_state": {"readonly": True}, + "start_time": {"readonly": True}, + "error_message": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "end_time": {"key": "properties.endTime", "type": "iso-8601"}, + "items": {"key": "properties.items", "type": "[JobItem]"}, + "provisioning_state": {"key": "properties.provisioningState", "type": "str"}, + "start_time": {"key": "properties.startTime", "type": "iso-8601"}, + "error_message": {"key": "properties.errorMessage", "type": "str"}, + } + + def __init__( + self, *, etag: Optional[str] = None, items: Optional[List["_models.JobItem"]] = None, **kwargs: Any + ) -> None: + """ + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword items: List of items published by the job. + :paramtype items: list[~azure.mgmt.securityinsight.models.JobItem] + """ + super().__init__(etag=etag, **kwargs) + self.end_time = None + self.items = items + self.provisioning_state = None + self.start_time = None + self.error_message = None + + +class JobItem(_serialization.Model): + """An entity describing the publish status of a content item. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar resource_id: The resource id of the content item. + :vartype resource_id: str + :ivar status: Status of the item publication. Known values are: "New", "Active", "Closed", + "Succeeded", "Failed", and "InProgress". + :vartype status: str or ~azure.mgmt.securityinsight.models.Status + :ivar execution_time: The time the item publishing was completed. + :vartype execution_time: ~datetime.datetime + :ivar errors: The list of error descriptions if the item publication fails. + :vartype errors: list[~azure.mgmt.securityinsight.models.Error] + """ + + _validation = { + "status": {"readonly": True}, + "execution_time": {"readonly": True}, + } + + _attribute_map = { + "resource_id": {"key": "resourceId", "type": "str"}, + "status": {"key": "status", "type": "str"}, + "execution_time": {"key": "executionTime", "type": "iso-8601"}, + "errors": {"key": "errors", "type": "[Error]"}, + } + + def __init__( + self, *, resource_id: Optional[str] = None, errors: Optional[List["_models.Error"]] = None, **kwargs: Any + ) -> None: + """ + :keyword resource_id: The resource id of the content item. + :paramtype resource_id: str + :keyword errors: The list of error descriptions if the item publication fails. + :paramtype errors: list[~azure.mgmt.securityinsight.models.Error] + """ + super().__init__(**kwargs) + self.resource_id = resource_id + self.status = None + self.execution_time = None + self.errors = errors + + +class JobList(_serialization.Model): + """List of all the jobs. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of jobs. + :vartype next_link: str + :ivar value: Array of jobs. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.Job] + """ + + _validation = { + "next_link": {"readonly": True}, + "value": {"required": True}, + } + + _attribute_map = { + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[Job]"}, + } + + def __init__(self, *, value: List["_models.Job"], **kwargs: Any) -> None: + """ + :keyword value: Array of jobs. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.Job] + """ + super().__init__(**kwargs) + self.next_link = None + self.value = value + + class MailboxEntity(Entity): # pylint: disable=too-many-instance-attributes """Represents a mailbox entity. @@ -12149,7 +12986,7 @@ class MailboxEntity(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -12195,7 +13032,7 @@ class MailboxEntity(Entity): # pylint: disable=too-many-instance-attributes "external_directory_object_id": {"key": "properties.externalDirectoryObjectId", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "Mailbox" @@ -12247,7 +13084,7 @@ class MailboxEntityProperties(EntityCommonProperties): "external_directory_object_id": {"key": "externalDirectoryObjectId", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.mailbox_primary_address = None @@ -12278,7 +13115,7 @@ class MailClusterEntity(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -12368,7 +13205,7 @@ class MailClusterEntity(Entity): # pylint: disable=too-many-instance-attributes "cluster_group": {"key": "properties.clusterGroup", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "MailCluster" @@ -12475,7 +13312,7 @@ class MailClusterEntityProperties(EntityCommonProperties): # pylint: disable=to "cluster_group": {"key": "clusterGroup", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.network_message_ids = None @@ -12517,7 +13354,7 @@ class MailMessageEntity(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -12655,8 +13492,8 @@ def __init__( # pylint: disable=too-many-locals antispam_direction: Optional[Union[str, "_models.AntispamMailDirection"]] = None, delivery_action: Optional[Union[str, "_models.DeliveryAction"]] = None, delivery_location: Optional[Union[str, "_models.DeliveryLocation"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword body_fingerprint_bin1: The bodyFingerprintBin1. :paramtype body_fingerprint_bin1: int @@ -12843,8 +13680,8 @@ def __init__( # pylint: disable=too-many-locals antispam_direction: Optional[Union[str, "_models.AntispamMailDirection"]] = None, delivery_action: Optional[Union[str, "_models.DeliveryAction"]] = None, delivery_location: Optional[Union[str, "_models.DeliveryLocation"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword body_fingerprint_bin1: The bodyFingerprintBin1. :paramtype body_fingerprint_bin1: int @@ -12918,7 +13755,7 @@ class MalwareEntity(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -12964,7 +13801,7 @@ class MalwareEntity(Entity): # pylint: disable=too-many-instance-attributes "process_entity_ids": {"key": "properties.processEntityIds", "type": "[str]"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "Malware" @@ -13016,7 +13853,7 @@ class MalwareEntityProperties(EntityCommonProperties): "process_entity_ids": {"key": "processEntityIds", "type": "[str]"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.category = None @@ -13045,7 +13882,7 @@ class ManualTriggerRequestBody(_serialization.Model): "logic_apps_resource_id": {"key": "logicAppsResourceId", "type": "str"}, } - def __init__(self, *, logic_apps_resource_id: str, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, logic_apps_resource_id: str, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword tenant_id: :paramtype tenant_id: str @@ -13065,10 +13902,10 @@ class MCASCheckRequirements(DataConnectorsCheckRequirements): :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -13083,7 +13920,7 @@ class MCASCheckRequirements(DataConnectorsCheckRequirements): "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str @@ -13110,7 +13947,7 @@ class MCASCheckRequirementsProperties(DataConnectorTenantId): "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -13141,10 +13978,10 @@ class MCASDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -13177,8 +14014,8 @@ def __init__( etag: Optional[str] = None, tenant_id: Optional[str] = None, data_types: Optional["_models.MCASDataConnectorDataTypes"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -13218,8 +14055,8 @@ def __init__( *, alerts: "_models.DataConnectorDataTypeCommon", discovery_logs: Optional["_models.DataConnectorDataTypeCommon"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword alerts: Alerts data type connection. Required. :paramtype alerts: ~azure.mgmt.securityinsight.models.DataConnectorDataTypeCommon @@ -13251,7 +14088,7 @@ class MCASDataConnectorProperties(DataConnectorTenantId): "data_types": {"key": "dataTypes", "type": "MCASDataConnectorDataTypes"}, } - def __init__(self, *, tenant_id: str, data_types: "_models.MCASDataConnectorDataTypes", **kwargs): + def __init__(self, *, tenant_id: str, data_types: "_models.MCASDataConnectorDataTypes", **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -13270,10 +14107,10 @@ class MDATPCheckRequirements(DataConnectorsCheckRequirements): :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -13288,7 +14125,7 @@ class MDATPCheckRequirements(DataConnectorsCheckRequirements): "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str @@ -13315,7 +14152,7 @@ class MDATPCheckRequirementsProperties(DataConnectorTenantId): "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -13346,10 +14183,10 @@ class MDATPDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -13382,8 +14219,8 @@ def __init__( etag: Optional[str] = None, tenant_id: Optional[str] = None, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -13419,8 +14256,8 @@ class MDATPDataConnectorProperties(DataConnectorTenantId, DataConnectorWithAlert } def __init__( - self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs - ): + self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs: Any + ) -> None: """ :keyword data_types: The available data types for the connector. :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector @@ -13450,8 +14287,8 @@ class MetadataAuthor(_serialization.Model): } def __init__( - self, *, name: Optional[str] = None, email: Optional[str] = None, link: Optional[str] = None, **kwargs - ): + self, *, name: Optional[str] = None, email: Optional[str] = None, link: Optional[str] = None, **kwargs: Any + ) -> None: """ :keyword name: Name of the author. Company or person. :paramtype name: str @@ -13480,7 +14317,9 @@ class MetadataCategories(_serialization.Model): "verticals": {"key": "verticals", "type": "[str]"}, } - def __init__(self, *, domains: Optional[List[str]] = None, verticals: Optional[List[str]] = None, **kwargs): + def __init__( + self, *, domains: Optional[List[str]] = None, verticals: Optional[List[str]] = None, **kwargs: Any + ) -> None: """ :keyword domains: domain for the solution content item. :paramtype domains: list[str] @@ -13493,7 +14332,9 @@ def __init__(self, *, domains: Optional[List[str]] = None, verticals: Optional[L class MetadataDependencies(_serialization.Model): - """Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex dependencies. + """Dependencies for the content item, what other content items it requires to work. Can describe + more complex dependencies using a recursive/nested structure. For a single dependency an + id/kind/version can be supplied or operator/criteria for complex dependencies. :ivar content_id: Id of the content item we depend on. :vartype content_id: str @@ -13510,7 +14351,7 @@ class MetadataDependencies(_serialization.Model): :ivar name: Name of the content item. :vartype name: str :ivar operator: Operator used for list of dependencies in criteria array. Known values are: - "AND" and "OR". + "AND", "OR", "AND", and "OR". :vartype operator: str or ~azure.mgmt.securityinsight.models.Operator :ivar criteria: This is the list of dependencies we must fulfill, according to the AND/OR operator. @@ -13535,8 +14376,8 @@ def __init__( name: Optional[str] = None, operator: Optional[Union[str, "_models.Operator"]] = None, criteria: Optional[List["_models.MetadataDependencies"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword content_id: Id of the content item we depend on. :paramtype content_id: str @@ -13553,7 +14394,7 @@ def __init__( :keyword name: Name of the content item. :paramtype name: str :keyword operator: Operator used for list of dependencies in criteria array. Known values are: - "AND" and "OR". + "AND", "OR", "AND", and "OR". :paramtype operator: str or ~azure.mgmt.securityinsight.models.Operator :keyword criteria: This is the list of dependencies we must fulfill, according to the AND/OR operator. @@ -13568,36 +14409,185 @@ def __init__( self.criteria = criteria -class MetadataList(_serialization.Model): - """List of all the metadata. - - Variables are only populated by the server, and will be ignored when sending a request. +class MetadataDependenciesAutoGenerated(_serialization.Model): + """Dependencies for the content item, what other content items it requires to work. Can describe + more complex dependencies using a recursive/nested structure. For a single dependency an + id/kind/version can be supplied or operator/criteria for complex dependencies. - All required parameters must be populated in order to send to Azure. - - :ivar value: Array of metadata. Required. - :vartype value: list[~azure.mgmt.securityinsight.models.MetadataModel] - :ivar next_link: URL to fetch the next page of metadata. - :vartype next_link: str + :ivar content_id: Id of the content item we depend on. + :vartype content_id: str + :ivar kind: Type of the content item we depend on. + :vartype kind: str + :ivar version: Version of the the content item we depend on. Can be blank, * or missing to + indicate any version fulfills the dependency. If version does not match our defined numeric + format then an exact match is required. + :vartype version: str + :ivar name: Name of the content item. + :vartype name: str + :ivar operator: Operator used for list of dependencies in criteria array. Known values are: + "AND", "OR", "AND", and "OR". + :vartype operator: str or ~azure.mgmt.securityinsight.models.Operator + :ivar criteria: This is the list of dependencies we must fulfill, according to the AND/OR + operator. + :vartype criteria: list[~azure.mgmt.securityinsight.models.MetadataDependenciesAutoGenerated] """ - _validation = { - "value": {"required": True}, - "next_link": {"readonly": True}, - } - _attribute_map = { - "value": {"key": "value", "type": "[MetadataModel]"}, - "next_link": {"key": "nextLink", "type": "str"}, + "content_id": {"key": "contentId", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "version": {"key": "version", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "operator": {"key": "operator", "type": "str"}, + "criteria": {"key": "criteria", "type": "[MetadataDependenciesAutoGenerated]"}, } - def __init__(self, *, value: List["_models.MetadataModel"], **kwargs): + def __init__( + self, + *, + content_id: Optional[str] = None, + kind: Optional[str] = None, + version: Optional[str] = None, + name: Optional[str] = None, + operator: Optional[Union[str, "_models.Operator"]] = None, + criteria: Optional[List["_models.MetadataDependenciesAutoGenerated"]] = None, + **kwargs: Any + ) -> None: """ - :keyword value: Array of metadata. Required. - :paramtype value: list[~azure.mgmt.securityinsight.models.MetadataModel] + :keyword content_id: Id of the content item we depend on. + :paramtype content_id: str + :keyword kind: Type of the content item we depend on. + :paramtype kind: str + :keyword version: Version of the the content item we depend on. Can be blank, * or missing to + indicate any version fulfills the dependency. If version does not match our defined numeric + format then an exact match is required. + :paramtype version: str + :keyword name: Name of the content item. + :paramtype name: str + :keyword operator: Operator used for list of dependencies in criteria array. Known values are: + "AND", "OR", "AND", and "OR". + :paramtype operator: str or ~azure.mgmt.securityinsight.models.Operator + :keyword criteria: This is the list of dependencies we must fulfill, according to the AND/OR + operator. + :paramtype criteria: list[~azure.mgmt.securityinsight.models.MetadataDependenciesAutoGenerated] """ super().__init__(**kwargs) - self.value = value + self.content_id = content_id + self.kind = kind + self.version = version + self.name = name + self.operator = operator + self.criteria = criteria + + +class MetadataDependenciesAutoGenerated2(_serialization.Model): + """Dependencies for the content item, what other content items it requires to work. Can describe + more complex dependencies using a recursive/nested structure. For a single dependency an + id/kind/version can be supplied or operator/criteria for complex dependencies. + + :ivar content_id: Id of the content item we depend on. + :vartype content_id: str + :ivar kind: Type of the content item we depend on. Known values are: "DataConnector", + "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", + "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", + "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and + "AutomationRule". + :vartype kind: str or ~azure.mgmt.securityinsight.models.Kind + :ivar version: Version of the the content item we depend on. Can be blank, * or missing to + indicate any version fulfills the dependency. If version does not match our defined numeric + format then an exact match is required. + :vartype version: str + :ivar name: Name of the content item. + :vartype name: str + :ivar operator: Operator used for list of dependencies in criteria array. Known values are: + "AND", "OR", "AND", and "OR". + :vartype operator: str or ~azure.mgmt.securityinsight.models.Operator + :ivar criteria: This is the list of dependencies we must fulfill, according to the AND/OR + operator. + :vartype criteria: list[~azure.mgmt.securityinsight.models.MetadataDependenciesAutoGenerated2] + """ + + _attribute_map = { + "content_id": {"key": "contentId", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "version": {"key": "version", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "operator": {"key": "operator", "type": "str"}, + "criteria": {"key": "criteria", "type": "[MetadataDependenciesAutoGenerated2]"}, + } + + def __init__( + self, + *, + content_id: Optional[str] = None, + kind: Optional[Union[str, "_models.Kind"]] = None, + version: Optional[str] = None, + name: Optional[str] = None, + operator: Optional[Union[str, "_models.Operator"]] = None, + criteria: Optional[List["_models.MetadataDependenciesAutoGenerated2"]] = None, + **kwargs: Any + ) -> None: + """ + :keyword content_id: Id of the content item we depend on. + :paramtype content_id: str + :keyword kind: Type of the content item we depend on. Known values are: "DataConnector", + "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", + "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", + "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and + "AutomationRule". + :paramtype kind: str or ~azure.mgmt.securityinsight.models.Kind + :keyword version: Version of the the content item we depend on. Can be blank, * or missing to + indicate any version fulfills the dependency. If version does not match our defined numeric + format then an exact match is required. + :paramtype version: str + :keyword name: Name of the content item. + :paramtype name: str + :keyword operator: Operator used for list of dependencies in criteria array. Known values are: + "AND", "OR", "AND", and "OR". + :paramtype operator: str or ~azure.mgmt.securityinsight.models.Operator + :keyword criteria: This is the list of dependencies we must fulfill, according to the AND/OR + operator. + :paramtype criteria: + list[~azure.mgmt.securityinsight.models.MetadataDependenciesAutoGenerated2] + """ + super().__init__(**kwargs) + self.content_id = content_id + self.kind = kind + self.version = version + self.name = name + self.operator = operator + self.criteria = criteria + + +class MetadataList(_serialization.Model): + """List of all the metadata. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar value: Array of metadata. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.MetadataModel] + :ivar next_link: URL to fetch the next page of metadata. + :vartype next_link: str + """ + + _validation = { + "value": {"required": True}, + "next_link": {"readonly": True}, + } + + _attribute_map = { + "value": {"key": "value", "type": "[MetadataModel]"}, + "next_link": {"key": "nextLink", "type": "str"}, + } + + def __init__(self, *, value: List["_models.MetadataModel"], **kwargs: Any) -> None: + """ + :keyword value: Array of metadata. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.MetadataModel] + """ + super().__init__(**kwargs) + self.value = value self.next_link = None @@ -13630,12 +14620,8 @@ class MetadataModel(ResourceWithEtag): # pylint: disable=too-many-instance-attr 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks. :vartype version: str - :ivar kind: The kind of content the metadata is for. Known values are: "DataConnector", - "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", - "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", - "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and - "AutomationRule". - :vartype kind: str or ~azure.mgmt.securityinsight.models.Kind + :ivar kind: The kind of content the metadata is for. + :vartype kind: str :ivar source: Source of the content. This is where/how it was created. :vartype source: ~azure.mgmt.securityinsight.models.MetadataSource :ivar author: The creator of the content item. @@ -13645,7 +14631,7 @@ class MetadataModel(ResourceWithEtag): # pylint: disable=too-many-instance-attr :ivar dependencies: Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats. - :vartype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :vartype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependenciesAutoGenerated :ivar categories: Categories for the solution content item. :vartype categories: ~azure.mgmt.securityinsight.models.MetadataCategories :ivar providers: Providers for the solution content item. @@ -13694,7 +14680,7 @@ class MetadataModel(ResourceWithEtag): # pylint: disable=too-many-instance-attr "source": {"key": "properties.source", "type": "MetadataSource"}, "author": {"key": "properties.author", "type": "MetadataAuthor"}, "support": {"key": "properties.support", "type": "MetadataSupport"}, - "dependencies": {"key": "properties.dependencies", "type": "MetadataDependencies"}, + "dependencies": {"key": "properties.dependencies", "type": "MetadataDependenciesAutoGenerated"}, "categories": {"key": "properties.categories", "type": "MetadataCategories"}, "providers": {"key": "properties.providers", "type": "[str]"}, "first_publish_date": {"key": "properties.firstPublishDate", "type": "date"}, @@ -13715,11 +14701,11 @@ def __init__( # pylint: disable=too-many-locals content_id: Optional[str] = None, parent_id: Optional[str] = None, version: Optional[str] = None, - kind: Optional[Union[str, "_models.Kind"]] = None, + kind: Optional[str] = None, source: Optional["_models.MetadataSource"] = None, author: Optional["_models.MetadataAuthor"] = None, support: Optional["_models.MetadataSupport"] = None, - dependencies: Optional["_models.MetadataDependencies"] = None, + dependencies: Optional["_models.MetadataDependenciesAutoGenerated"] = None, categories: Optional["_models.MetadataCategories"] = None, providers: Optional[List[str]] = None, first_publish_date: Optional[datetime.date] = None, @@ -13731,8 +14717,8 @@ def __init__( # pylint: disable=too-many-locals threat_analysis_techniques: Optional[List[str]] = None, preview_images: Optional[List[str]] = None, preview_images_dark: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -13747,12 +14733,8 @@ def __init__( # pylint: disable=too-many-locals 1.0, 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks. :paramtype version: str - :keyword kind: The kind of content the metadata is for. Known values are: "DataConnector", - "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", - "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", - "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and - "AutomationRule". - :paramtype kind: str or ~azure.mgmt.securityinsight.models.Kind + :keyword kind: The kind of content the metadata is for. + :paramtype kind: str :keyword source: Source of the content. This is where/how it was created. :paramtype source: ~azure.mgmt.securityinsight.models.MetadataSource :keyword author: The creator of the content item. @@ -13762,7 +14744,7 @@ def __init__( # pylint: disable=too-many-locals :keyword dependencies: Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats. - :paramtype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :paramtype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependenciesAutoGenerated :keyword categories: Categories for the solution content item. :paramtype categories: ~azure.mgmt.securityinsight.models.MetadataCategories :keyword providers: Providers for the solution content item. @@ -13841,12 +14823,8 @@ class MetadataPatch(ResourceWithEtag): # pylint: disable=too-many-instance-attr 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks. :vartype version: str - :ivar kind: The kind of content the metadata is for. Known values are: "DataConnector", - "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", - "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", - "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and - "AutomationRule". - :vartype kind: str or ~azure.mgmt.securityinsight.models.Kind + :ivar kind: The kind of content the metadata is for. + :vartype kind: str :ivar source: Source of the content. This is where/how it was created. :vartype source: ~azure.mgmt.securityinsight.models.MetadataSource :ivar author: The creator of the content item. @@ -13856,7 +14834,7 @@ class MetadataPatch(ResourceWithEtag): # pylint: disable=too-many-instance-attr :ivar dependencies: Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats. - :vartype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :vartype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependenciesAutoGenerated :ivar categories: Categories for the solution content item. :vartype categories: ~azure.mgmt.securityinsight.models.MetadataCategories :ivar providers: Providers for the solution content item. @@ -13905,7 +14883,7 @@ class MetadataPatch(ResourceWithEtag): # pylint: disable=too-many-instance-attr "source": {"key": "properties.source", "type": "MetadataSource"}, "author": {"key": "properties.author", "type": "MetadataAuthor"}, "support": {"key": "properties.support", "type": "MetadataSupport"}, - "dependencies": {"key": "properties.dependencies", "type": "MetadataDependencies"}, + "dependencies": {"key": "properties.dependencies", "type": "MetadataDependenciesAutoGenerated"}, "categories": {"key": "properties.categories", "type": "MetadataCategories"}, "providers": {"key": "properties.providers", "type": "[str]"}, "first_publish_date": {"key": "properties.firstPublishDate", "type": "date"}, @@ -13926,11 +14904,11 @@ def __init__( # pylint: disable=too-many-locals content_id: Optional[str] = None, parent_id: Optional[str] = None, version: Optional[str] = None, - kind: Optional[Union[str, "_models.Kind"]] = None, + kind: Optional[str] = None, source: Optional["_models.MetadataSource"] = None, author: Optional["_models.MetadataAuthor"] = None, support: Optional["_models.MetadataSupport"] = None, - dependencies: Optional["_models.MetadataDependencies"] = None, + dependencies: Optional["_models.MetadataDependenciesAutoGenerated"] = None, categories: Optional["_models.MetadataCategories"] = None, providers: Optional[List[str]] = None, first_publish_date: Optional[datetime.date] = None, @@ -13942,8 +14920,8 @@ def __init__( # pylint: disable=too-many-locals threat_analysis_techniques: Optional[List[str]] = None, preview_images: Optional[List[str]] = None, preview_images_dark: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -13958,12 +14936,8 @@ def __init__( # pylint: disable=too-many-locals 1.0, 1.0.0, 1.0.0.0), following ARM template best practices. Can also be any string, but then we cannot guarantee any version checks. :paramtype version: str - :keyword kind: The kind of content the metadata is for. Known values are: "DataConnector", - "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", - "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", - "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and - "AutomationRule". - :paramtype kind: str or ~azure.mgmt.securityinsight.models.Kind + :keyword kind: The kind of content the metadata is for. + :paramtype kind: str :keyword source: Source of the content. This is where/how it was created. :paramtype source: ~azure.mgmt.securityinsight.models.MetadataSource :keyword author: The creator of the content item. @@ -13973,7 +14947,7 @@ def __init__( # pylint: disable=too-many-locals :keyword dependencies: Dependencies for the content item, what other content items it requires to work. Can describe more complex dependencies using a recursive/nested structure. For a single dependency an id/kind/version can be supplied or operator/criteria for complex formats. - :paramtype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :paramtype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependenciesAutoGenerated :keyword categories: Categories for the solution content item. :paramtype categories: ~azure.mgmt.securityinsight.models.MetadataCategories :keyword providers: Providers for the solution content item. @@ -14053,8 +15027,8 @@ def __init__( kind: Union[str, "_models.SourceKind"], name: Optional[str] = None, source_id: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword kind: Source type of the content. Required. Known values are: "LocalWorkspace", "Community", "Solution", and "SourceRepository". @@ -14105,8 +15079,8 @@ def __init__( name: Optional[str] = None, email: Optional[str] = None, link: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword tier: Type of support for content item. Required. Known values are: "Microsoft", "Partner", and "Community". @@ -14125,304 +15099,126 @@ def __init__( self.link = link -class MicrosoftSecurityIncidentCreationAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes - """Represents MicrosoftSecurityIncidentCreation rule. - - Variables are only populated by the server, and will be ignored when sending a request. +class MicrosoftPurviewInformationProtectionCheckRequirements(DataConnectorsCheckRequirements): + """Represents MicrosoftPurviewInformationProtection requirements check request. All required parameters must be populated in order to send to Azure. - :ivar id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - :vartype id: str - :ivar name: The name of the resource. - :vartype name: str - :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or - "Microsoft.Storage/storageAccounts". - :vartype type: str - :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy - information. - :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar etag: Etag of the azure resource. - :vartype etag: str - :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", - "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and - "NRT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind - :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. - :vartype display_names_filter: list[str] - :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :vartype display_names_exclude_filter: list[str] - :ivar product_filter: The alerts' productName on which the cases will be generated. Known - values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat - Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", - "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". - :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :ivar severities_filter: the alerts' severities on which the cases will be generated. - :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] - :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. - :vartype alert_rule_template_name: str - :ivar description: The description of the alert rule. - :vartype description: str - :ivar display_name: The display name for alerts created by this alert rule. - :vartype display_name: str - :ivar enabled: Determines whether this alert rule is enabled or disabled. - :vartype enabled: bool - :ivar last_modified_utc: The last time that this alert has been modified. - :vartype last_modified_utc: ~datetime.datetime + :ivar kind: Describes the kind of connector to be checked. Required. Known values are: + "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", + "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str """ _validation = { - "id": {"readonly": True}, - "name": {"readonly": True}, - "type": {"readonly": True}, - "system_data": {"readonly": True}, "kind": {"required": True}, - "last_modified_utc": {"readonly": True}, } _attribute_map = { - "id": {"key": "id", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "type": {"key": "type", "type": "str"}, - "system_data": {"key": "systemData", "type": "SystemData"}, - "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, - "display_names_filter": {"key": "properties.displayNamesFilter", "type": "[str]"}, - "display_names_exclude_filter": {"key": "properties.displayNamesExcludeFilter", "type": "[str]"}, - "product_filter": {"key": "properties.productFilter", "type": "str"}, - "severities_filter": {"key": "properties.severitiesFilter", "type": "[str]"}, - "alert_rule_template_name": {"key": "properties.alertRuleTemplateName", "type": "str"}, - "description": {"key": "properties.description", "type": "str"}, - "display_name": {"key": "properties.displayName", "type": "str"}, - "enabled": {"key": "properties.enabled", "type": "bool"}, - "last_modified_utc": {"key": "properties.lastModifiedUtc", "type": "iso-8601"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__( - self, - *, - etag: Optional[str] = None, - display_names_filter: Optional[List[str]] = None, - display_names_exclude_filter: Optional[List[str]] = None, - product_filter: Optional[Union[str, "_models.MicrosoftSecurityProductName"]] = None, - severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, - alert_rule_template_name: Optional[str] = None, - description: Optional[str] = None, - display_name: Optional[str] = None, - enabled: Optional[bool] = None, - **kwargs - ): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ - :keyword etag: Etag of the azure resource. - :paramtype etag: str - :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. - :paramtype display_names_filter: list[str] - :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :paramtype display_names_exclude_filter: list[str] - :keyword product_filter: The alerts' productName on which the cases will be generated. Known - values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat - Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", - "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". - :paramtype product_filter: str or - ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :keyword severities_filter: the alerts' severities on which the cases will be generated. - :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] - :keyword alert_rule_template_name: The Name of the alert rule template used to create this - rule. - :paramtype alert_rule_template_name: str - :keyword description: The description of the alert rule. - :paramtype description: str - :keyword display_name: The display name for alerts created by this alert rule. - :paramtype display_name: str - :keyword enabled: Determines whether this alert rule is enabled or disabled. - :paramtype enabled: bool + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str """ - super().__init__(etag=etag, **kwargs) - self.kind: str = "MicrosoftSecurityIncidentCreation" - self.display_names_filter = display_names_filter - self.display_names_exclude_filter = display_names_exclude_filter - self.product_filter = product_filter - self.severities_filter = severities_filter - self.alert_rule_template_name = alert_rule_template_name - self.description = description - self.display_name = display_name - self.enabled = enabled - self.last_modified_utc = None + super().__init__(**kwargs) + self.kind: str = "MicrosoftPurviewInformationProtection" + self.tenant_id = tenant_id -class MicrosoftSecurityIncidentCreationAlertRuleCommonProperties(_serialization.Model): - """MicrosoftSecurityIncidentCreation rule common property bag. +class MicrosoftPurviewInformationProtectionCheckRequirementsProperties(DataConnectorTenantId): + """MicrosoftPurviewInformationProtection requirements check properties. All required parameters must be populated in order to send to Azure. - :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. - :vartype display_names_filter: list[str] - :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :vartype display_names_exclude_filter: list[str] - :ivar product_filter: The alerts' productName on which the cases will be generated. Required. - Known values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced - Threat Protection", "Azure Active Directory Identity Protection", "Azure Security Center for - IoT", "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat - Protection". - :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :ivar severities_filter: the alerts' severities on which the cases will be generated. - :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str """ _validation = { - "product_filter": {"required": True}, + "tenant_id": {"required": True}, } _attribute_map = { - "display_names_filter": {"key": "displayNamesFilter", "type": "[str]"}, - "display_names_exclude_filter": {"key": "displayNamesExcludeFilter", "type": "[str]"}, - "product_filter": {"key": "productFilter", "type": "str"}, - "severities_filter": {"key": "severitiesFilter", "type": "[str]"}, + "tenant_id": {"key": "tenantId", "type": "str"}, + } + + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: + """ + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str + """ + super().__init__(tenant_id=tenant_id, **kwargs) + + +class MicrosoftPurviewInformationProtectionConnectorDataTypes(_serialization.Model): + """The available data types for Microsoft Purview Information Protection data connector. + + All required parameters must be populated in order to send to Azure. + + :ivar logs: Logs data type. Required. + :vartype logs: + ~azure.mgmt.securityinsight.models.MicrosoftPurviewInformationProtectionConnectorDataTypesLogs + """ + + _validation = { + "logs": {"required": True}, + } + + _attribute_map = { + "logs": {"key": "logs", "type": "MicrosoftPurviewInformationProtectionConnectorDataTypesLogs"}, } def __init__( - self, - *, - product_filter: Union[str, "_models.MicrosoftSecurityProductName"], - display_names_filter: Optional[List[str]] = None, - display_names_exclude_filter: Optional[List[str]] = None, - severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, - **kwargs - ): + self, *, logs: "_models.MicrosoftPurviewInformationProtectionConnectorDataTypesLogs", **kwargs: Any + ) -> None: """ - :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. - :paramtype display_names_filter: list[str] - :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :paramtype display_names_exclude_filter: list[str] - :keyword product_filter: The alerts' productName on which the cases will be generated. - Required. Known values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure - Advanced Threat Protection", "Azure Active Directory Identity Protection", "Azure Security - Center for IoT", "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced - Threat Protection". - :paramtype product_filter: str or - ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :keyword severities_filter: the alerts' severities on which the cases will be generated. - :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + :keyword logs: Logs data type. Required. + :paramtype logs: + ~azure.mgmt.securityinsight.models.MicrosoftPurviewInformationProtectionConnectorDataTypesLogs """ super().__init__(**kwargs) - self.display_names_filter = display_names_filter - self.display_names_exclude_filter = display_names_exclude_filter - self.product_filter = product_filter - self.severities_filter = severities_filter - + self.logs = logs -class MicrosoftSecurityIncidentCreationAlertRuleProperties(MicrosoftSecurityIncidentCreationAlertRuleCommonProperties): - """MicrosoftSecurityIncidentCreation rule property bag. - Variables are only populated by the server, and will be ignored when sending a request. +class MicrosoftPurviewInformationProtectionConnectorDataTypesLogs(DataConnectorDataTypeCommon): + """Logs data type. All required parameters must be populated in order to send to Azure. - :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. - :vartype display_names_filter: list[str] - :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :vartype display_names_exclude_filter: list[str] - :ivar product_filter: The alerts' productName on which the cases will be generated. Required. - Known values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced - Threat Protection", "Azure Active Directory Identity Protection", "Azure Security Center for - IoT", "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat - Protection". - :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :ivar severities_filter: the alerts' severities on which the cases will be generated. - :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] - :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. - :vartype alert_rule_template_name: str - :ivar description: The description of the alert rule. - :vartype description: str - :ivar display_name: The display name for alerts created by this alert rule. Required. - :vartype display_name: str - :ivar enabled: Determines whether this alert rule is enabled or disabled. Required. - :vartype enabled: bool - :ivar last_modified_utc: The last time that this alert has been modified. - :vartype last_modified_utc: ~datetime.datetime + :ivar state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ _validation = { - "product_filter": {"required": True}, - "display_name": {"required": True}, - "enabled": {"required": True}, - "last_modified_utc": {"readonly": True}, + "state": {"required": True}, } _attribute_map = { - "display_names_filter": {"key": "displayNamesFilter", "type": "[str]"}, - "display_names_exclude_filter": {"key": "displayNamesExcludeFilter", "type": "[str]"}, - "product_filter": {"key": "productFilter", "type": "str"}, - "severities_filter": {"key": "severitiesFilter", "type": "[str]"}, - "alert_rule_template_name": {"key": "alertRuleTemplateName", "type": "str"}, - "description": {"key": "description", "type": "str"}, - "display_name": {"key": "displayName", "type": "str"}, - "enabled": {"key": "enabled", "type": "bool"}, - "last_modified_utc": {"key": "lastModifiedUtc", "type": "iso-8601"}, + "state": {"key": "state", "type": "str"}, } - def __init__( - self, - *, - product_filter: Union[str, "_models.MicrosoftSecurityProductName"], - display_name: str, - enabled: bool, - display_names_filter: Optional[List[str]] = None, - display_names_exclude_filter: Optional[List[str]] = None, - severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, - alert_rule_template_name: Optional[str] = None, - description: Optional[str] = None, - **kwargs - ): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ - :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. - :paramtype display_names_filter: list[str] - :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :paramtype display_names_exclude_filter: list[str] - :keyword product_filter: The alerts' productName on which the cases will be generated. - Required. Known values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure - Advanced Threat Protection", "Azure Active Directory Identity Protection", "Azure Security - Center for IoT", "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced - Threat Protection". - :paramtype product_filter: str or - ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :keyword severities_filter: the alerts' severities on which the cases will be generated. - :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] - :keyword alert_rule_template_name: The Name of the alert rule template used to create this - rule. - :paramtype alert_rule_template_name: str - :keyword description: The description of the alert rule. - :paramtype description: str - :keyword display_name: The display name for alerts created by this alert rule. Required. - :paramtype display_name: str - :keyword enabled: Determines whether this alert rule is enabled or disabled. Required. - :paramtype enabled: bool + :keyword state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ - super().__init__( - display_names_filter=display_names_filter, - display_names_exclude_filter=display_names_exclude_filter, - product_filter=product_filter, - severities_filter=severities_filter, - **kwargs - ) - self.alert_rule_template_name = alert_rule_template_name - self.description = description - self.display_name = display_name - self.enabled = enabled - self.last_modified_utc = None + super().__init__(state=state, **kwargs) -class MicrosoftSecurityIncidentCreationAlertRuleTemplate( - AlertRuleTemplate -): # pylint: disable=too-many-instance-attributes - """Represents MicrosoftSecurityIncidentCreation rule template. +class MicrosoftPurviewInformationProtectionDataConnector(DataConnector): + """Represents Microsoft Purview Information Protection data connector. Variables are only populated by the server, and will be ignored when sending a request. @@ -14439,39 +15235,21 @@ class MicrosoftSecurityIncidentCreationAlertRuleTemplate( :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy information. :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", - "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and - "NRT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind - :ivar alert_rules_created_by_template_count: the number of alert rules that were created by - this template. - :vartype alert_rules_created_by_template_count: int - :ivar last_updated_date_utc: The last time that this alert rule template has been updated. - :vartype last_updated_date_utc: ~datetime.datetime - :ivar created_date_utc: The time that this alert rule template has been added. - :vartype created_date_utc: ~datetime.datetime - :ivar description: The description of the alert rule template. - :vartype description: str - :ivar display_name: The display name for alert rule template. - :vartype display_name: str - :ivar required_data_connectors: The required data sources for this template. - :vartype required_data_connectors: - list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] - :ivar status: The alert rule template status. Known values are: "Installed", "Available", and - "NotAvailable". - :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. - :vartype display_names_filter: list[str] - :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :vartype display_names_exclude_filter: list[str] - :ivar product_filter: The alerts' productName on which the cases will be generated. Known - values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat - Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", - "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". - :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :ivar severities_filter: the alerts' severities on which the cases will be generated. - :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", + "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", + "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str + :ivar data_types: The available data types for the connector. + :vartype data_types: + ~azure.mgmt.securityinsight.models.MicrosoftPurviewInformationProtectionConnectorDataTypes """ _validation = { @@ -14480,8 +15258,6 @@ class MicrosoftSecurityIncidentCreationAlertRuleTemplate( "type": {"readonly": True}, "system_data": {"readonly": True}, "kind": {"required": True}, - "last_updated_date_utc": {"readonly": True}, - "created_date_utc": {"readonly": True}, } _attribute_map = { @@ -14489,195 +15265,80 @@ class MicrosoftSecurityIncidentCreationAlertRuleTemplate( "name": {"key": "name", "type": "str"}, "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, - "alert_rules_created_by_template_count": {"key": "properties.alertRulesCreatedByTemplateCount", "type": "int"}, - "last_updated_date_utc": {"key": "properties.lastUpdatedDateUTC", "type": "iso-8601"}, - "created_date_utc": {"key": "properties.createdDateUTC", "type": "iso-8601"}, - "description": {"key": "properties.description", "type": "str"}, - "display_name": {"key": "properties.displayName", "type": "str"}, - "required_data_connectors": { - "key": "properties.requiredDataConnectors", - "type": "[AlertRuleTemplateDataSource]", + "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "data_types": { + "key": "properties.dataTypes", + "type": "MicrosoftPurviewInformationProtectionConnectorDataTypes", }, - "status": {"key": "properties.status", "type": "str"}, - "display_names_filter": {"key": "properties.displayNamesFilter", "type": "[str]"}, - "display_names_exclude_filter": {"key": "properties.displayNamesExcludeFilter", "type": "[str]"}, - "product_filter": {"key": "properties.productFilter", "type": "str"}, - "severities_filter": {"key": "properties.severitiesFilter", "type": "[str]"}, } def __init__( self, *, - alert_rules_created_by_template_count: Optional[int] = None, - description: Optional[str] = None, - display_name: Optional[str] = None, - required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, - status: Optional[Union[str, "_models.TemplateStatus"]] = None, - display_names_filter: Optional[List[str]] = None, - display_names_exclude_filter: Optional[List[str]] = None, - product_filter: Optional[Union[str, "_models.MicrosoftSecurityProductName"]] = None, - severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, - **kwargs - ): + etag: Optional[str] = None, + tenant_id: Optional[str] = None, + data_types: Optional["_models.MicrosoftPurviewInformationProtectionConnectorDataTypes"] = None, + **kwargs: Any + ) -> None: """ - :keyword alert_rules_created_by_template_count: the number of alert rules that were created by - this template. - :paramtype alert_rules_created_by_template_count: int - :keyword description: The description of the alert rule template. - :paramtype description: str - :keyword display_name: The display name for alert rule template. - :paramtype display_name: str - :keyword required_data_connectors: The required data sources for this template. - :paramtype required_data_connectors: - list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] - :keyword status: The alert rule template status. Known values are: "Installed", "Available", - and "NotAvailable". - :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. - :paramtype display_names_filter: list[str] - :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :paramtype display_names_exclude_filter: list[str] - :keyword product_filter: The alerts' productName on which the cases will be generated. Known - values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat - Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", - "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". - :paramtype product_filter: str or - ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :keyword severities_filter: the alerts' severities on which the cases will be generated. - :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str + :keyword data_types: The available data types for the connector. + :paramtype data_types: + ~azure.mgmt.securityinsight.models.MicrosoftPurviewInformationProtectionConnectorDataTypes """ - super().__init__(**kwargs) - self.kind: str = "MicrosoftSecurityIncidentCreation" - self.alert_rules_created_by_template_count = alert_rules_created_by_template_count - self.last_updated_date_utc = None - self.created_date_utc = None - self.description = description - self.display_name = display_name - self.required_data_connectors = required_data_connectors - self.status = status - self.display_names_filter = display_names_filter - self.display_names_exclude_filter = display_names_exclude_filter - self.product_filter = product_filter - self.severities_filter = severities_filter + super().__init__(etag=etag, **kwargs) + self.kind: str = "MicrosoftPurviewInformationProtection" + self.tenant_id = tenant_id + self.data_types = data_types -class MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties( - AlertRuleTemplatePropertiesBase -): # pylint: disable=too-many-instance-attributes - """MicrosoftSecurityIncidentCreation rule template properties. +class MicrosoftPurviewInformationProtectionDataConnectorProperties(DataConnectorTenantId): + """Microsoft Purview Information Protection data connector properties. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar alert_rules_created_by_template_count: the number of alert rules that were created by - this template. - :vartype alert_rules_created_by_template_count: int - :ivar last_updated_date_utc: The last time that this alert rule template has been updated. - :vartype last_updated_date_utc: ~datetime.datetime - :ivar created_date_utc: The time that this alert rule template has been added. - :vartype created_date_utc: ~datetime.datetime - :ivar description: The description of the alert rule template. - :vartype description: str - :ivar display_name: The display name for alert rule template. - :vartype display_name: str - :ivar required_data_connectors: The required data sources for this template. - :vartype required_data_connectors: - list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] - :ivar status: The alert rule template status. Known values are: "Installed", "Available", and - "NotAvailable". - :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. - :vartype display_names_filter: list[str] - :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :vartype display_names_exclude_filter: list[str] - :ivar product_filter: The alerts' productName on which the cases will be generated. Known - values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat - Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", - "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". - :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :ivar severities_filter: the alerts' severities on which the cases will be generated. - :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str + :ivar data_types: The available data types for the connector. Required. + :vartype data_types: + ~azure.mgmt.securityinsight.models.MicrosoftPurviewInformationProtectionConnectorDataTypes """ _validation = { - "last_updated_date_utc": {"readonly": True}, - "created_date_utc": {"readonly": True}, + "tenant_id": {"required": True}, + "data_types": {"required": True}, } _attribute_map = { - "alert_rules_created_by_template_count": {"key": "alertRulesCreatedByTemplateCount", "type": "int"}, - "last_updated_date_utc": {"key": "lastUpdatedDateUTC", "type": "iso-8601"}, - "created_date_utc": {"key": "createdDateUTC", "type": "iso-8601"}, - "description": {"key": "description", "type": "str"}, - "display_name": {"key": "displayName", "type": "str"}, - "required_data_connectors": {"key": "requiredDataConnectors", "type": "[AlertRuleTemplateDataSource]"}, - "status": {"key": "status", "type": "str"}, - "display_names_filter": {"key": "displayNamesFilter", "type": "[str]"}, - "display_names_exclude_filter": {"key": "displayNamesExcludeFilter", "type": "[str]"}, - "product_filter": {"key": "productFilter", "type": "str"}, - "severities_filter": {"key": "severitiesFilter", "type": "[str]"}, + "tenant_id": {"key": "tenantId", "type": "str"}, + "data_types": {"key": "dataTypes", "type": "MicrosoftPurviewInformationProtectionConnectorDataTypes"}, } def __init__( self, *, - alert_rules_created_by_template_count: Optional[int] = None, - description: Optional[str] = None, - display_name: Optional[str] = None, - required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, - status: Optional[Union[str, "_models.TemplateStatus"]] = None, - display_names_filter: Optional[List[str]] = None, - display_names_exclude_filter: Optional[List[str]] = None, - product_filter: Optional[Union[str, "_models.MicrosoftSecurityProductName"]] = None, - severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, - **kwargs - ): + tenant_id: str, + data_types: "_models.MicrosoftPurviewInformationProtectionConnectorDataTypes", + **kwargs: Any + ) -> None: """ - :keyword alert_rules_created_by_template_count: the number of alert rules that were created by - this template. - :paramtype alert_rules_created_by_template_count: int - :keyword description: The description of the alert rule template. - :paramtype description: str - :keyword display_name: The display name for alert rule template. - :paramtype display_name: str - :keyword required_data_connectors: The required data sources for this template. - :paramtype required_data_connectors: - list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] - :keyword status: The alert rule template status. Known values are: "Installed", "Available", - and "NotAvailable". - :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. - :paramtype display_names_filter: list[str] - :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be - generated. - :paramtype display_names_exclude_filter: list[str] - :keyword product_filter: The alerts' productName on which the cases will be generated. Known - values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat - Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", - "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". - :paramtype product_filter: str or - ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName - :keyword severities_filter: the alerts' severities on which the cases will be generated. - :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str + :keyword data_types: The available data types for the connector. Required. + :paramtype data_types: + ~azure.mgmt.securityinsight.models.MicrosoftPurviewInformationProtectionConnectorDataTypes """ - super().__init__( - alert_rules_created_by_template_count=alert_rules_created_by_template_count, - description=description, - display_name=display_name, - required_data_connectors=required_data_connectors, - status=status, - **kwargs - ) - self.display_names_filter = display_names_filter - self.display_names_exclude_filter = display_names_exclude_filter - self.product_filter = product_filter - self.severities_filter = severities_filter + super().__init__(tenant_id=tenant_id, **kwargs) + self.data_types = data_types -class MLBehaviorAnalyticsAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes - """Represents MLBehaviorAnalytics alert rule. +class MicrosoftSecurityIncidentCreationAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes + """Represents MicrosoftSecurityIncidentCreation rule. Variables are only populated by the server, and will be ignored when sending a request. @@ -14700,6 +15361,18 @@ class MLBehaviorAnalyticsAlertRule(AlertRule): # pylint: disable=too-many-insta "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and "NRT". :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind + :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. + :vartype display_names_filter: list[str] + :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :vartype display_names_exclude_filter: list[str] + :ivar product_filter: The alerts' productName on which the cases will be generated. Known + values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat + Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", + "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". + :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :ivar severities_filter: the alerts' severities on which the cases will be generated. + :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. :vartype alert_rule_template_name: str :ivar description: The description of the alert rule. @@ -14708,15 +15381,8 @@ class MLBehaviorAnalyticsAlertRule(AlertRule): # pylint: disable=too-many-insta :vartype display_name: str :ivar enabled: Determines whether this alert rule is enabled or disabled. :vartype enabled: bool - :ivar last_modified_utc: The last time that this alert rule has been modified. + :ivar last_modified_utc: The last time that this alert has been modified. :vartype last_modified_utc: ~datetime.datetime - :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", - "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :ivar tactics: The tactics of the alert rule. - :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :ivar techniques: The techniques of the alert rule. - :vartype techniques: list[str] """ _validation = { @@ -14725,12 +15391,7 @@ class MLBehaviorAnalyticsAlertRule(AlertRule): # pylint: disable=too-many-insta "type": {"readonly": True}, "system_data": {"readonly": True}, "kind": {"required": True}, - "description": {"readonly": True}, - "display_name": {"readonly": True}, "last_modified_utc": {"readonly": True}, - "severity": {"readonly": True}, - "tactics": {"readonly": True}, - "techniques": {"readonly": True}, } _attribute_map = { @@ -14740,91 +15401,289 @@ class MLBehaviorAnalyticsAlertRule(AlertRule): # pylint: disable=too-many-insta "system_data": {"key": "systemData", "type": "SystemData"}, "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, + "display_names_filter": {"key": "properties.displayNamesFilter", "type": "[str]"}, + "display_names_exclude_filter": {"key": "properties.displayNamesExcludeFilter", "type": "[str]"}, + "product_filter": {"key": "properties.productFilter", "type": "str"}, + "severities_filter": {"key": "properties.severitiesFilter", "type": "[str]"}, "alert_rule_template_name": {"key": "properties.alertRuleTemplateName", "type": "str"}, "description": {"key": "properties.description", "type": "str"}, "display_name": {"key": "properties.displayName", "type": "str"}, "enabled": {"key": "properties.enabled", "type": "bool"}, "last_modified_utc": {"key": "properties.lastModifiedUtc", "type": "iso-8601"}, - "severity": {"key": "properties.severity", "type": "str"}, - "tactics": {"key": "properties.tactics", "type": "[str]"}, - "techniques": {"key": "properties.techniques", "type": "[str]"}, } def __init__( self, *, etag: Optional[str] = None, + display_names_filter: Optional[List[str]] = None, + display_names_exclude_filter: Optional[List[str]] = None, + product_filter: Optional[Union[str, "_models.MicrosoftSecurityProductName"]] = None, + severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, alert_rule_template_name: Optional[str] = None, + description: Optional[str] = None, + display_name: Optional[str] = None, enabled: Optional[bool] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str + :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. + :paramtype display_names_filter: list[str] + :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :paramtype display_names_exclude_filter: list[str] + :keyword product_filter: The alerts' productName on which the cases will be generated. Known + values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat + Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", + "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". + :paramtype product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :keyword severities_filter: the alerts' severities on which the cases will be generated. + :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] :keyword alert_rule_template_name: The Name of the alert rule template used to create this rule. :paramtype alert_rule_template_name: str + :keyword description: The description of the alert rule. + :paramtype description: str + :keyword display_name: The display name for alerts created by this alert rule. + :paramtype display_name: str :keyword enabled: Determines whether this alert rule is enabled or disabled. :paramtype enabled: bool """ super().__init__(etag=etag, **kwargs) - self.kind: str = "MLBehaviorAnalytics" + self.kind: str = "MicrosoftSecurityIncidentCreation" + self.display_names_filter = display_names_filter + self.display_names_exclude_filter = display_names_exclude_filter + self.product_filter = product_filter + self.severities_filter = severities_filter self.alert_rule_template_name = alert_rule_template_name - self.description = None - self.display_name = None + self.description = description + self.display_name = display_name self.enabled = enabled self.last_modified_utc = None - self.severity = None - self.tactics = None - self.techniques = None -class MLBehaviorAnalyticsAlertRuleTemplate(AlertRuleTemplate): # pylint: disable=too-many-instance-attributes - """Represents MLBehaviorAnalytics alert rule template. - - Variables are only populated by the server, and will be ignored when sending a request. +class MicrosoftSecurityIncidentCreationAlertRuleCommonProperties(_serialization.Model): + """MicrosoftSecurityIncidentCreation rule common property bag. All required parameters must be populated in order to send to Azure. - :ivar id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - :vartype id: str - :ivar name: The name of the resource. - :vartype name: str - :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or - "Microsoft.Storage/storageAccounts". - :vartype type: str - :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy - information. - :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", - "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and - "NRT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind - :ivar alert_rules_created_by_template_count: the number of alert rules that were created by - this template. - :vartype alert_rules_created_by_template_count: int - :ivar last_updated_date_utc: The last time that this alert rule template has been updated. - :vartype last_updated_date_utc: ~datetime.datetime - :ivar created_date_utc: The time that this alert rule template has been added. - :vartype created_date_utc: ~datetime.datetime - :ivar description: The description of the alert rule template. - :vartype description: str - :ivar display_name: The display name for alert rule template. - :vartype display_name: str - :ivar required_data_connectors: The required data sources for this template. - :vartype required_data_connectors: - list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] - :ivar status: The alert rule template status. Known values are: "Installed", "Available", and - "NotAvailable". - :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :ivar tactics: The tactics of the alert rule. - :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :ivar techniques: The techniques of the alert rule. - :vartype techniques: list[str] - :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", - "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. + :vartype display_names_filter: list[str] + :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :vartype display_names_exclude_filter: list[str] + :ivar product_filter: The alerts' productName on which the cases will be generated. Required. + Known values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced + Threat Protection", "Azure Active Directory Identity Protection", "Azure Security Center for + IoT", "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat + Protection". + :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :ivar severities_filter: the alerts' severities on which the cases will be generated. + :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + """ + + _validation = { + "product_filter": {"required": True}, + } + + _attribute_map = { + "display_names_filter": {"key": "displayNamesFilter", "type": "[str]"}, + "display_names_exclude_filter": {"key": "displayNamesExcludeFilter", "type": "[str]"}, + "product_filter": {"key": "productFilter", "type": "str"}, + "severities_filter": {"key": "severitiesFilter", "type": "[str]"}, + } + + def __init__( + self, + *, + product_filter: Union[str, "_models.MicrosoftSecurityProductName"], + display_names_filter: Optional[List[str]] = None, + display_names_exclude_filter: Optional[List[str]] = None, + severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, + **kwargs: Any + ) -> None: + """ + :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. + :paramtype display_names_filter: list[str] + :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :paramtype display_names_exclude_filter: list[str] + :keyword product_filter: The alerts' productName on which the cases will be generated. + Required. Known values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure + Advanced Threat Protection", "Azure Active Directory Identity Protection", "Azure Security + Center for IoT", "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced + Threat Protection". + :paramtype product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :keyword severities_filter: the alerts' severities on which the cases will be generated. + :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + """ + super().__init__(**kwargs) + self.display_names_filter = display_names_filter + self.display_names_exclude_filter = display_names_exclude_filter + self.product_filter = product_filter + self.severities_filter = severities_filter + + +class MicrosoftSecurityIncidentCreationAlertRuleProperties(MicrosoftSecurityIncidentCreationAlertRuleCommonProperties): + """MicrosoftSecurityIncidentCreation rule property bag. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. + :vartype display_names_filter: list[str] + :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :vartype display_names_exclude_filter: list[str] + :ivar product_filter: The alerts' productName on which the cases will be generated. Required. + Known values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced + Threat Protection", "Azure Active Directory Identity Protection", "Azure Security Center for + IoT", "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat + Protection". + :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :ivar severities_filter: the alerts' severities on which the cases will be generated. + :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. + :vartype alert_rule_template_name: str + :ivar description: The description of the alert rule. + :vartype description: str + :ivar display_name: The display name for alerts created by this alert rule. Required. + :vartype display_name: str + :ivar enabled: Determines whether this alert rule is enabled or disabled. Required. + :vartype enabled: bool + :ivar last_modified_utc: The last time that this alert has been modified. + :vartype last_modified_utc: ~datetime.datetime + """ + + _validation = { + "product_filter": {"required": True}, + "display_name": {"required": True}, + "enabled": {"required": True}, + "last_modified_utc": {"readonly": True}, + } + + _attribute_map = { + "display_names_filter": {"key": "displayNamesFilter", "type": "[str]"}, + "display_names_exclude_filter": {"key": "displayNamesExcludeFilter", "type": "[str]"}, + "product_filter": {"key": "productFilter", "type": "str"}, + "severities_filter": {"key": "severitiesFilter", "type": "[str]"}, + "alert_rule_template_name": {"key": "alertRuleTemplateName", "type": "str"}, + "description": {"key": "description", "type": "str"}, + "display_name": {"key": "displayName", "type": "str"}, + "enabled": {"key": "enabled", "type": "bool"}, + "last_modified_utc": {"key": "lastModifiedUtc", "type": "iso-8601"}, + } + + def __init__( + self, + *, + product_filter: Union[str, "_models.MicrosoftSecurityProductName"], + display_name: str, + enabled: bool, + display_names_filter: Optional[List[str]] = None, + display_names_exclude_filter: Optional[List[str]] = None, + severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, + alert_rule_template_name: Optional[str] = None, + description: Optional[str] = None, + **kwargs: Any + ) -> None: + """ + :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. + :paramtype display_names_filter: list[str] + :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :paramtype display_names_exclude_filter: list[str] + :keyword product_filter: The alerts' productName on which the cases will be generated. + Required. Known values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure + Advanced Threat Protection", "Azure Active Directory Identity Protection", "Azure Security + Center for IoT", "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced + Threat Protection". + :paramtype product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :keyword severities_filter: the alerts' severities on which the cases will be generated. + :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] + :keyword alert_rule_template_name: The Name of the alert rule template used to create this + rule. + :paramtype alert_rule_template_name: str + :keyword description: The description of the alert rule. + :paramtype description: str + :keyword display_name: The display name for alerts created by this alert rule. Required. + :paramtype display_name: str + :keyword enabled: Determines whether this alert rule is enabled or disabled. Required. + :paramtype enabled: bool + """ + super().__init__( + display_names_filter=display_names_filter, + display_names_exclude_filter=display_names_exclude_filter, + product_filter=product_filter, + severities_filter=severities_filter, + **kwargs + ) + self.alert_rule_template_name = alert_rule_template_name + self.description = description + self.display_name = display_name + self.enabled = enabled + self.last_modified_utc = None + + +class MicrosoftSecurityIncidentCreationAlertRuleTemplate( + AlertRuleTemplate +): # pylint: disable=too-many-instance-attributes + """Represents MicrosoftSecurityIncidentCreation rule template. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", + "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and + "NRT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind + :ivar alert_rules_created_by_template_count: the number of alert rules that were created by + this template. + :vartype alert_rules_created_by_template_count: int + :ivar last_updated_date_utc: The last time that this alert rule template has been updated. + :vartype last_updated_date_utc: ~datetime.datetime + :ivar created_date_utc: The time that this alert rule template has been added. + :vartype created_date_utc: ~datetime.datetime + :ivar description: The description of the alert rule template. + :vartype description: str + :ivar display_name: The display name for alert rule template. + :vartype display_name: str + :ivar required_data_connectors: The required data sources for this template. + :vartype required_data_connectors: + list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] + :ivar status: The alert rule template status. Known values are: "Installed", "Available", and + "NotAvailable". + :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. + :vartype display_names_filter: list[str] + :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :vartype display_names_exclude_filter: list[str] + :ivar product_filter: The alerts' productName on which the cases will be generated. Known + values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat + Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", + "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". + :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :ivar severities_filter: the alerts' severities on which the cases will be generated. + :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] """ _validation = { @@ -14853,9 +15712,10 @@ class MLBehaviorAnalyticsAlertRuleTemplate(AlertRuleTemplate): # pylint: disabl "type": "[AlertRuleTemplateDataSource]", }, "status": {"key": "properties.status", "type": "str"}, - "tactics": {"key": "properties.tactics", "type": "[str]"}, - "techniques": {"key": "properties.techniques", "type": "[str]"}, - "severity": {"key": "properties.severity", "type": "str"}, + "display_names_filter": {"key": "properties.displayNamesFilter", "type": "[str]"}, + "display_names_exclude_filter": {"key": "properties.displayNamesExcludeFilter", "type": "[str]"}, + "product_filter": {"key": "properties.productFilter", "type": "str"}, + "severities_filter": {"key": "properties.severitiesFilter", "type": "[str]"}, } def __init__( @@ -14866,11 +15726,12 @@ def __init__( display_name: Optional[str] = None, required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, status: Optional[Union[str, "_models.TemplateStatus"]] = None, - tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, - techniques: Optional[List[str]] = None, - severity: Optional[Union[str, "_models.AlertSeverity"]] = None, - **kwargs - ): + display_names_filter: Optional[List[str]] = None, + display_names_exclude_filter: Optional[List[str]] = None, + product_filter: Optional[Union[str, "_models.MicrosoftSecurityProductName"]] = None, + severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, + **kwargs: Any + ) -> None: """ :keyword alert_rules_created_by_template_count: the number of alert rules that were created by this template. @@ -14885,16 +15746,22 @@ def __init__( :keyword status: The alert rule template status. Known values are: "Installed", "Available", and "NotAvailable". :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :keyword tactics: The tactics of the alert rule. - :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :keyword techniques: The techniques of the alert rule. - :paramtype techniques: list[str] - :keyword severity: The severity for alerts created by this alert rule. Known values are: - "High", "Medium", "Low", and "Informational". - :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. + :paramtype display_names_filter: list[str] + :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :paramtype display_names_exclude_filter: list[str] + :keyword product_filter: The alerts' productName on which the cases will be generated. Known + values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat + Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", + "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". + :paramtype product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :keyword severities_filter: the alerts' severities on which the cases will be generated. + :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] """ super().__init__(**kwargs) - self.kind: str = "MLBehaviorAnalytics" + self.kind: str = "MicrosoftSecurityIncidentCreation" self.alert_rules_created_by_template_count = alert_rules_created_by_template_count self.last_updated_date_utc = None self.created_date_utc = None @@ -14902,18 +15769,19 @@ def __init__( self.display_name = display_name self.required_data_connectors = required_data_connectors self.status = status - self.tactics = tactics - self.techniques = techniques - self.severity = severity + self.display_names_filter = display_names_filter + self.display_names_exclude_filter = display_names_exclude_filter + self.product_filter = product_filter + self.severities_filter = severities_filter -class MLBehaviorAnalyticsAlertRuleTemplateProperties(AlertRuleTemplateWithMitreProperties): - """MLBehaviorAnalytics alert rule template properties. +class MicrosoftSecurityIncidentCreationAlertRuleTemplateProperties( + AlertRuleTemplatePropertiesBase +): # pylint: disable=too-many-instance-attributes + """MicrosoftSecurityIncidentCreation rule template properties. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - :ivar alert_rules_created_by_template_count: the number of alert rules that were created by this template. :vartype alert_rules_created_by_template_count: int @@ -14931,19 +15799,23 @@ class MLBehaviorAnalyticsAlertRuleTemplateProperties(AlertRuleTemplateWithMitreP :ivar status: The alert rule template status. Known values are: "Installed", "Available", and "NotAvailable". :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :ivar tactics: The tactics of the alert rule. - :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :ivar techniques: The techniques of the alert rule. - :vartype techniques: list[str] - :ivar severity: The severity for alerts created by this alert rule. Required. Known values are: - "High", "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar display_names_filter: the alerts' displayNames on which the cases will be generated. + :vartype display_names_filter: list[str] + :ivar display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :vartype display_names_exclude_filter: list[str] + :ivar product_filter: The alerts' productName on which the cases will be generated. Known + values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat + Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", + "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". + :vartype product_filter: str or ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :ivar severities_filter: the alerts' severities on which the cases will be generated. + :vartype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] """ _validation = { "last_updated_date_utc": {"readonly": True}, "created_date_utc": {"readonly": True}, - "severity": {"required": True}, } _attribute_map = { @@ -14954,24 +15826,26 @@ class MLBehaviorAnalyticsAlertRuleTemplateProperties(AlertRuleTemplateWithMitreP "display_name": {"key": "displayName", "type": "str"}, "required_data_connectors": {"key": "requiredDataConnectors", "type": "[AlertRuleTemplateDataSource]"}, "status": {"key": "status", "type": "str"}, - "tactics": {"key": "tactics", "type": "[str]"}, - "techniques": {"key": "techniques", "type": "[str]"}, - "severity": {"key": "severity", "type": "str"}, + "display_names_filter": {"key": "displayNamesFilter", "type": "[str]"}, + "display_names_exclude_filter": {"key": "displayNamesExcludeFilter", "type": "[str]"}, + "product_filter": {"key": "productFilter", "type": "str"}, + "severities_filter": {"key": "severitiesFilter", "type": "[str]"}, } def __init__( self, *, - severity: Union[str, "_models.AlertSeverity"], alert_rules_created_by_template_count: Optional[int] = None, description: Optional[str] = None, display_name: Optional[str] = None, required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, status: Optional[Union[str, "_models.TemplateStatus"]] = None, - tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, - techniques: Optional[List[str]] = None, - **kwargs - ): + display_names_filter: Optional[List[str]] = None, + display_names_exclude_filter: Optional[List[str]] = None, + product_filter: Optional[Union[str, "_models.MicrosoftSecurityProductName"]] = None, + severities_filter: Optional[List[Union[str, "_models.AlertSeverity"]]] = None, + **kwargs: Any + ) -> None: """ :keyword alert_rules_created_by_template_count: the number of alert rules that were created by this template. @@ -14986,13 +15860,19 @@ def __init__( :keyword status: The alert rule template status. Known values are: "Installed", "Available", and "NotAvailable". :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :keyword tactics: The tactics of the alert rule. - :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :keyword techniques: The techniques of the alert rule. - :paramtype techniques: list[str] - :keyword severity: The severity for alerts created by this alert rule. Required. Known values - are: "High", "Medium", "Low", and "Informational". - :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :keyword display_names_filter: the alerts' displayNames on which the cases will be generated. + :paramtype display_names_filter: list[str] + :keyword display_names_exclude_filter: the alerts' displayNames on which the cases will not be + generated. + :paramtype display_names_exclude_filter: list[str] + :keyword product_filter: The alerts' productName on which the cases will be generated. Known + values are: "Microsoft Cloud App Security", "Azure Security Center", "Azure Advanced Threat + Protection", "Azure Active Directory Identity Protection", "Azure Security Center for IoT", + "Office 365 Advanced Threat Protection", and "Microsoft Defender Advanced Threat Protection". + :paramtype product_filter: str or + ~azure.mgmt.securityinsight.models.MicrosoftSecurityProductName + :keyword severities_filter: the alerts' severities on which the cases will be generated. + :paramtype severities_filter: list[str or ~azure.mgmt.securityinsight.models.AlertSeverity] """ super().__init__( alert_rules_created_by_template_count=alert_rules_created_by_template_count, @@ -15000,76 +15880,16 @@ def __init__( display_name=display_name, required_data_connectors=required_data_connectors, status=status, - tactics=tactics, - techniques=techniques, **kwargs ) - self.severity = severity - - -class MSTICheckRequirements(DataConnectorsCheckRequirements): - """Represents Microsoft Threat Intelligence requirements check request. - - All required parameters must be populated in order to send to Azure. - - :ivar kind: Describes the kind of connector to be checked. Required. Known values are: - "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", - "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. - :vartype tenant_id: str - """ - - _validation = { - "kind": {"required": True}, - } - - _attribute_map = { - "kind": {"key": "kind", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, - } - - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): - """ - :keyword tenant_id: The tenant id to connect to, and get the data from. - :paramtype tenant_id: str - """ - super().__init__(**kwargs) - self.kind: str = "MicrosoftThreatIntelligence" - self.tenant_id = tenant_id - - -class MSTICheckRequirementsProperties(DataConnectorTenantId): - """Microsoft Threat Intelligence requirements check properties. - - All required parameters must be populated in order to send to Azure. - - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. - :vartype tenant_id: str - """ - - _validation = { - "tenant_id": {"required": True}, - } - - _attribute_map = { - "tenant_id": {"key": "tenantId", "type": "str"}, - } - - def __init__(self, *, tenant_id: str, **kwargs): - """ - :keyword tenant_id: The tenant id to connect to, and get the data from. Required. - :paramtype tenant_id: str - """ - super().__init__(tenant_id=tenant_id, **kwargs) + self.display_names_filter = display_names_filter + self.display_names_exclude_filter = display_names_exclude_filter + self.product_filter = product_filter + self.severities_filter = severities_filter -class MSTIDataConnector(DataConnector): - """Represents Microsoft Threat Intelligence data connector. +class MLBehaviorAnalyticsAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes + """Represents MLBehaviorAnalytics alert rule. Variables are only populated by the server, and will be ignored when sending a request. @@ -15088,18 +15908,27 @@ class MSTIDataConnector(DataConnector): :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData :ivar etag: Etag of the azure resource. :vartype etag: str - :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", - "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", - "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. - :vartype tenant_id: str - :ivar data_types: The available data types for the connector. - :vartype data_types: ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypes + :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", + "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and + "NRT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind + :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. + :vartype alert_rule_template_name: str + :ivar description: The description of the alert rule. + :vartype description: str + :ivar display_name: The display name for alerts created by this alert rule. + :vartype display_name: str + :ivar enabled: Determines whether this alert rule is enabled or disabled. + :vartype enabled: bool + :ivar last_modified_utc: The last time that this alert rule has been modified. + :vartype last_modified_utc: ~datetime.datetime + :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", + "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar tactics: The tactics of the alert rule. + :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :ivar techniques: The techniques of the alert rule. + :vartype techniques: list[str] """ _validation = { @@ -15108,6 +15937,12 @@ class MSTIDataConnector(DataConnector): "type": {"readonly": True}, "system_data": {"readonly": True}, "kind": {"required": True}, + "description": {"readonly": True}, + "display_name": {"readonly": True}, + "last_modified_utc": {"readonly": True}, + "severity": {"readonly": True}, + "tactics": {"readonly": True}, + "techniques": {"readonly": True}, } _attribute_map = { @@ -15117,197 +15952,285 @@ class MSTIDataConnector(DataConnector): "system_data": {"key": "systemData", "type": "SystemData"}, "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "data_types": {"key": "properties.dataTypes", "type": "MSTIDataConnectorDataTypes"}, + "alert_rule_template_name": {"key": "properties.alertRuleTemplateName", "type": "str"}, + "description": {"key": "properties.description", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "enabled": {"key": "properties.enabled", "type": "bool"}, + "last_modified_utc": {"key": "properties.lastModifiedUtc", "type": "iso-8601"}, + "severity": {"key": "properties.severity", "type": "str"}, + "tactics": {"key": "properties.tactics", "type": "[str]"}, + "techniques": {"key": "properties.techniques", "type": "[str]"}, } def __init__( self, *, etag: Optional[str] = None, - tenant_id: Optional[str] = None, - data_types: Optional["_models.MSTIDataConnectorDataTypes"] = None, - **kwargs - ): + alert_rule_template_name: Optional[str] = None, + enabled: Optional[bool] = None, + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str - :keyword tenant_id: The tenant id to connect to, and get the data from. - :paramtype tenant_id: str - :keyword data_types: The available data types for the connector. - :paramtype data_types: ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypes + :keyword alert_rule_template_name: The Name of the alert rule template used to create this + rule. + :paramtype alert_rule_template_name: str + :keyword enabled: Determines whether this alert rule is enabled or disabled. + :paramtype enabled: bool """ super().__init__(etag=etag, **kwargs) - self.kind: str = "MicrosoftThreatIntelligence" - self.tenant_id = tenant_id - self.data_types = data_types + self.kind: str = "MLBehaviorAnalytics" + self.alert_rule_template_name = alert_rule_template_name + self.description = None + self.display_name = None + self.enabled = enabled + self.last_modified_utc = None + self.severity = None + self.tactics = None + self.techniques = None -class MSTIDataConnectorDataTypes(_serialization.Model): - """The available data types for Microsoft Threat Intelligence Platforms data connector. +class MLBehaviorAnalyticsAlertRuleTemplate(AlertRuleTemplate): # pylint: disable=too-many-instance-attributes + """Represents MLBehaviorAnalytics alert rule template. + + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar bing_safety_phishing_url: Data type for Microsoft Threat Intelligence Platforms data - connector. Required. - :vartype bing_safety_phishing_url: - ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypesBingSafetyPhishingURL - :ivar microsoft_emerging_threat_feed: Data type for Microsoft Threat Intelligence Platforms - data connector. Required. - :vartype microsoft_emerging_threat_feed: - ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", + "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and + "NRT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind + :ivar alert_rules_created_by_template_count: the number of alert rules that were created by + this template. + :vartype alert_rules_created_by_template_count: int + :ivar last_updated_date_utc: The last time that this alert rule template has been updated. + :vartype last_updated_date_utc: ~datetime.datetime + :ivar created_date_utc: The time that this alert rule template has been added. + :vartype created_date_utc: ~datetime.datetime + :ivar description: The description of the alert rule template. + :vartype description: str + :ivar display_name: The display name for alert rule template. + :vartype display_name: str + :ivar required_data_connectors: The required data sources for this template. + :vartype required_data_connectors: + list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] + :ivar status: The alert rule template status. Known values are: "Installed", "Available", and + "NotAvailable". + :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :ivar tactics: The tactics of the alert rule. + :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :ivar techniques: The techniques of the alert rule. + :vartype techniques: list[str] + :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", + "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity """ _validation = { - "bing_safety_phishing_url": {"required": True}, - "microsoft_emerging_threat_feed": {"required": True}, + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, + "last_updated_date_utc": {"readonly": True}, + "created_date_utc": {"readonly": True}, } _attribute_map = { - "bing_safety_phishing_url": { - "key": "bingSafetyPhishingURL", - "type": "MSTIDataConnectorDataTypesBingSafetyPhishingURL", - }, - "microsoft_emerging_threat_feed": { - "key": "microsoftEmergingThreatFeed", - "type": "MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed", + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "kind": {"key": "kind", "type": "str"}, + "alert_rules_created_by_template_count": {"key": "properties.alertRulesCreatedByTemplateCount", "type": "int"}, + "last_updated_date_utc": {"key": "properties.lastUpdatedDateUTC", "type": "iso-8601"}, + "created_date_utc": {"key": "properties.createdDateUTC", "type": "iso-8601"}, + "description": {"key": "properties.description", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "required_data_connectors": { + "key": "properties.requiredDataConnectors", + "type": "[AlertRuleTemplateDataSource]", }, + "status": {"key": "properties.status", "type": "str"}, + "tactics": {"key": "properties.tactics", "type": "[str]"}, + "techniques": {"key": "properties.techniques", "type": "[str]"}, + "severity": {"key": "properties.severity", "type": "str"}, } def __init__( self, *, - bing_safety_phishing_url: "_models.MSTIDataConnectorDataTypesBingSafetyPhishingURL", - microsoft_emerging_threat_feed: "_models.MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed", - **kwargs - ): + alert_rules_created_by_template_count: Optional[int] = None, + description: Optional[str] = None, + display_name: Optional[str] = None, + required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, + status: Optional[Union[str, "_models.TemplateStatus"]] = None, + tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, + techniques: Optional[List[str]] = None, + severity: Optional[Union[str, "_models.AlertSeverity"]] = None, + **kwargs: Any + ) -> None: """ - :keyword bing_safety_phishing_url: Data type for Microsoft Threat Intelligence Platforms data - connector. Required. - :paramtype bing_safety_phishing_url: - ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypesBingSafetyPhishingURL - :keyword microsoft_emerging_threat_feed: Data type for Microsoft Threat Intelligence Platforms - data connector. Required. - :paramtype microsoft_emerging_threat_feed: - ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed + :keyword alert_rules_created_by_template_count: the number of alert rules that were created by + this template. + :paramtype alert_rules_created_by_template_count: int + :keyword description: The description of the alert rule template. + :paramtype description: str + :keyword display_name: The display name for alert rule template. + :paramtype display_name: str + :keyword required_data_connectors: The required data sources for this template. + :paramtype required_data_connectors: + list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] + :keyword status: The alert rule template status. Known values are: "Installed", "Available", + and "NotAvailable". + :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :keyword tactics: The tactics of the alert rule. + :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :keyword techniques: The techniques of the alert rule. + :paramtype techniques: list[str] + :keyword severity: The severity for alerts created by this alert rule. Known values are: + "High", "Medium", "Low", and "Informational". + :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity """ super().__init__(**kwargs) - self.bing_safety_phishing_url = bing_safety_phishing_url - self.microsoft_emerging_threat_feed = microsoft_emerging_threat_feed - - -class MSTIDataConnectorDataTypesBingSafetyPhishingURL(DataConnectorDataTypeCommon): - """Data type for Microsoft Threat Intelligence Platforms data connector. - - All required parameters must be populated in order to send to Azure. - - :ivar state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState - :ivar lookback_period: lookback period. Required. - :vartype lookback_period: str - """ - - _validation = { - "state": {"required": True}, - "lookback_period": {"required": True}, - } - - _attribute_map = { - "state": {"key": "state", "type": "str"}, - "lookback_period": {"key": "lookbackPeriod", "type": "str"}, - } - - def __init__(self, *, state: Union[str, "_models.DataTypeState"], lookback_period: str, **kwargs): - """ - :keyword state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState - :keyword lookback_period: lookback period. Required. - :paramtype lookback_period: str - """ - super().__init__(state=state, **kwargs) - self.lookback_period = lookback_period - - -class MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed(DataConnectorDataTypeCommon): - """Data type for Microsoft Threat Intelligence Platforms data connector. - - All required parameters must be populated in order to send to Azure. - - :ivar state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState - :ivar lookback_period: lookback period. Required. - :vartype lookback_period: str - """ - - _validation = { - "state": {"required": True}, - "lookback_period": {"required": True}, - } - - _attribute_map = { - "state": {"key": "state", "type": "str"}, - "lookback_period": {"key": "lookbackPeriod", "type": "str"}, - } + self.kind: str = "MLBehaviorAnalytics" + self.alert_rules_created_by_template_count = alert_rules_created_by_template_count + self.last_updated_date_utc = None + self.created_date_utc = None + self.description = description + self.display_name = display_name + self.required_data_connectors = required_data_connectors + self.status = status + self.tactics = tactics + self.techniques = techniques + self.severity = severity - def __init__(self, *, state: Union[str, "_models.DataTypeState"], lookback_period: str, **kwargs): - """ - :keyword state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState - :keyword lookback_period: lookback period. Required. - :paramtype lookback_period: str - """ - super().__init__(state=state, **kwargs) - self.lookback_period = lookback_period +class MLBehaviorAnalyticsAlertRuleTemplateProperties(AlertRuleTemplateWithMitreProperties): + """MLBehaviorAnalytics alert rule template properties. -class MSTIDataConnectorProperties(DataConnectorTenantId): - """Microsoft Threat Intelligence data connector properties. + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. - :vartype tenant_id: str - :ivar data_types: The available data types for the connector. Required. - :vartype data_types: ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypes + :ivar alert_rules_created_by_template_count: the number of alert rules that were created by + this template. + :vartype alert_rules_created_by_template_count: int + :ivar last_updated_date_utc: The last time that this alert rule template has been updated. + :vartype last_updated_date_utc: ~datetime.datetime + :ivar created_date_utc: The time that this alert rule template has been added. + :vartype created_date_utc: ~datetime.datetime + :ivar description: The description of the alert rule template. + :vartype description: str + :ivar display_name: The display name for alert rule template. + :vartype display_name: str + :ivar required_data_connectors: The required data sources for this template. + :vartype required_data_connectors: + list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] + :ivar status: The alert rule template status. Known values are: "Installed", "Available", and + "NotAvailable". + :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :ivar tactics: The tactics of the alert rule. + :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :ivar techniques: The techniques of the alert rule. + :vartype techniques: list[str] + :ivar severity: The severity for alerts created by this alert rule. Required. Known values are: + "High", "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity """ _validation = { - "tenant_id": {"required": True}, - "data_types": {"required": True}, + "last_updated_date_utc": {"readonly": True}, + "created_date_utc": {"readonly": True}, + "severity": {"required": True}, } _attribute_map = { - "tenant_id": {"key": "tenantId", "type": "str"}, - "data_types": {"key": "dataTypes", "type": "MSTIDataConnectorDataTypes"}, + "alert_rules_created_by_template_count": {"key": "alertRulesCreatedByTemplateCount", "type": "int"}, + "last_updated_date_utc": {"key": "lastUpdatedDateUTC", "type": "iso-8601"}, + "created_date_utc": {"key": "createdDateUTC", "type": "iso-8601"}, + "description": {"key": "description", "type": "str"}, + "display_name": {"key": "displayName", "type": "str"}, + "required_data_connectors": {"key": "requiredDataConnectors", "type": "[AlertRuleTemplateDataSource]"}, + "status": {"key": "status", "type": "str"}, + "tactics": {"key": "tactics", "type": "[str]"}, + "techniques": {"key": "techniques", "type": "[str]"}, + "severity": {"key": "severity", "type": "str"}, } - def __init__(self, *, tenant_id: str, data_types: "_models.MSTIDataConnectorDataTypes", **kwargs): + def __init__( + self, + *, + severity: Union[str, "_models.AlertSeverity"], + alert_rules_created_by_template_count: Optional[int] = None, + description: Optional[str] = None, + display_name: Optional[str] = None, + required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, + status: Optional[Union[str, "_models.TemplateStatus"]] = None, + tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, + techniques: Optional[List[str]] = None, + **kwargs: Any + ) -> None: """ - :keyword tenant_id: The tenant id to connect to, and get the data from. Required. - :paramtype tenant_id: str - :keyword data_types: The available data types for the connector. Required. - :paramtype data_types: ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypes + :keyword alert_rules_created_by_template_count: the number of alert rules that were created by + this template. + :paramtype alert_rules_created_by_template_count: int + :keyword description: The description of the alert rule template. + :paramtype description: str + :keyword display_name: The display name for alert rule template. + :paramtype display_name: str + :keyword required_data_connectors: The required data sources for this template. + :paramtype required_data_connectors: + list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] + :keyword status: The alert rule template status. Known values are: "Installed", "Available", + and "NotAvailable". + :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :keyword tactics: The tactics of the alert rule. + :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :keyword techniques: The techniques of the alert rule. + :paramtype techniques: list[str] + :keyword severity: The severity for alerts created by this alert rule. Required. Known values + are: "High", "Medium", "Low", and "Informational". + :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity """ - super().__init__(tenant_id=tenant_id, **kwargs) - self.data_types = data_types + super().__init__( + alert_rules_created_by_template_count=alert_rules_created_by_template_count, + description=description, + display_name=display_name, + required_data_connectors=required_data_connectors, + status=status, + tactics=tactics, + techniques=techniques, + **kwargs + ) + self.severity = severity -class MtpCheckRequirements(DataConnectorsCheckRequirements): - """Represents MTP (Microsoft Threat Protection) requirements check request. +class MSTICheckRequirements(DataConnectorsCheckRequirements): + """Represents Microsoft Threat Intelligence requirements check request. All required parameters must be populated in order to send to Azure. :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -15322,18 +16245,18 @@ class MtpCheckRequirements(DataConnectorsCheckRequirements): "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str """ super().__init__(**kwargs) - self.kind: str = "MicrosoftThreatProtection" + self.kind: str = "MicrosoftThreatIntelligence" self.tenant_id = tenant_id -class MTPCheckRequirementsProperties(DataConnectorTenantId): - """MTP (Microsoft Threat Protection) requirements check properties. +class MSTICheckRequirementsProperties(DataConnectorTenantId): + """Microsoft Threat Intelligence requirements check properties. All required parameters must be populated in order to send to Azure. @@ -15349,7 +16272,7 @@ class MTPCheckRequirementsProperties(DataConnectorTenantId): "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -15357,8 +16280,8 @@ def __init__(self, *, tenant_id: str, **kwargs): super().__init__(tenant_id=tenant_id, **kwargs) -class MTPDataConnector(DataConnector): - """Represents MTP (Microsoft Threat Protection) data connector. +class MSTIDataConnector(DataConnector): + """Represents Microsoft Threat Intelligence data connector. Variables are only populated by the server, and will be ignored when sending a request. @@ -15380,15 +16303,15 @@ class MTPDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str :ivar data_types: The available data types for the connector. - :vartype data_types: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypes + :vartype data_types: ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypes """ _validation = { @@ -15407,7 +16330,7 @@ class MTPDataConnector(DataConnector): "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "data_types": {"key": "properties.dataTypes", "type": "MTPDataConnectorDataTypes"}, + "data_types": {"key": "properties.dataTypes", "type": "MSTIDataConnectorDataTypes"}, } def __init__( @@ -15415,86 +16338,104 @@ def __init__( *, etag: Optional[str] = None, tenant_id: Optional[str] = None, - data_types: Optional["_models.MTPDataConnectorDataTypes"] = None, - **kwargs - ): + data_types: Optional["_models.MSTIDataConnectorDataTypes"] = None, + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str :keyword data_types: The available data types for the connector. - :paramtype data_types: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypes + :paramtype data_types: ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypes """ super().__init__(etag=etag, **kwargs) - self.kind: str = "MicrosoftThreatProtection" + self.kind: str = "MicrosoftThreatIntelligence" self.tenant_id = tenant_id self.data_types = data_types -class MTPDataConnectorDataTypes(_serialization.Model): - """The available data types for Microsoft Threat Protection Platforms data connector. +class MSTIDataConnectorDataTypes(_serialization.Model): + """The available data types for Microsoft Threat Intelligence Platforms data connector. All required parameters must be populated in order to send to Azure. - :ivar incidents: Data type for Microsoft Threat Protection Platforms data connector. Required. - :vartype incidents: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypesIncidents + :ivar microsoft_emerging_threat_feed: Data type for Microsoft Threat Intelligence Platforms + data connector. Required. + :vartype microsoft_emerging_threat_feed: + ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed """ _validation = { - "incidents": {"required": True}, + "microsoft_emerging_threat_feed": {"required": True}, } _attribute_map = { - "incidents": {"key": "incidents", "type": "MTPDataConnectorDataTypesIncidents"}, + "microsoft_emerging_threat_feed": { + "key": "microsoftEmergingThreatFeed", + "type": "MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed", + }, } - def __init__(self, *, incidents: "_models.MTPDataConnectorDataTypesIncidents", **kwargs): + def __init__( + self, + *, + microsoft_emerging_threat_feed: "_models.MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed", + **kwargs: Any + ) -> None: """ - :keyword incidents: Data type for Microsoft Threat Protection Platforms data connector. - Required. - :paramtype incidents: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypesIncidents + :keyword microsoft_emerging_threat_feed: Data type for Microsoft Threat Intelligence Platforms + data connector. Required. + :paramtype microsoft_emerging_threat_feed: + ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed """ super().__init__(**kwargs) - self.incidents = incidents + self.microsoft_emerging_threat_feed = microsoft_emerging_threat_feed -class MTPDataConnectorDataTypesIncidents(DataConnectorDataTypeCommon): - """Data type for Microsoft Threat Protection Platforms data connector. +class MSTIDataConnectorDataTypesMicrosoftEmergingThreatFeed(DataConnectorDataTypeCommon): + """Data type for Microsoft Threat Intelligence Platforms data connector. All required parameters must be populated in order to send to Azure. :ivar state: Describe whether this data type connection is enabled or not. Required. Known values are: "Enabled" and "Disabled". :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState + :ivar lookback_period: The lookback period for the feed to be imported. Required. + :vartype lookback_period: str """ _validation = { "state": {"required": True}, + "lookback_period": {"required": True}, } _attribute_map = { "state": {"key": "state", "type": "str"}, + "lookback_period": {"key": "lookbackPeriod", "type": "str"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], lookback_period: str, **kwargs: Any) -> None: """ :keyword state: Describe whether this data type connection is enabled or not. Required. Known values are: "Enabled" and "Disabled". :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState + :keyword lookback_period: The lookback period for the feed to be imported. Required. + :paramtype lookback_period: str """ super().__init__(state=state, **kwargs) + self.lookback_period = lookback_period -class MTPDataConnectorProperties(DataConnectorTenantId): - """MTP (Microsoft Threat Protection) data connector properties. +class MSTIDataConnectorProperties(DataConnectorTenantId): + """Microsoft Threat Intelligence data connector properties. All required parameters must be populated in order to send to Azure. :ivar tenant_id: The tenant id to connect to, and get the data from. Required. :vartype tenant_id: str :ivar data_types: The available data types for the connector. Required. - :vartype data_types: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypes + :vartype data_types: ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypes """ _validation = { @@ -15504,139 +16445,83 @@ class MTPDataConnectorProperties(DataConnectorTenantId): _attribute_map = { "tenant_id": {"key": "tenantId", "type": "str"}, - "data_types": {"key": "dataTypes", "type": "MTPDataConnectorDataTypes"}, + "data_types": {"key": "dataTypes", "type": "MSTIDataConnectorDataTypes"}, } - def __init__(self, *, tenant_id: str, data_types: "_models.MTPDataConnectorDataTypes", **kwargs): + def __init__(self, *, tenant_id: str, data_types: "_models.MSTIDataConnectorDataTypes", **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str :keyword data_types: The available data types for the connector. Required. - :paramtype data_types: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypes + :paramtype data_types: ~azure.mgmt.securityinsight.models.MSTIDataConnectorDataTypes """ super().__init__(tenant_id=tenant_id, **kwargs) self.data_types = data_types -class NicEntity(Entity): - """Represents an network interface entity. - - Variables are only populated by the server, and will be ignored when sending a request. +class MtpCheckRequirements(DataConnectorsCheckRequirements): + """Represents MTP (Microsoft Threat Protection) requirements check request. All required parameters must be populated in order to send to Azure. - :ivar id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - :vartype id: str - :ivar name: The name of the resource. - :vartype name: str - :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or - "Microsoft.Storage/storageAccounts". - :vartype type: str - :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy - information. - :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", - "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", - "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", - "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar mac_address: The MAC address of this network interface. - :vartype mac_address: str - :ivar ip_address_entity_id: The IP entity id of this network interface. - :vartype ip_address_entity_id: str - :ivar vlans: A list of VLANs of the network interface entity. - :vartype vlans: list[str] + :ivar kind: Describes the kind of connector to be checked. Required. Known values are: + "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", + "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str """ _validation = { - "id": {"readonly": True}, - "name": {"readonly": True}, - "type": {"readonly": True}, - "system_data": {"readonly": True}, "kind": {"required": True}, - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "mac_address": {"readonly": True}, - "ip_address_entity_id": {"readonly": True}, - "vlans": {"readonly": True}, } _attribute_map = { - "id": {"key": "id", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "type": {"key": "type", "type": "str"}, - "system_data": {"key": "systemData", "type": "SystemData"}, "kind": {"key": "kind", "type": "str"}, - "additional_data": {"key": "properties.additionalData", "type": "{object}"}, - "friendly_name": {"key": "properties.friendlyName", "type": "str"}, - "mac_address": {"key": "properties.macAddress", "type": "str"}, - "ip_address_entity_id": {"key": "properties.ipAddressEntityId", "type": "str"}, - "vlans": {"key": "properties.vlans", "type": "[str]"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, **kwargs): - """ """ + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: + """ + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str + """ super().__init__(**kwargs) - self.kind: str = "Nic" - self.additional_data = None - self.friendly_name = None - self.mac_address = None - self.ip_address_entity_id = None - self.vlans = None + self.kind: str = "MicrosoftThreatProtection" + self.tenant_id = tenant_id -class NicEntityProperties(EntityCommonProperties): - """Nic entity property bag. +class MTPCheckRequirementsProperties(DataConnectorTenantId): + """MTP (Microsoft Threat Protection) requirements check properties. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar mac_address: The MAC address of this network interface. - :vartype mac_address: str - :ivar ip_address_entity_id: The IP entity id of this network interface. - :vartype ip_address_entity_id: str - :ivar vlans: A list of VLANs of the network interface entity. - :vartype vlans: list[str] + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str """ _validation = { - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "mac_address": {"readonly": True}, - "ip_address_entity_id": {"readonly": True}, - "vlans": {"readonly": True}, + "tenant_id": {"required": True}, } _attribute_map = { - "additional_data": {"key": "additionalData", "type": "{object}"}, - "friendly_name": {"key": "friendlyName", "type": "str"}, - "mac_address": {"key": "macAddress", "type": "str"}, - "ip_address_entity_id": {"key": "ipAddressEntityId", "type": "str"}, - "vlans": {"key": "vlans", "type": "[str]"}, + "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, **kwargs): - """ """ - super().__init__(**kwargs) - self.mac_address = None - self.ip_address_entity_id = None - self.vlans = None + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: + """ + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str + """ + super().__init__(tenant_id=tenant_id, **kwargs) -class NrtAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes - """Represents NRT alert rule. +class MTPDataConnector(DataConnector): + """Represents MTP (Microsoft Threat Protection) data connector. Variables are only populated by the server, and will be ignored when sending a request. @@ -15655,53 +16540,20 @@ class NrtAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData :ivar etag: Etag of the azure resource. :vartype etag: str - :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", - "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and - "NRT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind - :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. - :vartype alert_rule_template_name: str - :ivar template_version: The version of the alert rule template used to create this rule - in - format , where all are numbers, for example 0 <1.0.2>. - :vartype template_version: str - :ivar description: The description of the alert rule. - :vartype description: str - :ivar query: The query that creates alerts for this rule. - :vartype query: str - :ivar tactics: The tactics of the alert rule. - :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :ivar techniques: The techniques of the alert rule. - :vartype techniques: list[str] - :ivar display_name: The display name for alerts created by this alert rule. - :vartype display_name: str - :ivar enabled: Determines whether this alert rule is enabled or disabled. - :vartype enabled: bool - :ivar last_modified_utc: The last time that this alert rule has been modified. - :vartype last_modified_utc: ~datetime.datetime - :ivar suppression_duration: The suppression (in ISO 8601 duration format) to wait since last - time this alert rule been triggered. - :vartype suppression_duration: ~datetime.timedelta - :ivar suppression_enabled: Determines whether the suppression for this alert rule is enabled or - disabled. - :vartype suppression_enabled: bool - :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", - "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :ivar incident_configuration: The settings of the incidents that created from alerts triggered - by this analytics rule. - :vartype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration - :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :vartype custom_details: dict[str, str] - :ivar entity_mappings: Array of the entity mappings of the alert rule. - :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :ivar alert_details_override: The alert details override settings. - :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :ivar event_grouping_settings: The event grouping settings. - :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :vartype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", + "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", + "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str + :ivar data_types: The available data types for the connector. + :vartype data_types: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypes + :ivar filtered_providers: The available filtered providers for the connector. + :vartype filtered_providers: ~azure.mgmt.securityinsight.models.MtpFilteredProviders """ _validation = { @@ -15710,7 +16562,6 @@ class NrtAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes "type": {"readonly": True}, "system_data": {"readonly": True}, "kind": {"required": True}, - "last_modified_utc": {"readonly": True}, } _attribute_map = { @@ -15720,669 +16571,208 @@ class NrtAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes "system_data": {"key": "systemData", "type": "SystemData"}, "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, - "alert_rule_template_name": {"key": "properties.alertRuleTemplateName", "type": "str"}, - "template_version": {"key": "properties.templateVersion", "type": "str"}, - "description": {"key": "properties.description", "type": "str"}, - "query": {"key": "properties.query", "type": "str"}, - "tactics": {"key": "properties.tactics", "type": "[str]"}, - "techniques": {"key": "properties.techniques", "type": "[str]"}, - "display_name": {"key": "properties.displayName", "type": "str"}, - "enabled": {"key": "properties.enabled", "type": "bool"}, - "last_modified_utc": {"key": "properties.lastModifiedUtc", "type": "iso-8601"}, - "suppression_duration": {"key": "properties.suppressionDuration", "type": "duration"}, - "suppression_enabled": {"key": "properties.suppressionEnabled", "type": "bool"}, - "severity": {"key": "properties.severity", "type": "str"}, - "incident_configuration": {"key": "properties.incidentConfiguration", "type": "IncidentConfiguration"}, - "custom_details": {"key": "properties.customDetails", "type": "{str}"}, - "entity_mappings": {"key": "properties.entityMappings", "type": "[EntityMapping]"}, - "alert_details_override": {"key": "properties.alertDetailsOverride", "type": "AlertDetailsOverride"}, - "event_grouping_settings": {"key": "properties.eventGroupingSettings", "type": "EventGroupingSettings"}, - "sentinel_entities_mappings": {"key": "properties.sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "data_types": {"key": "properties.dataTypes", "type": "MTPDataConnectorDataTypes"}, + "filtered_providers": {"key": "properties.filteredProviders", "type": "MtpFilteredProviders"}, } - def __init__( # pylint: disable=too-many-locals + def __init__( self, *, etag: Optional[str] = None, - alert_rule_template_name: Optional[str] = None, - template_version: Optional[str] = None, - description: Optional[str] = None, - query: Optional[str] = None, - tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, - techniques: Optional[List[str]] = None, - display_name: Optional[str] = None, - enabled: Optional[bool] = None, - suppression_duration: Optional[datetime.timedelta] = None, - suppression_enabled: Optional[bool] = None, - severity: Optional[Union[str, "_models.AlertSeverity"]] = None, - incident_configuration: Optional["_models.IncidentConfiguration"] = None, - custom_details: Optional[Dict[str, str]] = None, - entity_mappings: Optional[List["_models.EntityMapping"]] = None, - alert_details_override: Optional["_models.AlertDetailsOverride"] = None, - event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, - sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, - **kwargs - ): + tenant_id: Optional[str] = None, + data_types: Optional["_models.MTPDataConnectorDataTypes"] = None, + filtered_providers: Optional["_models.MtpFilteredProviders"] = None, + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str - :keyword alert_rule_template_name: The Name of the alert rule template used to create this - rule. - :paramtype alert_rule_template_name: str - :keyword template_version: The version of the alert rule template used to create this rule - in - format , where all are numbers, for example 0 <1.0.2>. - :paramtype template_version: str - :keyword description: The description of the alert rule. - :paramtype description: str - :keyword query: The query that creates alerts for this rule. - :paramtype query: str - :keyword tactics: The tactics of the alert rule. - :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :keyword techniques: The techniques of the alert rule. - :paramtype techniques: list[str] - :keyword display_name: The display name for alerts created by this alert rule. - :paramtype display_name: str - :keyword enabled: Determines whether this alert rule is enabled or disabled. - :paramtype enabled: bool - :keyword suppression_duration: The suppression (in ISO 8601 duration format) to wait since last - time this alert rule been triggered. - :paramtype suppression_duration: ~datetime.timedelta - :keyword suppression_enabled: Determines whether the suppression for this alert rule is enabled - or disabled. - :paramtype suppression_enabled: bool - :keyword severity: The severity for alerts created by this alert rule. Known values are: - "High", "Medium", "Low", and "Informational". - :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :keyword incident_configuration: The settings of the incidents that created from alerts - triggered by this analytics rule. - :paramtype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration - :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :paramtype custom_details: dict[str, str] - :keyword entity_mappings: Array of the entity mappings of the alert rule. - :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :keyword alert_details_override: The alert details override settings. - :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :keyword event_grouping_settings: The event grouping settings. - :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :paramtype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str + :keyword data_types: The available data types for the connector. + :paramtype data_types: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypes + :keyword filtered_providers: The available filtered providers for the connector. + :paramtype filtered_providers: ~azure.mgmt.securityinsight.models.MtpFilteredProviders """ super().__init__(etag=etag, **kwargs) - self.kind: str = "NRT" - self.alert_rule_template_name = alert_rule_template_name - self.template_version = template_version - self.description = description - self.query = query - self.tactics = tactics - self.techniques = techniques - self.display_name = display_name - self.enabled = enabled - self.last_modified_utc = None - self.suppression_duration = suppression_duration - self.suppression_enabled = suppression_enabled - self.severity = severity - self.incident_configuration = incident_configuration - self.custom_details = custom_details - self.entity_mappings = entity_mappings - self.alert_details_override = alert_details_override - self.event_grouping_settings = event_grouping_settings - self.sentinel_entities_mappings = sentinel_entities_mappings - + self.kind: str = "MicrosoftThreatProtection" + self.tenant_id = tenant_id + self.data_types = data_types + self.filtered_providers = filtered_providers -class NrtAlertRuleTemplate(AlertRuleTemplate): # pylint: disable=too-many-instance-attributes - """Represents NRT alert rule template. - Variables are only populated by the server, and will be ignored when sending a request. +class MTPDataConnectorDataTypes(_serialization.Model): + """The available data types for Microsoft Threat Protection Platforms data connector. All required parameters must be populated in order to send to Azure. - :ivar id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - :vartype id: str - :ivar name: The name of the resource. - :vartype name: str - :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or - "Microsoft.Storage/storageAccounts". - :vartype type: str - :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy - information. - :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", - "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and - "NRT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind - :ivar alert_rules_created_by_template_count: the number of alert rules that were created by - this template. - :vartype alert_rules_created_by_template_count: int - :ivar last_updated_date_utc: The last time that this alert rule template has been updated. - :vartype last_updated_date_utc: ~datetime.datetime - :ivar created_date_utc: The time that this alert rule template has been added. - :vartype created_date_utc: ~datetime.datetime - :ivar description: The description of the alert rule template. - :vartype description: str - :ivar display_name: The display name for alert rule template. - :vartype display_name: str - :ivar required_data_connectors: The required data sources for this template. - :vartype required_data_connectors: - list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] - :ivar status: The alert rule template status. Known values are: "Installed", "Available", and - "NotAvailable". - :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :ivar tactics: The tactics of the alert rule. - :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :ivar techniques: The techniques of the alert rule. - :vartype techniques: list[str] - :ivar query: The query that creates alerts for this rule. - :vartype query: str - :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", - "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :ivar version: The version of this template - in format , where all are numbers. For - example <1.0.2>. - :vartype version: str - :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :vartype custom_details: dict[str, str] - :ivar entity_mappings: Array of the entity mappings of the alert rule. - :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :ivar alert_details_override: The alert details override settings. - :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :ivar event_grouping_settings: The event grouping settings. - :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :vartype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :ivar incidents: Incidents data type for Microsoft Threat Protection Platforms data connector. + Required. + :vartype incidents: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypesIncidents + :ivar alerts: Alerts data type for Microsoft Threat Protection Platforms data connector. + :vartype alerts: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypesAlerts """ _validation = { - "id": {"readonly": True}, - "name": {"readonly": True}, - "type": {"readonly": True}, - "system_data": {"readonly": True}, - "kind": {"required": True}, - "last_updated_date_utc": {"readonly": True}, - "created_date_utc": {"readonly": True}, + "incidents": {"required": True}, } _attribute_map = { - "id": {"key": "id", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "type": {"key": "type", "type": "str"}, - "system_data": {"key": "systemData", "type": "SystemData"}, - "kind": {"key": "kind", "type": "str"}, - "alert_rules_created_by_template_count": {"key": "properties.alertRulesCreatedByTemplateCount", "type": "int"}, - "last_updated_date_utc": {"key": "properties.lastUpdatedDateUTC", "type": "iso-8601"}, - "created_date_utc": {"key": "properties.createdDateUTC", "type": "iso-8601"}, - "description": {"key": "properties.description", "type": "str"}, - "display_name": {"key": "properties.displayName", "type": "str"}, - "required_data_connectors": { - "key": "properties.requiredDataConnectors", - "type": "[AlertRuleTemplateDataSource]", - }, - "status": {"key": "properties.status", "type": "str"}, - "tactics": {"key": "properties.tactics", "type": "[str]"}, - "techniques": {"key": "properties.techniques", "type": "[str]"}, - "query": {"key": "properties.query", "type": "str"}, - "severity": {"key": "properties.severity", "type": "str"}, - "version": {"key": "properties.version", "type": "str"}, - "custom_details": {"key": "properties.customDetails", "type": "{str}"}, - "entity_mappings": {"key": "properties.entityMappings", "type": "[EntityMapping]"}, - "alert_details_override": {"key": "properties.alertDetailsOverride", "type": "AlertDetailsOverride"}, - "event_grouping_settings": {"key": "properties.eventGroupingSettings", "type": "EventGroupingSettings"}, - "sentinel_entities_mappings": {"key": "properties.sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, + "incidents": {"key": "incidents", "type": "MTPDataConnectorDataTypesIncidents"}, + "alerts": {"key": "alerts", "type": "MTPDataConnectorDataTypesAlerts"}, } def __init__( self, *, - alert_rules_created_by_template_count: Optional[int] = None, - description: Optional[str] = None, - display_name: Optional[str] = None, - required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, - status: Optional[Union[str, "_models.TemplateStatus"]] = None, - tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, - techniques: Optional[List[str]] = None, - query: Optional[str] = None, - severity: Optional[Union[str, "_models.AlertSeverity"]] = None, - version: Optional[str] = None, - custom_details: Optional[Dict[str, str]] = None, - entity_mappings: Optional[List["_models.EntityMapping"]] = None, - alert_details_override: Optional["_models.AlertDetailsOverride"] = None, - event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, - sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, - **kwargs - ): + incidents: "_models.MTPDataConnectorDataTypesIncidents", + alerts: Optional["_models.MTPDataConnectorDataTypesAlerts"] = None, + **kwargs: Any + ) -> None: """ - :keyword alert_rules_created_by_template_count: the number of alert rules that were created by - this template. - :paramtype alert_rules_created_by_template_count: int - :keyword description: The description of the alert rule template. - :paramtype description: str - :keyword display_name: The display name for alert rule template. - :paramtype display_name: str - :keyword required_data_connectors: The required data sources for this template. - :paramtype required_data_connectors: - list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] - :keyword status: The alert rule template status. Known values are: "Installed", "Available", - and "NotAvailable". - :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :keyword tactics: The tactics of the alert rule. - :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :keyword techniques: The techniques of the alert rule. - :paramtype techniques: list[str] - :keyword query: The query that creates alerts for this rule. - :paramtype query: str - :keyword severity: The severity for alerts created by this alert rule. Known values are: - "High", "Medium", "Low", and "Informational". - :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :keyword version: The version of this template - in format , where all are numbers. For - example <1.0.2>. - :paramtype version: str - :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :paramtype custom_details: dict[str, str] - :keyword entity_mappings: Array of the entity mappings of the alert rule. - :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :keyword alert_details_override: The alert details override settings. - :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :keyword event_grouping_settings: The event grouping settings. - :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :paramtype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :keyword incidents: Incidents data type for Microsoft Threat Protection Platforms data + connector. Required. + :paramtype incidents: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypesIncidents + :keyword alerts: Alerts data type for Microsoft Threat Protection Platforms data connector. + :paramtype alerts: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypesAlerts """ super().__init__(**kwargs) - self.kind: str = "NRT" - self.alert_rules_created_by_template_count = alert_rules_created_by_template_count - self.last_updated_date_utc = None - self.created_date_utc = None - self.description = description - self.display_name = display_name - self.required_data_connectors = required_data_connectors - self.status = status - self.tactics = tactics - self.techniques = techniques - self.query = query - self.severity = severity - self.version = version - self.custom_details = custom_details - self.entity_mappings = entity_mappings - self.alert_details_override = alert_details_override - self.event_grouping_settings = event_grouping_settings - self.sentinel_entities_mappings = sentinel_entities_mappings + self.incidents = incidents + self.alerts = alerts -class QueryBasedAlertRuleTemplateProperties(_serialization.Model): - """Query based alert rule template base property bag. +class MTPDataConnectorDataTypesAlerts(DataConnectorDataTypeCommon): + """Alerts data type for Microsoft Threat Protection Platforms data connector. - :ivar query: The query that creates alerts for this rule. - :vartype query: str - :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", - "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :ivar version: The version of this template - in format , where all are numbers. For - example <1.0.2>. - :vartype version: str - :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :vartype custom_details: dict[str, str] - :ivar entity_mappings: Array of the entity mappings of the alert rule. - :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :ivar alert_details_override: The alert details override settings. - :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :ivar event_grouping_settings: The event grouping settings. - :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :vartype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] - """ - - _attribute_map = { - "query": {"key": "query", "type": "str"}, - "severity": {"key": "severity", "type": "str"}, - "version": {"key": "version", "type": "str"}, - "custom_details": {"key": "customDetails", "type": "{str}"}, - "entity_mappings": {"key": "entityMappings", "type": "[EntityMapping]"}, - "alert_details_override": {"key": "alertDetailsOverride", "type": "AlertDetailsOverride"}, - "event_grouping_settings": {"key": "eventGroupingSettings", "type": "EventGroupingSettings"}, - "sentinel_entities_mappings": {"key": "sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, - } - - def __init__( - self, - *, - query: Optional[str] = None, - severity: Optional[Union[str, "_models.AlertSeverity"]] = None, - version: Optional[str] = None, - custom_details: Optional[Dict[str, str]] = None, - entity_mappings: Optional[List["_models.EntityMapping"]] = None, - alert_details_override: Optional["_models.AlertDetailsOverride"] = None, - event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, - sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, - **kwargs - ): - """ - :keyword query: The query that creates alerts for this rule. - :paramtype query: str - :keyword severity: The severity for alerts created by this alert rule. Known values are: - "High", "Medium", "Low", and "Informational". - :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :keyword version: The version of this template - in format , where all are numbers. For - example <1.0.2>. - :paramtype version: str - :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :paramtype custom_details: dict[str, str] - :keyword entity_mappings: Array of the entity mappings of the alert rule. - :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :keyword alert_details_override: The alert details override settings. - :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :keyword event_grouping_settings: The event grouping settings. - :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :paramtype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] - """ - super().__init__(**kwargs) - self.query = query - self.severity = severity - self.version = version - self.custom_details = custom_details - self.entity_mappings = entity_mappings - self.alert_details_override = alert_details_override - self.event_grouping_settings = event_grouping_settings - self.sentinel_entities_mappings = sentinel_entities_mappings - - -class NrtAlertRuleTemplateProperties( - AlertRuleTemplateWithMitreProperties, QueryBasedAlertRuleTemplateProperties -): # pylint: disable=too-many-instance-attributes - """NRT alert rule template properties. - - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar query: The query that creates alerts for this rule. - :vartype query: str - :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", - "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :ivar version: The version of this template - in format , where all are numbers. For - example <1.0.2>. - :vartype version: str - :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :vartype custom_details: dict[str, str] - :ivar entity_mappings: Array of the entity mappings of the alert rule. - :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :ivar alert_details_override: The alert details override settings. - :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :ivar event_grouping_settings: The event grouping settings. - :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :vartype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] - :ivar alert_rules_created_by_template_count: the number of alert rules that were created by - this template. - :vartype alert_rules_created_by_template_count: int - :ivar last_updated_date_utc: The last time that this alert rule template has been updated. - :vartype last_updated_date_utc: ~datetime.datetime - :ivar created_date_utc: The time that this alert rule template has been added. - :vartype created_date_utc: ~datetime.datetime - :ivar description: The description of the alert rule template. - :vartype description: str - :ivar display_name: The display name for alert rule template. - :vartype display_name: str - :ivar required_data_connectors: The required data sources for this template. - :vartype required_data_connectors: - list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] - :ivar status: The alert rule template status. Known values are: "Installed", "Available", and - "NotAvailable". - :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :ivar tactics: The tactics of the alert rule. - :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :ivar techniques: The techniques of the alert rule. - :vartype techniques: list[str] + :ivar state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ _validation = { - "last_updated_date_utc": {"readonly": True}, - "created_date_utc": {"readonly": True}, + "state": {"required": True}, } _attribute_map = { - "query": {"key": "query", "type": "str"}, - "severity": {"key": "severity", "type": "str"}, - "version": {"key": "version", "type": "str"}, - "custom_details": {"key": "customDetails", "type": "{str}"}, - "entity_mappings": {"key": "entityMappings", "type": "[EntityMapping]"}, - "alert_details_override": {"key": "alertDetailsOverride", "type": "AlertDetailsOverride"}, - "event_grouping_settings": {"key": "eventGroupingSettings", "type": "EventGroupingSettings"}, - "sentinel_entities_mappings": {"key": "sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, - "alert_rules_created_by_template_count": {"key": "alertRulesCreatedByTemplateCount", "type": "int"}, - "last_updated_date_utc": {"key": "lastUpdatedDateUTC", "type": "iso-8601"}, - "created_date_utc": {"key": "createdDateUTC", "type": "iso-8601"}, - "description": {"key": "description", "type": "str"}, - "display_name": {"key": "displayName", "type": "str"}, - "required_data_connectors": {"key": "requiredDataConnectors", "type": "[AlertRuleTemplateDataSource]"}, - "status": {"key": "status", "type": "str"}, - "tactics": {"key": "tactics", "type": "[str]"}, - "techniques": {"key": "techniques", "type": "[str]"}, + "state": {"key": "state", "type": "str"}, } - def __init__( - self, - *, - query: Optional[str] = None, - severity: Optional[Union[str, "_models.AlertSeverity"]] = None, - version: Optional[str] = None, - custom_details: Optional[Dict[str, str]] = None, - entity_mappings: Optional[List["_models.EntityMapping"]] = None, - alert_details_override: Optional["_models.AlertDetailsOverride"] = None, - event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, - sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, - alert_rules_created_by_template_count: Optional[int] = None, - description: Optional[str] = None, - display_name: Optional[str] = None, - required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, - status: Optional[Union[str, "_models.TemplateStatus"]] = None, - tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, - techniques: Optional[List[str]] = None, - **kwargs - ): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ - :keyword query: The query that creates alerts for this rule. - :paramtype query: str - :keyword severity: The severity for alerts created by this alert rule. Known values are: - "High", "Medium", "Low", and "Informational". - :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :keyword version: The version of this template - in format , where all are numbers. For - example <1.0.2>. - :paramtype version: str - :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :paramtype custom_details: dict[str, str] - :keyword entity_mappings: Array of the entity mappings of the alert rule. - :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :keyword alert_details_override: The alert details override settings. - :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :keyword event_grouping_settings: The event grouping settings. - :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :paramtype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] - :keyword alert_rules_created_by_template_count: the number of alert rules that were created by - this template. - :paramtype alert_rules_created_by_template_count: int - :keyword description: The description of the alert rule template. - :paramtype description: str - :keyword display_name: The display name for alert rule template. - :paramtype display_name: str - :keyword required_data_connectors: The required data sources for this template. - :paramtype required_data_connectors: - list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] - :keyword status: The alert rule template status. Known values are: "Installed", "Available", - and "NotAvailable". - :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus - :keyword tactics: The tactics of the alert rule. - :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :keyword techniques: The techniques of the alert rule. - :paramtype techniques: list[str] + :keyword state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ - super().__init__( - alert_rules_created_by_template_count=alert_rules_created_by_template_count, - description=description, - display_name=display_name, - required_data_connectors=required_data_connectors, - status=status, - tactics=tactics, - techniques=techniques, - query=query, - severity=severity, - version=version, - custom_details=custom_details, - entity_mappings=entity_mappings, - alert_details_override=alert_details_override, - event_grouping_settings=event_grouping_settings, - sentinel_entities_mappings=sentinel_entities_mappings, - **kwargs - ) - self.query = query - self.severity = severity - self.version = version - self.custom_details = custom_details - self.entity_mappings = entity_mappings - self.alert_details_override = alert_details_override - self.event_grouping_settings = event_grouping_settings - self.sentinel_entities_mappings = sentinel_entities_mappings - self.alert_rules_created_by_template_count = alert_rules_created_by_template_count - self.last_updated_date_utc = None - self.created_date_utc = None - self.description = description - self.display_name = display_name - self.required_data_connectors = required_data_connectors - self.status = status - self.tactics = tactics - self.techniques = techniques + super().__init__(state=state, **kwargs) -class Office365ProjectCheckRequirements(DataConnectorsCheckRequirements): - """Represents Office365 Project requirements check request. +class MTPDataConnectorDataTypesIncidents(DataConnectorDataTypeCommon): + """Incidents data type for Microsoft Threat Protection Platforms data connector. All required parameters must be populated in order to send to Azure. - :ivar kind: Describes the kind of connector to be checked. Required. Known values are: - "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", - "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. - :vartype tenant_id: str + :ivar state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ _validation = { - "kind": {"required": True}, + "state": {"required": True}, } _attribute_map = { - "kind": {"key": "kind", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "state": {"key": "state", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ - :keyword tenant_id: The tenant id to connect to, and get the data from. - :paramtype tenant_id: str + :keyword state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ - super().__init__(**kwargs) - self.kind: str = "Office365Project" - self.tenant_id = tenant_id + super().__init__(state=state, **kwargs) -class Office365ProjectCheckRequirementsProperties(DataConnectorTenantId): - """Office365 Project requirements check properties. +class MTPDataConnectorProperties(DataConnectorTenantId): + """MTP (Microsoft Threat Protection) data connector properties. All required parameters must be populated in order to send to Azure. :ivar tenant_id: The tenant id to connect to, and get the data from. Required. :vartype tenant_id: str + :ivar data_types: The available data types for the connector. Required. + :vartype data_types: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypes + :ivar filtered_providers: The available filtered providers for the connector. + :vartype filtered_providers: ~azure.mgmt.securityinsight.models.MtpFilteredProviders """ _validation = { "tenant_id": {"required": True}, + "data_types": {"required": True}, } _attribute_map = { "tenant_id": {"key": "tenantId", "type": "str"}, + "data_types": {"key": "dataTypes", "type": "MTPDataConnectorDataTypes"}, + "filtered_providers": {"key": "filteredProviders", "type": "MtpFilteredProviders"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__( + self, + *, + tenant_id: str, + data_types: "_models.MTPDataConnectorDataTypes", + filtered_providers: Optional["_models.MtpFilteredProviders"] = None, + **kwargs: Any + ) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str + :keyword data_types: The available data types for the connector. Required. + :paramtype data_types: ~azure.mgmt.securityinsight.models.MTPDataConnectorDataTypes + :keyword filtered_providers: The available filtered providers for the connector. + :paramtype filtered_providers: ~azure.mgmt.securityinsight.models.MtpFilteredProviders """ super().__init__(tenant_id=tenant_id, **kwargs) + self.data_types = data_types + self.filtered_providers = filtered_providers -class Office365ProjectConnectorDataTypes(_serialization.Model): - """The available data types for Office Microsoft Project data connector. +class MtpFilteredProviders(_serialization.Model): + """Represents the connector's Filtered providers. All required parameters must be populated in order to send to Azure. - :ivar logs: Logs data type. Required. - :vartype logs: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypesLogs + :ivar alerts: Alerts filtered providers. When filters are not applied, all alerts will stream + through the MTP pipeline, still in private preview for all products EXCEPT MDA and MDI, which + are in GA state. Required. + :vartype alerts: list[str or ~azure.mgmt.securityinsight.models.MtpProvider] """ _validation = { - "logs": {"required": True}, + "alerts": {"required": True}, } _attribute_map = { - "logs": {"key": "logs", "type": "Office365ProjectConnectorDataTypesLogs"}, + "alerts": {"key": "alerts", "type": "[str]"}, } - def __init__(self, *, logs: "_models.Office365ProjectConnectorDataTypesLogs", **kwargs): + def __init__(self, *, alerts: List[Union[str, "_models.MtpProvider"]], **kwargs: Any) -> None: """ - :keyword logs: Logs data type. Required. - :paramtype logs: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypesLogs + :keyword alerts: Alerts filtered providers. When filters are not applied, all alerts will + stream through the MTP pipeline, still in private preview for all products EXCEPT MDA and MDI, + which are in GA state. Required. + :paramtype alerts: list[str or ~azure.mgmt.securityinsight.models.MtpProvider] """ super().__init__(**kwargs) - self.logs = logs - - -class Office365ProjectConnectorDataTypesLogs(DataConnectorDataTypeCommon): - """Logs data type. - - All required parameters must be populated in order to send to Azure. - - :ivar state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState - """ - - _validation = { - "state": {"required": True}, - } - - _attribute_map = { - "state": {"key": "state", "type": "str"}, - } - - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): - """ - :keyword state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState - """ - super().__init__(state=state, **kwargs) + self.alerts = alerts -class Office365ProjectDataConnector(DataConnector): - """Represents Office Microsoft Project data connector. +class NicEntity(Entity): + """Represents an network interface entity. Variables are only populated by the server, and will be ignored when sending a request. @@ -16399,20 +16789,23 @@ class Office365ProjectDataConnector(DataConnector): :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy information. :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar etag: Etag of the azure resource. - :vartype etag: str - :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", - "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", - "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. - :vartype tenant_id: str - :ivar data_types: The available data types for the connector. - :vartype data_types: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypes + :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", + "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", + "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", + "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar mac_address: The MAC address of this network interface. + :vartype mac_address: str + :ivar ip_address_entity_id: The IP entity id of this network interface. + :vartype ip_address_entity_id: str + :ivar vlans: A list of VLANs of the network interface entity. + :vartype vlans: list[str] """ _validation = { @@ -16421,6 +16814,11 @@ class Office365ProjectDataConnector(DataConnector): "type": {"readonly": True}, "system_data": {"readonly": True}, "kind": {"required": True}, + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "mac_address": {"readonly": True}, + "ip_address_entity_id": {"readonly": True}, + "vlans": {"readonly": True}, } _attribute_map = { @@ -16428,129 +16826,70 @@ class Office365ProjectDataConnector(DataConnector): "name": {"key": "name", "type": "str"}, "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, - "etag": {"key": "etag", "type": "str"}, - "kind": {"key": "kind", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "data_types": {"key": "properties.dataTypes", "type": "Office365ProjectConnectorDataTypes"}, - } - - def __init__( - self, - *, - etag: Optional[str] = None, - tenant_id: Optional[str] = None, - data_types: Optional["_models.Office365ProjectConnectorDataTypes"] = None, - **kwargs - ): - """ - :keyword etag: Etag of the azure resource. - :paramtype etag: str - :keyword tenant_id: The tenant id to connect to, and get the data from. - :paramtype tenant_id: str - :keyword data_types: The available data types for the connector. - :paramtype data_types: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypes - """ - super().__init__(etag=etag, **kwargs) - self.kind: str = "Office365Project" - self.tenant_id = tenant_id - self.data_types = data_types - - -class Office365ProjectDataConnectorProperties(DataConnectorTenantId): - """Office Microsoft Project data connector properties. - - All required parameters must be populated in order to send to Azure. - - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. - :vartype tenant_id: str - :ivar data_types: The available data types for the connector. Required. - :vartype data_types: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypes - """ - - _validation = { - "tenant_id": {"required": True}, - "data_types": {"required": True}, - } - - _attribute_map = { - "tenant_id": {"key": "tenantId", "type": "str"}, - "data_types": {"key": "dataTypes", "type": "Office365ProjectConnectorDataTypes"}, - } - - def __init__(self, *, tenant_id: str, data_types: "_models.Office365ProjectConnectorDataTypes", **kwargs): - """ - :keyword tenant_id: The tenant id to connect to, and get the data from. Required. - :paramtype tenant_id: str - :keyword data_types: The available data types for the connector. Required. - :paramtype data_types: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypes - """ - super().__init__(tenant_id=tenant_id, **kwargs) - self.data_types = data_types - - -class OfficeATPCheckRequirements(DataConnectorsCheckRequirements): - """Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request. - - All required parameters must be populated in order to send to Azure. - - :ivar kind: Describes the kind of connector to be checked. Required. Known values are: - "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", - "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. - :vartype tenant_id: str - """ - - _validation = { - "kind": {"required": True}, - } - - _attribute_map = { "kind": {"key": "kind", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "additional_data": {"key": "properties.additionalData", "type": "{object}"}, + "friendly_name": {"key": "properties.friendlyName", "type": "str"}, + "mac_address": {"key": "properties.macAddress", "type": "str"}, + "ip_address_entity_id": {"key": "properties.ipAddressEntityId", "type": "str"}, + "vlans": {"key": "properties.vlans", "type": "[str]"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): - """ - :keyword tenant_id: The tenant id to connect to, and get the data from. - :paramtype tenant_id: str - """ + def __init__(self, **kwargs: Any) -> None: + """ """ super().__init__(**kwargs) - self.kind: str = "OfficeATP" - self.tenant_id = tenant_id + self.kind: str = "Nic" + self.additional_data = None + self.friendly_name = None + self.mac_address = None + self.ip_address_entity_id = None + self.vlans = None -class OfficeATPCheckRequirementsProperties(DataConnectorTenantId): - """OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. +class NicEntityProperties(EntityCommonProperties): + """Nic entity property bag. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. - :vartype tenant_id: str + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar mac_address: The MAC address of this network interface. + :vartype mac_address: str + :ivar ip_address_entity_id: The IP entity id of this network interface. + :vartype ip_address_entity_id: str + :ivar vlans: A list of VLANs of the network interface entity. + :vartype vlans: list[str] """ _validation = { - "tenant_id": {"required": True}, + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "mac_address": {"readonly": True}, + "ip_address_entity_id": {"readonly": True}, + "vlans": {"readonly": True}, } _attribute_map = { - "tenant_id": {"key": "tenantId", "type": "str"}, + "additional_data": {"key": "additionalData", "type": "{object}"}, + "friendly_name": {"key": "friendlyName", "type": "str"}, + "mac_address": {"key": "macAddress", "type": "str"}, + "ip_address_entity_id": {"key": "ipAddressEntityId", "type": "str"}, + "vlans": {"key": "vlans", "type": "[str]"}, } - def __init__(self, *, tenant_id: str, **kwargs): - """ - :keyword tenant_id: The tenant id to connect to, and get the data from. Required. - :paramtype tenant_id: str - """ - super().__init__(tenant_id=tenant_id, **kwargs) + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.mac_address = None + self.ip_address_entity_id = None + self.vlans = None -class OfficeATPDataConnector(DataConnector): - """Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. +class NrtAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes + """Represents NRT alert rule. Variables are only populated by the server, and will be ignored when sending a request. @@ -16569,100 +16908,189 @@ class OfficeATPDataConnector(DataConnector): :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData :ivar etag: Etag of the azure resource. :vartype etag: str - :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", - "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", - "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. - :vartype tenant_id: str - :ivar data_types: The available data types for the connector. - :vartype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector - """ - - _validation = { - "id": {"readonly": True}, - "name": {"readonly": True}, - "type": {"readonly": True}, - "system_data": {"readonly": True}, - "kind": {"required": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "type": {"key": "type", "type": "str"}, - "system_data": {"key": "systemData", "type": "SystemData"}, - "etag": {"key": "etag", "type": "str"}, - "kind": {"key": "kind", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "data_types": {"key": "properties.dataTypes", "type": "AlertsDataTypeOfDataConnector"}, - } - - def __init__( - self, - *, - etag: Optional[str] = None, - tenant_id: Optional[str] = None, - data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, - **kwargs - ): - """ - :keyword etag: Etag of the azure resource. - :paramtype etag: str - :keyword tenant_id: The tenant id to connect to, and get the data from. - :paramtype tenant_id: str - :keyword data_types: The available data types for the connector. - :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector - """ - super().__init__(etag=etag, **kwargs) - self.kind: str = "OfficeATP" - self.tenant_id = tenant_id - self.data_types = data_types - - -class OfficeATPDataConnectorProperties(DataConnectorTenantId, DataConnectorWithAlertsProperties): - """OfficeATP (Office 365 Advanced Threat Protection) data connector properties. - - All required parameters must be populated in order to send to Azure. - - :ivar data_types: The available data types for the connector. - :vartype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. - :vartype tenant_id: str + :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", + "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and + "NRT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind + :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. + :vartype alert_rule_template_name: str + :ivar template_version: The version of the alert rule template used to create this rule - in + format , where all are numbers, for example 0 <1.0.2>. + :vartype template_version: str + :ivar description: The description of the alert rule. + :vartype description: str + :ivar query: The query that creates alerts for this rule. + :vartype query: str + :ivar tactics: The tactics of the alert rule. + :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :ivar techniques: The techniques of the alert rule. + :vartype techniques: list[str] + :ivar display_name: The display name for alerts created by this alert rule. + :vartype display_name: str + :ivar enabled: Determines whether this alert rule is enabled or disabled. + :vartype enabled: bool + :ivar last_modified_utc: The last time that this alert rule has been modified. + :vartype last_modified_utc: ~datetime.datetime + :ivar suppression_duration: The suppression (in ISO 8601 duration format) to wait since last + time this alert rule been triggered. + :vartype suppression_duration: ~datetime.timedelta + :ivar suppression_enabled: Determines whether the suppression for this alert rule is enabled or + disabled. + :vartype suppression_enabled: bool + :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", + "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar incident_configuration: The settings of the incidents that created from alerts triggered + by this analytics rule. + :vartype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration + :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :vartype custom_details: dict[str, str] + :ivar entity_mappings: Array of the entity mappings of the alert rule. + :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :ivar alert_details_override: The alert details override settings. + :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :ivar event_grouping_settings: The event grouping settings. + :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :vartype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] """ _validation = { - "tenant_id": {"required": True}, + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, + "last_modified_utc": {"readonly": True}, } _attribute_map = { - "data_types": {"key": "dataTypes", "type": "AlertsDataTypeOfDataConnector"}, - "tenant_id": {"key": "tenantId", "type": "str"}, + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "alert_rule_template_name": {"key": "properties.alertRuleTemplateName", "type": "str"}, + "template_version": {"key": "properties.templateVersion", "type": "str"}, + "description": {"key": "properties.description", "type": "str"}, + "query": {"key": "properties.query", "type": "str"}, + "tactics": {"key": "properties.tactics", "type": "[str]"}, + "techniques": {"key": "properties.techniques", "type": "[str]"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "enabled": {"key": "properties.enabled", "type": "bool"}, + "last_modified_utc": {"key": "properties.lastModifiedUtc", "type": "iso-8601"}, + "suppression_duration": {"key": "properties.suppressionDuration", "type": "duration"}, + "suppression_enabled": {"key": "properties.suppressionEnabled", "type": "bool"}, + "severity": {"key": "properties.severity", "type": "str"}, + "incident_configuration": {"key": "properties.incidentConfiguration", "type": "IncidentConfiguration"}, + "custom_details": {"key": "properties.customDetails", "type": "{str}"}, + "entity_mappings": {"key": "properties.entityMappings", "type": "[EntityMapping]"}, + "alert_details_override": {"key": "properties.alertDetailsOverride", "type": "AlertDetailsOverride"}, + "event_grouping_settings": {"key": "properties.eventGroupingSettings", "type": "EventGroupingSettings"}, + "sentinel_entities_mappings": {"key": "properties.sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, } - def __init__( - self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs - ): + def __init__( # pylint: disable=too-many-locals + self, + *, + etag: Optional[str] = None, + alert_rule_template_name: Optional[str] = None, + template_version: Optional[str] = None, + description: Optional[str] = None, + query: Optional[str] = None, + tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, + techniques: Optional[List[str]] = None, + display_name: Optional[str] = None, + enabled: Optional[bool] = None, + suppression_duration: Optional[datetime.timedelta] = None, + suppression_enabled: Optional[bool] = None, + severity: Optional[Union[str, "_models.AlertSeverity"]] = None, + incident_configuration: Optional["_models.IncidentConfiguration"] = None, + custom_details: Optional[Dict[str, str]] = None, + entity_mappings: Optional[List["_models.EntityMapping"]] = None, + alert_details_override: Optional["_models.AlertDetailsOverride"] = None, + event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, + sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, + **kwargs: Any + ) -> None: """ - :keyword data_types: The available data types for the connector. - :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector - :keyword tenant_id: The tenant id to connect to, and get the data from. Required. - :paramtype tenant_id: str + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword alert_rule_template_name: The Name of the alert rule template used to create this + rule. + :paramtype alert_rule_template_name: str + :keyword template_version: The version of the alert rule template used to create this rule - in + format , where all are numbers, for example 0 <1.0.2>. + :paramtype template_version: str + :keyword description: The description of the alert rule. + :paramtype description: str + :keyword query: The query that creates alerts for this rule. + :paramtype query: str + :keyword tactics: The tactics of the alert rule. + :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :keyword techniques: The techniques of the alert rule. + :paramtype techniques: list[str] + :keyword display_name: The display name for alerts created by this alert rule. + :paramtype display_name: str + :keyword enabled: Determines whether this alert rule is enabled or disabled. + :paramtype enabled: bool + :keyword suppression_duration: The suppression (in ISO 8601 duration format) to wait since last + time this alert rule been triggered. + :paramtype suppression_duration: ~datetime.timedelta + :keyword suppression_enabled: Determines whether the suppression for this alert rule is enabled + or disabled. + :paramtype suppression_enabled: bool + :keyword severity: The severity for alerts created by this alert rule. Known values are: + "High", "Medium", "Low", and "Informational". + :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :keyword incident_configuration: The settings of the incidents that created from alerts + triggered by this analytics rule. + :paramtype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration + :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :paramtype custom_details: dict[str, str] + :keyword entity_mappings: Array of the entity mappings of the alert rule. + :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :keyword alert_details_override: The alert details override settings. + :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :keyword event_grouping_settings: The event grouping settings. + :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :paramtype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] """ - super().__init__(tenant_id=tenant_id, data_types=data_types, **kwargs) - self.data_types = data_types - self.tenant_id = tenant_id + super().__init__(etag=etag, **kwargs) + self.kind: str = "NRT" + self.alert_rule_template_name = alert_rule_template_name + self.template_version = template_version + self.description = description + self.query = query + self.tactics = tactics + self.techniques = techniques + self.display_name = display_name + self.enabled = enabled + self.last_modified_utc = None + self.suppression_duration = suppression_duration + self.suppression_enabled = suppression_enabled + self.severity = severity + self.incident_configuration = incident_configuration + self.custom_details = custom_details + self.entity_mappings = entity_mappings + self.alert_details_override = alert_details_override + self.event_grouping_settings = event_grouping_settings + self.sentinel_entities_mappings = sentinel_entities_mappings -class OfficeConsent(Resource): - """Consent for Office365 tenant that already made. +class NrtAlertRuleTemplate(AlertRuleTemplate): # pylint: disable=too-many-instance-attributes + """Represents NRT alert rule template. Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. + :ivar id: Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. :vartype id: str @@ -16674,10 +17102,51 @@ class OfficeConsent(Resource): :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy information. :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar tenant_id: The tenantId of the Office365 with the consent. - :vartype tenant_id: str - :ivar consent_id: Help to easily cascade among the data layers. - :vartype consent_id: str + :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", + "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and + "NRT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind + :ivar alert_rules_created_by_template_count: the number of alert rules that were created by + this template. + :vartype alert_rules_created_by_template_count: int + :ivar last_updated_date_utc: The last time that this alert rule template has been updated. + :vartype last_updated_date_utc: ~datetime.datetime + :ivar created_date_utc: The time that this alert rule template has been added. + :vartype created_date_utc: ~datetime.datetime + :ivar description: The description of the alert rule template. + :vartype description: str + :ivar display_name: The display name for alert rule template. + :vartype display_name: str + :ivar required_data_connectors: The required data sources for this template. + :vartype required_data_connectors: + list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] + :ivar status: The alert rule template status. Known values are: "Installed", "Available", and + "NotAvailable". + :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :ivar tactics: The tactics of the alert rule. + :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :ivar techniques: The techniques of the alert rule. + :vartype techniques: list[str] + :ivar query: The query that creates alerts for this rule. + :vartype query: str + :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", + "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar version: The version of this template - in format , where all are numbers. For + example <1.0.2>. + :vartype version: str + :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :vartype custom_details: dict[str, str] + :ivar entity_mappings: Array of the entity mappings of the alert rule. + :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :ivar alert_details_override: The alert details override settings. + :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :ivar event_grouping_settings: The event grouping settings. + :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :vartype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] """ _validation = { @@ -16685,6 +17154,9 @@ class OfficeConsent(Resource): "name": {"readonly": True}, "type": {"readonly": True}, "system_data": {"readonly": True}, + "kind": {"required": True}, + "last_updated_date_utc": {"readonly": True}, + "created_date_utc": {"readonly": True}, } _attribute_map = { @@ -16692,234 +17164,451 @@ class OfficeConsent(Resource): "name": {"key": "name", "type": "str"}, "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "consent_id": {"key": "properties.consentId", "type": "str"}, - } + "kind": {"key": "kind", "type": "str"}, + "alert_rules_created_by_template_count": {"key": "properties.alertRulesCreatedByTemplateCount", "type": "int"}, + "last_updated_date_utc": {"key": "properties.lastUpdatedDateUTC", "type": "iso-8601"}, + "created_date_utc": {"key": "properties.createdDateUTC", "type": "iso-8601"}, + "description": {"key": "properties.description", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "required_data_connectors": { + "key": "properties.requiredDataConnectors", + "type": "[AlertRuleTemplateDataSource]", + }, + "status": {"key": "properties.status", "type": "str"}, + "tactics": {"key": "properties.tactics", "type": "[str]"}, + "techniques": {"key": "properties.techniques", "type": "[str]"}, + "query": {"key": "properties.query", "type": "str"}, + "severity": {"key": "properties.severity", "type": "str"}, + "version": {"key": "properties.version", "type": "str"}, + "custom_details": {"key": "properties.customDetails", "type": "{str}"}, + "entity_mappings": {"key": "properties.entityMappings", "type": "[EntityMapping]"}, + "alert_details_override": {"key": "properties.alertDetailsOverride", "type": "AlertDetailsOverride"}, + "event_grouping_settings": {"key": "properties.eventGroupingSettings", "type": "EventGroupingSettings"}, + "sentinel_entities_mappings": {"key": "properties.sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, + } - def __init__(self, *, tenant_id: Optional[str] = None, consent_id: Optional[str] = None, **kwargs): + def __init__( + self, + *, + alert_rules_created_by_template_count: Optional[int] = None, + description: Optional[str] = None, + display_name: Optional[str] = None, + required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, + status: Optional[Union[str, "_models.TemplateStatus"]] = None, + tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, + techniques: Optional[List[str]] = None, + query: Optional[str] = None, + severity: Optional[Union[str, "_models.AlertSeverity"]] = None, + version: Optional[str] = None, + custom_details: Optional[Dict[str, str]] = None, + entity_mappings: Optional[List["_models.EntityMapping"]] = None, + alert_details_override: Optional["_models.AlertDetailsOverride"] = None, + event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, + sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, + **kwargs: Any + ) -> None: """ - :keyword tenant_id: The tenantId of the Office365 with the consent. - :paramtype tenant_id: str - :keyword consent_id: Help to easily cascade among the data layers. - :paramtype consent_id: str + :keyword alert_rules_created_by_template_count: the number of alert rules that were created by + this template. + :paramtype alert_rules_created_by_template_count: int + :keyword description: The description of the alert rule template. + :paramtype description: str + :keyword display_name: The display name for alert rule template. + :paramtype display_name: str + :keyword required_data_connectors: The required data sources for this template. + :paramtype required_data_connectors: + list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] + :keyword status: The alert rule template status. Known values are: "Installed", "Available", + and "NotAvailable". + :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :keyword tactics: The tactics of the alert rule. + :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :keyword techniques: The techniques of the alert rule. + :paramtype techniques: list[str] + :keyword query: The query that creates alerts for this rule. + :paramtype query: str + :keyword severity: The severity for alerts created by this alert rule. Known values are: + "High", "Medium", "Low", and "Informational". + :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :keyword version: The version of this template - in format , where all are numbers. For + example <1.0.2>. + :paramtype version: str + :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :paramtype custom_details: dict[str, str] + :keyword entity_mappings: Array of the entity mappings of the alert rule. + :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :keyword alert_details_override: The alert details override settings. + :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :keyword event_grouping_settings: The event grouping settings. + :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :paramtype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] """ super().__init__(**kwargs) - self.tenant_id = tenant_id - self.consent_id = consent_id - - -class OfficeConsentList(_serialization.Model): - """List of all the office365 consents. + self.kind: str = "NRT" + self.alert_rules_created_by_template_count = alert_rules_created_by_template_count + self.last_updated_date_utc = None + self.created_date_utc = None + self.description = description + self.display_name = display_name + self.required_data_connectors = required_data_connectors + self.status = status + self.tactics = tactics + self.techniques = techniques + self.query = query + self.severity = severity + self.version = version + self.custom_details = custom_details + self.entity_mappings = entity_mappings + self.alert_details_override = alert_details_override + self.event_grouping_settings = event_grouping_settings + self.sentinel_entities_mappings = sentinel_entities_mappings - Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. +class QueryBasedAlertRuleTemplateProperties(_serialization.Model): + """Query based alert rule template base property bag. - :ivar next_link: URL to fetch the next set of office consents. - :vartype next_link: str - :ivar value: Array of the consents. Required. - :vartype value: list[~azure.mgmt.securityinsight.models.OfficeConsent] + :ivar query: The query that creates alerts for this rule. + :vartype query: str + :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", + "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar version: The version of this template - in format , where all are numbers. For + example <1.0.2>. + :vartype version: str + :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :vartype custom_details: dict[str, str] + :ivar entity_mappings: Array of the entity mappings of the alert rule. + :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :ivar alert_details_override: The alert details override settings. + :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :ivar event_grouping_settings: The event grouping settings. + :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :vartype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] """ - _validation = { - "next_link": {"readonly": True}, - "value": {"required": True}, - } - _attribute_map = { - "next_link": {"key": "nextLink", "type": "str"}, - "value": {"key": "value", "type": "[OfficeConsent]"}, + "query": {"key": "query", "type": "str"}, + "severity": {"key": "severity", "type": "str"}, + "version": {"key": "version", "type": "str"}, + "custom_details": {"key": "customDetails", "type": "{str}"}, + "entity_mappings": {"key": "entityMappings", "type": "[EntityMapping]"}, + "alert_details_override": {"key": "alertDetailsOverride", "type": "AlertDetailsOverride"}, + "event_grouping_settings": {"key": "eventGroupingSettings", "type": "EventGroupingSettings"}, + "sentinel_entities_mappings": {"key": "sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, } - def __init__(self, *, value: List["_models.OfficeConsent"], **kwargs): + def __init__( + self, + *, + query: Optional[str] = None, + severity: Optional[Union[str, "_models.AlertSeverity"]] = None, + version: Optional[str] = None, + custom_details: Optional[Dict[str, str]] = None, + entity_mappings: Optional[List["_models.EntityMapping"]] = None, + alert_details_override: Optional["_models.AlertDetailsOverride"] = None, + event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, + sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, + **kwargs: Any + ) -> None: """ - :keyword value: Array of the consents. Required. - :paramtype value: list[~azure.mgmt.securityinsight.models.OfficeConsent] + :keyword query: The query that creates alerts for this rule. + :paramtype query: str + :keyword severity: The severity for alerts created by this alert rule. Known values are: + "High", "Medium", "Low", and "Informational". + :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :keyword version: The version of this template - in format , where all are numbers. For + example <1.0.2>. + :paramtype version: str + :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :paramtype custom_details: dict[str, str] + :keyword entity_mappings: Array of the entity mappings of the alert rule. + :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :keyword alert_details_override: The alert details override settings. + :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :keyword event_grouping_settings: The event grouping settings. + :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :paramtype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] """ super().__init__(**kwargs) - self.next_link = None - self.value = value + self.query = query + self.severity = severity + self.version = version + self.custom_details = custom_details + self.entity_mappings = entity_mappings + self.alert_details_override = alert_details_override + self.event_grouping_settings = event_grouping_settings + self.sentinel_entities_mappings = sentinel_entities_mappings -class OfficeDataConnector(DataConnector): - """Represents office data connector. +class NrtAlertRuleTemplateProperties( + AlertRuleTemplateWithMitreProperties, QueryBasedAlertRuleTemplateProperties +): # pylint: disable=too-many-instance-attributes + """NRT alert rule template properties. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - :vartype id: str - :ivar name: The name of the resource. - :vartype name: str - :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or - "Microsoft.Storage/storageAccounts". - :vartype type: str - :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy - information. - :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar etag: Etag of the azure resource. - :vartype etag: str - :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", - "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", - "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. - :vartype tenant_id: str - :ivar data_types: The available data types for the connector. - :vartype data_types: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes - """ + :ivar query: The query that creates alerts for this rule. + :vartype query: str + :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", + "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar version: The version of this template - in format , where all are numbers. For + example <1.0.2>. + :vartype version: str + :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :vartype custom_details: dict[str, str] + :ivar entity_mappings: Array of the entity mappings of the alert rule. + :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :ivar alert_details_override: The alert details override settings. + :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :ivar event_grouping_settings: The event grouping settings. + :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :vartype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :ivar alert_rules_created_by_template_count: the number of alert rules that were created by + this template. + :vartype alert_rules_created_by_template_count: int + :ivar last_updated_date_utc: The last time that this alert rule template has been updated. + :vartype last_updated_date_utc: ~datetime.datetime + :ivar created_date_utc: The time that this alert rule template has been added. + :vartype created_date_utc: ~datetime.datetime + :ivar description: The description of the alert rule template. + :vartype description: str + :ivar display_name: The display name for alert rule template. + :vartype display_name: str + :ivar required_data_connectors: The required data sources for this template. + :vartype required_data_connectors: + list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] + :ivar status: The alert rule template status. Known values are: "Installed", "Available", and + "NotAvailable". + :vartype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :ivar tactics: The tactics of the alert rule. + :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :ivar techniques: The techniques of the alert rule. + :vartype techniques: list[str] + """ _validation = { - "id": {"readonly": True}, - "name": {"readonly": True}, - "type": {"readonly": True}, - "system_data": {"readonly": True}, - "kind": {"required": True}, + "last_updated_date_utc": {"readonly": True}, + "created_date_utc": {"readonly": True}, } _attribute_map = { - "id": {"key": "id", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "type": {"key": "type", "type": "str"}, - "system_data": {"key": "systemData", "type": "SystemData"}, - "etag": {"key": "etag", "type": "str"}, - "kind": {"key": "kind", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "data_types": {"key": "properties.dataTypes", "type": "OfficeDataConnectorDataTypes"}, + "query": {"key": "query", "type": "str"}, + "severity": {"key": "severity", "type": "str"}, + "version": {"key": "version", "type": "str"}, + "custom_details": {"key": "customDetails", "type": "{str}"}, + "entity_mappings": {"key": "entityMappings", "type": "[EntityMapping]"}, + "alert_details_override": {"key": "alertDetailsOverride", "type": "AlertDetailsOverride"}, + "event_grouping_settings": {"key": "eventGroupingSettings", "type": "EventGroupingSettings"}, + "sentinel_entities_mappings": {"key": "sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, + "alert_rules_created_by_template_count": {"key": "alertRulesCreatedByTemplateCount", "type": "int"}, + "last_updated_date_utc": {"key": "lastUpdatedDateUTC", "type": "iso-8601"}, + "created_date_utc": {"key": "createdDateUTC", "type": "iso-8601"}, + "description": {"key": "description", "type": "str"}, + "display_name": {"key": "displayName", "type": "str"}, + "required_data_connectors": {"key": "requiredDataConnectors", "type": "[AlertRuleTemplateDataSource]"}, + "status": {"key": "status", "type": "str"}, + "tactics": {"key": "tactics", "type": "[str]"}, + "techniques": {"key": "techniques", "type": "[str]"}, } def __init__( self, *, - etag: Optional[str] = None, - tenant_id: Optional[str] = None, - data_types: Optional["_models.OfficeDataConnectorDataTypes"] = None, - **kwargs - ): + query: Optional[str] = None, + severity: Optional[Union[str, "_models.AlertSeverity"]] = None, + version: Optional[str] = None, + custom_details: Optional[Dict[str, str]] = None, + entity_mappings: Optional[List["_models.EntityMapping"]] = None, + alert_details_override: Optional["_models.AlertDetailsOverride"] = None, + event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, + sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, + alert_rules_created_by_template_count: Optional[int] = None, + description: Optional[str] = None, + display_name: Optional[str] = None, + required_data_connectors: Optional[List["_models.AlertRuleTemplateDataSource"]] = None, + status: Optional[Union[str, "_models.TemplateStatus"]] = None, + tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, + techniques: Optional[List[str]] = None, + **kwargs: Any + ) -> None: """ - :keyword etag: Etag of the azure resource. - :paramtype etag: str - :keyword tenant_id: The tenant id to connect to, and get the data from. - :paramtype tenant_id: str - :keyword data_types: The available data types for the connector. - :paramtype data_types: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes + :keyword query: The query that creates alerts for this rule. + :paramtype query: str + :keyword severity: The severity for alerts created by this alert rule. Known values are: + "High", "Medium", "Low", and "Informational". + :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :keyword version: The version of this template - in format , where all are numbers. For + example <1.0.2>. + :paramtype version: str + :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :paramtype custom_details: dict[str, str] + :keyword entity_mappings: Array of the entity mappings of the alert rule. + :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :keyword alert_details_override: The alert details override settings. + :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :keyword event_grouping_settings: The event grouping settings. + :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :paramtype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :keyword alert_rules_created_by_template_count: the number of alert rules that were created by + this template. + :paramtype alert_rules_created_by_template_count: int + :keyword description: The description of the alert rule template. + :paramtype description: str + :keyword display_name: The display name for alert rule template. + :paramtype display_name: str + :keyword required_data_connectors: The required data sources for this template. + :paramtype required_data_connectors: + list[~azure.mgmt.securityinsight.models.AlertRuleTemplateDataSource] + :keyword status: The alert rule template status. Known values are: "Installed", "Available", + and "NotAvailable". + :paramtype status: str or ~azure.mgmt.securityinsight.models.TemplateStatus + :keyword tactics: The tactics of the alert rule. + :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :keyword techniques: The techniques of the alert rule. + :paramtype techniques: list[str] """ - super().__init__(etag=etag, **kwargs) - self.kind: str = "Office365" - self.tenant_id = tenant_id - self.data_types = data_types + super().__init__( + alert_rules_created_by_template_count=alert_rules_created_by_template_count, + description=description, + display_name=display_name, + required_data_connectors=required_data_connectors, + status=status, + tactics=tactics, + techniques=techniques, + query=query, + severity=severity, + version=version, + custom_details=custom_details, + entity_mappings=entity_mappings, + alert_details_override=alert_details_override, + event_grouping_settings=event_grouping_settings, + sentinel_entities_mappings=sentinel_entities_mappings, + **kwargs + ) + self.query = query + self.severity = severity + self.version = version + self.custom_details = custom_details + self.entity_mappings = entity_mappings + self.alert_details_override = alert_details_override + self.event_grouping_settings = event_grouping_settings + self.sentinel_entities_mappings = sentinel_entities_mappings + self.alert_rules_created_by_template_count = alert_rules_created_by_template_count + self.last_updated_date_utc = None + self.created_date_utc = None + self.description = description + self.display_name = display_name + self.required_data_connectors = required_data_connectors + self.status = status + self.tactics = tactics + self.techniques = techniques -class OfficeDataConnectorDataTypes(_serialization.Model): - """The available data types for office data connector. +class Office365ProjectCheckRequirements(DataConnectorsCheckRequirements): + """Represents Office365 Project requirements check request. All required parameters must be populated in order to send to Azure. - :ivar exchange: Exchange data type connection. Required. - :vartype exchange: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesExchange - :ivar share_point: SharePoint data type connection. Required. - :vartype share_point: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesSharePoint - :ivar teams: Teams data type connection. Required. - :vartype teams: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesTeams + :ivar kind: Describes the kind of connector to be checked. Required. Known values are: + "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", + "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str """ _validation = { - "exchange": {"required": True}, - "share_point": {"required": True}, - "teams": {"required": True}, + "kind": {"required": True}, } _attribute_map = { - "exchange": {"key": "exchange", "type": "OfficeDataConnectorDataTypesExchange"}, - "share_point": {"key": "sharePoint", "type": "OfficeDataConnectorDataTypesSharePoint"}, - "teams": {"key": "teams", "type": "OfficeDataConnectorDataTypesTeams"}, + "kind": {"key": "kind", "type": "str"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__( - self, - *, - exchange: "_models.OfficeDataConnectorDataTypesExchange", - share_point: "_models.OfficeDataConnectorDataTypesSharePoint", - teams: "_models.OfficeDataConnectorDataTypesTeams", - **kwargs - ): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ - :keyword exchange: Exchange data type connection. Required. - :paramtype exchange: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesExchange - :keyword share_point: SharePoint data type connection. Required. - :paramtype share_point: - ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesSharePoint - :keyword teams: Teams data type connection. Required. - :paramtype teams: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesTeams + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str """ super().__init__(**kwargs) - self.exchange = exchange - self.share_point = share_point - self.teams = teams + self.kind: str = "Office365Project" + self.tenant_id = tenant_id -class OfficeDataConnectorDataTypesExchange(DataConnectorDataTypeCommon): - """Exchange data type connection. +class Office365ProjectCheckRequirementsProperties(DataConnectorTenantId): + """Office365 Project requirements check properties. All required parameters must be populated in order to send to Azure. - :ivar state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str """ _validation = { - "state": {"required": True}, + "tenant_id": {"required": True}, } _attribute_map = { - "state": {"key": "state", "type": "str"}, + "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ - :keyword state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str """ - super().__init__(state=state, **kwargs) + super().__init__(tenant_id=tenant_id, **kwargs) -class OfficeDataConnectorDataTypesSharePoint(DataConnectorDataTypeCommon): - """SharePoint data type connection. +class Office365ProjectConnectorDataTypes(_serialization.Model): + """The available data types for Office Microsoft Project data connector. All required parameters must be populated in order to send to Azure. - :ivar state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState + :ivar logs: Logs data type. Required. + :vartype logs: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypesLogs """ _validation = { - "state": {"required": True}, + "logs": {"required": True}, } _attribute_map = { - "state": {"key": "state", "type": "str"}, + "logs": {"key": "logs", "type": "Office365ProjectConnectorDataTypesLogs"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, logs: "_models.Office365ProjectConnectorDataTypesLogs", **kwargs: Any) -> None: """ - :keyword state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState + :keyword logs: Logs data type. Required. + :paramtype logs: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypesLogs """ - super().__init__(state=state, **kwargs) + super().__init__(**kwargs) + self.logs = logs -class OfficeDataConnectorDataTypesTeams(DataConnectorDataTypeCommon): - """Teams data type connection. +class Office365ProjectConnectorDataTypesLogs(DataConnectorDataTypeCommon): + """Logs data type. All required parameters must be populated in order to send to Azure. @@ -16936,7 +17625,7 @@ class OfficeDataConnectorDataTypesTeams(DataConnectorDataTypeCommon): "state": {"key": "state", "type": "str"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ :keyword state: Describe whether this data type connection is enabled or not. Required. Known values are: "Enabled" and "Disabled". @@ -16945,15 +17634,90 @@ def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): super().__init__(state=state, **kwargs) -class OfficeDataConnectorProperties(DataConnectorTenantId): - """Office data connector properties. +class Office365ProjectDataConnector(DataConnector): + """Represents Office Microsoft Project data connector. + + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", + "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", + "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str - :ivar data_types: The available data types for the connector. Required. - :vartype data_types: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes + :ivar data_types: The available data types for the connector. + :vartype data_types: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypes + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "data_types": {"key": "properties.dataTypes", "type": "Office365ProjectConnectorDataTypes"}, + } + + def __init__( + self, + *, + etag: Optional[str] = None, + tenant_id: Optional[str] = None, + data_types: Optional["_models.Office365ProjectConnectorDataTypes"] = None, + **kwargs: Any + ) -> None: + """ + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str + :keyword data_types: The available data types for the connector. + :paramtype data_types: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypes + """ + super().__init__(etag=etag, **kwargs) + self.kind: str = "Office365Project" + self.tenant_id = tenant_id + self.data_types = data_types + + +class Office365ProjectDataConnectorProperties(DataConnectorTenantId): + """Office Microsoft Project data connector properties. + + All required parameters must be populated in order to send to Azure. + + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str + :ivar data_types: The available data types for the connector. Required. + :vartype data_types: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypes """ _validation = { @@ -16963,32 +17727,34 @@ class OfficeDataConnectorProperties(DataConnectorTenantId): _attribute_map = { "tenant_id": {"key": "tenantId", "type": "str"}, - "data_types": {"key": "dataTypes", "type": "OfficeDataConnectorDataTypes"}, + "data_types": {"key": "dataTypes", "type": "Office365ProjectConnectorDataTypes"}, } - def __init__(self, *, tenant_id: str, data_types: "_models.OfficeDataConnectorDataTypes", **kwargs): + def __init__( + self, *, tenant_id: str, data_types: "_models.Office365ProjectConnectorDataTypes", **kwargs: Any + ) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str :keyword data_types: The available data types for the connector. Required. - :paramtype data_types: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes + :paramtype data_types: ~azure.mgmt.securityinsight.models.Office365ProjectConnectorDataTypes """ super().__init__(tenant_id=tenant_id, **kwargs) self.data_types = data_types -class OfficeIRMCheckRequirements(DataConnectorsCheckRequirements): - """Represents OfficeIRM (Microsoft Insider Risk Management) requirements check request. +class OfficeATPCheckRequirements(DataConnectorsCheckRequirements): + """Represents OfficeATP (Office 365 Advanced Threat Protection) requirements check request. All required parameters must be populated in order to send to Azure. :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -17003,18 +17769,18 @@ class OfficeIRMCheckRequirements(DataConnectorsCheckRequirements): "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str """ super().__init__(**kwargs) - self.kind: str = "OfficeIRM" + self.kind: str = "OfficeATP" self.tenant_id = tenant_id -class OfficeIRMCheckRequirementsProperties(DataConnectorTenantId): - """OfficeIRM (Microsoft Insider Risk Management) requirements check properties. +class OfficeATPCheckRequirementsProperties(DataConnectorTenantId): + """OfficeATP (Office 365 Advanced Threat Protection) requirements check properties. All required parameters must be populated in order to send to Azure. @@ -17030,7 +17796,7 @@ class OfficeIRMCheckRequirementsProperties(DataConnectorTenantId): "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -17038,8 +17804,8 @@ def __init__(self, *, tenant_id: str, **kwargs): super().__init__(tenant_id=tenant_id, **kwargs) -class OfficeIRMDataConnector(DataConnector): - """Represents OfficeIRM (Microsoft Insider Risk Management) data connector. +class OfficeATPDataConnector(DataConnector): + """Represents OfficeATP (Office 365 Advanced Threat Protection) data connector. Variables are only populated by the server, and will be ignored when sending a request. @@ -17061,10 +17827,10 @@ class OfficeIRMDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -17097,8 +17863,8 @@ def __init__( etag: Optional[str] = None, tenant_id: Optional[str] = None, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -17108,13 +17874,13 @@ def __init__( :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector """ super().__init__(etag=etag, **kwargs) - self.kind: str = "OfficeIRM" + self.kind: str = "OfficeATP" self.tenant_id = tenant_id self.data_types = data_types -class OfficeIRMDataConnectorProperties(DataConnectorTenantId, DataConnectorWithAlertsProperties): - """OfficeIRM (Microsoft Insider Risk Management) data connector properties. +class OfficeATPDataConnectorProperties(DataConnectorTenantId, DataConnectorWithAlertsProperties): + """OfficeATP (Office 365 Advanced Threat Protection) data connector properties. All required parameters must be populated in order to send to Azure. @@ -17134,8 +17900,8 @@ class OfficeIRMDataConnectorProperties(DataConnectorTenantId, DataConnectorWithA } def __init__( - self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs - ): + self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs: Any + ) -> None: """ :keyword data_types: The available data types for the connector. :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector @@ -17147,122 +17913,91 @@ def __init__( self.tenant_id = tenant_id -class OfficePowerBICheckRequirements(DataConnectorsCheckRequirements): - """Represents Office PowerBI requirements check request. +class OfficeConsent(Resource): + """Consent for Office365 tenant that already made. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :ivar kind: Describes the kind of connector to be checked. Required. Known values are: - "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", - "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar tenant_id: The tenantId of the Office365 with the consent. :vartype tenant_id: str + :ivar consent_id: Help to easily cascade among the data layers. + :vartype consent_id: str """ _validation = { - "kind": {"required": True}, + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, } _attribute_map = { - "kind": {"key": "kind", "type": "str"}, + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "consent_id": {"key": "properties.consentId", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, consent_id: Optional[str] = None, **kwargs: Any) -> None: """ - :keyword tenant_id: The tenant id to connect to, and get the data from. + :keyword tenant_id: The tenantId of the Office365 with the consent. :paramtype tenant_id: str + :keyword consent_id: Help to easily cascade among the data layers. + :paramtype consent_id: str """ super().__init__(**kwargs) - self.kind: str = "OfficePowerBI" self.tenant_id = tenant_id + self.consent_id = consent_id -class OfficePowerBICheckRequirementsProperties(DataConnectorTenantId): - """Office PowerBI requirements check properties. - - All required parameters must be populated in order to send to Azure. - - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. - :vartype tenant_id: str - """ - - _validation = { - "tenant_id": {"required": True}, - } - - _attribute_map = { - "tenant_id": {"key": "tenantId", "type": "str"}, - } - - def __init__(self, *, tenant_id: str, **kwargs): - """ - :keyword tenant_id: The tenant id to connect to, and get the data from. Required. - :paramtype tenant_id: str - """ - super().__init__(tenant_id=tenant_id, **kwargs) - +class OfficeConsentList(_serialization.Model): + """List of all the office365 consents. -class OfficePowerBIConnectorDataTypes(_serialization.Model): - """The available data types for Office Microsoft PowerBI data connector. + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar logs: Logs data type. Required. - :vartype logs: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypesLogs + :ivar next_link: URL to fetch the next set of office consents. + :vartype next_link: str + :ivar value: Array of the consents. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.OfficeConsent] """ _validation = { - "logs": {"required": True}, + "next_link": {"readonly": True}, + "value": {"required": True}, } _attribute_map = { - "logs": {"key": "logs", "type": "OfficePowerBIConnectorDataTypesLogs"}, + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[OfficeConsent]"}, } - def __init__(self, *, logs: "_models.OfficePowerBIConnectorDataTypesLogs", **kwargs): + def __init__(self, *, value: List["_models.OfficeConsent"], **kwargs: Any) -> None: """ - :keyword logs: Logs data type. Required. - :paramtype logs: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypesLogs + :keyword value: Array of the consents. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.OfficeConsent] """ super().__init__(**kwargs) - self.logs = logs - - -class OfficePowerBIConnectorDataTypesLogs(DataConnectorDataTypeCommon): - """Logs data type. - - All required parameters must be populated in order to send to Azure. - - :ivar state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState - """ - - _validation = { - "state": {"required": True}, - } - - _attribute_map = { - "state": {"key": "state", "type": "str"}, - } - - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): - """ - :keyword state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState - """ - super().__init__(state=state, **kwargs) + self.next_link = None + self.value = value -class OfficePowerBIDataConnector(DataConnector): - """Represents Office Microsoft PowerBI data connector. +class OfficeDataConnector(DataConnector): + """Represents office data connector. Variables are only populated by the server, and will be ignored when sending a request. @@ -17284,15 +18019,15 @@ class OfficePowerBIDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str :ivar data_types: The available data types for the connector. - :vartype data_types: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypes + :vartype data_types: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes """ _validation = { @@ -17311,7 +18046,7 @@ class OfficePowerBIDataConnector(DataConnector): "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "data_types": {"key": "properties.dataTypes", "type": "OfficePowerBIConnectorDataTypes"}, + "data_types": {"key": "properties.dataTypes", "type": "OfficeDataConnectorDataTypes"}, } def __init__( @@ -17319,394 +18054,247 @@ def __init__( *, etag: Optional[str] = None, tenant_id: Optional[str] = None, - data_types: Optional["_models.OfficePowerBIConnectorDataTypes"] = None, - **kwargs - ): + data_types: Optional["_models.OfficeDataConnectorDataTypes"] = None, + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str :keyword data_types: The available data types for the connector. - :paramtype data_types: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypes + :paramtype data_types: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes """ super().__init__(etag=etag, **kwargs) - self.kind: str = "OfficePowerBI" + self.kind: str = "Office365" self.tenant_id = tenant_id self.data_types = data_types -class OfficePowerBIDataConnectorProperties(DataConnectorTenantId): - """Office Microsoft PowerBI data connector properties. +class OfficeDataConnectorDataTypes(_serialization.Model): + """The available data types for office data connector. All required parameters must be populated in order to send to Azure. - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. - :vartype tenant_id: str - :ivar data_types: The available data types for the connector. Required. - :vartype data_types: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypes + :ivar exchange: Exchange data type connection. Required. + :vartype exchange: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesExchange + :ivar share_point: SharePoint data type connection. Required. + :vartype share_point: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesSharePoint + :ivar teams: Teams data type connection. Required. + :vartype teams: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesTeams """ _validation = { - "tenant_id": {"required": True}, - "data_types": {"required": True}, + "exchange": {"required": True}, + "share_point": {"required": True}, + "teams": {"required": True}, } _attribute_map = { - "tenant_id": {"key": "tenantId", "type": "str"}, - "data_types": {"key": "dataTypes", "type": "OfficePowerBIConnectorDataTypes"}, + "exchange": {"key": "exchange", "type": "OfficeDataConnectorDataTypesExchange"}, + "share_point": {"key": "sharePoint", "type": "OfficeDataConnectorDataTypesSharePoint"}, + "teams": {"key": "teams", "type": "OfficeDataConnectorDataTypesTeams"}, } - def __init__(self, *, tenant_id: str, data_types: "_models.OfficePowerBIConnectorDataTypes", **kwargs): + def __init__( + self, + *, + exchange: "_models.OfficeDataConnectorDataTypesExchange", + share_point: "_models.OfficeDataConnectorDataTypesSharePoint", + teams: "_models.OfficeDataConnectorDataTypesTeams", + **kwargs: Any + ) -> None: """ - :keyword tenant_id: The tenant id to connect to, and get the data from. Required. - :paramtype tenant_id: str - :keyword data_types: The available data types for the connector. Required. - :paramtype data_types: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypes + :keyword exchange: Exchange data type connection. Required. + :paramtype exchange: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesExchange + :keyword share_point: SharePoint data type connection. Required. + :paramtype share_point: + ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesSharePoint + :keyword teams: Teams data type connection. Required. + :paramtype teams: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypesTeams """ - super().__init__(tenant_id=tenant_id, **kwargs) - self.data_types = data_types - + super().__init__(**kwargs) + self.exchange = exchange + self.share_point = share_point + self.teams = teams -class Operation(_serialization.Model): - """Operation provided by provider. - :ivar display: Properties of the operation. - :vartype display: ~azure.mgmt.securityinsight.models.OperationDisplay - :ivar name: Name of the operation. - :vartype name: str - :ivar origin: The origin of the operation. - :vartype origin: str - :ivar is_data_action: Indicates whether the operation is a data action. - :vartype is_data_action: bool +class OfficeDataConnectorDataTypesExchange(DataConnectorDataTypeCommon): + """Exchange data type connection. + + All required parameters must be populated in order to send to Azure. + + :ivar state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ + _validation = { + "state": {"required": True}, + } + _attribute_map = { - "display": {"key": "display", "type": "OperationDisplay"}, - "name": {"key": "name", "type": "str"}, - "origin": {"key": "origin", "type": "str"}, - "is_data_action": {"key": "isDataAction", "type": "bool"}, + "state": {"key": "state", "type": "str"}, } - def __init__( - self, - *, - display: Optional["_models.OperationDisplay"] = None, - name: Optional[str] = None, - origin: Optional[str] = None, - is_data_action: Optional[bool] = None, - **kwargs - ): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ - :keyword display: Properties of the operation. - :paramtype display: ~azure.mgmt.securityinsight.models.OperationDisplay - :keyword name: Name of the operation. - :paramtype name: str - :keyword origin: The origin of the operation. - :paramtype origin: str - :keyword is_data_action: Indicates whether the operation is a data action. - :paramtype is_data_action: bool + :keyword state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ - super().__init__(**kwargs) - self.display = display - self.name = name - self.origin = origin - self.is_data_action = is_data_action + super().__init__(state=state, **kwargs) -class OperationDisplay(_serialization.Model): - """Properties of the operation. +class OfficeDataConnectorDataTypesSharePoint(DataConnectorDataTypeCommon): + """SharePoint data type connection. - :ivar description: Description of the operation. - :vartype description: str - :ivar operation: Operation name. - :vartype operation: str - :ivar provider: Provider name. - :vartype provider: str - :ivar resource: Resource name. - :vartype resource: str + All required parameters must be populated in order to send to Azure. + + :ivar state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ + _validation = { + "state": {"required": True}, + } + _attribute_map = { - "description": {"key": "description", "type": "str"}, - "operation": {"key": "operation", "type": "str"}, - "provider": {"key": "provider", "type": "str"}, - "resource": {"key": "resource", "type": "str"}, + "state": {"key": "state", "type": "str"}, } - def __init__( - self, - *, - description: Optional[str] = None, - operation: Optional[str] = None, - provider: Optional[str] = None, - resource: Optional[str] = None, - **kwargs - ): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ - :keyword description: Description of the operation. - :paramtype description: str - :keyword operation: Operation name. - :paramtype operation: str - :keyword provider: Provider name. - :paramtype provider: str - :keyword resource: Resource name. - :paramtype resource: str + :keyword state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ - super().__init__(**kwargs) - self.description = description - self.operation = operation - self.provider = provider - self.resource = resource - + super().__init__(state=state, **kwargs) -class OperationsList(_serialization.Model): - """Lists the operations available in the SecurityInsights RP. - Variables are only populated by the server, and will be ignored when sending a request. +class OfficeDataConnectorDataTypesTeams(DataConnectorDataTypeCommon): + """Teams data type connection. All required parameters must be populated in order to send to Azure. - :ivar next_link: URL to fetch the next set of operations. - :vartype next_link: str - :ivar value: Array of operations. Required. - :vartype value: list[~azure.mgmt.securityinsight.models.Operation] + :ivar state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ _validation = { - "next_link": {"readonly": True}, - "value": {"required": True}, + "state": {"required": True}, } _attribute_map = { - "next_link": {"key": "nextLink", "type": "str"}, - "value": {"key": "value", "type": "[Operation]"}, + "state": {"key": "state", "type": "str"}, } - def __init__(self, *, value: List["_models.Operation"], **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ - :keyword value: Array of operations. Required. - :paramtype value: list[~azure.mgmt.securityinsight.models.Operation] + :keyword state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ - super().__init__(**kwargs) - self.next_link = None - self.value = value + super().__init__(state=state, **kwargs) -class Permissions(_serialization.Model): - """Permissions required for the connector. +class OfficeDataConnectorProperties(DataConnectorTenantId): + """Office data connector properties. - :ivar resource_provider: Resource provider permissions required for the connector. - :vartype resource_provider: - list[~azure.mgmt.securityinsight.models.PermissionsResourceProviderItem] - :ivar customs: Customs permissions required for the connector. - :vartype customs: list[~azure.mgmt.securityinsight.models.PermissionsCustomsItem] + All required parameters must be populated in order to send to Azure. + + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str + :ivar data_types: The available data types for the connector. Required. + :vartype data_types: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes """ + _validation = { + "tenant_id": {"required": True}, + "data_types": {"required": True}, + } + _attribute_map = { - "resource_provider": {"key": "resourceProvider", "type": "[PermissionsResourceProviderItem]"}, - "customs": {"key": "customs", "type": "[PermissionsCustomsItem]"}, + "tenant_id": {"key": "tenantId", "type": "str"}, + "data_types": {"key": "dataTypes", "type": "OfficeDataConnectorDataTypes"}, } - def __init__( - self, - *, - resource_provider: Optional[List["_models.PermissionsResourceProviderItem"]] = None, - customs: Optional[List["_models.PermissionsCustomsItem"]] = None, - **kwargs - ): + def __init__(self, *, tenant_id: str, data_types: "_models.OfficeDataConnectorDataTypes", **kwargs: Any) -> None: """ - :keyword resource_provider: Resource provider permissions required for the connector. - :paramtype resource_provider: - list[~azure.mgmt.securityinsight.models.PermissionsResourceProviderItem] - :keyword customs: Customs permissions required for the connector. - :paramtype customs: list[~azure.mgmt.securityinsight.models.PermissionsCustomsItem] + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str + :keyword data_types: The available data types for the connector. Required. + :paramtype data_types: ~azure.mgmt.securityinsight.models.OfficeDataConnectorDataTypes """ - super().__init__(**kwargs) - self.resource_provider = resource_provider - self.customs = customs + super().__init__(tenant_id=tenant_id, **kwargs) + self.data_types = data_types -class PermissionsCustomsItem(Customs): - """PermissionsCustomsItem. +class OfficeIRMCheckRequirements(DataConnectorsCheckRequirements): + """Represents OfficeIRM (Microsoft Insider Risk Management) requirements check request. - :ivar name: Customs permissions name. - :vartype name: str - :ivar description: Customs permissions description. - :vartype description: str + All required parameters must be populated in order to send to Azure. + + :ivar kind: Describes the kind of connector to be checked. Required. Known values are: + "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", + "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str """ + _validation = { + "kind": {"required": True}, + } + _attribute_map = { - "name": {"key": "name", "type": "str"}, - "description": {"key": "description", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, name: Optional[str] = None, description: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ - :keyword name: Customs permissions name. - :paramtype name: str - :keyword description: Customs permissions description. - :paramtype description: str + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str """ - super().__init__(name=name, description=description, **kwargs) + super().__init__(**kwargs) + self.kind: str = "OfficeIRM" + self.tenant_id = tenant_id -class ResourceProvider(_serialization.Model): - """Resource provider permissions required for the connector. +class OfficeIRMCheckRequirementsProperties(DataConnectorTenantId): + """OfficeIRM (Microsoft Insider Risk Management) requirements check properties. - :ivar provider: Provider name. Known values are: "Microsoft.OperationalInsights/solutions", - "Microsoft.OperationalInsights/workspaces", - "Microsoft.OperationalInsights/workspaces/datasources", "microsoft.aadiam/diagnosticSettings", - "Microsoft.OperationalInsights/workspaces/sharedKeys", and - "Microsoft.Authorization/policyAssignments". - :vartype provider: str or ~azure.mgmt.securityinsight.models.ProviderName - :ivar permissions_display_text: Permission description text. - :vartype permissions_display_text: str - :ivar provider_display_name: Permission provider display name. - :vartype provider_display_name: str - :ivar scope: Permission provider scope. Known values are: "ResourceGroup", "Subscription", and - "Workspace". - :vartype scope: str or ~azure.mgmt.securityinsight.models.PermissionProviderScope - :ivar required_permissions: Required permissions for the connector. - :vartype required_permissions: ~azure.mgmt.securityinsight.models.RequiredPermissions + All required parameters must be populated in order to send to Azure. + + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str """ + _validation = { + "tenant_id": {"required": True}, + } + _attribute_map = { - "provider": {"key": "provider", "type": "str"}, - "permissions_display_text": {"key": "permissionsDisplayText", "type": "str"}, - "provider_display_name": {"key": "providerDisplayName", "type": "str"}, - "scope": {"key": "scope", "type": "str"}, - "required_permissions": {"key": "requiredPermissions", "type": "RequiredPermissions"}, + "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__( - self, - *, - provider: Optional[Union[str, "_models.ProviderName"]] = None, - permissions_display_text: Optional[str] = None, - provider_display_name: Optional[str] = None, - scope: Optional[Union[str, "_models.PermissionProviderScope"]] = None, - required_permissions: Optional["_models.RequiredPermissions"] = None, - **kwargs - ): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ - :keyword provider: Provider name. Known values are: "Microsoft.OperationalInsights/solutions", - "Microsoft.OperationalInsights/workspaces", - "Microsoft.OperationalInsights/workspaces/datasources", "microsoft.aadiam/diagnosticSettings", - "Microsoft.OperationalInsights/workspaces/sharedKeys", and - "Microsoft.Authorization/policyAssignments". - :paramtype provider: str or ~azure.mgmt.securityinsight.models.ProviderName - :keyword permissions_display_text: Permission description text. - :paramtype permissions_display_text: str - :keyword provider_display_name: Permission provider display name. - :paramtype provider_display_name: str - :keyword scope: Permission provider scope. Known values are: "ResourceGroup", "Subscription", - and "Workspace". - :paramtype scope: str or ~azure.mgmt.securityinsight.models.PermissionProviderScope - :keyword required_permissions: Required permissions for the connector. - :paramtype required_permissions: ~azure.mgmt.securityinsight.models.RequiredPermissions - """ - super().__init__(**kwargs) - self.provider = provider - self.permissions_display_text = permissions_display_text - self.provider_display_name = provider_display_name - self.scope = scope - self.required_permissions = required_permissions - - -class PermissionsResourceProviderItem(ResourceProvider): - """PermissionsResourceProviderItem. - - :ivar provider: Provider name. Known values are: "Microsoft.OperationalInsights/solutions", - "Microsoft.OperationalInsights/workspaces", - "Microsoft.OperationalInsights/workspaces/datasources", "microsoft.aadiam/diagnosticSettings", - "Microsoft.OperationalInsights/workspaces/sharedKeys", and - "Microsoft.Authorization/policyAssignments". - :vartype provider: str or ~azure.mgmt.securityinsight.models.ProviderName - :ivar permissions_display_text: Permission description text. - :vartype permissions_display_text: str - :ivar provider_display_name: Permission provider display name. - :vartype provider_display_name: str - :ivar scope: Permission provider scope. Known values are: "ResourceGroup", "Subscription", and - "Workspace". - :vartype scope: str or ~azure.mgmt.securityinsight.models.PermissionProviderScope - :ivar required_permissions: Required permissions for the connector. - :vartype required_permissions: ~azure.mgmt.securityinsight.models.RequiredPermissions - """ - - _attribute_map = { - "provider": {"key": "provider", "type": "str"}, - "permissions_display_text": {"key": "permissionsDisplayText", "type": "str"}, - "provider_display_name": {"key": "providerDisplayName", "type": "str"}, - "scope": {"key": "scope", "type": "str"}, - "required_permissions": {"key": "requiredPermissions", "type": "RequiredPermissions"}, - } - - def __init__( - self, - *, - provider: Optional[Union[str, "_models.ProviderName"]] = None, - permissions_display_text: Optional[str] = None, - provider_display_name: Optional[str] = None, - scope: Optional[Union[str, "_models.PermissionProviderScope"]] = None, - required_permissions: Optional["_models.RequiredPermissions"] = None, - **kwargs - ): - """ - :keyword provider: Provider name. Known values are: "Microsoft.OperationalInsights/solutions", - "Microsoft.OperationalInsights/workspaces", - "Microsoft.OperationalInsights/workspaces/datasources", "microsoft.aadiam/diagnosticSettings", - "Microsoft.OperationalInsights/workspaces/sharedKeys", and - "Microsoft.Authorization/policyAssignments". - :paramtype provider: str or ~azure.mgmt.securityinsight.models.ProviderName - :keyword permissions_display_text: Permission description text. - :paramtype permissions_display_text: str - :keyword provider_display_name: Permission provider display name. - :paramtype provider_display_name: str - :keyword scope: Permission provider scope. Known values are: "ResourceGroup", "Subscription", - and "Workspace". - :paramtype scope: str or ~azure.mgmt.securityinsight.models.PermissionProviderScope - :keyword required_permissions: Required permissions for the connector. - :paramtype required_permissions: ~azure.mgmt.securityinsight.models.RequiredPermissions - """ - super().__init__( - provider=provider, - permissions_display_text=permissions_display_text, - provider_display_name=provider_display_name, - scope=scope, - required_permissions=required_permissions, - **kwargs - ) - - -class PlaybookActionProperties(_serialization.Model): - """PlaybookActionProperties. - - :ivar logic_app_resource_id: The resource id of the playbook resource. - :vartype logic_app_resource_id: str - :ivar tenant_id: The tenant id of the playbook resource. - :vartype tenant_id: str - """ - - _attribute_map = { - "logic_app_resource_id": {"key": "logicAppResourceId", "type": "str"}, - "tenant_id": {"key": "tenantId", "type": "str"}, - } - - def __init__(self, *, logic_app_resource_id: Optional[str] = None, tenant_id: Optional[str] = None, **kwargs): - """ - :keyword logic_app_resource_id: The resource id of the playbook resource. - :paramtype logic_app_resource_id: str - :keyword tenant_id: The tenant id of the playbook resource. + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str """ - super().__init__(**kwargs) - self.logic_app_resource_id = logic_app_resource_id - self.tenant_id = tenant_id + super().__init__(tenant_id=tenant_id, **kwargs) -class ProcessEntity(Entity): # pylint: disable=too-many-instance-attributes - """Represents a process entity. +class OfficeIRMDataConnector(DataConnector): + """Represents OfficeIRM (Microsoft Insider Risk Management) data connector. Variables are only populated by the server, and will be ignored when sending a request. @@ -17723,36 +18311,20 @@ class ProcessEntity(Entity): # pylint: disable=too-many-instance-attributes :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy information. :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", - "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", - "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", - "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar account_entity_id: The account entity id running the processes. - :vartype account_entity_id: str - :ivar command_line: The command line used to create the process. - :vartype command_line: str - :ivar creation_time_utc: The time when the process started to run. - :vartype creation_time_utc: ~datetime.datetime - :ivar elevation_token: The elevation token associated with the process. Known values are: - "Default", "Full", and "Limited". - :vartype elevation_token: str or ~azure.mgmt.securityinsight.models.ElevationToken - :ivar host_entity_id: The host entity id on which the process was running. - :vartype host_entity_id: str - :ivar host_logon_session_entity_id: The session entity id in which the process was running. - :vartype host_logon_session_entity_id: str - :ivar image_file_entity_id: Image file entity id. - :vartype image_file_entity_id: str - :ivar parent_process_entity_id: The parent process entity id. - :vartype parent_process_entity_id: str - :ivar process_id: The process ID. - :vartype process_id: str + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", + "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", + "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str + :ivar data_types: The available data types for the connector. + :vartype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector """ _validation = { @@ -17761,16 +18333,6 @@ class ProcessEntity(Entity): # pylint: disable=too-many-instance-attributes "type": {"readonly": True}, "system_data": {"readonly": True}, "kind": {"required": True}, - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "account_entity_id": {"readonly": True}, - "command_line": {"readonly": True}, - "creation_time_utc": {"readonly": True}, - "host_entity_id": {"readonly": True}, - "host_logon_session_entity_id": {"readonly": True}, - "image_file_entity_id": {"readonly": True}, - "parent_process_entity_id": {"readonly": True}, - "process_id": {"readonly": True}, } _attribute_map = { @@ -17778,790 +18340,482 @@ class ProcessEntity(Entity): # pylint: disable=too-many-instance-attributes "name": {"key": "name", "type": "str"}, "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, - "additional_data": {"key": "properties.additionalData", "type": "{object}"}, - "friendly_name": {"key": "properties.friendlyName", "type": "str"}, - "account_entity_id": {"key": "properties.accountEntityId", "type": "str"}, - "command_line": {"key": "properties.commandLine", "type": "str"}, - "creation_time_utc": {"key": "properties.creationTimeUtc", "type": "iso-8601"}, - "elevation_token": {"key": "properties.elevationToken", "type": "str"}, - "host_entity_id": {"key": "properties.hostEntityId", "type": "str"}, - "host_logon_session_entity_id": {"key": "properties.hostLogonSessionEntityId", "type": "str"}, - "image_file_entity_id": {"key": "properties.imageFileEntityId", "type": "str"}, - "parent_process_entity_id": {"key": "properties.parentProcessEntityId", "type": "str"}, - "process_id": {"key": "properties.processId", "type": "str"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "data_types": {"key": "properties.dataTypes", "type": "AlertsDataTypeOfDataConnector"}, } - def __init__(self, *, elevation_token: Optional[Union[str, "_models.ElevationToken"]] = None, **kwargs): + def __init__( + self, + *, + etag: Optional[str] = None, + tenant_id: Optional[str] = None, + data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, + **kwargs: Any + ) -> None: """ - :keyword elevation_token: The elevation token associated with the process. Known values are: - "Default", "Full", and "Limited". - :paramtype elevation_token: str or ~azure.mgmt.securityinsight.models.ElevationToken + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str + :keyword data_types: The available data types for the connector. + :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector """ - super().__init__(**kwargs) - self.kind: str = "Process" - self.additional_data = None - self.friendly_name = None - self.account_entity_id = None - self.command_line = None - self.creation_time_utc = None - self.elevation_token = elevation_token - self.host_entity_id = None - self.host_logon_session_entity_id = None - self.image_file_entity_id = None - self.parent_process_entity_id = None - self.process_id = None + super().__init__(etag=etag, **kwargs) + self.kind: str = "OfficeIRM" + self.tenant_id = tenant_id + self.data_types = data_types -class ProcessEntityProperties(EntityCommonProperties): # pylint: disable=too-many-instance-attributes - """Process entity property bag. +class OfficeIRMDataConnectorProperties(DataConnectorTenantId, DataConnectorWithAlertsProperties): + """OfficeIRM (Microsoft Insider Risk Management) data connector properties. - Variables are only populated by the server, and will be ignored when sending a request. + All required parameters must be populated in order to send to Azure. - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar account_entity_id: The account entity id running the processes. - :vartype account_entity_id: str - :ivar command_line: The command line used to create the process. - :vartype command_line: str - :ivar creation_time_utc: The time when the process started to run. - :vartype creation_time_utc: ~datetime.datetime - :ivar elevation_token: The elevation token associated with the process. Known values are: - "Default", "Full", and "Limited". - :vartype elevation_token: str or ~azure.mgmt.securityinsight.models.ElevationToken - :ivar host_entity_id: The host entity id on which the process was running. - :vartype host_entity_id: str - :ivar host_logon_session_entity_id: The session entity id in which the process was running. - :vartype host_logon_session_entity_id: str - :ivar image_file_entity_id: Image file entity id. - :vartype image_file_entity_id: str - :ivar parent_process_entity_id: The parent process entity id. - :vartype parent_process_entity_id: str - :ivar process_id: The process ID. - :vartype process_id: str + :ivar data_types: The available data types for the connector. + :vartype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str """ _validation = { - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "account_entity_id": {"readonly": True}, - "command_line": {"readonly": True}, - "creation_time_utc": {"readonly": True}, - "host_entity_id": {"readonly": True}, - "host_logon_session_entity_id": {"readonly": True}, - "image_file_entity_id": {"readonly": True}, - "parent_process_entity_id": {"readonly": True}, - "process_id": {"readonly": True}, + "tenant_id": {"required": True}, } _attribute_map = { - "additional_data": {"key": "additionalData", "type": "{object}"}, - "friendly_name": {"key": "friendlyName", "type": "str"}, - "account_entity_id": {"key": "accountEntityId", "type": "str"}, - "command_line": {"key": "commandLine", "type": "str"}, - "creation_time_utc": {"key": "creationTimeUtc", "type": "iso-8601"}, - "elevation_token": {"key": "elevationToken", "type": "str"}, - "host_entity_id": {"key": "hostEntityId", "type": "str"}, - "host_logon_session_entity_id": {"key": "hostLogonSessionEntityId", "type": "str"}, - "image_file_entity_id": {"key": "imageFileEntityId", "type": "str"}, - "parent_process_entity_id": {"key": "parentProcessEntityId", "type": "str"}, - "process_id": {"key": "processId", "type": "str"}, + "data_types": {"key": "dataTypes", "type": "AlertsDataTypeOfDataConnector"}, + "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, elevation_token: Optional[Union[str, "_models.ElevationToken"]] = None, **kwargs): + def __init__( + self, *, tenant_id: str, data_types: Optional["_models.AlertsDataTypeOfDataConnector"] = None, **kwargs: Any + ) -> None: """ - :keyword elevation_token: The elevation token associated with the process. Known values are: - "Default", "Full", and "Limited". - :paramtype elevation_token: str or ~azure.mgmt.securityinsight.models.ElevationToken + :keyword data_types: The available data types for the connector. + :paramtype data_types: ~azure.mgmt.securityinsight.models.AlertsDataTypeOfDataConnector + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str """ - super().__init__(**kwargs) - self.account_entity_id = None - self.command_line = None - self.creation_time_utc = None - self.elevation_token = elevation_token - self.host_entity_id = None - self.host_logon_session_entity_id = None - self.image_file_entity_id = None - self.parent_process_entity_id = None - self.process_id = None + super().__init__(tenant_id=tenant_id, data_types=data_types, **kwargs) + self.data_types = data_types + self.tenant_id = tenant_id -class PropertyArrayChangedConditionProperties(AutomationRuleCondition): - """Describes an automation rule condition that evaluates an array property's value change. +class OfficePowerBICheckRequirements(DataConnectorsCheckRequirements): + """Represents Office PowerBI requirements check request. All required parameters must be populated in order to send to Azure. - :ivar condition_type: Required. Known values are: "Property", "PropertyArray", - "PropertyChanged", "PropertyArrayChanged", and "Boolean". - :vartype condition_type: str or ~azure.mgmt.securityinsight.models.ConditionType - :ivar condition_properties: - :vartype condition_properties: - ~azure.mgmt.securityinsight.models.AutomationRulePropertyArrayChangedValuesCondition + :ivar kind: Describes the kind of connector to be checked. Required. Known values are: + "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", + "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str """ _validation = { - "condition_type": {"required": True}, + "kind": {"required": True}, } _attribute_map = { - "condition_type": {"key": "conditionType", "type": "str"}, - "condition_properties": { - "key": "conditionProperties", - "type": "AutomationRulePropertyArrayChangedValuesCondition", - }, + "kind": {"key": "kind", "type": "str"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__( - self, - *, - condition_properties: Optional["_models.AutomationRulePropertyArrayChangedValuesCondition"] = None, - **kwargs - ): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ - :keyword condition_properties: - :paramtype condition_properties: - ~azure.mgmt.securityinsight.models.AutomationRulePropertyArrayChangedValuesCondition + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str """ super().__init__(**kwargs) - self.condition_type: str = "PropertyArrayChanged" - self.condition_properties = condition_properties + self.kind: str = "OfficePowerBI" + self.tenant_id = tenant_id -class PropertyArrayConditionProperties(AutomationRuleCondition): - """Describes an automation rule condition that evaluates an array property's value. +class OfficePowerBICheckRequirementsProperties(DataConnectorTenantId): + """Office PowerBI requirements check properties. All required parameters must be populated in order to send to Azure. - :ivar condition_type: Required. Known values are: "Property", "PropertyArray", - "PropertyChanged", "PropertyArrayChanged", and "Boolean". - :vartype condition_type: str or ~azure.mgmt.securityinsight.models.ConditionType - :ivar condition_properties: - :vartype condition_properties: - ~azure.mgmt.securityinsight.models.AutomationRulePropertyArrayValuesCondition + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str """ _validation = { - "condition_type": {"required": True}, + "tenant_id": {"required": True}, } _attribute_map = { - "condition_type": {"key": "conditionType", "type": "str"}, - "condition_properties": {"key": "conditionProperties", "type": "AutomationRulePropertyArrayValuesCondition"}, + "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__( - self, *, condition_properties: Optional["_models.AutomationRulePropertyArrayValuesCondition"] = None, **kwargs - ): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ - :keyword condition_properties: - :paramtype condition_properties: - ~azure.mgmt.securityinsight.models.AutomationRulePropertyArrayValuesCondition + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str """ - super().__init__(**kwargs) - self.condition_type: str = "PropertyArray" - self.condition_properties = condition_properties + super().__init__(tenant_id=tenant_id, **kwargs) -class PropertyChangedConditionProperties(AutomationRuleCondition): - """Describes an automation rule condition that evaluates a property's value change. +class OfficePowerBIConnectorDataTypes(_serialization.Model): + """The available data types for Office Microsoft PowerBI data connector. All required parameters must be populated in order to send to Azure. - :ivar condition_type: Required. Known values are: "Property", "PropertyArray", - "PropertyChanged", "PropertyArrayChanged", and "Boolean". - :vartype condition_type: str or ~azure.mgmt.securityinsight.models.ConditionType - :ivar condition_properties: - :vartype condition_properties: - ~azure.mgmt.securityinsight.models.AutomationRulePropertyValuesChangedCondition + :ivar logs: Logs data type. Required. + :vartype logs: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypesLogs """ _validation = { - "condition_type": {"required": True}, + "logs": {"required": True}, } _attribute_map = { - "condition_type": {"key": "conditionType", "type": "str"}, - "condition_properties": {"key": "conditionProperties", "type": "AutomationRulePropertyValuesChangedCondition"}, + "logs": {"key": "logs", "type": "OfficePowerBIConnectorDataTypesLogs"}, } - def __init__( - self, *, condition_properties: Optional["_models.AutomationRulePropertyValuesChangedCondition"] = None, **kwargs - ): + def __init__(self, *, logs: "_models.OfficePowerBIConnectorDataTypesLogs", **kwargs: Any) -> None: """ - :keyword condition_properties: - :paramtype condition_properties: - ~azure.mgmt.securityinsight.models.AutomationRulePropertyValuesChangedCondition + :keyword logs: Logs data type. Required. + :paramtype logs: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypesLogs """ super().__init__(**kwargs) - self.condition_type: str = "PropertyChanged" - self.condition_properties = condition_properties + self.logs = logs -class PropertyConditionProperties(AutomationRuleCondition): - """Describes an automation rule condition that evaluates a property's value. +class OfficePowerBIConnectorDataTypesLogs(DataConnectorDataTypeCommon): + """Logs data type. All required parameters must be populated in order to send to Azure. - :ivar condition_type: Required. Known values are: "Property", "PropertyArray", - "PropertyChanged", "PropertyArrayChanged", and "Boolean". - :vartype condition_type: str or ~azure.mgmt.securityinsight.models.ConditionType - :ivar condition_properties: - :vartype condition_properties: - ~azure.mgmt.securityinsight.models.AutomationRulePropertyValuesCondition + :ivar state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ _validation = { - "condition_type": {"required": True}, + "state": {"required": True}, } _attribute_map = { - "condition_type": {"key": "conditionType", "type": "str"}, - "condition_properties": {"key": "conditionProperties", "type": "AutomationRulePropertyValuesCondition"}, + "state": {"key": "state", "type": "str"}, } - def __init__( - self, *, condition_properties: Optional["_models.AutomationRulePropertyValuesCondition"] = None, **kwargs - ): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ - :keyword condition_properties: - :paramtype condition_properties: - ~azure.mgmt.securityinsight.models.AutomationRulePropertyValuesCondition + :keyword state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ - super().__init__(**kwargs) - self.condition_type: str = "Property" - self.condition_properties = condition_properties + super().__init__(state=state, **kwargs) -class Recommendation(_serialization.Model): # pylint: disable=too-many-instance-attributes - """Recommendation object. +class OfficePowerBIDataConnector(DataConnector): + """Represents Office Microsoft PowerBI data connector. + + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar id: id of recommendation. Required. + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. :vartype id: str - :ivar instructions: Instructions of the recommendation. Required. - :vartype instructions: ~azure.mgmt.securityinsight.models.Instructions - :ivar content: Content of the recommendation. - :vartype content: ~azure.mgmt.securityinsight.models.Content - :ivar resource_id: Id of the resource this recommendation refers to. - :vartype resource_id: str - :ivar additional_properties: Collection of additional properties for the recommendation. - :vartype additional_properties: dict[str, str] - :ivar title: Title of the recommendation. Required. - :vartype title: str - :ivar description: Description of the recommendation. Required. - :vartype description: str - :ivar recommendation_type_title: Title of the recommendation type. Required. - :vartype recommendation_type_title: str - :ivar recommendation_type_id: Id of the recommendation type. Required. - :vartype recommendation_type_id: str - :ivar category: Category of the recommendation. Required. Known values are: "Onboarding", - "NewFeature", "SocEfficiency", "CostOptimization", and "Demo". - :vartype category: str or ~azure.mgmt.securityinsight.models.Category - :ivar context: Context of the recommendation. Required. Known values are: "Analytics", - "Incidents", "Overview", and "None". - :vartype context: str or ~azure.mgmt.securityinsight.models.Context - :ivar workspace_id: Id of the workspace this recommendation refers to. Required. - :vartype workspace_id: str - :ivar actions: List of actions to take for this recommendation. Required. - :vartype actions: list[~azure.mgmt.securityinsight.models.RecommendedAction] - :ivar state: State of the recommendation. Required. Known values are: "Active", "Disabled", - "CompletedByUser", "CompletedByAction", and "Hidden". - :vartype state: str or ~azure.mgmt.securityinsight.models.State - :ivar priority: Priority of the recommendation. Required. Known values are: "Low", "Medium", - and "High". - :vartype priority: str or ~azure.mgmt.securityinsight.models.Priority - :ivar last_evaluated_time_utc: The time stamp (UTC) when the recommendation was last evaluated. - Required. - :vartype last_evaluated_time_utc: ~datetime.datetime - :ivar hide_until_time_utc: The time stamp (UTC) when the recommendation should be displayed - again. - :vartype hide_until_time_utc: ~datetime.datetime - :ivar display_until_time_utc: The timestamp (UTC) after which the recommendation should not be - displayed anymore. - :vartype display_until_time_utc: ~datetime.datetime - :ivar visible: Value indicating if the recommendation should be displayed or not. - :vartype visible: bool + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", + "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", + "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str + :ivar data_types: The available data types for the connector. + :vartype data_types: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypes """ _validation = { - "id": {"required": True}, - "instructions": {"required": True}, - "title": {"required": True}, - "description": {"required": True}, - "recommendation_type_title": {"required": True}, - "recommendation_type_id": {"required": True}, - "category": {"required": True}, - "context": {"required": True}, - "workspace_id": {"required": True}, - "actions": {"required": True}, - "state": {"required": True}, - "priority": {"required": True}, - "last_evaluated_time_utc": {"required": True}, + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, } _attribute_map = { "id": {"key": "id", "type": "str"}, - "instructions": {"key": "instructions", "type": "Instructions"}, - "content": {"key": "content", "type": "Content"}, - "resource_id": {"key": "resourceId", "type": "str"}, - "additional_properties": {"key": "additionalProperties", "type": "{str}"}, - "title": {"key": "title", "type": "str"}, - "description": {"key": "description", "type": "str"}, - "recommendation_type_title": {"key": "recommendationTypeTitle", "type": "str"}, - "recommendation_type_id": {"key": "recommendationTypeId", "type": "str"}, - "category": {"key": "category", "type": "str"}, - "context": {"key": "context", "type": "str"}, - "workspace_id": {"key": "workspaceId", "type": "str"}, - "actions": {"key": "actions", "type": "[RecommendedAction]"}, - "state": {"key": "state", "type": "str"}, - "priority": {"key": "priority", "type": "str"}, - "last_evaluated_time_utc": {"key": "lastEvaluatedTimeUtc", "type": "iso-8601"}, - "hide_until_time_utc": {"key": "hideUntilTimeUtc", "type": "iso-8601"}, - "display_until_time_utc": {"key": "displayUntilTimeUtc", "type": "iso-8601"}, - "visible": {"key": "visible", "type": "bool"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "data_types": {"key": "properties.dataTypes", "type": "OfficePowerBIConnectorDataTypes"}, } def __init__( self, *, - id: str, # pylint: disable=redefined-builtin - instructions: "_models.Instructions", - title: str, - description: str, - recommendation_type_title: str, - recommendation_type_id: str, - category: Union[str, "_models.Category"], - context: Union[str, "_models.Context"], - workspace_id: str, - actions: List["_models.RecommendedAction"], - state: Union[str, "_models.State"], - priority: Union[str, "_models.Priority"], - last_evaluated_time_utc: datetime.datetime, - content: Optional["_models.Content"] = None, - resource_id: Optional[str] = None, - additional_properties: Optional[Dict[str, str]] = None, - hide_until_time_utc: Optional[datetime.datetime] = None, - display_until_time_utc: Optional[datetime.datetime] = None, - visible: Optional[bool] = None, - **kwargs - ): + etag: Optional[str] = None, + tenant_id: Optional[str] = None, + data_types: Optional["_models.OfficePowerBIConnectorDataTypes"] = None, + **kwargs: Any + ) -> None: """ - :keyword id: id of recommendation. Required. - :paramtype id: str - :keyword instructions: Instructions of the recommendation. Required. - :paramtype instructions: ~azure.mgmt.securityinsight.models.Instructions - :keyword content: Content of the recommendation. - :paramtype content: ~azure.mgmt.securityinsight.models.Content - :keyword resource_id: Id of the resource this recommendation refers to. - :paramtype resource_id: str - :keyword additional_properties: Collection of additional properties for the recommendation. - :paramtype additional_properties: dict[str, str] - :keyword title: Title of the recommendation. Required. - :paramtype title: str - :keyword description: Description of the recommendation. Required. - :paramtype description: str - :keyword recommendation_type_title: Title of the recommendation type. Required. - :paramtype recommendation_type_title: str - :keyword recommendation_type_id: Id of the recommendation type. Required. - :paramtype recommendation_type_id: str - :keyword category: Category of the recommendation. Required. Known values are: "Onboarding", - "NewFeature", "SocEfficiency", "CostOptimization", and "Demo". - :paramtype category: str or ~azure.mgmt.securityinsight.models.Category - :keyword context: Context of the recommendation. Required. Known values are: "Analytics", - "Incidents", "Overview", and "None". - :paramtype context: str or ~azure.mgmt.securityinsight.models.Context - :keyword workspace_id: Id of the workspace this recommendation refers to. Required. - :paramtype workspace_id: str - :keyword actions: List of actions to take for this recommendation. Required. - :paramtype actions: list[~azure.mgmt.securityinsight.models.RecommendedAction] - :keyword state: State of the recommendation. Required. Known values are: "Active", "Disabled", - "CompletedByUser", "CompletedByAction", and "Hidden". - :paramtype state: str or ~azure.mgmt.securityinsight.models.State - :keyword priority: Priority of the recommendation. Required. Known values are: "Low", "Medium", - and "High". - :paramtype priority: str or ~azure.mgmt.securityinsight.models.Priority - :keyword last_evaluated_time_utc: The time stamp (UTC) when the recommendation was last - evaluated. Required. - :paramtype last_evaluated_time_utc: ~datetime.datetime - :keyword hide_until_time_utc: The time stamp (UTC) when the recommendation should be displayed - again. - :paramtype hide_until_time_utc: ~datetime.datetime - :keyword display_until_time_utc: The timestamp (UTC) after which the recommendation should not - be displayed anymore. - :paramtype display_until_time_utc: ~datetime.datetime - :keyword visible: Value indicating if the recommendation should be displayed or not. - :paramtype visible: bool + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str + :keyword data_types: The available data types for the connector. + :paramtype data_types: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypes """ - super().__init__(**kwargs) - self.id = id - self.instructions = instructions - self.content = content - self.resource_id = resource_id - self.additional_properties = additional_properties - self.title = title - self.description = description - self.recommendation_type_title = recommendation_type_title - self.recommendation_type_id = recommendation_type_id - self.category = category - self.context = context - self.workspace_id = workspace_id - self.actions = actions - self.state = state - self.priority = priority - self.last_evaluated_time_utc = last_evaluated_time_utc - self.hide_until_time_utc = hide_until_time_utc - self.display_until_time_utc = display_until_time_utc - self.visible = visible + super().__init__(etag=etag, **kwargs) + self.kind: str = "OfficePowerBI" + self.tenant_id = tenant_id + self.data_types = data_types -class RecommendationList(_serialization.Model): - """A list of recommendations. +class OfficePowerBIDataConnectorProperties(DataConnectorTenantId): + """Office Microsoft PowerBI data connector properties. - :ivar value: An list of recommendations. - :vartype value: list[~azure.mgmt.securityinsight.models.Recommendation] + All required parameters must be populated in order to send to Azure. + + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str + :ivar data_types: The available data types for the connector. Required. + :vartype data_types: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypes """ + _validation = { + "tenant_id": {"required": True}, + "data_types": {"required": True}, + } + _attribute_map = { - "value": {"key": "value", "type": "[Recommendation]"}, + "tenant_id": {"key": "tenantId", "type": "str"}, + "data_types": {"key": "dataTypes", "type": "OfficePowerBIConnectorDataTypes"}, } - def __init__(self, *, value: Optional[List["_models.Recommendation"]] = None, **kwargs): + def __init__(self, *, tenant_id: str, data_types: "_models.OfficePowerBIConnectorDataTypes", **kwargs: Any) -> None: """ - :keyword value: An list of recommendations. - :paramtype value: list[~azure.mgmt.securityinsight.models.Recommendation] + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str + :keyword data_types: The available data types for the connector. Required. + :paramtype data_types: ~azure.mgmt.securityinsight.models.OfficePowerBIConnectorDataTypes """ - super().__init__(**kwargs) - self.value = value + super().__init__(tenant_id=tenant_id, **kwargs) + self.data_types = data_types -class RecommendationPatch(_serialization.Model): - """Recommendation Fields to update. +class Operation(_serialization.Model): + """Operation provided by provider. - :ivar state: State of the recommendation. Known values are: "Active", "Disabled", - "CompletedByUser", "CompletedByAction", and "Hidden". - :vartype state: str or ~azure.mgmt.securityinsight.models.State - :ivar hide_until_time_utc: The time stamp (UTC) when the recommendation should be displayed - again. - :vartype hide_until_time_utc: ~datetime.datetime + :ivar display: Properties of the operation. + :vartype display: ~azure.mgmt.securityinsight.models.OperationDisplay + :ivar name: Name of the operation. + :vartype name: str + :ivar origin: The origin of the operation. + :vartype origin: str + :ivar is_data_action: Indicates whether the operation is a data action. + :vartype is_data_action: bool """ _attribute_map = { - "state": {"key": "state", "type": "str"}, - "hide_until_time_utc": {"key": "hideUntilTimeUtc", "type": "iso-8601"}, + "display": {"key": "display", "type": "OperationDisplay"}, + "name": {"key": "name", "type": "str"}, + "origin": {"key": "origin", "type": "str"}, + "is_data_action": {"key": "isDataAction", "type": "bool"}, } def __init__( self, *, - state: Optional[Union[str, "_models.State"]] = None, - hide_until_time_utc: Optional[datetime.datetime] = None, - **kwargs - ): + display: Optional["_models.OperationDisplay"] = None, + name: Optional[str] = None, + origin: Optional[str] = None, + is_data_action: Optional[bool] = None, + **kwargs: Any + ) -> None: """ - :keyword state: State of the recommendation. Known values are: "Active", "Disabled", - "CompletedByUser", "CompletedByAction", and "Hidden". - :paramtype state: str or ~azure.mgmt.securityinsight.models.State - :keyword hide_until_time_utc: The time stamp (UTC) when the recommendation should be displayed - again. - :paramtype hide_until_time_utc: ~datetime.datetime + :keyword display: Properties of the operation. + :paramtype display: ~azure.mgmt.securityinsight.models.OperationDisplay + :keyword name: Name of the operation. + :paramtype name: str + :keyword origin: The origin of the operation. + :paramtype origin: str + :keyword is_data_action: Indicates whether the operation is a data action. + :paramtype is_data_action: bool """ super().__init__(**kwargs) - self.state = state - self.hide_until_time_utc = hide_until_time_utc - + self.display = display + self.name = name + self.origin = origin + self.is_data_action = is_data_action -class RecommendedAction(_serialization.Model): - """What actions should be taken to complete the recommendation. - All required parameters must be populated in order to send to Azure. +class OperationDisplay(_serialization.Model): + """Properties of the operation. - :ivar link_text: Text of the link to complete the action. Required. - :vartype link_text: str - :ivar link_url: The Link to complete the action. Required. - :vartype link_url: str - :ivar state: The state of the action. Known values are: "Low", "Medium", and "High". - :vartype state: str or ~azure.mgmt.securityinsight.models.Priority + :ivar description: Description of the operation. + :vartype description: str + :ivar operation: Operation name. + :vartype operation: str + :ivar provider: Provider name. + :vartype provider: str + :ivar resource: Resource name. + :vartype resource: str """ - _validation = { - "link_text": {"required": True}, - "link_url": {"required": True}, - } - _attribute_map = { - "link_text": {"key": "linkText", "type": "str"}, - "link_url": {"key": "linkUrl", "type": "str"}, - "state": {"key": "state", "type": "str"}, + "description": {"key": "description", "type": "str"}, + "operation": {"key": "operation", "type": "str"}, + "provider": {"key": "provider", "type": "str"}, + "resource": {"key": "resource", "type": "str"}, } def __init__( - self, *, link_text: str, link_url: str, state: Optional[Union[str, "_models.Priority"]] = None, **kwargs - ): + self, + *, + description: Optional[str] = None, + operation: Optional[str] = None, + provider: Optional[str] = None, + resource: Optional[str] = None, + **kwargs: Any + ) -> None: """ - :keyword link_text: Text of the link to complete the action. Required. - :paramtype link_text: str - :keyword link_url: The Link to complete the action. Required. - :paramtype link_url: str - :keyword state: The state of the action. Known values are: "Low", "Medium", and "High". - :paramtype state: str or ~azure.mgmt.securityinsight.models.Priority + :keyword description: Description of the operation. + :paramtype description: str + :keyword operation: Operation name. + :paramtype operation: str + :keyword provider: Provider name. + :paramtype provider: str + :keyword resource: Resource name. + :paramtype resource: str """ super().__init__(**kwargs) - self.link_text = link_text - self.link_url = link_url - self.state = state + self.description = description + self.operation = operation + self.provider = provider + self.resource = resource -class RegistryKeyEntity(Entity): - """Represents a registry key entity. +class OperationsList(_serialization.Model): + """Lists the operations available in the SecurityInsights RP. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - :vartype id: str - :ivar name: The name of the resource. - :vartype name: str - :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or - "Microsoft.Storage/storageAccounts". - :vartype type: str - :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy - information. - :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", - "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", - "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", - "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar hive: the hive that holds the registry key. Known values are: "HKEY_LOCAL_MACHINE", - "HKEY_CLASSES_ROOT", "HKEY_CURRENT_CONFIG", "HKEY_USERS", "HKEY_CURRENT_USER_LOCAL_SETTINGS", - "HKEY_PERFORMANCE_DATA", "HKEY_PERFORMANCE_NLSTEXT", "HKEY_PERFORMANCE_TEXT", "HKEY_A", and - "HKEY_CURRENT_USER". - :vartype hive: str or ~azure.mgmt.securityinsight.models.RegistryHive - :ivar key: The registry key path. - :vartype key: str - """ - - _validation = { - "id": {"readonly": True}, - "name": {"readonly": True}, - "type": {"readonly": True}, - "system_data": {"readonly": True}, - "kind": {"required": True}, - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "hive": {"readonly": True}, - "key": {"readonly": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "type": {"key": "type", "type": "str"}, - "system_data": {"key": "systemData", "type": "SystemData"}, - "kind": {"key": "kind", "type": "str"}, - "additional_data": {"key": "properties.additionalData", "type": "{object}"}, - "friendly_name": {"key": "properties.friendlyName", "type": "str"}, - "hive": {"key": "properties.hive", "type": "str"}, - "key": {"key": "properties.key", "type": "str"}, - } - - def __init__(self, **kwargs): - """ """ - super().__init__(**kwargs) - self.kind: str = "RegistryKey" - self.additional_data = None - self.friendly_name = None - self.hive = None - self.key = None - - -class RegistryKeyEntityProperties(EntityCommonProperties): - """RegistryKey entity property bag. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar hive: the hive that holds the registry key. Known values are: "HKEY_LOCAL_MACHINE", - "HKEY_CLASSES_ROOT", "HKEY_CURRENT_CONFIG", "HKEY_USERS", "HKEY_CURRENT_USER_LOCAL_SETTINGS", - "HKEY_PERFORMANCE_DATA", "HKEY_PERFORMANCE_NLSTEXT", "HKEY_PERFORMANCE_TEXT", "HKEY_A", and - "HKEY_CURRENT_USER". - :vartype hive: str or ~azure.mgmt.securityinsight.models.RegistryHive - :ivar key: The registry key path. - :vartype key: str + :ivar next_link: URL to fetch the next set of operations. + :vartype next_link: str + :ivar value: Array of operations. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.Operation] """ _validation = { - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "hive": {"readonly": True}, - "key": {"readonly": True}, + "next_link": {"readonly": True}, + "value": {"required": True}, } _attribute_map = { - "additional_data": {"key": "additionalData", "type": "{object}"}, - "friendly_name": {"key": "friendlyName", "type": "str"}, - "hive": {"key": "hive", "type": "str"}, - "key": {"key": "key", "type": "str"}, + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[Operation]"}, } - def __init__(self, **kwargs): - """ """ + def __init__(self, *, value: List["_models.Operation"], **kwargs: Any) -> None: + """ + :keyword value: Array of operations. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.Operation] + """ super().__init__(**kwargs) - self.hive = None - self.key = None + self.next_link = None + self.value = value -class RegistryValueEntity(Entity): # pylint: disable=too-many-instance-attributes - """Represents a registry value entity. +class PackageList(_serialization.Model): + """List available packages. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - :vartype id: str - :ivar name: The name of the resource. - :vartype name: str - :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or - "Microsoft.Storage/storageAccounts". - :vartype type: str - :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy - information. - :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", - "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", - "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", - "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar key_entity_id: The registry key entity id. - :vartype key_entity_id: str - :ivar value_data: String formatted representation of the value data. - :vartype value_data: str - :ivar value_name: The registry value name. - :vartype value_name: str - :ivar value_type: Specifies the data types to use when storing values in the registry, or - identifies the data type of a value in the registry. Known values are: "None", "Unknown", - "String", "ExpandString", "Binary", "DWord", "MultiString", and "QWord". - :vartype value_type: str or ~azure.mgmt.securityinsight.models.RegistryValueKind + :ivar next_link: URL to fetch the next set of packages. + :vartype next_link: str + :ivar value: Array of packages. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.PackageModel] """ _validation = { - "id": {"readonly": True}, - "name": {"readonly": True}, - "type": {"readonly": True}, - "system_data": {"readonly": True}, - "kind": {"required": True}, - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "key_entity_id": {"readonly": True}, - "value_data": {"readonly": True}, - "value_name": {"readonly": True}, - "value_type": {"readonly": True}, + "next_link": {"readonly": True}, + "value": {"required": True}, } _attribute_map = { - "id": {"key": "id", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "type": {"key": "type", "type": "str"}, - "system_data": {"key": "systemData", "type": "SystemData"}, - "kind": {"key": "kind", "type": "str"}, - "additional_data": {"key": "properties.additionalData", "type": "{object}"}, - "friendly_name": {"key": "properties.friendlyName", "type": "str"}, - "key_entity_id": {"key": "properties.keyEntityId", "type": "str"}, - "value_data": {"key": "properties.valueData", "type": "str"}, - "value_name": {"key": "properties.valueName", "type": "str"}, - "value_type": {"key": "properties.valueType", "type": "str"}, + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[PackageModel]"}, } - def __init__(self, **kwargs): - """ """ + def __init__(self, *, value: List["_models.PackageModel"], **kwargs: Any) -> None: + """ + :keyword value: Array of packages. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.PackageModel] + """ super().__init__(**kwargs) - self.kind: str = "RegistryValue" - self.additional_data = None - self.friendly_name = None - self.key_entity_id = None - self.value_data = None - self.value_name = None - self.value_type = None + self.next_link = None + self.value = value -class RegistryValueEntityProperties(EntityCommonProperties): - """RegistryValue entity property bag. +class PackageListAutoGenerated(_serialization.Model): + """List available packages. Variables are only populated by the server, and will be ignored when sending a request. - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar key_entity_id: The registry key entity id. - :vartype key_entity_id: str - :ivar value_data: String formatted representation of the value data. - :vartype value_data: str - :ivar value_name: The registry value name. - :vartype value_name: str - :ivar value_type: Specifies the data types to use when storing values in the registry, or - identifies the data type of a value in the registry. Known values are: "None", "Unknown", - "String", "ExpandString", "Binary", "DWord", "MultiString", and "QWord". - :vartype value_type: str or ~azure.mgmt.securityinsight.models.RegistryValueKind + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of packages. + :vartype next_link: str + :ivar value: Array of packages. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.PackageModelAutoGenerated] """ _validation = { - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "key_entity_id": {"readonly": True}, - "value_data": {"readonly": True}, - "value_name": {"readonly": True}, - "value_type": {"readonly": True}, + "next_link": {"readonly": True}, + "value": {"required": True}, } _attribute_map = { - "additional_data": {"key": "additionalData", "type": "{object}"}, - "friendly_name": {"key": "friendlyName", "type": "str"}, - "key_entity_id": {"key": "keyEntityId", "type": "str"}, - "value_data": {"key": "valueData", "type": "str"}, - "value_name": {"key": "valueName", "type": "str"}, - "value_type": {"key": "valueType", "type": "str"}, + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[PackageModelAutoGenerated]"}, } - def __init__(self, **kwargs): - """ """ + def __init__(self, *, value: List["_models.PackageModelAutoGenerated"], **kwargs: Any) -> None: + """ + :keyword value: Array of packages. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.PackageModelAutoGenerated] + """ super().__init__(**kwargs) - self.key_entity_id = None - self.value_data = None - self.value_name = None - self.value_type = None + self.next_link = None + self.value = value -class Relation(ResourceWithEtag): - """Represents a relation between two resources. +class PackageModel(ResourceWithEtag): # pylint: disable=too-many-instance-attributes + """Represents a Package in Azure Security Insights. Variables are only populated by the server, and will be ignored when sending a request. @@ -18578,14 +18832,52 @@ class Relation(ResourceWithEtag): :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData :ivar etag: Etag of the azure resource. :vartype etag: str - :ivar related_resource_id: The resource ID of the related resource. - :vartype related_resource_id: str - :ivar related_resource_name: The name of the related resource. - :vartype related_resource_name: str - :ivar related_resource_type: The resource type of the related resource. - :vartype related_resource_type: str - :ivar related_resource_kind: The resource kind of the related resource. - :vartype related_resource_kind: str + :ivar content_id: The package id. + :vartype content_id: str + :ivar content_kind: The package kind. Known values are: "Solution" and "Standalone". + :vartype content_kind: str or ~azure.mgmt.securityinsight.models.PackageKind + :ivar content_schema_version: The version of the content schema. + :vartype content_schema_version: str + :ivar is_new: Flag indicates if this is a newly published package. Known values are: "true" and + "false". + :vartype is_new: str or ~azure.mgmt.securityinsight.models.Flag + :ivar is_preview: Flag indicates if this package is in preview. Known values are: "true" and + "false". + :vartype is_preview: str or ~azure.mgmt.securityinsight.models.Flag + :ivar is_featured: Flag indicates if this package is among the featured list. Known values are: + "true" and "false". + :vartype is_featured: str or ~azure.mgmt.securityinsight.models.Flag + :ivar version: the latest version number of the package. + :vartype version: str + :ivar display_name: The display name of the package. + :vartype display_name: str + :ivar description: The description of the package. + :vartype description: str + :ivar publisher_display_name: The publisher display name of the package. + :vartype publisher_display_name: str + :ivar source: The source of the package. + :vartype source: ~azure.mgmt.securityinsight.models.MetadataSource + :ivar author: The author of the package. + :vartype author: ~azure.mgmt.securityinsight.models.MetadataAuthor + :ivar support: The support tier of the package. + :vartype support: ~azure.mgmt.securityinsight.models.MetadataSupport + :ivar dependencies: The support tier of the package. + :vartype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :ivar providers: Providers for the package item. + :vartype providers: list[str] + :ivar first_publish_date: first publish date package item. + :vartype first_publish_date: ~datetime.date + :ivar last_publish_date: last publish date for the package item. + :vartype last_publish_date: ~datetime.date + :ivar categories: The categories of the package. + :vartype categories: ~azure.mgmt.securityinsight.models.MetadataCategories + :ivar threat_analysis_tactics: the tactics the resource covers. + :vartype threat_analysis_tactics: list[str] + :ivar threat_analysis_techniques: the techniques the resource covers, these have to be aligned + with the tactics being used. + :vartype threat_analysis_techniques: list[str] + :ivar icon: the icon identifier. this id can later be fetched from the content metadata. + :vartype icon: str """ _validation = { @@ -18593,9 +18885,6 @@ class Relation(ResourceWithEtag): "name": {"readonly": True}, "type": {"readonly": True}, "system_data": {"readonly": True}, - "related_resource_name": {"readonly": True}, - "related_resource_type": {"readonly": True}, - "related_resource_kind": {"readonly": True}, } _attribute_map = { @@ -18604,274 +18893,576 @@ class Relation(ResourceWithEtag): "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, "etag": {"key": "etag", "type": "str"}, - "related_resource_id": {"key": "properties.relatedResourceId", "type": "str"}, - "related_resource_name": {"key": "properties.relatedResourceName", "type": "str"}, - "related_resource_type": {"key": "properties.relatedResourceType", "type": "str"}, - "related_resource_kind": {"key": "properties.relatedResourceKind", "type": "str"}, + "content_id": {"key": "properties.contentId", "type": "str"}, + "content_kind": {"key": "properties.contentKind", "type": "str"}, + "content_schema_version": {"key": "properties.contentSchemaVersion", "type": "str"}, + "is_new": {"key": "properties.isNew", "type": "str"}, + "is_preview": {"key": "properties.isPreview", "type": "str"}, + "is_featured": {"key": "properties.isFeatured", "type": "str"}, + "version": {"key": "properties.version", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "description": {"key": "properties.description", "type": "str"}, + "publisher_display_name": {"key": "properties.publisherDisplayName", "type": "str"}, + "source": {"key": "properties.source", "type": "MetadataSource"}, + "author": {"key": "properties.author", "type": "MetadataAuthor"}, + "support": {"key": "properties.support", "type": "MetadataSupport"}, + "dependencies": {"key": "properties.dependencies", "type": "MetadataDependencies"}, + "providers": {"key": "properties.providers", "type": "[str]"}, + "first_publish_date": {"key": "properties.firstPublishDate", "type": "date"}, + "last_publish_date": {"key": "properties.lastPublishDate", "type": "date"}, + "categories": {"key": "properties.categories", "type": "MetadataCategories"}, + "threat_analysis_tactics": {"key": "properties.threatAnalysisTactics", "type": "[str]"}, + "threat_analysis_techniques": {"key": "properties.threatAnalysisTechniques", "type": "[str]"}, + "icon": {"key": "properties.icon", "type": "str"}, } - def __init__(self, *, etag: Optional[str] = None, related_resource_id: Optional[str] = None, **kwargs): - """ + def __init__( # pylint: disable=too-many-locals + self, + *, + etag: Optional[str] = None, + content_id: Optional[str] = None, + content_kind: Optional[Union[str, "_models.PackageKind"]] = None, + content_schema_version: Optional[str] = None, + is_new: Optional[Union[str, "_models.Flag"]] = None, + is_preview: Optional[Union[str, "_models.Flag"]] = None, + is_featured: Optional[Union[str, "_models.Flag"]] = None, + version: Optional[str] = None, + display_name: Optional[str] = None, + description: Optional[str] = None, + publisher_display_name: Optional[str] = None, + source: Optional["_models.MetadataSource"] = None, + author: Optional["_models.MetadataAuthor"] = None, + support: Optional["_models.MetadataSupport"] = None, + dependencies: Optional["_models.MetadataDependencies"] = None, + providers: Optional[List[str]] = None, + first_publish_date: Optional[datetime.date] = None, + last_publish_date: Optional[datetime.date] = None, + categories: Optional["_models.MetadataCategories"] = None, + threat_analysis_tactics: Optional[List[str]] = None, + threat_analysis_techniques: Optional[List[str]] = None, + icon: Optional[str] = None, + **kwargs: Any + ) -> None: + """ :keyword etag: Etag of the azure resource. :paramtype etag: str - :keyword related_resource_id: The resource ID of the related resource. - :paramtype related_resource_id: str + :keyword content_id: The package id. + :paramtype content_id: str + :keyword content_kind: The package kind. Known values are: "Solution" and "Standalone". + :paramtype content_kind: str or ~azure.mgmt.securityinsight.models.PackageKind + :keyword content_schema_version: The version of the content schema. + :paramtype content_schema_version: str + :keyword is_new: Flag indicates if this is a newly published package. Known values are: "true" + and "false". + :paramtype is_new: str or ~azure.mgmt.securityinsight.models.Flag + :keyword is_preview: Flag indicates if this package is in preview. Known values are: "true" and + "false". + :paramtype is_preview: str or ~azure.mgmt.securityinsight.models.Flag + :keyword is_featured: Flag indicates if this package is among the featured list. Known values + are: "true" and "false". + :paramtype is_featured: str or ~azure.mgmt.securityinsight.models.Flag + :keyword version: the latest version number of the package. + :paramtype version: str + :keyword display_name: The display name of the package. + :paramtype display_name: str + :keyword description: The description of the package. + :paramtype description: str + :keyword publisher_display_name: The publisher display name of the package. + :paramtype publisher_display_name: str + :keyword source: The source of the package. + :paramtype source: ~azure.mgmt.securityinsight.models.MetadataSource + :keyword author: The author of the package. + :paramtype author: ~azure.mgmt.securityinsight.models.MetadataAuthor + :keyword support: The support tier of the package. + :paramtype support: ~azure.mgmt.securityinsight.models.MetadataSupport + :keyword dependencies: The support tier of the package. + :paramtype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :keyword providers: Providers for the package item. + :paramtype providers: list[str] + :keyword first_publish_date: first publish date package item. + :paramtype first_publish_date: ~datetime.date + :keyword last_publish_date: last publish date for the package item. + :paramtype last_publish_date: ~datetime.date + :keyword categories: The categories of the package. + :paramtype categories: ~azure.mgmt.securityinsight.models.MetadataCategories + :keyword threat_analysis_tactics: the tactics the resource covers. + :paramtype threat_analysis_tactics: list[str] + :keyword threat_analysis_techniques: the techniques the resource covers, these have to be + aligned with the tactics being used. + :paramtype threat_analysis_techniques: list[str] + :keyword icon: the icon identifier. this id can later be fetched from the content metadata. + :paramtype icon: str """ super().__init__(etag=etag, **kwargs) - self.related_resource_id = related_resource_id - self.related_resource_name = None - self.related_resource_type = None - self.related_resource_kind = None + self.content_id = content_id + self.content_kind = content_kind + self.content_schema_version = content_schema_version + self.is_new = is_new + self.is_preview = is_preview + self.is_featured = is_featured + self.version = version + self.display_name = display_name + self.description = description + self.publisher_display_name = publisher_display_name + self.source = source + self.author = author + self.support = support + self.dependencies = dependencies + self.providers = providers + self.first_publish_date = first_publish_date + self.last_publish_date = last_publish_date + self.categories = categories + self.threat_analysis_tactics = threat_analysis_tactics + self.threat_analysis_techniques = threat_analysis_techniques + self.icon = icon -class RelationList(_serialization.Model): - """List of relations. +class PackageModelAutoGenerated(ResourceWithEtag): # pylint: disable=too-many-instance-attributes + """Represents a Package in Azure Security Insights. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - - :ivar next_link: URL to fetch the next set of relations. - :vartype next_link: str - :ivar value: Array of relations. Required. - :vartype value: list[~azure.mgmt.securityinsight.models.Relation] + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar content_id: The content id of the package. + :vartype content_id: str + :ivar content_kind: The package kind. Known values are: "Solution" and "Standalone". + :vartype content_kind: str or ~azure.mgmt.securityinsight.models.PackageKind + :ivar installed_version: The version of the installed package, null or absent means not + installed. + :vartype installed_version: str + :ivar content_schema_version: The version of the content schema. + :vartype content_schema_version: str + :ivar resource_id: The metadata resource id. + :vartype resource_id: str + :ivar is_new: Flag indicates if this is a newly published package. Known values are: "true" and + "false". + :vartype is_new: str or ~azure.mgmt.securityinsight.models.Flag + :ivar is_preview: Flag indicates if this package is in preview. Known values are: "true" and + "false". + :vartype is_preview: str or ~azure.mgmt.securityinsight.models.Flag + :ivar is_featured: Flag indicates if this package is among the featured list. Known values are: + "true" and "false". + :vartype is_featured: str or ~azure.mgmt.securityinsight.models.Flag + :ivar version: the latest version number of the package. + :vartype version: str + :ivar display_name: The display name of the package. + :vartype display_name: str + :ivar description: The description of the package. + :vartype description: str + :ivar publisher_display_name: The publisher display name of the package. + :vartype publisher_display_name: str + :ivar source: The source of the package. + :vartype source: ~azure.mgmt.securityinsight.models.MetadataSource + :ivar author: The author of the package. + :vartype author: ~azure.mgmt.securityinsight.models.MetadataAuthor + :ivar support: The support tier of the package. + :vartype support: ~azure.mgmt.securityinsight.models.MetadataSupport + :ivar dependencies: The support tier of the package. + :vartype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :ivar providers: Providers for the package item. + :vartype providers: list[str] + :ivar first_publish_date: first publish date package item. + :vartype first_publish_date: ~datetime.date + :ivar last_publish_date: last publish date for the package item. + :vartype last_publish_date: ~datetime.date + :ivar categories: The categories of the package. + :vartype categories: ~azure.mgmt.securityinsight.models.MetadataCategories + :ivar threat_analysis_tactics: the tactics the resource covers. + :vartype threat_analysis_tactics: list[str] + :ivar threat_analysis_techniques: the techniques the resource covers, these have to be aligned + with the tactics being used. + :vartype threat_analysis_techniques: list[str] + :ivar icon: the icon identifier. this id can later be fetched from the content metadata. + :vartype icon: str + :ivar packaged_content: the json to deploy. + :vartype packaged_content: JSON """ _validation = { - "next_link": {"readonly": True}, - "value": {"required": True}, + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, } _attribute_map = { - "next_link": {"key": "nextLink", "type": "str"}, - "value": {"key": "value", "type": "[Relation]"}, + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "content_id": {"key": "properties.contentId", "type": "str"}, + "content_kind": {"key": "properties.contentKind", "type": "str"}, + "installed_version": {"key": "properties.installedVersion", "type": "str"}, + "content_schema_version": {"key": "properties.contentSchemaVersion", "type": "str"}, + "resource_id": {"key": "properties.resourceId", "type": "str"}, + "is_new": {"key": "properties.isNew", "type": "str"}, + "is_preview": {"key": "properties.isPreview", "type": "str"}, + "is_featured": {"key": "properties.isFeatured", "type": "str"}, + "version": {"key": "properties.version", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "description": {"key": "properties.description", "type": "str"}, + "publisher_display_name": {"key": "properties.publisherDisplayName", "type": "str"}, + "source": {"key": "properties.source", "type": "MetadataSource"}, + "author": {"key": "properties.author", "type": "MetadataAuthor"}, + "support": {"key": "properties.support", "type": "MetadataSupport"}, + "dependencies": {"key": "properties.dependencies", "type": "MetadataDependencies"}, + "providers": {"key": "properties.providers", "type": "[str]"}, + "first_publish_date": {"key": "properties.firstPublishDate", "type": "date"}, + "last_publish_date": {"key": "properties.lastPublishDate", "type": "date"}, + "categories": {"key": "properties.categories", "type": "MetadataCategories"}, + "threat_analysis_tactics": {"key": "properties.threatAnalysisTactics", "type": "[str]"}, + "threat_analysis_techniques": {"key": "properties.threatAnalysisTechniques", "type": "[str]"}, + "icon": {"key": "properties.icon", "type": "str"}, + "packaged_content": {"key": "properties.packagedContent", "type": "object"}, } - def __init__(self, *, value: List["_models.Relation"], **kwargs): + def __init__( # pylint: disable=too-many-locals + self, + *, + etag: Optional[str] = None, + content_id: Optional[str] = None, + content_kind: Optional[Union[str, "_models.PackageKind"]] = None, + installed_version: Optional[str] = None, + content_schema_version: Optional[str] = None, + resource_id: Optional[str] = None, + is_new: Optional[Union[str, "_models.Flag"]] = None, + is_preview: Optional[Union[str, "_models.Flag"]] = None, + is_featured: Optional[Union[str, "_models.Flag"]] = None, + version: Optional[str] = None, + display_name: Optional[str] = None, + description: Optional[str] = None, + publisher_display_name: Optional[str] = None, + source: Optional["_models.MetadataSource"] = None, + author: Optional["_models.MetadataAuthor"] = None, + support: Optional["_models.MetadataSupport"] = None, + dependencies: Optional["_models.MetadataDependencies"] = None, + providers: Optional[List[str]] = None, + first_publish_date: Optional[datetime.date] = None, + last_publish_date: Optional[datetime.date] = None, + categories: Optional["_models.MetadataCategories"] = None, + threat_analysis_tactics: Optional[List[str]] = None, + threat_analysis_techniques: Optional[List[str]] = None, + icon: Optional[str] = None, + packaged_content: Optional[JSON] = None, + **kwargs: Any + ) -> None: """ - :keyword value: Array of relations. Required. - :paramtype value: list[~azure.mgmt.securityinsight.models.Relation] + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword content_id: The content id of the package. + :paramtype content_id: str + :keyword content_kind: The package kind. Known values are: "Solution" and "Standalone". + :paramtype content_kind: str or ~azure.mgmt.securityinsight.models.PackageKind + :keyword installed_version: The version of the installed package, null or absent means not + installed. + :paramtype installed_version: str + :keyword content_schema_version: The version of the content schema. + :paramtype content_schema_version: str + :keyword resource_id: The metadata resource id. + :paramtype resource_id: str + :keyword is_new: Flag indicates if this is a newly published package. Known values are: "true" + and "false". + :paramtype is_new: str or ~azure.mgmt.securityinsight.models.Flag + :keyword is_preview: Flag indicates if this package is in preview. Known values are: "true" and + "false". + :paramtype is_preview: str or ~azure.mgmt.securityinsight.models.Flag + :keyword is_featured: Flag indicates if this package is among the featured list. Known values + are: "true" and "false". + :paramtype is_featured: str or ~azure.mgmt.securityinsight.models.Flag + :keyword version: the latest version number of the package. + :paramtype version: str + :keyword display_name: The display name of the package. + :paramtype display_name: str + :keyword description: The description of the package. + :paramtype description: str + :keyword publisher_display_name: The publisher display name of the package. + :paramtype publisher_display_name: str + :keyword source: The source of the package. + :paramtype source: ~azure.mgmt.securityinsight.models.MetadataSource + :keyword author: The author of the package. + :paramtype author: ~azure.mgmt.securityinsight.models.MetadataAuthor + :keyword support: The support tier of the package. + :paramtype support: ~azure.mgmt.securityinsight.models.MetadataSupport + :keyword dependencies: The support tier of the package. + :paramtype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :keyword providers: Providers for the package item. + :paramtype providers: list[str] + :keyword first_publish_date: first publish date package item. + :paramtype first_publish_date: ~datetime.date + :keyword last_publish_date: last publish date for the package item. + :paramtype last_publish_date: ~datetime.date + :keyword categories: The categories of the package. + :paramtype categories: ~azure.mgmt.securityinsight.models.MetadataCategories + :keyword threat_analysis_tactics: the tactics the resource covers. + :paramtype threat_analysis_tactics: list[str] + :keyword threat_analysis_techniques: the techniques the resource covers, these have to be + aligned with the tactics being used. + :paramtype threat_analysis_techniques: list[str] + :keyword icon: the icon identifier. this id can later be fetched from the content metadata. + :paramtype icon: str + :keyword packaged_content: the json to deploy. + :paramtype packaged_content: JSON """ - super().__init__(**kwargs) - self.next_link = None - self.value = value + super().__init__(etag=etag, **kwargs) + self.content_id = content_id + self.content_kind = content_kind + self.installed_version = installed_version + self.content_schema_version = content_schema_version + self.resource_id = resource_id + self.is_new = is_new + self.is_preview = is_preview + self.is_featured = is_featured + self.version = version + self.display_name = display_name + self.description = description + self.publisher_display_name = publisher_display_name + self.source = source + self.author = author + self.support = support + self.dependencies = dependencies + self.providers = providers + self.first_publish_date = first_publish_date + self.last_publish_date = last_publish_date + self.categories = categories + self.threat_analysis_tactics = threat_analysis_tactics + self.threat_analysis_techniques = threat_analysis_techniques + self.icon = icon + self.packaged_content = packaged_content -class Repo(_serialization.Model): - """Represents a repository. +class Permissions(_serialization.Model): + """Permissions required for the connector. - :ivar url: The url to access the repository. - :vartype url: str - :ivar full_name: The name of the repository. - :vartype full_name: str - :ivar branches: Array of branches. - :vartype branches: list[str] + :ivar resource_provider: Resource provider permissions required for the connector. + :vartype resource_provider: + list[~azure.mgmt.securityinsight.models.PermissionsResourceProviderItem] + :ivar customs: Customs permissions required for the connector. + :vartype customs: list[~azure.mgmt.securityinsight.models.PermissionsCustomsItem] """ _attribute_map = { - "url": {"key": "url", "type": "str"}, - "full_name": {"key": "fullName", "type": "str"}, - "branches": {"key": "branches", "type": "[str]"}, + "resource_provider": {"key": "resourceProvider", "type": "[PermissionsResourceProviderItem]"}, + "customs": {"key": "customs", "type": "[PermissionsCustomsItem]"}, } def __init__( self, *, - url: Optional[str] = None, - full_name: Optional[str] = None, - branches: Optional[List[str]] = None, - **kwargs - ): + resource_provider: Optional[List["_models.PermissionsResourceProviderItem"]] = None, + customs: Optional[List["_models.PermissionsCustomsItem"]] = None, + **kwargs: Any + ) -> None: """ - :keyword url: The url to access the repository. - :paramtype url: str - :keyword full_name: The name of the repository. - :paramtype full_name: str - :keyword branches: Array of branches. - :paramtype branches: list[str] + :keyword resource_provider: Resource provider permissions required for the connector. + :paramtype resource_provider: + list[~azure.mgmt.securityinsight.models.PermissionsResourceProviderItem] + :keyword customs: Customs permissions required for the connector. + :paramtype customs: list[~azure.mgmt.securityinsight.models.PermissionsCustomsItem] """ super().__init__(**kwargs) - self.url = url - self.full_name = full_name - self.branches = branches - + self.resource_provider = resource_provider + self.customs = customs -class RepoList(_serialization.Model): - """List all the source controls. - Variables are only populated by the server, and will be ignored when sending a request. +class PermissionsCustomsItem(Customs): + """PermissionsCustomsItem. - All required parameters must be populated in order to send to Azure. - - :ivar next_link: URL to fetch the next set of repositories. - :vartype next_link: str - :ivar value: Array of repositories. Required. - :vartype value: list[~azure.mgmt.securityinsight.models.Repo] - """ - - _validation = { - "next_link": {"readonly": True}, - "value": {"required": True}, - } + :ivar name: Customs permissions name. + :vartype name: str + :ivar description: Customs permissions description. + :vartype description: str + """ _attribute_map = { - "next_link": {"key": "nextLink", "type": "str"}, - "value": {"key": "value", "type": "[Repo]"}, + "name": {"key": "name", "type": "str"}, + "description": {"key": "description", "type": "str"}, } - def __init__(self, *, value: List["_models.Repo"], **kwargs): + def __init__(self, *, name: Optional[str] = None, description: Optional[str] = None, **kwargs: Any) -> None: """ - :keyword value: Array of repositories. Required. - :paramtype value: list[~azure.mgmt.securityinsight.models.Repo] + :keyword name: Customs permissions name. + :paramtype name: str + :keyword description: Customs permissions description. + :paramtype description: str """ - super().__init__(**kwargs) - self.next_link = None - self.value = value + super().__init__(name=name, description=description, **kwargs) -class Repository(_serialization.Model): - """metadata of a repository. +class ResourceProvider(_serialization.Model): + """Resource provider permissions required for the connector. - :ivar url: Url of repository. - :vartype url: str - :ivar branch: Branch name of repository. - :vartype branch: str - :ivar display_url: Display url of repository. - :vartype display_url: str - :ivar deployment_logs_url: Url to access repository action logs. - :vartype deployment_logs_url: str - :ivar path_mapping: Dictionary of source control content type and path mapping. - :vartype path_mapping: list[~azure.mgmt.securityinsight.models.ContentPathMap] + :ivar provider: Provider name. Known values are: "Microsoft.OperationalInsights/solutions", + "Microsoft.OperationalInsights/workspaces", + "Microsoft.OperationalInsights/workspaces/datasources", "microsoft.aadiam/diagnosticSettings", + "Microsoft.OperationalInsights/workspaces/sharedKeys", and + "Microsoft.Authorization/policyAssignments". + :vartype provider: str or ~azure.mgmt.securityinsight.models.ProviderName + :ivar permissions_display_text: Permission description text. + :vartype permissions_display_text: str + :ivar provider_display_name: Permission provider display name. + :vartype provider_display_name: str + :ivar scope: Permission provider scope. Known values are: "ResourceGroup", "Subscription", and + "Workspace". + :vartype scope: str or ~azure.mgmt.securityinsight.models.PermissionProviderScope + :ivar required_permissions: Required permissions for the connector. + :vartype required_permissions: ~azure.mgmt.securityinsight.models.RequiredPermissions """ _attribute_map = { - "url": {"key": "url", "type": "str"}, - "branch": {"key": "branch", "type": "str"}, - "display_url": {"key": "displayUrl", "type": "str"}, - "deployment_logs_url": {"key": "deploymentLogsUrl", "type": "str"}, - "path_mapping": {"key": "pathMapping", "type": "[ContentPathMap]"}, + "provider": {"key": "provider", "type": "str"}, + "permissions_display_text": {"key": "permissionsDisplayText", "type": "str"}, + "provider_display_name": {"key": "providerDisplayName", "type": "str"}, + "scope": {"key": "scope", "type": "str"}, + "required_permissions": {"key": "requiredPermissions", "type": "RequiredPermissions"}, } def __init__( self, *, - url: Optional[str] = None, - branch: Optional[str] = None, - display_url: Optional[str] = None, - deployment_logs_url: Optional[str] = None, - path_mapping: Optional[List["_models.ContentPathMap"]] = None, - **kwargs - ): + provider: Optional[Union[str, "_models.ProviderName"]] = None, + permissions_display_text: Optional[str] = None, + provider_display_name: Optional[str] = None, + scope: Optional[Union[str, "_models.PermissionProviderScope"]] = None, + required_permissions: Optional["_models.RequiredPermissions"] = None, + **kwargs: Any + ) -> None: """ - :keyword url: Url of repository. - :paramtype url: str - :keyword branch: Branch name of repository. - :paramtype branch: str - :keyword display_url: Display url of repository. - :paramtype display_url: str - :keyword deployment_logs_url: Url to access repository action logs. - :paramtype deployment_logs_url: str - :keyword path_mapping: Dictionary of source control content type and path mapping. - :paramtype path_mapping: list[~azure.mgmt.securityinsight.models.ContentPathMap] + :keyword provider: Provider name. Known values are: "Microsoft.OperationalInsights/solutions", + "Microsoft.OperationalInsights/workspaces", + "Microsoft.OperationalInsights/workspaces/datasources", "microsoft.aadiam/diagnosticSettings", + "Microsoft.OperationalInsights/workspaces/sharedKeys", and + "Microsoft.Authorization/policyAssignments". + :paramtype provider: str or ~azure.mgmt.securityinsight.models.ProviderName + :keyword permissions_display_text: Permission description text. + :paramtype permissions_display_text: str + :keyword provider_display_name: Permission provider display name. + :paramtype provider_display_name: str + :keyword scope: Permission provider scope. Known values are: "ResourceGroup", "Subscription", + and "Workspace". + :paramtype scope: str or ~azure.mgmt.securityinsight.models.PermissionProviderScope + :keyword required_permissions: Required permissions for the connector. + :paramtype required_permissions: ~azure.mgmt.securityinsight.models.RequiredPermissions """ super().__init__(**kwargs) - self.url = url - self.branch = branch - self.display_url = display_url - self.deployment_logs_url = deployment_logs_url - self.path_mapping = path_mapping + self.provider = provider + self.permissions_display_text = permissions_display_text + self.provider_display_name = provider_display_name + self.scope = scope + self.required_permissions = required_permissions -class RepositoryResourceInfo(_serialization.Model): - """Resources created in user's repository for the source-control. +class PermissionsResourceProviderItem(ResourceProvider): + """PermissionsResourceProviderItem. - :ivar webhook: The webhook object created for the source-control. - :vartype webhook: ~azure.mgmt.securityinsight.models.Webhook - :ivar git_hub_resource_info: Resources created in GitHub for this source-control. - :vartype git_hub_resource_info: ~azure.mgmt.securityinsight.models.GitHubResourceInfo - :ivar azure_dev_ops_resource_info: Resources created in Azure DevOps for this source-control. - :vartype azure_dev_ops_resource_info: - ~azure.mgmt.securityinsight.models.AzureDevOpsResourceInfo + :ivar provider: Provider name. Known values are: "Microsoft.OperationalInsights/solutions", + "Microsoft.OperationalInsights/workspaces", + "Microsoft.OperationalInsights/workspaces/datasources", "microsoft.aadiam/diagnosticSettings", + "Microsoft.OperationalInsights/workspaces/sharedKeys", and + "Microsoft.Authorization/policyAssignments". + :vartype provider: str or ~azure.mgmt.securityinsight.models.ProviderName + :ivar permissions_display_text: Permission description text. + :vartype permissions_display_text: str + :ivar provider_display_name: Permission provider display name. + :vartype provider_display_name: str + :ivar scope: Permission provider scope. Known values are: "ResourceGroup", "Subscription", and + "Workspace". + :vartype scope: str or ~azure.mgmt.securityinsight.models.PermissionProviderScope + :ivar required_permissions: Required permissions for the connector. + :vartype required_permissions: ~azure.mgmt.securityinsight.models.RequiredPermissions """ _attribute_map = { - "webhook": {"key": "webhook", "type": "Webhook"}, - "git_hub_resource_info": {"key": "gitHubResourceInfo", "type": "GitHubResourceInfo"}, - "azure_dev_ops_resource_info": {"key": "azureDevOpsResourceInfo", "type": "AzureDevOpsResourceInfo"}, + "provider": {"key": "provider", "type": "str"}, + "permissions_display_text": {"key": "permissionsDisplayText", "type": "str"}, + "provider_display_name": {"key": "providerDisplayName", "type": "str"}, + "scope": {"key": "scope", "type": "str"}, + "required_permissions": {"key": "requiredPermissions", "type": "RequiredPermissions"}, } def __init__( self, *, - webhook: Optional["_models.Webhook"] = None, - git_hub_resource_info: Optional["_models.GitHubResourceInfo"] = None, - azure_dev_ops_resource_info: Optional["_models.AzureDevOpsResourceInfo"] = None, - **kwargs - ): + provider: Optional[Union[str, "_models.ProviderName"]] = None, + permissions_display_text: Optional[str] = None, + provider_display_name: Optional[str] = None, + scope: Optional[Union[str, "_models.PermissionProviderScope"]] = None, + required_permissions: Optional["_models.RequiredPermissions"] = None, + **kwargs: Any + ) -> None: """ - :keyword webhook: The webhook object created for the source-control. - :paramtype webhook: ~azure.mgmt.securityinsight.models.Webhook - :keyword git_hub_resource_info: Resources created in GitHub for this source-control. - :paramtype git_hub_resource_info: ~azure.mgmt.securityinsight.models.GitHubResourceInfo - :keyword azure_dev_ops_resource_info: Resources created in Azure DevOps for this - source-control. - :paramtype azure_dev_ops_resource_info: - ~azure.mgmt.securityinsight.models.AzureDevOpsResourceInfo + :keyword provider: Provider name. Known values are: "Microsoft.OperationalInsights/solutions", + "Microsoft.OperationalInsights/workspaces", + "Microsoft.OperationalInsights/workspaces/datasources", "microsoft.aadiam/diagnosticSettings", + "Microsoft.OperationalInsights/workspaces/sharedKeys", and + "Microsoft.Authorization/policyAssignments". + :paramtype provider: str or ~azure.mgmt.securityinsight.models.ProviderName + :keyword permissions_display_text: Permission description text. + :paramtype permissions_display_text: str + :keyword provider_display_name: Permission provider display name. + :paramtype provider_display_name: str + :keyword scope: Permission provider scope. Known values are: "ResourceGroup", "Subscription", + and "Workspace". + :paramtype scope: str or ~azure.mgmt.securityinsight.models.PermissionProviderScope + :keyword required_permissions: Required permissions for the connector. + :paramtype required_permissions: ~azure.mgmt.securityinsight.models.RequiredPermissions """ - super().__init__(**kwargs) - self.webhook = webhook - self.git_hub_resource_info = git_hub_resource_info - self.azure_dev_ops_resource_info = azure_dev_ops_resource_info + super().__init__( + provider=provider, + permissions_display_text=permissions_display_text, + provider_display_name=provider_display_name, + scope=scope, + required_permissions=required_permissions, + **kwargs + ) -class RequiredPermissions(_serialization.Model): - """Required permissions for the connector. +class PlaybookActionProperties(_serialization.Model): + """PlaybookActionProperties. - :ivar action: action permission. - :vartype action: bool - :ivar write: write permission. - :vartype write: bool - :ivar read: read permission. - :vartype read: bool - :ivar delete: delete permission. - :vartype delete: bool + All required parameters must be populated in order to send to Azure. + + :ivar logic_app_resource_id: The resource id of the playbook resource. Required. + :vartype logic_app_resource_id: str + :ivar tenant_id: The tenant id of the playbook resource. + :vartype tenant_id: str """ + _validation = { + "logic_app_resource_id": {"required": True}, + } + _attribute_map = { - "action": {"key": "action", "type": "bool"}, - "write": {"key": "write", "type": "bool"}, - "read": {"key": "read", "type": "bool"}, - "delete": {"key": "delete", "type": "bool"}, + "logic_app_resource_id": {"key": "logicAppResourceId", "type": "str"}, + "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__( - self, - *, - action: Optional[bool] = None, - write: Optional[bool] = None, - read: Optional[bool] = None, - delete: Optional[bool] = None, - **kwargs - ): + def __init__(self, *, logic_app_resource_id: str, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ - :keyword action: action permission. - :paramtype action: bool - :keyword write: write permission. - :paramtype write: bool - :keyword read: read permission. - :paramtype read: bool - :keyword delete: delete permission. - :paramtype delete: bool + :keyword logic_app_resource_id: The resource id of the playbook resource. Required. + :paramtype logic_app_resource_id: str + :keyword tenant_id: The tenant id of the playbook resource. + :paramtype tenant_id: str """ super().__init__(**kwargs) - self.action = action - self.write = write - self.read = read - self.delete = delete + self.logic_app_resource_id = logic_app_resource_id + self.tenant_id = tenant_id -class ScheduledAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes - """Represents scheduled alert rule. +class ProcessEntity(Entity): # pylint: disable=too-many-instance-attributes + """Represents a process entity. Variables are only populated by the server, and will be ignored when sending a request. @@ -18888,64 +19479,36 @@ class ScheduledAlertRule(AlertRule): # pylint: disable=too-many-instance-attrib :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy information. :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar etag: Etag of the azure resource. - :vartype etag: str - :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", - "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and - "NRT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind - :ivar query: The query that creates alerts for this rule. - :vartype query: str - :ivar query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to run. - :vartype query_frequency: ~datetime.timedelta - :ivar query_period: The period (in ISO 8601 duration format) that this alert rule looks at. - :vartype query_period: ~datetime.timedelta - :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", - "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :ivar trigger_operator: The operation against the threshold that triggers alert rule. Known - values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". - :vartype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator - :ivar trigger_threshold: The threshold triggers this alert rule. - :vartype trigger_threshold: int - :ivar event_grouping_settings: The event grouping settings. - :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :vartype custom_details: dict[str, str] - :ivar entity_mappings: Array of the entity mappings of the alert rule. - :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :ivar alert_details_override: The alert details override settings. - :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :vartype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] - :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. - :vartype alert_rule_template_name: str - :ivar template_version: The version of the alert rule template used to create this rule - in - format , where all are numbers, for example 0 <1.0.2>. - :vartype template_version: str - :ivar description: The description of the alert rule. - :vartype description: str - :ivar display_name: The display name for alerts created by this alert rule. - :vartype display_name: str - :ivar enabled: Determines whether this alert rule is enabled or disabled. - :vartype enabled: bool - :ivar last_modified_utc: The last time that this alert rule has been modified. - :vartype last_modified_utc: ~datetime.datetime - :ivar suppression_duration: The suppression (in ISO 8601 duration format) to wait since last - time this alert rule been triggered. - :vartype suppression_duration: ~datetime.timedelta - :ivar suppression_enabled: Determines whether the suppression for this alert rule is enabled or - disabled. - :vartype suppression_enabled: bool - :ivar tactics: The tactics of the alert rule. - :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :ivar techniques: The techniques of the alert rule. - :vartype techniques: list[str] - :ivar incident_configuration: The settings of the incidents that created from alerts triggered - by this analytics rule. - :vartype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration + :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", + "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", + "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", + "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar account_entity_id: The account entity id running the processes. + :vartype account_entity_id: str + :ivar command_line: The command line used to create the process. + :vartype command_line: str + :ivar creation_time_utc: The time when the process started to run. + :vartype creation_time_utc: ~datetime.datetime + :ivar elevation_token: The elevation token associated with the process. Known values are: + "Default", "Full", and "Limited". + :vartype elevation_token: str or ~azure.mgmt.securityinsight.models.ElevationToken + :ivar host_entity_id: The host entity id on which the process was running. + :vartype host_entity_id: str + :ivar host_logon_session_entity_id: The session entity id in which the process was running. + :vartype host_logon_session_entity_id: str + :ivar image_file_entity_id: Image file entity id. + :vartype image_file_entity_id: str + :ivar parent_process_entity_id: The parent process entity id. + :vartype parent_process_entity_id: str + :ivar process_id: The process ID. + :vartype process_id: str """ _validation = { @@ -18954,7 +19517,16 @@ class ScheduledAlertRule(AlertRule): # pylint: disable=too-many-instance-attrib "type": {"readonly": True}, "system_data": {"readonly": True}, "kind": {"required": True}, - "last_modified_utc": {"readonly": True}, + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "account_entity_id": {"readonly": True}, + "command_line": {"readonly": True}, + "creation_time_utc": {"readonly": True}, + "host_entity_id": {"readonly": True}, + "host_logon_session_entity_id": {"readonly": True}, + "image_file_entity_id": {"readonly": True}, + "parent_process_entity_id": {"readonly": True}, + "process_id": {"readonly": True}, } _attribute_map = { @@ -18962,369 +19534,1563 @@ class ScheduledAlertRule(AlertRule): # pylint: disable=too-many-instance-attrib "name": {"key": "name", "type": "str"}, "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, - "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, - "query": {"key": "properties.query", "type": "str"}, - "query_frequency": {"key": "properties.queryFrequency", "type": "duration"}, - "query_period": {"key": "properties.queryPeriod", "type": "duration"}, - "severity": {"key": "properties.severity", "type": "str"}, - "trigger_operator": {"key": "properties.triggerOperator", "type": "str"}, - "trigger_threshold": {"key": "properties.triggerThreshold", "type": "int"}, - "event_grouping_settings": {"key": "properties.eventGroupingSettings", "type": "EventGroupingSettings"}, - "custom_details": {"key": "properties.customDetails", "type": "{str}"}, - "entity_mappings": {"key": "properties.entityMappings", "type": "[EntityMapping]"}, - "alert_details_override": {"key": "properties.alertDetailsOverride", "type": "AlertDetailsOverride"}, - "sentinel_entities_mappings": {"key": "properties.sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, - "alert_rule_template_name": {"key": "properties.alertRuleTemplateName", "type": "str"}, - "template_version": {"key": "properties.templateVersion", "type": "str"}, - "description": {"key": "properties.description", "type": "str"}, - "display_name": {"key": "properties.displayName", "type": "str"}, - "enabled": {"key": "properties.enabled", "type": "bool"}, - "last_modified_utc": {"key": "properties.lastModifiedUtc", "type": "iso-8601"}, - "suppression_duration": {"key": "properties.suppressionDuration", "type": "duration"}, - "suppression_enabled": {"key": "properties.suppressionEnabled", "type": "bool"}, - "tactics": {"key": "properties.tactics", "type": "[str]"}, - "techniques": {"key": "properties.techniques", "type": "[str]"}, - "incident_configuration": {"key": "properties.incidentConfiguration", "type": "IncidentConfiguration"}, + "additional_data": {"key": "properties.additionalData", "type": "{object}"}, + "friendly_name": {"key": "properties.friendlyName", "type": "str"}, + "account_entity_id": {"key": "properties.accountEntityId", "type": "str"}, + "command_line": {"key": "properties.commandLine", "type": "str"}, + "creation_time_utc": {"key": "properties.creationTimeUtc", "type": "iso-8601"}, + "elevation_token": {"key": "properties.elevationToken", "type": "str"}, + "host_entity_id": {"key": "properties.hostEntityId", "type": "str"}, + "host_logon_session_entity_id": {"key": "properties.hostLogonSessionEntityId", "type": "str"}, + "image_file_entity_id": {"key": "properties.imageFileEntityId", "type": "str"}, + "parent_process_entity_id": {"key": "properties.parentProcessEntityId", "type": "str"}, + "process_id": {"key": "properties.processId", "type": "str"}, } - def __init__( # pylint: disable=too-many-locals - self, - *, - etag: Optional[str] = None, - query: Optional[str] = None, - query_frequency: Optional[datetime.timedelta] = None, - query_period: Optional[datetime.timedelta] = None, - severity: Optional[Union[str, "_models.AlertSeverity"]] = None, - trigger_operator: Optional[Union[str, "_models.TriggerOperator"]] = None, - trigger_threshold: Optional[int] = None, - event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, - custom_details: Optional[Dict[str, str]] = None, - entity_mappings: Optional[List["_models.EntityMapping"]] = None, - alert_details_override: Optional["_models.AlertDetailsOverride"] = None, - sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, - alert_rule_template_name: Optional[str] = None, - template_version: Optional[str] = None, - description: Optional[str] = None, - display_name: Optional[str] = None, - enabled: Optional[bool] = None, - suppression_duration: Optional[datetime.timedelta] = None, - suppression_enabled: Optional[bool] = None, - tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, - techniques: Optional[List[str]] = None, - incident_configuration: Optional["_models.IncidentConfiguration"] = None, - **kwargs - ): + def __init__( + self, *, elevation_token: Optional[Union[str, "_models.ElevationToken"]] = None, **kwargs: Any + ) -> None: """ - :keyword etag: Etag of the azure resource. - :paramtype etag: str - :keyword query: The query that creates alerts for this rule. - :paramtype query: str - :keyword query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to - run. - :paramtype query_frequency: ~datetime.timedelta - :keyword query_period: The period (in ISO 8601 duration format) that this alert rule looks at. - :paramtype query_period: ~datetime.timedelta - :keyword severity: The severity for alerts created by this alert rule. Known values are: - "High", "Medium", "Low", and "Informational". - :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :keyword trigger_operator: The operation against the threshold that triggers alert rule. Known - values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". - :paramtype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator - :keyword trigger_threshold: The threshold triggers this alert rule. - :paramtype trigger_threshold: int - :keyword event_grouping_settings: The event grouping settings. - :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :paramtype custom_details: dict[str, str] - :keyword entity_mappings: Array of the entity mappings of the alert rule. - :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :keyword alert_details_override: The alert details override settings. - :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :paramtype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] - :keyword alert_rule_template_name: The Name of the alert rule template used to create this - rule. - :paramtype alert_rule_template_name: str - :keyword template_version: The version of the alert rule template used to create this rule - in - format , where all are numbers, for example 0 <1.0.2>. - :paramtype template_version: str - :keyword description: The description of the alert rule. - :paramtype description: str - :keyword display_name: The display name for alerts created by this alert rule. - :paramtype display_name: str - :keyword enabled: Determines whether this alert rule is enabled or disabled. - :paramtype enabled: bool - :keyword suppression_duration: The suppression (in ISO 8601 duration format) to wait since last - time this alert rule been triggered. - :paramtype suppression_duration: ~datetime.timedelta - :keyword suppression_enabled: Determines whether the suppression for this alert rule is enabled - or disabled. - :paramtype suppression_enabled: bool - :keyword tactics: The tactics of the alert rule. - :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :keyword techniques: The techniques of the alert rule. - :paramtype techniques: list[str] - :keyword incident_configuration: The settings of the incidents that created from alerts - triggered by this analytics rule. - :paramtype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration + :keyword elevation_token: The elevation token associated with the process. Known values are: + "Default", "Full", and "Limited". + :paramtype elevation_token: str or ~azure.mgmt.securityinsight.models.ElevationToken """ - super().__init__(etag=etag, **kwargs) - self.kind: str = "Scheduled" - self.query = query - self.query_frequency = query_frequency - self.query_period = query_period - self.severity = severity - self.trigger_operator = trigger_operator - self.trigger_threshold = trigger_threshold - self.event_grouping_settings = event_grouping_settings - self.custom_details = custom_details - self.entity_mappings = entity_mappings - self.alert_details_override = alert_details_override - self.sentinel_entities_mappings = sentinel_entities_mappings - self.alert_rule_template_name = alert_rule_template_name - self.template_version = template_version - self.description = description - self.display_name = display_name - self.enabled = enabled - self.last_modified_utc = None - self.suppression_duration = suppression_duration - self.suppression_enabled = suppression_enabled - self.tactics = tactics - self.techniques = techniques - self.incident_configuration = incident_configuration + super().__init__(**kwargs) + self.kind: str = "Process" + self.additional_data = None + self.friendly_name = None + self.account_entity_id = None + self.command_line = None + self.creation_time_utc = None + self.elevation_token = elevation_token + self.host_entity_id = None + self.host_logon_session_entity_id = None + self.image_file_entity_id = None + self.parent_process_entity_id = None + self.process_id = None -class ScheduledAlertRuleCommonProperties(_serialization.Model): # pylint: disable=too-many-instance-attributes - """Scheduled alert rule template property bag. +class ProcessEntityProperties(EntityCommonProperties): # pylint: disable=too-many-instance-attributes + """Process entity property bag. - :ivar query: The query that creates alerts for this rule. - :vartype query: str - :ivar query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to run. - :vartype query_frequency: ~datetime.timedelta - :ivar query_period: The period (in ISO 8601 duration format) that this alert rule looks at. - :vartype query_period: ~datetime.timedelta - :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", - "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :ivar trigger_operator: The operation against the threshold that triggers alert rule. Known - values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". - :vartype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator - :ivar trigger_threshold: The threshold triggers this alert rule. - :vartype trigger_threshold: int - :ivar event_grouping_settings: The event grouping settings. - :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :vartype custom_details: dict[str, str] - :ivar entity_mappings: Array of the entity mappings of the alert rule. - :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :ivar alert_details_override: The alert details override settings. - :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :vartype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar account_entity_id: The account entity id running the processes. + :vartype account_entity_id: str + :ivar command_line: The command line used to create the process. + :vartype command_line: str + :ivar creation_time_utc: The time when the process started to run. + :vartype creation_time_utc: ~datetime.datetime + :ivar elevation_token: The elevation token associated with the process. Known values are: + "Default", "Full", and "Limited". + :vartype elevation_token: str or ~azure.mgmt.securityinsight.models.ElevationToken + :ivar host_entity_id: The host entity id on which the process was running. + :vartype host_entity_id: str + :ivar host_logon_session_entity_id: The session entity id in which the process was running. + :vartype host_logon_session_entity_id: str + :ivar image_file_entity_id: Image file entity id. + :vartype image_file_entity_id: str + :ivar parent_process_entity_id: The parent process entity id. + :vartype parent_process_entity_id: str + :ivar process_id: The process ID. + :vartype process_id: str """ + _validation = { + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "account_entity_id": {"readonly": True}, + "command_line": {"readonly": True}, + "creation_time_utc": {"readonly": True}, + "host_entity_id": {"readonly": True}, + "host_logon_session_entity_id": {"readonly": True}, + "image_file_entity_id": {"readonly": True}, + "parent_process_entity_id": {"readonly": True}, + "process_id": {"readonly": True}, + } + _attribute_map = { - "query": {"key": "query", "type": "str"}, - "query_frequency": {"key": "queryFrequency", "type": "duration"}, - "query_period": {"key": "queryPeriod", "type": "duration"}, - "severity": {"key": "severity", "type": "str"}, - "trigger_operator": {"key": "triggerOperator", "type": "str"}, - "trigger_threshold": {"key": "triggerThreshold", "type": "int"}, - "event_grouping_settings": {"key": "eventGroupingSettings", "type": "EventGroupingSettings"}, - "custom_details": {"key": "customDetails", "type": "{str}"}, - "entity_mappings": {"key": "entityMappings", "type": "[EntityMapping]"}, - "alert_details_override": {"key": "alertDetailsOverride", "type": "AlertDetailsOverride"}, - "sentinel_entities_mappings": {"key": "sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, + "additional_data": {"key": "additionalData", "type": "{object}"}, + "friendly_name": {"key": "friendlyName", "type": "str"}, + "account_entity_id": {"key": "accountEntityId", "type": "str"}, + "command_line": {"key": "commandLine", "type": "str"}, + "creation_time_utc": {"key": "creationTimeUtc", "type": "iso-8601"}, + "elevation_token": {"key": "elevationToken", "type": "str"}, + "host_entity_id": {"key": "hostEntityId", "type": "str"}, + "host_logon_session_entity_id": {"key": "hostLogonSessionEntityId", "type": "str"}, + "image_file_entity_id": {"key": "imageFileEntityId", "type": "str"}, + "parent_process_entity_id": {"key": "parentProcessEntityId", "type": "str"}, + "process_id": {"key": "processId", "type": "str"}, } def __init__( - self, - *, - query: Optional[str] = None, - query_frequency: Optional[datetime.timedelta] = None, - query_period: Optional[datetime.timedelta] = None, - severity: Optional[Union[str, "_models.AlertSeverity"]] = None, - trigger_operator: Optional[Union[str, "_models.TriggerOperator"]] = None, - trigger_threshold: Optional[int] = None, - event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, - custom_details: Optional[Dict[str, str]] = None, - entity_mappings: Optional[List["_models.EntityMapping"]] = None, - alert_details_override: Optional["_models.AlertDetailsOverride"] = None, - sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, - **kwargs - ): + self, *, elevation_token: Optional[Union[str, "_models.ElevationToken"]] = None, **kwargs: Any + ) -> None: """ - :keyword query: The query that creates alerts for this rule. - :paramtype query: str - :keyword query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to - run. - :paramtype query_frequency: ~datetime.timedelta - :keyword query_period: The period (in ISO 8601 duration format) that this alert rule looks at. - :paramtype query_period: ~datetime.timedelta - :keyword severity: The severity for alerts created by this alert rule. Known values are: - "High", "Medium", "Low", and "Informational". - :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :keyword trigger_operator: The operation against the threshold that triggers alert rule. Known - values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". - :paramtype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator - :keyword trigger_threshold: The threshold triggers this alert rule. - :paramtype trigger_threshold: int - :keyword event_grouping_settings: The event grouping settings. - :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :paramtype custom_details: dict[str, str] - :keyword entity_mappings: Array of the entity mappings of the alert rule. - :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :keyword alert_details_override: The alert details override settings. - :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :paramtype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :keyword elevation_token: The elevation token associated with the process. Known values are: + "Default", "Full", and "Limited". + :paramtype elevation_token: str or ~azure.mgmt.securityinsight.models.ElevationToken """ super().__init__(**kwargs) - self.query = query - self.query_frequency = query_frequency - self.query_period = query_period - self.severity = severity - self.trigger_operator = trigger_operator - self.trigger_threshold = trigger_threshold - self.event_grouping_settings = event_grouping_settings - self.custom_details = custom_details - self.entity_mappings = entity_mappings - self.alert_details_override = alert_details_override - self.sentinel_entities_mappings = sentinel_entities_mappings - + self.account_entity_id = None + self.command_line = None + self.creation_time_utc = None + self.elevation_token = elevation_token + self.host_entity_id = None + self.host_logon_session_entity_id = None + self.image_file_entity_id = None + self.parent_process_entity_id = None + self.process_id = None -class ScheduledAlertRuleProperties(ScheduledAlertRuleCommonProperties): # pylint: disable=too-many-instance-attributes - """Scheduled alert rule base property bag. - Variables are only populated by the server, and will be ignored when sending a request. +class PropertyArrayChangedConditionProperties(AutomationRuleCondition): + """Describes an automation rule condition that evaluates an array property's value change. All required parameters must be populated in order to send to Azure. - :ivar query: The query that creates alerts for this rule. - :vartype query: str - :ivar query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to run. - :vartype query_frequency: ~datetime.timedelta - :ivar query_period: The period (in ISO 8601 duration format) that this alert rule looks at. - :vartype query_period: ~datetime.timedelta - :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", - "Medium", "Low", and "Informational". - :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity - :ivar trigger_operator: The operation against the threshold that triggers alert rule. Known - values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". - :vartype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator - :ivar trigger_threshold: The threshold triggers this alert rule. - :vartype trigger_threshold: int - :ivar event_grouping_settings: The event grouping settings. - :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings - :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the - alert. - :vartype custom_details: dict[str, str] - :ivar entity_mappings: Array of the entity mappings of the alert rule. - :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] - :ivar alert_details_override: The alert details override settings. - :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride - :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. - :vartype sentinel_entities_mappings: - list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] - :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. - :vartype alert_rule_template_name: str - :ivar template_version: The version of the alert rule template used to create this rule - in - format , where all are numbers, for example 0 <1.0.2>. - :vartype template_version: str - :ivar description: The description of the alert rule. - :vartype description: str - :ivar display_name: The display name for alerts created by this alert rule. Required. - :vartype display_name: str - :ivar enabled: Determines whether this alert rule is enabled or disabled. Required. - :vartype enabled: bool - :ivar last_modified_utc: The last time that this alert rule has been modified. - :vartype last_modified_utc: ~datetime.datetime - :ivar suppression_duration: The suppression (in ISO 8601 duration format) to wait since last - time this alert rule been triggered. Required. - :vartype suppression_duration: ~datetime.timedelta - :ivar suppression_enabled: Determines whether the suppression for this alert rule is enabled or - disabled. Required. - :vartype suppression_enabled: bool - :ivar tactics: The tactics of the alert rule. - :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] - :ivar techniques: The techniques of the alert rule. - :vartype techniques: list[str] - :ivar incident_configuration: The settings of the incidents that created from alerts triggered - by this analytics rule. - :vartype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration + :ivar condition_type: Required. Known values are: "Property", "PropertyArray", + "PropertyChanged", "PropertyArrayChanged", and "Boolean". + :vartype condition_type: str or ~azure.mgmt.securityinsight.models.ConditionType + :ivar condition_properties: + :vartype condition_properties: + ~azure.mgmt.securityinsight.models.AutomationRulePropertyArrayChangedValuesCondition """ _validation = { - "display_name": {"required": True}, - "enabled": {"required": True}, - "last_modified_utc": {"readonly": True}, - "suppression_duration": {"required": True}, - "suppression_enabled": {"required": True}, + "condition_type": {"required": True}, } _attribute_map = { - "query": {"key": "query", "type": "str"}, - "query_frequency": {"key": "queryFrequency", "type": "duration"}, - "query_period": {"key": "queryPeriod", "type": "duration"}, - "severity": {"key": "severity", "type": "str"}, - "trigger_operator": {"key": "triggerOperator", "type": "str"}, - "trigger_threshold": {"key": "triggerThreshold", "type": "int"}, - "event_grouping_settings": {"key": "eventGroupingSettings", "type": "EventGroupingSettings"}, - "custom_details": {"key": "customDetails", "type": "{str}"}, - "entity_mappings": {"key": "entityMappings", "type": "[EntityMapping]"}, - "alert_details_override": {"key": "alertDetailsOverride", "type": "AlertDetailsOverride"}, - "sentinel_entities_mappings": {"key": "sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, - "alert_rule_template_name": {"key": "alertRuleTemplateName", "type": "str"}, - "template_version": {"key": "templateVersion", "type": "str"}, - "description": {"key": "description", "type": "str"}, - "display_name": {"key": "displayName", "type": "str"}, - "enabled": {"key": "enabled", "type": "bool"}, - "last_modified_utc": {"key": "lastModifiedUtc", "type": "iso-8601"}, - "suppression_duration": {"key": "suppressionDuration", "type": "duration"}, - "suppression_enabled": {"key": "suppressionEnabled", "type": "bool"}, - "tactics": {"key": "tactics", "type": "[str]"}, - "techniques": {"key": "techniques", "type": "[str]"}, - "incident_configuration": {"key": "incidentConfiguration", "type": "IncidentConfiguration"}, + "condition_type": {"key": "conditionType", "type": "str"}, + "condition_properties": { + "key": "conditionProperties", + "type": "AutomationRulePropertyArrayChangedValuesCondition", + }, } def __init__( self, *, - display_name: str, - enabled: bool, - suppression_duration: datetime.timedelta, - suppression_enabled: bool, - query: Optional[str] = None, - query_frequency: Optional[datetime.timedelta] = None, - query_period: Optional[datetime.timedelta] = None, - severity: Optional[Union[str, "_models.AlertSeverity"]] = None, - trigger_operator: Optional[Union[str, "_models.TriggerOperator"]] = None, - trigger_threshold: Optional[int] = None, - event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, - custom_details: Optional[Dict[str, str]] = None, - entity_mappings: Optional[List["_models.EntityMapping"]] = None, - alert_details_override: Optional["_models.AlertDetailsOverride"] = None, - sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, - alert_rule_template_name: Optional[str] = None, - template_version: Optional[str] = None, - description: Optional[str] = None, - tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, - techniques: Optional[List[str]] = None, - incident_configuration: Optional["_models.IncidentConfiguration"] = None, - **kwargs - ): + condition_properties: Optional["_models.AutomationRulePropertyArrayChangedValuesCondition"] = None, + **kwargs: Any + ) -> None: """ - :keyword query: The query that creates alerts for this rule. - :paramtype query: str - :keyword query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to + :keyword condition_properties: + :paramtype condition_properties: + ~azure.mgmt.securityinsight.models.AutomationRulePropertyArrayChangedValuesCondition + """ + super().__init__(**kwargs) + self.condition_type: str = "PropertyArrayChanged" + self.condition_properties = condition_properties + + +class PropertyArrayConditionProperties(AutomationRuleCondition): + """Describes an automation rule condition that evaluates an array property's value. + + All required parameters must be populated in order to send to Azure. + + :ivar condition_type: Required. Known values are: "Property", "PropertyArray", + "PropertyChanged", "PropertyArrayChanged", and "Boolean". + :vartype condition_type: str or ~azure.mgmt.securityinsight.models.ConditionType + :ivar condition_properties: + :vartype condition_properties: + ~azure.mgmt.securityinsight.models.AutomationRulePropertyArrayValuesCondition + """ + + _validation = { + "condition_type": {"required": True}, + } + + _attribute_map = { + "condition_type": {"key": "conditionType", "type": "str"}, + "condition_properties": {"key": "conditionProperties", "type": "AutomationRulePropertyArrayValuesCondition"}, + } + + def __init__( + self, + *, + condition_properties: Optional["_models.AutomationRulePropertyArrayValuesCondition"] = None, + **kwargs: Any + ) -> None: + """ + :keyword condition_properties: + :paramtype condition_properties: + ~azure.mgmt.securityinsight.models.AutomationRulePropertyArrayValuesCondition + """ + super().__init__(**kwargs) + self.condition_type: str = "PropertyArray" + self.condition_properties = condition_properties + + +class PropertyChangedConditionProperties(AutomationRuleCondition): + """Describes an automation rule condition that evaluates a property's value change. + + All required parameters must be populated in order to send to Azure. + + :ivar condition_type: Required. Known values are: "Property", "PropertyArray", + "PropertyChanged", "PropertyArrayChanged", and "Boolean". + :vartype condition_type: str or ~azure.mgmt.securityinsight.models.ConditionType + :ivar condition_properties: + :vartype condition_properties: + ~azure.mgmt.securityinsight.models.AutomationRulePropertyValuesChangedCondition + """ + + _validation = { + "condition_type": {"required": True}, + } + + _attribute_map = { + "condition_type": {"key": "conditionType", "type": "str"}, + "condition_properties": {"key": "conditionProperties", "type": "AutomationRulePropertyValuesChangedCondition"}, + } + + def __init__( + self, + *, + condition_properties: Optional["_models.AutomationRulePropertyValuesChangedCondition"] = None, + **kwargs: Any + ) -> None: + """ + :keyword condition_properties: + :paramtype condition_properties: + ~azure.mgmt.securityinsight.models.AutomationRulePropertyValuesChangedCondition + """ + super().__init__(**kwargs) + self.condition_type: str = "PropertyChanged" + self.condition_properties = condition_properties + + +class PropertyConditionProperties(AutomationRuleCondition): + """Describes an automation rule condition that evaluates a property's value. + + All required parameters must be populated in order to send to Azure. + + :ivar condition_type: Required. Known values are: "Property", "PropertyArray", + "PropertyChanged", "PropertyArrayChanged", and "Boolean". + :vartype condition_type: str or ~azure.mgmt.securityinsight.models.ConditionType + :ivar condition_properties: + :vartype condition_properties: + ~azure.mgmt.securityinsight.models.AutomationRulePropertyValuesCondition + """ + + _validation = { + "condition_type": {"required": True}, + } + + _attribute_map = { + "condition_type": {"key": "conditionType", "type": "str"}, + "condition_properties": {"key": "conditionProperties", "type": "AutomationRulePropertyValuesCondition"}, + } + + def __init__( + self, *, condition_properties: Optional["_models.AutomationRulePropertyValuesCondition"] = None, **kwargs: Any + ) -> None: + """ + :keyword condition_properties: + :paramtype condition_properties: + ~azure.mgmt.securityinsight.models.AutomationRulePropertyValuesCondition + """ + super().__init__(**kwargs) + self.condition_type: str = "Property" + self.condition_properties = condition_properties + + +class Recommendation(_serialization.Model): # pylint: disable=too-many-instance-attributes + """Recommendation object. + + All required parameters must be populated in order to send to Azure. + + :ivar id: id of recommendation. Required. + :vartype id: str + :ivar instructions: Instructions of the recommendation. Required. + :vartype instructions: ~azure.mgmt.securityinsight.models.Instructions + :ivar content: Content of the recommendation. + :vartype content: ~azure.mgmt.securityinsight.models.Content + :ivar resource_id: Id of the resource this recommendation refers to. + :vartype resource_id: str + :ivar additional_properties: Collection of additional properties for the recommendation. + :vartype additional_properties: dict[str, str] + :ivar title: Title of the recommendation. Required. + :vartype title: str + :ivar description: Description of the recommendation. Required. + :vartype description: str + :ivar recommendation_type_title: Title of the recommendation type. Required. + :vartype recommendation_type_title: str + :ivar recommendation_type_id: Id of the recommendation type. Required. + :vartype recommendation_type_id: str + :ivar category: Category of the recommendation. Required. Known values are: "Onboarding", + "NewFeature", "SocEfficiency", "CostOptimization", and "Demo". + :vartype category: str or ~azure.mgmt.securityinsight.models.Category + :ivar context: Context of the recommendation. Required. Known values are: "Analytics", + "Incidents", "Overview", and "None". + :vartype context: str or ~azure.mgmt.securityinsight.models.Context + :ivar workspace_id: Id of the workspace this recommendation refers to. Required. + :vartype workspace_id: str + :ivar actions: List of actions to take for this recommendation. Required. + :vartype actions: list[~azure.mgmt.securityinsight.models.RecommendedAction] + :ivar state: State of the recommendation. Required. Known values are: "Active", "Disabled", + "CompletedByUser", "CompletedByAction", and "Hidden". + :vartype state: str or ~azure.mgmt.securityinsight.models.State + :ivar priority: Priority of the recommendation. Required. Known values are: "Low", "Medium", + and "High". + :vartype priority: str or ~azure.mgmt.securityinsight.models.Priority + :ivar last_evaluated_time_utc: The time stamp (UTC) when the recommendation was last evaluated. + Required. + :vartype last_evaluated_time_utc: ~datetime.datetime + :ivar hide_until_time_utc: The time stamp (UTC) when the recommendation should be displayed + again. + :vartype hide_until_time_utc: ~datetime.datetime + :ivar display_until_time_utc: The timestamp (UTC) after which the recommendation should not be + displayed anymore. + :vartype display_until_time_utc: ~datetime.datetime + :ivar visible: Value indicating if the recommendation should be displayed or not. + :vartype visible: bool + """ + + _validation = { + "id": {"required": True}, + "instructions": {"required": True}, + "title": {"required": True}, + "description": {"required": True}, + "recommendation_type_title": {"required": True}, + "recommendation_type_id": {"required": True}, + "category": {"required": True}, + "context": {"required": True}, + "workspace_id": {"required": True}, + "actions": {"required": True}, + "state": {"required": True}, + "priority": {"required": True}, + "last_evaluated_time_utc": {"required": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "instructions": {"key": "instructions", "type": "Instructions"}, + "content": {"key": "content", "type": "Content"}, + "resource_id": {"key": "resourceId", "type": "str"}, + "additional_properties": {"key": "additionalProperties", "type": "{str}"}, + "title": {"key": "title", "type": "str"}, + "description": {"key": "description", "type": "str"}, + "recommendation_type_title": {"key": "recommendationTypeTitle", "type": "str"}, + "recommendation_type_id": {"key": "recommendationTypeId", "type": "str"}, + "category": {"key": "category", "type": "str"}, + "context": {"key": "context", "type": "str"}, + "workspace_id": {"key": "workspaceId", "type": "str"}, + "actions": {"key": "actions", "type": "[RecommendedAction]"}, + "state": {"key": "state", "type": "str"}, + "priority": {"key": "priority", "type": "str"}, + "last_evaluated_time_utc": {"key": "lastEvaluatedTimeUtc", "type": "iso-8601"}, + "hide_until_time_utc": {"key": "hideUntilTimeUtc", "type": "iso-8601"}, + "display_until_time_utc": {"key": "displayUntilTimeUtc", "type": "iso-8601"}, + "visible": {"key": "visible", "type": "bool"}, + } + + def __init__( + self, + *, + id: str, # pylint: disable=redefined-builtin + instructions: "_models.Instructions", + title: str, + description: str, + recommendation_type_title: str, + recommendation_type_id: str, + category: Union[str, "_models.Category"], + context: Union[str, "_models.Context"], + workspace_id: str, + actions: List["_models.RecommendedAction"], + state: Union[str, "_models.State"], + priority: Union[str, "_models.Priority"], + last_evaluated_time_utc: datetime.datetime, + content: Optional["_models.Content"] = None, + resource_id: Optional[str] = None, + additional_properties: Optional[Dict[str, str]] = None, + hide_until_time_utc: Optional[datetime.datetime] = None, + display_until_time_utc: Optional[datetime.datetime] = None, + visible: Optional[bool] = None, + **kwargs: Any + ) -> None: + """ + :keyword id: id of recommendation. Required. + :paramtype id: str + :keyword instructions: Instructions of the recommendation. Required. + :paramtype instructions: ~azure.mgmt.securityinsight.models.Instructions + :keyword content: Content of the recommendation. + :paramtype content: ~azure.mgmt.securityinsight.models.Content + :keyword resource_id: Id of the resource this recommendation refers to. + :paramtype resource_id: str + :keyword additional_properties: Collection of additional properties for the recommendation. + :paramtype additional_properties: dict[str, str] + :keyword title: Title of the recommendation. Required. + :paramtype title: str + :keyword description: Description of the recommendation. Required. + :paramtype description: str + :keyword recommendation_type_title: Title of the recommendation type. Required. + :paramtype recommendation_type_title: str + :keyword recommendation_type_id: Id of the recommendation type. Required. + :paramtype recommendation_type_id: str + :keyword category: Category of the recommendation. Required. Known values are: "Onboarding", + "NewFeature", "SocEfficiency", "CostOptimization", and "Demo". + :paramtype category: str or ~azure.mgmt.securityinsight.models.Category + :keyword context: Context of the recommendation. Required. Known values are: "Analytics", + "Incidents", "Overview", and "None". + :paramtype context: str or ~azure.mgmt.securityinsight.models.Context + :keyword workspace_id: Id of the workspace this recommendation refers to. Required. + :paramtype workspace_id: str + :keyword actions: List of actions to take for this recommendation. Required. + :paramtype actions: list[~azure.mgmt.securityinsight.models.RecommendedAction] + :keyword state: State of the recommendation. Required. Known values are: "Active", "Disabled", + "CompletedByUser", "CompletedByAction", and "Hidden". + :paramtype state: str or ~azure.mgmt.securityinsight.models.State + :keyword priority: Priority of the recommendation. Required. Known values are: "Low", "Medium", + and "High". + :paramtype priority: str or ~azure.mgmt.securityinsight.models.Priority + :keyword last_evaluated_time_utc: The time stamp (UTC) when the recommendation was last + evaluated. Required. + :paramtype last_evaluated_time_utc: ~datetime.datetime + :keyword hide_until_time_utc: The time stamp (UTC) when the recommendation should be displayed + again. + :paramtype hide_until_time_utc: ~datetime.datetime + :keyword display_until_time_utc: The timestamp (UTC) after which the recommendation should not + be displayed anymore. + :paramtype display_until_time_utc: ~datetime.datetime + :keyword visible: Value indicating if the recommendation should be displayed or not. + :paramtype visible: bool + """ + super().__init__(**kwargs) + self.id = id + self.instructions = instructions + self.content = content + self.resource_id = resource_id + self.additional_properties = additional_properties + self.title = title + self.description = description + self.recommendation_type_title = recommendation_type_title + self.recommendation_type_id = recommendation_type_id + self.category = category + self.context = context + self.workspace_id = workspace_id + self.actions = actions + self.state = state + self.priority = priority + self.last_evaluated_time_utc = last_evaluated_time_utc + self.hide_until_time_utc = hide_until_time_utc + self.display_until_time_utc = display_until_time_utc + self.visible = visible + + +class RecommendationList(_serialization.Model): + """A list of recommendations. + + :ivar value: An list of recommendations. + :vartype value: list[~azure.mgmt.securityinsight.models.Recommendation] + """ + + _attribute_map = { + "value": {"key": "value", "type": "[Recommendation]"}, + } + + def __init__(self, *, value: Optional[List["_models.Recommendation"]] = None, **kwargs: Any) -> None: + """ + :keyword value: An list of recommendations. + :paramtype value: list[~azure.mgmt.securityinsight.models.Recommendation] + """ + super().__init__(**kwargs) + self.value = value + + +class RecommendationPatch(_serialization.Model): + """Recommendation Fields to update. + + :ivar state: State of the recommendation. Known values are: "Active", "Disabled", + "CompletedByUser", "CompletedByAction", and "Hidden". + :vartype state: str or ~azure.mgmt.securityinsight.models.State + :ivar hide_until_time_utc: The time stamp (UTC) when the recommendation should be displayed + again. + :vartype hide_until_time_utc: ~datetime.datetime + """ + + _attribute_map = { + "state": {"key": "state", "type": "str"}, + "hide_until_time_utc": {"key": "hideUntilTimeUtc", "type": "iso-8601"}, + } + + def __init__( + self, + *, + state: Optional[Union[str, "_models.State"]] = None, + hide_until_time_utc: Optional[datetime.datetime] = None, + **kwargs: Any + ) -> None: + """ + :keyword state: State of the recommendation. Known values are: "Active", "Disabled", + "CompletedByUser", "CompletedByAction", and "Hidden". + :paramtype state: str or ~azure.mgmt.securityinsight.models.State + :keyword hide_until_time_utc: The time stamp (UTC) when the recommendation should be displayed + again. + :paramtype hide_until_time_utc: ~datetime.datetime + """ + super().__init__(**kwargs) + self.state = state + self.hide_until_time_utc = hide_until_time_utc + + +class RecommendedAction(_serialization.Model): + """What actions should be taken to complete the recommendation. + + All required parameters must be populated in order to send to Azure. + + :ivar link_text: Text of the link to complete the action. Required. + :vartype link_text: str + :ivar link_url: The Link to complete the action. Required. + :vartype link_url: str + :ivar state: The state of the action. Known values are: "Low", "Medium", and "High". + :vartype state: str or ~azure.mgmt.securityinsight.models.Priority + """ + + _validation = { + "link_text": {"required": True}, + "link_url": {"required": True}, + } + + _attribute_map = { + "link_text": {"key": "linkText", "type": "str"}, + "link_url": {"key": "linkUrl", "type": "str"}, + "state": {"key": "state", "type": "str"}, + } + + def __init__( + self, *, link_text: str, link_url: str, state: Optional[Union[str, "_models.Priority"]] = None, **kwargs: Any + ) -> None: + """ + :keyword link_text: Text of the link to complete the action. Required. + :paramtype link_text: str + :keyword link_url: The Link to complete the action. Required. + :paramtype link_url: str + :keyword state: The state of the action. Known values are: "Low", "Medium", and "High". + :paramtype state: str or ~azure.mgmt.securityinsight.models.Priority + """ + super().__init__(**kwargs) + self.link_text = link_text + self.link_url = link_url + self.state = state + + +class RegistryKeyEntity(Entity): + """Represents a registry key entity. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", + "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", + "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", + "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar hive: the hive that holds the registry key. Known values are: "HKEY_LOCAL_MACHINE", + "HKEY_CLASSES_ROOT", "HKEY_CURRENT_CONFIG", "HKEY_USERS", "HKEY_CURRENT_USER_LOCAL_SETTINGS", + "HKEY_PERFORMANCE_DATA", "HKEY_PERFORMANCE_NLSTEXT", "HKEY_PERFORMANCE_TEXT", "HKEY_A", and + "HKEY_CURRENT_USER". + :vartype hive: str or ~azure.mgmt.securityinsight.models.RegistryHive + :ivar key: The registry key path. + :vartype key: str + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "hive": {"readonly": True}, + "key": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "kind": {"key": "kind", "type": "str"}, + "additional_data": {"key": "properties.additionalData", "type": "{object}"}, + "friendly_name": {"key": "properties.friendlyName", "type": "str"}, + "hive": {"key": "properties.hive", "type": "str"}, + "key": {"key": "properties.key", "type": "str"}, + } + + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.kind: str = "RegistryKey" + self.additional_data = None + self.friendly_name = None + self.hive = None + self.key = None + + +class RegistryKeyEntityProperties(EntityCommonProperties): + """RegistryKey entity property bag. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar hive: the hive that holds the registry key. Known values are: "HKEY_LOCAL_MACHINE", + "HKEY_CLASSES_ROOT", "HKEY_CURRENT_CONFIG", "HKEY_USERS", "HKEY_CURRENT_USER_LOCAL_SETTINGS", + "HKEY_PERFORMANCE_DATA", "HKEY_PERFORMANCE_NLSTEXT", "HKEY_PERFORMANCE_TEXT", "HKEY_A", and + "HKEY_CURRENT_USER". + :vartype hive: str or ~azure.mgmt.securityinsight.models.RegistryHive + :ivar key: The registry key path. + :vartype key: str + """ + + _validation = { + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "hive": {"readonly": True}, + "key": {"readonly": True}, + } + + _attribute_map = { + "additional_data": {"key": "additionalData", "type": "{object}"}, + "friendly_name": {"key": "friendlyName", "type": "str"}, + "hive": {"key": "hive", "type": "str"}, + "key": {"key": "key", "type": "str"}, + } + + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.hive = None + self.key = None + + +class RegistryValueEntity(Entity): # pylint: disable=too-many-instance-attributes + """Represents a registry value entity. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", + "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", + "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", + "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar key_entity_id: The registry key entity id. + :vartype key_entity_id: str + :ivar value_data: String formatted representation of the value data. + :vartype value_data: str + :ivar value_name: The registry value name. + :vartype value_name: str + :ivar value_type: Specifies the data types to use when storing values in the registry, or + identifies the data type of a value in the registry. Known values are: "None", "Unknown", + "String", "ExpandString", "Binary", "DWord", "MultiString", and "QWord". + :vartype value_type: str or ~azure.mgmt.securityinsight.models.RegistryValueKind + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "key_entity_id": {"readonly": True}, + "value_data": {"readonly": True}, + "value_name": {"readonly": True}, + "value_type": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "kind": {"key": "kind", "type": "str"}, + "additional_data": {"key": "properties.additionalData", "type": "{object}"}, + "friendly_name": {"key": "properties.friendlyName", "type": "str"}, + "key_entity_id": {"key": "properties.keyEntityId", "type": "str"}, + "value_data": {"key": "properties.valueData", "type": "str"}, + "value_name": {"key": "properties.valueName", "type": "str"}, + "value_type": {"key": "properties.valueType", "type": "str"}, + } + + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.kind: str = "RegistryValue" + self.additional_data = None + self.friendly_name = None + self.key_entity_id = None + self.value_data = None + self.value_name = None + self.value_type = None + + +class RegistryValueEntityProperties(EntityCommonProperties): + """RegistryValue entity property bag. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar key_entity_id: The registry key entity id. + :vartype key_entity_id: str + :ivar value_data: String formatted representation of the value data. + :vartype value_data: str + :ivar value_name: The registry value name. + :vartype value_name: str + :ivar value_type: Specifies the data types to use when storing values in the registry, or + identifies the data type of a value in the registry. Known values are: "None", "Unknown", + "String", "ExpandString", "Binary", "DWord", "MultiString", and "QWord". + :vartype value_type: str or ~azure.mgmt.securityinsight.models.RegistryValueKind + """ + + _validation = { + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "key_entity_id": {"readonly": True}, + "value_data": {"readonly": True}, + "value_name": {"readonly": True}, + "value_type": {"readonly": True}, + } + + _attribute_map = { + "additional_data": {"key": "additionalData", "type": "{object}"}, + "friendly_name": {"key": "friendlyName", "type": "str"}, + "key_entity_id": {"key": "keyEntityId", "type": "str"}, + "value_data": {"key": "valueData", "type": "str"}, + "value_name": {"key": "valueName", "type": "str"}, + "value_type": {"key": "valueType", "type": "str"}, + } + + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.key_entity_id = None + self.value_data = None + self.value_name = None + self.value_type = None + + +class Relation(ResourceWithEtag): + """Represents a relation between two resources. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar related_resource_id: The resource ID of the related resource. + :vartype related_resource_id: str + :ivar related_resource_name: The name of the related resource. + :vartype related_resource_name: str + :ivar related_resource_type: The resource type of the related resource. + :vartype related_resource_type: str + :ivar related_resource_kind: The resource kind of the related resource. + :vartype related_resource_kind: str + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "related_resource_name": {"readonly": True}, + "related_resource_type": {"readonly": True}, + "related_resource_kind": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "related_resource_id": {"key": "properties.relatedResourceId", "type": "str"}, + "related_resource_name": {"key": "properties.relatedResourceName", "type": "str"}, + "related_resource_type": {"key": "properties.relatedResourceType", "type": "str"}, + "related_resource_kind": {"key": "properties.relatedResourceKind", "type": "str"}, + } + + def __init__(self, *, etag: Optional[str] = None, related_resource_id: Optional[str] = None, **kwargs: Any) -> None: + """ + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword related_resource_id: The resource ID of the related resource. + :paramtype related_resource_id: str + """ + super().__init__(etag=etag, **kwargs) + self.related_resource_id = related_resource_id + self.related_resource_name = None + self.related_resource_type = None + self.related_resource_kind = None + + +class RelationList(_serialization.Model): + """List of relations. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of relations. + :vartype next_link: str + :ivar value: Array of relations. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.Relation] + """ + + _validation = { + "next_link": {"readonly": True}, + "value": {"required": True}, + } + + _attribute_map = { + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[Relation]"}, + } + + def __init__(self, *, value: List["_models.Relation"], **kwargs: Any) -> None: + """ + :keyword value: Array of relations. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.Relation] + """ + super().__init__(**kwargs) + self.next_link = None + self.value = value + + +class Repo(_serialization.Model): + """Represents a repository. + + :ivar url: The url to access the repository. + :vartype url: str + :ivar full_name: The name of the repository. + :vartype full_name: str + :ivar branches: Array of branches. + :vartype branches: list[str] + """ + + _attribute_map = { + "url": {"key": "url", "type": "str"}, + "full_name": {"key": "fullName", "type": "str"}, + "branches": {"key": "branches", "type": "[str]"}, + } + + def __init__( + self, + *, + url: Optional[str] = None, + full_name: Optional[str] = None, + branches: Optional[List[str]] = None, + **kwargs: Any + ) -> None: + """ + :keyword url: The url to access the repository. + :paramtype url: str + :keyword full_name: The name of the repository. + :paramtype full_name: str + :keyword branches: Array of branches. + :paramtype branches: list[str] + """ + super().__init__(**kwargs) + self.url = url + self.full_name = full_name + self.branches = branches + + +class RepoList(_serialization.Model): + """List all the source controls. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of repositories. + :vartype next_link: str + :ivar value: Array of repositories. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.Repo] + """ + + _validation = { + "next_link": {"readonly": True}, + "value": {"required": True}, + } + + _attribute_map = { + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[Repo]"}, + } + + def __init__(self, *, value: List["_models.Repo"], **kwargs: Any) -> None: + """ + :keyword value: Array of repositories. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.Repo] + """ + super().__init__(**kwargs) + self.next_link = None + self.value = value + + +class Repository(_serialization.Model): + """metadata of a repository. + + :ivar url: Url of repository. + :vartype url: str + :ivar branch: Branch name of repository. + :vartype branch: str + :ivar display_url: Display url of repository. + :vartype display_url: str + :ivar deployment_logs_url: Url to access repository action logs. + :vartype deployment_logs_url: str + :ivar path_mapping: Dictionary of source control content type and path mapping. + :vartype path_mapping: list[~azure.mgmt.securityinsight.models.ContentPathMap] + """ + + _attribute_map = { + "url": {"key": "url", "type": "str"}, + "branch": {"key": "branch", "type": "str"}, + "display_url": {"key": "displayUrl", "type": "str"}, + "deployment_logs_url": {"key": "deploymentLogsUrl", "type": "str"}, + "path_mapping": {"key": "pathMapping", "type": "[ContentPathMap]"}, + } + + def __init__( + self, + *, + url: Optional[str] = None, + branch: Optional[str] = None, + display_url: Optional[str] = None, + deployment_logs_url: Optional[str] = None, + path_mapping: Optional[List["_models.ContentPathMap"]] = None, + **kwargs: Any + ) -> None: + """ + :keyword url: Url of repository. + :paramtype url: str + :keyword branch: Branch name of repository. + :paramtype branch: str + :keyword display_url: Display url of repository. + :paramtype display_url: str + :keyword deployment_logs_url: Url to access repository action logs. + :paramtype deployment_logs_url: str + :keyword path_mapping: Dictionary of source control content type and path mapping. + :paramtype path_mapping: list[~azure.mgmt.securityinsight.models.ContentPathMap] + """ + super().__init__(**kwargs) + self.url = url + self.branch = branch + self.display_url = display_url + self.deployment_logs_url = deployment_logs_url + self.path_mapping = path_mapping + + +class RepositoryResourceInfo(_serialization.Model): + """Resources created in user's repository for the source-control. + + :ivar webhook: The webhook object created for the source-control. + :vartype webhook: ~azure.mgmt.securityinsight.models.Webhook + :ivar git_hub_resource_info: Resources created in GitHub for this source-control. + :vartype git_hub_resource_info: ~azure.mgmt.securityinsight.models.GitHubResourceInfo + :ivar azure_dev_ops_resource_info: Resources created in Azure DevOps for this source-control. + :vartype azure_dev_ops_resource_info: + ~azure.mgmt.securityinsight.models.AzureDevOpsResourceInfo + """ + + _attribute_map = { + "webhook": {"key": "webhook", "type": "Webhook"}, + "git_hub_resource_info": {"key": "gitHubResourceInfo", "type": "GitHubResourceInfo"}, + "azure_dev_ops_resource_info": {"key": "azureDevOpsResourceInfo", "type": "AzureDevOpsResourceInfo"}, + } + + def __init__( + self, + *, + webhook: Optional["_models.Webhook"] = None, + git_hub_resource_info: Optional["_models.GitHubResourceInfo"] = None, + azure_dev_ops_resource_info: Optional["_models.AzureDevOpsResourceInfo"] = None, + **kwargs: Any + ) -> None: + """ + :keyword webhook: The webhook object created for the source-control. + :paramtype webhook: ~azure.mgmt.securityinsight.models.Webhook + :keyword git_hub_resource_info: Resources created in GitHub for this source-control. + :paramtype git_hub_resource_info: ~azure.mgmt.securityinsight.models.GitHubResourceInfo + :keyword azure_dev_ops_resource_info: Resources created in Azure DevOps for this + source-control. + :paramtype azure_dev_ops_resource_info: + ~azure.mgmt.securityinsight.models.AzureDevOpsResourceInfo + """ + super().__init__(**kwargs) + self.webhook = webhook + self.git_hub_resource_info = git_hub_resource_info + self.azure_dev_ops_resource_info = azure_dev_ops_resource_info + + +class RequiredPermissions(_serialization.Model): + """Required permissions for the connector. + + :ivar action: action permission. + :vartype action: bool + :ivar write: write permission. + :vartype write: bool + :ivar read: read permission. + :vartype read: bool + :ivar delete: delete permission. + :vartype delete: bool + """ + + _attribute_map = { + "action": {"key": "action", "type": "bool"}, + "write": {"key": "write", "type": "bool"}, + "read": {"key": "read", "type": "bool"}, + "delete": {"key": "delete", "type": "bool"}, + } + + def __init__( + self, + *, + action: Optional[bool] = None, + write: Optional[bool] = None, + read: Optional[bool] = None, + delete: Optional[bool] = None, + **kwargs: Any + ) -> None: + """ + :keyword action: action permission. + :paramtype action: bool + :keyword write: write permission. + :paramtype write: bool + :keyword read: read permission. + :paramtype read: bool + :keyword delete: delete permission. + :paramtype delete: bool + """ + super().__init__(**kwargs) + self.action = action + self.write = write + self.read = read + self.delete = delete + + +class ScheduledAlertRule(AlertRule): # pylint: disable=too-many-instance-attributes + """Represents scheduled alert rule. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar kind: The kind of the alert rule. Required. Known values are: "Scheduled", + "MicrosoftSecurityIncidentCreation", "Fusion", "MLBehaviorAnalytics", "ThreatIntelligence", and + "NRT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.AlertRuleKind + :ivar query: The query that creates alerts for this rule. + :vartype query: str + :ivar query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to run. + :vartype query_frequency: ~datetime.timedelta + :ivar query_period: The period (in ISO 8601 duration format) that this alert rule looks at. + :vartype query_period: ~datetime.timedelta + :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", + "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar trigger_operator: The operation against the threshold that triggers alert rule. Known + values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". + :vartype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator + :ivar trigger_threshold: The threshold triggers this alert rule. + :vartype trigger_threshold: int + :ivar event_grouping_settings: The event grouping settings. + :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :vartype custom_details: dict[str, str] + :ivar entity_mappings: Array of the entity mappings of the alert rule. + :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :ivar alert_details_override: The alert details override settings. + :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :vartype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. + :vartype alert_rule_template_name: str + :ivar template_version: The version of the alert rule template used to create this rule - in + format , where all are numbers, for example 0 <1.0.2>. + :vartype template_version: str + :ivar description: The description of the alert rule. + :vartype description: str + :ivar display_name: The display name for alerts created by this alert rule. + :vartype display_name: str + :ivar enabled: Determines whether this alert rule is enabled or disabled. + :vartype enabled: bool + :ivar last_modified_utc: The last time that this alert rule has been modified. + :vartype last_modified_utc: ~datetime.datetime + :ivar suppression_duration: The suppression (in ISO 8601 duration format) to wait since last + time this alert rule been triggered. + :vartype suppression_duration: ~datetime.timedelta + :ivar suppression_enabled: Determines whether the suppression for this alert rule is enabled or + disabled. + :vartype suppression_enabled: bool + :ivar tactics: The tactics of the alert rule. + :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :ivar techniques: The techniques of the alert rule. + :vartype techniques: list[str] + :ivar incident_configuration: The settings of the incidents that created from alerts triggered + by this analytics rule. + :vartype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, + "last_modified_utc": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "query": {"key": "properties.query", "type": "str"}, + "query_frequency": {"key": "properties.queryFrequency", "type": "duration"}, + "query_period": {"key": "properties.queryPeriod", "type": "duration"}, + "severity": {"key": "properties.severity", "type": "str"}, + "trigger_operator": {"key": "properties.triggerOperator", "type": "str"}, + "trigger_threshold": {"key": "properties.triggerThreshold", "type": "int"}, + "event_grouping_settings": {"key": "properties.eventGroupingSettings", "type": "EventGroupingSettings"}, + "custom_details": {"key": "properties.customDetails", "type": "{str}"}, + "entity_mappings": {"key": "properties.entityMappings", "type": "[EntityMapping]"}, + "alert_details_override": {"key": "properties.alertDetailsOverride", "type": "AlertDetailsOverride"}, + "sentinel_entities_mappings": {"key": "properties.sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, + "alert_rule_template_name": {"key": "properties.alertRuleTemplateName", "type": "str"}, + "template_version": {"key": "properties.templateVersion", "type": "str"}, + "description": {"key": "properties.description", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "enabled": {"key": "properties.enabled", "type": "bool"}, + "last_modified_utc": {"key": "properties.lastModifiedUtc", "type": "iso-8601"}, + "suppression_duration": {"key": "properties.suppressionDuration", "type": "duration"}, + "suppression_enabled": {"key": "properties.suppressionEnabled", "type": "bool"}, + "tactics": {"key": "properties.tactics", "type": "[str]"}, + "techniques": {"key": "properties.techniques", "type": "[str]"}, + "incident_configuration": {"key": "properties.incidentConfiguration", "type": "IncidentConfiguration"}, + } + + def __init__( # pylint: disable=too-many-locals + self, + *, + etag: Optional[str] = None, + query: Optional[str] = None, + query_frequency: Optional[datetime.timedelta] = None, + query_period: Optional[datetime.timedelta] = None, + severity: Optional[Union[str, "_models.AlertSeverity"]] = None, + trigger_operator: Optional[Union[str, "_models.TriggerOperator"]] = None, + trigger_threshold: Optional[int] = None, + event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, + custom_details: Optional[Dict[str, str]] = None, + entity_mappings: Optional[List["_models.EntityMapping"]] = None, + alert_details_override: Optional["_models.AlertDetailsOverride"] = None, + sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, + alert_rule_template_name: Optional[str] = None, + template_version: Optional[str] = None, + description: Optional[str] = None, + display_name: Optional[str] = None, + enabled: Optional[bool] = None, + suppression_duration: Optional[datetime.timedelta] = None, + suppression_enabled: Optional[bool] = None, + tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, + techniques: Optional[List[str]] = None, + incident_configuration: Optional["_models.IncidentConfiguration"] = None, + **kwargs: Any + ) -> None: + """ + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword query: The query that creates alerts for this rule. + :paramtype query: str + :keyword query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to + run. + :paramtype query_frequency: ~datetime.timedelta + :keyword query_period: The period (in ISO 8601 duration format) that this alert rule looks at. + :paramtype query_period: ~datetime.timedelta + :keyword severity: The severity for alerts created by this alert rule. Known values are: + "High", "Medium", "Low", and "Informational". + :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :keyword trigger_operator: The operation against the threshold that triggers alert rule. Known + values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". + :paramtype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator + :keyword trigger_threshold: The threshold triggers this alert rule. + :paramtype trigger_threshold: int + :keyword event_grouping_settings: The event grouping settings. + :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :paramtype custom_details: dict[str, str] + :keyword entity_mappings: Array of the entity mappings of the alert rule. + :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :keyword alert_details_override: The alert details override settings. + :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :paramtype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :keyword alert_rule_template_name: The Name of the alert rule template used to create this + rule. + :paramtype alert_rule_template_name: str + :keyword template_version: The version of the alert rule template used to create this rule - in + format , where all are numbers, for example 0 <1.0.2>. + :paramtype template_version: str + :keyword description: The description of the alert rule. + :paramtype description: str + :keyword display_name: The display name for alerts created by this alert rule. + :paramtype display_name: str + :keyword enabled: Determines whether this alert rule is enabled or disabled. + :paramtype enabled: bool + :keyword suppression_duration: The suppression (in ISO 8601 duration format) to wait since last + time this alert rule been triggered. + :paramtype suppression_duration: ~datetime.timedelta + :keyword suppression_enabled: Determines whether the suppression for this alert rule is enabled + or disabled. + :paramtype suppression_enabled: bool + :keyword tactics: The tactics of the alert rule. + :paramtype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :keyword techniques: The techniques of the alert rule. + :paramtype techniques: list[str] + :keyword incident_configuration: The settings of the incidents that created from alerts + triggered by this analytics rule. + :paramtype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration + """ + super().__init__(etag=etag, **kwargs) + self.kind: str = "Scheduled" + self.query = query + self.query_frequency = query_frequency + self.query_period = query_period + self.severity = severity + self.trigger_operator = trigger_operator + self.trigger_threshold = trigger_threshold + self.event_grouping_settings = event_grouping_settings + self.custom_details = custom_details + self.entity_mappings = entity_mappings + self.alert_details_override = alert_details_override + self.sentinel_entities_mappings = sentinel_entities_mappings + self.alert_rule_template_name = alert_rule_template_name + self.template_version = template_version + self.description = description + self.display_name = display_name + self.enabled = enabled + self.last_modified_utc = None + self.suppression_duration = suppression_duration + self.suppression_enabled = suppression_enabled + self.tactics = tactics + self.techniques = techniques + self.incident_configuration = incident_configuration + + +class ScheduledAlertRuleCommonProperties(_serialization.Model): # pylint: disable=too-many-instance-attributes + """Scheduled alert rule template property bag. + + :ivar query: The query that creates alerts for this rule. + :vartype query: str + :ivar query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to run. + :vartype query_frequency: ~datetime.timedelta + :ivar query_period: The period (in ISO 8601 duration format) that this alert rule looks at. + :vartype query_period: ~datetime.timedelta + :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", + "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar trigger_operator: The operation against the threshold that triggers alert rule. Known + values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". + :vartype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator + :ivar trigger_threshold: The threshold triggers this alert rule. + :vartype trigger_threshold: int + :ivar event_grouping_settings: The event grouping settings. + :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :vartype custom_details: dict[str, str] + :ivar entity_mappings: Array of the entity mappings of the alert rule. + :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :ivar alert_details_override: The alert details override settings. + :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :vartype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + """ + + _attribute_map = { + "query": {"key": "query", "type": "str"}, + "query_frequency": {"key": "queryFrequency", "type": "duration"}, + "query_period": {"key": "queryPeriod", "type": "duration"}, + "severity": {"key": "severity", "type": "str"}, + "trigger_operator": {"key": "triggerOperator", "type": "str"}, + "trigger_threshold": {"key": "triggerThreshold", "type": "int"}, + "event_grouping_settings": {"key": "eventGroupingSettings", "type": "EventGroupingSettings"}, + "custom_details": {"key": "customDetails", "type": "{str}"}, + "entity_mappings": {"key": "entityMappings", "type": "[EntityMapping]"}, + "alert_details_override": {"key": "alertDetailsOverride", "type": "AlertDetailsOverride"}, + "sentinel_entities_mappings": {"key": "sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, + } + + def __init__( + self, + *, + query: Optional[str] = None, + query_frequency: Optional[datetime.timedelta] = None, + query_period: Optional[datetime.timedelta] = None, + severity: Optional[Union[str, "_models.AlertSeverity"]] = None, + trigger_operator: Optional[Union[str, "_models.TriggerOperator"]] = None, + trigger_threshold: Optional[int] = None, + event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, + custom_details: Optional[Dict[str, str]] = None, + entity_mappings: Optional[List["_models.EntityMapping"]] = None, + alert_details_override: Optional["_models.AlertDetailsOverride"] = None, + sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, + **kwargs: Any + ) -> None: + """ + :keyword query: The query that creates alerts for this rule. + :paramtype query: str + :keyword query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to + run. + :paramtype query_frequency: ~datetime.timedelta + :keyword query_period: The period (in ISO 8601 duration format) that this alert rule looks at. + :paramtype query_period: ~datetime.timedelta + :keyword severity: The severity for alerts created by this alert rule. Known values are: + "High", "Medium", "Low", and "Informational". + :paramtype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :keyword trigger_operator: The operation against the threshold that triggers alert rule. Known + values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". + :paramtype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator + :keyword trigger_threshold: The threshold triggers this alert rule. + :paramtype trigger_threshold: int + :keyword event_grouping_settings: The event grouping settings. + :paramtype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :keyword custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :paramtype custom_details: dict[str, str] + :keyword entity_mappings: Array of the entity mappings of the alert rule. + :paramtype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :keyword alert_details_override: The alert details override settings. + :paramtype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :keyword sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :paramtype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + """ + super().__init__(**kwargs) + self.query = query + self.query_frequency = query_frequency + self.query_period = query_period + self.severity = severity + self.trigger_operator = trigger_operator + self.trigger_threshold = trigger_threshold + self.event_grouping_settings = event_grouping_settings + self.custom_details = custom_details + self.entity_mappings = entity_mappings + self.alert_details_override = alert_details_override + self.sentinel_entities_mappings = sentinel_entities_mappings + + +class ScheduledAlertRuleProperties(ScheduledAlertRuleCommonProperties): # pylint: disable=too-many-instance-attributes + """Scheduled alert rule base property bag. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar query: The query that creates alerts for this rule. + :vartype query: str + :ivar query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to run. + :vartype query_frequency: ~datetime.timedelta + :ivar query_period: The period (in ISO 8601 duration format) that this alert rule looks at. + :vartype query_period: ~datetime.timedelta + :ivar severity: The severity for alerts created by this alert rule. Known values are: "High", + "Medium", "Low", and "Informational". + :vartype severity: str or ~azure.mgmt.securityinsight.models.AlertSeverity + :ivar trigger_operator: The operation against the threshold that triggers alert rule. Known + values are: "GreaterThan", "LessThan", "Equal", and "NotEqual". + :vartype trigger_operator: str or ~azure.mgmt.securityinsight.models.TriggerOperator + :ivar trigger_threshold: The threshold triggers this alert rule. + :vartype trigger_threshold: int + :ivar event_grouping_settings: The event grouping settings. + :vartype event_grouping_settings: ~azure.mgmt.securityinsight.models.EventGroupingSettings + :ivar custom_details: Dictionary of string key-value pairs of columns to be attached to the + alert. + :vartype custom_details: dict[str, str] + :ivar entity_mappings: Array of the entity mappings of the alert rule. + :vartype entity_mappings: list[~azure.mgmt.securityinsight.models.EntityMapping] + :ivar alert_details_override: The alert details override settings. + :vartype alert_details_override: ~azure.mgmt.securityinsight.models.AlertDetailsOverride + :ivar sentinel_entities_mappings: Array of the sentinel entity mappings of the alert rule. + :vartype sentinel_entities_mappings: + list[~azure.mgmt.securityinsight.models.SentinelEntityMapping] + :ivar alert_rule_template_name: The Name of the alert rule template used to create this rule. + :vartype alert_rule_template_name: str + :ivar template_version: The version of the alert rule template used to create this rule - in + format , where all are numbers, for example 0 <1.0.2>. + :vartype template_version: str + :ivar description: The description of the alert rule. + :vartype description: str + :ivar display_name: The display name for alerts created by this alert rule. Required. + :vartype display_name: str + :ivar enabled: Determines whether this alert rule is enabled or disabled. Required. + :vartype enabled: bool + :ivar last_modified_utc: The last time that this alert rule has been modified. + :vartype last_modified_utc: ~datetime.datetime + :ivar suppression_duration: The suppression (in ISO 8601 duration format) to wait since last + time this alert rule been triggered. Required. + :vartype suppression_duration: ~datetime.timedelta + :ivar suppression_enabled: Determines whether the suppression for this alert rule is enabled or + disabled. Required. + :vartype suppression_enabled: bool + :ivar tactics: The tactics of the alert rule. + :vartype tactics: list[str or ~azure.mgmt.securityinsight.models.AttackTactic] + :ivar techniques: The techniques of the alert rule. + :vartype techniques: list[str] + :ivar incident_configuration: The settings of the incidents that created from alerts triggered + by this analytics rule. + :vartype incident_configuration: ~azure.mgmt.securityinsight.models.IncidentConfiguration + """ + + _validation = { + "display_name": {"required": True}, + "enabled": {"required": True}, + "last_modified_utc": {"readonly": True}, + "suppression_duration": {"required": True}, + "suppression_enabled": {"required": True}, + } + + _attribute_map = { + "query": {"key": "query", "type": "str"}, + "query_frequency": {"key": "queryFrequency", "type": "duration"}, + "query_period": {"key": "queryPeriod", "type": "duration"}, + "severity": {"key": "severity", "type": "str"}, + "trigger_operator": {"key": "triggerOperator", "type": "str"}, + "trigger_threshold": {"key": "triggerThreshold", "type": "int"}, + "event_grouping_settings": {"key": "eventGroupingSettings", "type": "EventGroupingSettings"}, + "custom_details": {"key": "customDetails", "type": "{str}"}, + "entity_mappings": {"key": "entityMappings", "type": "[EntityMapping]"}, + "alert_details_override": {"key": "alertDetailsOverride", "type": "AlertDetailsOverride"}, + "sentinel_entities_mappings": {"key": "sentinelEntitiesMappings", "type": "[SentinelEntityMapping]"}, + "alert_rule_template_name": {"key": "alertRuleTemplateName", "type": "str"}, + "template_version": {"key": "templateVersion", "type": "str"}, + "description": {"key": "description", "type": "str"}, + "display_name": {"key": "displayName", "type": "str"}, + "enabled": {"key": "enabled", "type": "bool"}, + "last_modified_utc": {"key": "lastModifiedUtc", "type": "iso-8601"}, + "suppression_duration": {"key": "suppressionDuration", "type": "duration"}, + "suppression_enabled": {"key": "suppressionEnabled", "type": "bool"}, + "tactics": {"key": "tactics", "type": "[str]"}, + "techniques": {"key": "techniques", "type": "[str]"}, + "incident_configuration": {"key": "incidentConfiguration", "type": "IncidentConfiguration"}, + } + + def __init__( + self, + *, + display_name: str, + enabled: bool, + suppression_duration: datetime.timedelta, + suppression_enabled: bool, + query: Optional[str] = None, + query_frequency: Optional[datetime.timedelta] = None, + query_period: Optional[datetime.timedelta] = None, + severity: Optional[Union[str, "_models.AlertSeverity"]] = None, + trigger_operator: Optional[Union[str, "_models.TriggerOperator"]] = None, + trigger_threshold: Optional[int] = None, + event_grouping_settings: Optional["_models.EventGroupingSettings"] = None, + custom_details: Optional[Dict[str, str]] = None, + entity_mappings: Optional[List["_models.EntityMapping"]] = None, + alert_details_override: Optional["_models.AlertDetailsOverride"] = None, + sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, + alert_rule_template_name: Optional[str] = None, + template_version: Optional[str] = None, + description: Optional[str] = None, + tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, + techniques: Optional[List[str]] = None, + incident_configuration: Optional["_models.IncidentConfiguration"] = None, + **kwargs: Any + ) -> None: + """ + :keyword query: The query that creates alerts for this rule. + :paramtype query: str + :keyword query_frequency: The frequency (in ISO 8601 duration format) for this alert rule to run. :paramtype query_frequency: ~datetime.timedelta :keyword query_period: The period (in ISO 8601 duration format) that this alert rule looks at. @@ -19540,8 +21306,8 @@ def __init__( # pylint: disable=too-many-locals entity_mappings: Optional[List["_models.EntityMapping"]] = None, alert_details_override: Optional["_models.AlertDetailsOverride"] = None, sentinel_entities_mappings: Optional[List["_models.SentinelEntityMapping"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword alert_rules_created_by_template_count: the number of alert rules that were created by this template. @@ -19638,7 +21404,7 @@ class SecurityAlert(Entity): # pylint: disable=too-many-instance-attributes "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -19784,8 +21550,8 @@ class SecurityAlert(Entity): # pylint: disable=too-many-instance-attributes } def __init__( # pylint: disable=too-many-locals - self, *, severity: Optional[Union[str, "_models.AlertSeverity"]] = None, **kwargs - ): + self, *, severity: Optional[Union[str, "_models.AlertSeverity"]] = None, **kwargs: Any + ) -> None: """ :keyword severity: The severity of the alert. Known values are: "High", "Medium", "Low", and "Informational". @@ -19959,8 +21725,8 @@ class SecurityAlertProperties(EntityCommonProperties): # pylint: disable=too-ma } def __init__( # pylint: disable=too-many-locals - self, *, severity: Optional[Union[str, "_models.AlertSeverity"]] = None, **kwargs - ): + self, *, severity: Optional[Union[str, "_models.AlertSeverity"]] = None, **kwargs: Any + ) -> None: """ :keyword severity: The severity of the alert. Known values are: "High", "Medium", "Low", and "Informational". @@ -20015,7 +21781,7 @@ class SecurityAlertPropertiesConfidenceReasonsItem(_serialization.Model): "reason_type": {"key": "reasonType", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.reason = None @@ -20100,8 +21866,8 @@ def __init__( product_name: Optional[str] = None, description: Optional[str] = None, techniques: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword azure_resource_id: The alert azure resource id. Required. :paramtype azure_resource_id: str @@ -20162,7 +21928,7 @@ class SecurityGroupEntity(Entity): "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -20205,7 +21971,7 @@ class SecurityGroupEntity(Entity): "sid": {"key": "properties.sid", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "SecurityGroup" @@ -20253,7 +22019,7 @@ class SecurityGroupEntityProperties(EntityCommonProperties): "sid": {"key": "sid", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.distinguished_name = None @@ -20275,7 +22041,9 @@ class SecurityMLAnalyticsSettingsDataSource(_serialization.Model): "data_types": {"key": "dataTypes", "type": "[str]"}, } - def __init__(self, *, connector_id: Optional[str] = None, data_types: Optional[List[str]] = None, **kwargs): + def __init__( + self, *, connector_id: Optional[str] = None, data_types: Optional[List[str]] = None, **kwargs: Any + ) -> None: """ :keyword connector_id: The connector id that provides the following data types. :paramtype connector_id: str @@ -20310,7 +22078,7 @@ class SecurityMLAnalyticsSettingsList(_serialization.Model): "value": {"key": "value", "type": "[SecurityMLAnalyticsSetting]"}, } - def __init__(self, *, value: List["_models.SecurityMLAnalyticsSetting"], **kwargs): + def __init__(self, *, value: List["_models.SecurityMLAnalyticsSetting"], **kwargs: Any) -> None: """ :keyword value: Array of SecurityMLAnalyticsSettings. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.SecurityMLAnalyticsSetting] @@ -20331,7 +22099,7 @@ class SentinelEntityMapping(_serialization.Model): "column_name": {"key": "columnName", "type": "str"}, } - def __init__(self, *, column_name: Optional[str] = None, **kwargs): + def __init__(self, *, column_name: Optional[str] = None, **kwargs: Any) -> None: """ :keyword column_name: the column name to be mapped to the SentinelEntities. :paramtype column_name: str @@ -20378,7 +22146,9 @@ class SentinelOnboardingState(ResourceWithEtag): "customer_managed_key": {"key": "properties.customerManagedKey", "type": "bool"}, } - def __init__(self, *, etag: Optional[str] = None, customer_managed_key: Optional[bool] = None, **kwargs): + def __init__( + self, *, etag: Optional[str] = None, customer_managed_key: Optional[bool] = None, **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -20406,7 +22176,7 @@ class SentinelOnboardingStatesList(_serialization.Model): "value": {"key": "value", "type": "[SentinelOnboardingState]"}, } - def __init__(self, *, value: List["_models.SentinelOnboardingState"], **kwargs): + def __init__(self, *, value: List["_models.SentinelOnboardingState"], **kwargs: Any) -> None: """ :keyword value: Array of Sentinel onboarding states. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.SentinelOnboardingState] @@ -20432,7 +22202,7 @@ class SettingList(_serialization.Model): "value": {"key": "value", "type": "[Settings]"}, } - def __init__(self, *, value: List["_models.Settings"], **kwargs): + def __init__(self, *, value: List["_models.Settings"], **kwargs: Any) -> None: """ :keyword value: Array of settings. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.Settings] @@ -20519,8 +22289,8 @@ def __init__( repository: Optional["_models.Repository"] = None, repository_resource_info: Optional["_models.RepositoryResourceInfo"] = None, last_deployment_info: Optional["_models.DeploymentInfo"] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -20582,7 +22352,7 @@ class SourceControlList(_serialization.Model): "value": {"key": "value", "type": "[SourceControl]"}, } - def __init__(self, *, value: List["_models.SourceControl"], **kwargs): + def __init__(self, *, value: List["_models.SourceControl"], **kwargs: Any) -> None: """ :keyword value: Array of source controls. Required. :paramtype value: list[~azure.mgmt.securityinsight.models.SourceControl] @@ -20614,7 +22384,7 @@ class SubmissionMailEntity(Entity): # pylint: disable=too-many-instance-attribu "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -20684,7 +22454,7 @@ class SubmissionMailEntity(Entity): # pylint: disable=too-many-instance-attribu "report_type": {"key": "properties.reportType", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.kind: str = "SubmissionMail" @@ -20707,237 +22477,790 @@ class SubmissionMailEntityProperties(EntityCommonProperties): # pylint: disable Variables are only populated by the server, and will be ignored when sending a request. - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar network_message_id: The network message id of email to which submission belongs. - :vartype network_message_id: str - :ivar submission_id: The submission id. - :vartype submission_id: str - :ivar submitter: The submitter. - :vartype submitter: str - :ivar submission_date: The submission date. - :vartype submission_date: ~datetime.datetime - :ivar timestamp: The Time stamp when the message is received (Mail). - :vartype timestamp: ~datetime.datetime - :ivar recipient: The recipient of the mail. - :vartype recipient: str - :ivar sender: The sender of the mail. - :vartype sender: str - :ivar sender_ip: The sender's IP. - :vartype sender_ip: str - :ivar subject: The subject of submission mail. - :vartype subject: str - :ivar report_type: The submission type for the given instance. This maps to Junk, Phish, - Malware or NotJunk. - :vartype report_type: str + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar network_message_id: The network message id of email to which submission belongs. + :vartype network_message_id: str + :ivar submission_id: The submission id. + :vartype submission_id: str + :ivar submitter: The submitter. + :vartype submitter: str + :ivar submission_date: The submission date. + :vartype submission_date: ~datetime.datetime + :ivar timestamp: The Time stamp when the message is received (Mail). + :vartype timestamp: ~datetime.datetime + :ivar recipient: The recipient of the mail. + :vartype recipient: str + :ivar sender: The sender of the mail. + :vartype sender: str + :ivar sender_ip: The sender's IP. + :vartype sender_ip: str + :ivar subject: The subject of submission mail. + :vartype subject: str + :ivar report_type: The submission type for the given instance. This maps to Junk, Phish, + Malware or NotJunk. + :vartype report_type: str + """ + + _validation = { + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "network_message_id": {"readonly": True}, + "submission_id": {"readonly": True}, + "submitter": {"readonly": True}, + "submission_date": {"readonly": True}, + "timestamp": {"readonly": True}, + "recipient": {"readonly": True}, + "sender": {"readonly": True}, + "sender_ip": {"readonly": True}, + "subject": {"readonly": True}, + "report_type": {"readonly": True}, + } + + _attribute_map = { + "additional_data": {"key": "additionalData", "type": "{object}"}, + "friendly_name": {"key": "friendlyName", "type": "str"}, + "network_message_id": {"key": "networkMessageId", "type": "str"}, + "submission_id": {"key": "submissionId", "type": "str"}, + "submitter": {"key": "submitter", "type": "str"}, + "submission_date": {"key": "submissionDate", "type": "iso-8601"}, + "timestamp": {"key": "timestamp", "type": "iso-8601"}, + "recipient": {"key": "recipient", "type": "str"}, + "sender": {"key": "sender", "type": "str"}, + "sender_ip": {"key": "senderIp", "type": "str"}, + "subject": {"key": "subject", "type": "str"}, + "report_type": {"key": "reportType", "type": "str"}, + } + + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.network_message_id = None + self.submission_id = None + self.submitter = None + self.submission_date = None + self.timestamp = None + self.recipient = None + self.sender = None + self.sender_ip = None + self.subject = None + self.report_type = None + + +class SystemData(_serialization.Model): + """Metadata pertaining to creation and last modification of the resource. + + :ivar created_by: The identity that created the resource. + :vartype created_by: str + :ivar created_by_type: The type of identity that created the resource. Known values are: + "User", "Application", "ManagedIdentity", and "Key". + :vartype created_by_type: str or ~azure.mgmt.securityinsight.models.CreatedByType + :ivar created_at: The timestamp of resource creation (UTC). + :vartype created_at: ~datetime.datetime + :ivar last_modified_by: The identity that last modified the resource. + :vartype last_modified_by: str + :ivar last_modified_by_type: The type of identity that last modified the resource. Known values + are: "User", "Application", "ManagedIdentity", and "Key". + :vartype last_modified_by_type: str or ~azure.mgmt.securityinsight.models.CreatedByType + :ivar last_modified_at: The timestamp of resource last modification (UTC). + :vartype last_modified_at: ~datetime.datetime + """ + + _attribute_map = { + "created_by": {"key": "createdBy", "type": "str"}, + "created_by_type": {"key": "createdByType", "type": "str"}, + "created_at": {"key": "createdAt", "type": "iso-8601"}, + "last_modified_by": {"key": "lastModifiedBy", "type": "str"}, + "last_modified_by_type": {"key": "lastModifiedByType", "type": "str"}, + "last_modified_at": {"key": "lastModifiedAt", "type": "iso-8601"}, + } + + def __init__( + self, + *, + created_by: Optional[str] = None, + created_by_type: Optional[Union[str, "_models.CreatedByType"]] = None, + created_at: Optional[datetime.datetime] = None, + last_modified_by: Optional[str] = None, + last_modified_by_type: Optional[Union[str, "_models.CreatedByType"]] = None, + last_modified_at: Optional[datetime.datetime] = None, + **kwargs: Any + ) -> None: + """ + :keyword created_by: The identity that created the resource. + :paramtype created_by: str + :keyword created_by_type: The type of identity that created the resource. Known values are: + "User", "Application", "ManagedIdentity", and "Key". + :paramtype created_by_type: str or ~azure.mgmt.securityinsight.models.CreatedByType + :keyword created_at: The timestamp of resource creation (UTC). + :paramtype created_at: ~datetime.datetime + :keyword last_modified_by: The identity that last modified the resource. + :paramtype last_modified_by: str + :keyword last_modified_by_type: The type of identity that last modified the resource. Known + values are: "User", "Application", "ManagedIdentity", and "Key". + :paramtype last_modified_by_type: str or ~azure.mgmt.securityinsight.models.CreatedByType + :keyword last_modified_at: The timestamp of resource last modification (UTC). + :paramtype last_modified_at: ~datetime.datetime + """ + super().__init__(**kwargs) + self.created_by = created_by + self.created_by_type = created_by_type + self.created_at = created_at + self.last_modified_by = last_modified_by + self.last_modified_by_type = last_modified_by_type + self.last_modified_at = last_modified_at + + +class TeamInformation(_serialization.Model): + """Describes team information. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar team_id: Team ID. + :vartype team_id: str + :ivar primary_channel_url: The primary channel URL of the team. + :vartype primary_channel_url: str + :ivar team_creation_time_utc: The time the team was created. + :vartype team_creation_time_utc: ~datetime.datetime + :ivar name: The name of the team. + :vartype name: str + :ivar description: The description of the team. + :vartype description: str + """ + + _validation = { + "team_id": {"readonly": True}, + "primary_channel_url": {"readonly": True}, + "team_creation_time_utc": {"readonly": True}, + "name": {"readonly": True}, + "description": {"readonly": True}, + } + + _attribute_map = { + "team_id": {"key": "teamId", "type": "str"}, + "primary_channel_url": {"key": "primaryChannelUrl", "type": "str"}, + "team_creation_time_utc": {"key": "teamCreationTimeUtc", "type": "iso-8601"}, + "name": {"key": "name", "type": "str"}, + "description": {"key": "description", "type": "str"}, + } + + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.team_id = None + self.primary_channel_url = None + self.team_creation_time_utc = None + self.name = None + self.description = None + + +class TeamProperties(_serialization.Model): + """Describes team properties. + + All required parameters must be populated in order to send to Azure. + + :ivar team_name: The name of the team. Required. + :vartype team_name: str + :ivar team_description: The description of the team. + :vartype team_description: str + :ivar group_ids: List of group IDs to add their members to the team. + :vartype group_ids: list[str] + :ivar member_ids: List of member IDs to add to the team. + :vartype member_ids: list[str] + """ + + _validation = { + "team_name": {"required": True}, + } + + _attribute_map = { + "team_name": {"key": "teamName", "type": "str"}, + "team_description": {"key": "teamDescription", "type": "str"}, + "group_ids": {"key": "groupIds", "type": "[str]"}, + "member_ids": {"key": "memberIds", "type": "[str]"}, + } + + def __init__( + self, + *, + team_name: str, + team_description: Optional[str] = None, + group_ids: Optional[List[str]] = None, + member_ids: Optional[List[str]] = None, + **kwargs: Any + ) -> None: + """ + :keyword team_name: The name of the team. Required. + :paramtype team_name: str + :keyword team_description: The description of the team. + :paramtype team_description: str + :keyword group_ids: List of group IDs to add their members to the team. + :paramtype group_ids: list[str] + :keyword member_ids: List of member IDs to add to the team. + :paramtype member_ids: list[str] + """ + super().__init__(**kwargs) + self.team_name = team_name + self.team_description = team_description + self.group_ids = group_ids + self.member_ids = member_ids + + +class TemplateList(_serialization.Model): + """List of all the template. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar value: Array of templates. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.TemplateModel] + :ivar next_link: URL to fetch the next page of template. + :vartype next_link: str + """ + + _validation = { + "value": {"required": True}, + "next_link": {"readonly": True}, + } + + _attribute_map = { + "value": {"key": "value", "type": "[TemplateModel]"}, + "next_link": {"key": "nextLink", "type": "str"}, + } + + def __init__(self, *, value: List["_models.TemplateModel"], **kwargs: Any) -> None: + """ + :keyword value: Array of templates. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.TemplateModel] + """ + super().__init__(**kwargs) + self.value = value + self.next_link = None + + +class TemplateListAutoGenerated(_serialization.Model): + """List of all the template. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar value: Array of templates. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated] + :ivar next_link: URL to fetch the next page of template. + :vartype next_link: str """ _validation = { - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "network_message_id": {"readonly": True}, - "submission_id": {"readonly": True}, - "submitter": {"readonly": True}, - "submission_date": {"readonly": True}, - "timestamp": {"readonly": True}, - "recipient": {"readonly": True}, - "sender": {"readonly": True}, - "sender_ip": {"readonly": True}, - "subject": {"readonly": True}, - "report_type": {"readonly": True}, + "value": {"required": True}, + "next_link": {"readonly": True}, } _attribute_map = { - "additional_data": {"key": "additionalData", "type": "{object}"}, - "friendly_name": {"key": "friendlyName", "type": "str"}, - "network_message_id": {"key": "networkMessageId", "type": "str"}, - "submission_id": {"key": "submissionId", "type": "str"}, - "submitter": {"key": "submitter", "type": "str"}, - "submission_date": {"key": "submissionDate", "type": "iso-8601"}, - "timestamp": {"key": "timestamp", "type": "iso-8601"}, - "recipient": {"key": "recipient", "type": "str"}, - "sender": {"key": "sender", "type": "str"}, - "sender_ip": {"key": "senderIp", "type": "str"}, - "subject": {"key": "subject", "type": "str"}, - "report_type": {"key": "reportType", "type": "str"}, + "value": {"key": "value", "type": "[TemplateModelAutoGenerated]"}, + "next_link": {"key": "nextLink", "type": "str"}, } - def __init__(self, **kwargs): - """ """ + def __init__(self, *, value: List["_models.TemplateModelAutoGenerated"], **kwargs: Any) -> None: + """ + :keyword value: Array of templates. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated] + """ super().__init__(**kwargs) - self.network_message_id = None - self.submission_id = None - self.submitter = None - self.submission_date = None - self.timestamp = None - self.recipient = None - self.sender = None - self.sender_ip = None - self.subject = None - self.report_type = None + self.value = value + self.next_link = None -class SystemData(_serialization.Model): - """Metadata pertaining to creation and last modification of the resource. +class TemplateModel(ResourceWithEtag): # pylint: disable=too-many-instance-attributes + """Template resource definition. - :ivar created_by: The identity that created the resource. - :vartype created_by: str - :ivar created_by_type: The type of identity that created the resource. Known values are: - "User", "Application", "ManagedIdentity", and "Key". - :vartype created_by_type: str or ~azure.mgmt.securityinsight.models.CreatedByType - :ivar created_at: The timestamp of resource creation (UTC). - :vartype created_at: ~datetime.datetime - :ivar last_modified_by: The identity that last modified the resource. - :vartype last_modified_by: str - :ivar last_modified_by_type: The type of identity that last modified the resource. Known values - are: "User", "Application", "ManagedIdentity", and "Key". - :vartype last_modified_by_type: str or ~azure.mgmt.securityinsight.models.CreatedByType - :ivar last_modified_at: The timestamp of resource last modification (UTC). - :vartype last_modified_at: ~datetime.datetime + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar content_id: Static ID for the content. Used to identify dependencies and content from + solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic + for user-created. This is the resource name. + :vartype content_id: str + :ivar parent_id: Full parent resource ID of the content item the template is for. This is the + full resource ID including the scope (subscription and resource group). + :vartype parent_id: str + :ivar version: Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, + 1.0.0, 1.0.0.0), following ARM metadata best practices. Can also be any string, but then we + cannot guarantee any version checks. + :vartype version: str + :ivar display_name: The display name of the template. + :vartype display_name: str + :ivar content_kind: The kind of content the template is for. Known values are: "DataConnector", + "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", + "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", + "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and + "AutomationRule". + :vartype content_kind: str or ~azure.mgmt.securityinsight.models.Kind + :ivar source: Source of the content. This is where/how it was created. + :vartype source: ~azure.mgmt.securityinsight.models.MetadataSource + :ivar author: The creator of the content item. + :vartype author: ~azure.mgmt.securityinsight.models.MetadataAuthor + :ivar support: Support information for the template - type, name, contact information. + :vartype support: ~azure.mgmt.securityinsight.models.MetadataSupport + :ivar dependencies: Dependencies for the content item, what other content items it requires to + work. Can describe more complex dependencies using a recursive/nested structure. For a single + dependency an id/kind/version can be supplied or operator/criteria for complex formats. + :vartype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :ivar categories: Categories for the item. + :vartype categories: ~azure.mgmt.securityinsight.models.MetadataCategories + :ivar providers: Providers for the content item. + :vartype providers: list[str] + :ivar first_publish_date: first publish date content item. + :vartype first_publish_date: ~datetime.date + :ivar last_publish_date: last publish date for the content item. + :vartype last_publish_date: ~datetime.date + :ivar custom_version: The custom version of the content. A optional free text. + :vartype custom_version: str + :ivar content_schema_version: Schema version of the content. Can be used to distinguish between + different flow based on the schema version. + :vartype content_schema_version: str + :ivar icon: the icon identifier. this id can later be fetched from the content metadata. + :vartype icon: str + :ivar threat_analysis_tactics: the tactics the resource covers. + :vartype threat_analysis_tactics: list[str] + :ivar threat_analysis_techniques: the techniques the resource covers, these have to be aligned + with the tactics being used. + :vartype threat_analysis_techniques: list[str] + :ivar preview_images: preview image file names. These will be taken from the solution + artifacts. + :vartype preview_images: list[str] + :ivar preview_images_dark: preview image file names. These will be taken from the solution + artifacts. used for dark theme support. + :vartype preview_images_dark: list[str] + :ivar package_id: the package Id contains this template. + :vartype package_id: str + :ivar package_kind: the packageKind of the package contains this template. Known values are: + "Solution" and "Standalone". + :vartype package_kind: str or ~azure.mgmt.securityinsight.models.PackageKind + :ivar package_name: the name of the package contains this template. + :vartype package_name: str + :ivar packaged_content: the json to deploy. + :vartype packaged_content: JSON """ + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + } + _attribute_map = { - "created_by": {"key": "createdBy", "type": "str"}, - "created_by_type": {"key": "createdByType", "type": "str"}, - "created_at": {"key": "createdAt", "type": "iso-8601"}, - "last_modified_by": {"key": "lastModifiedBy", "type": "str"}, - "last_modified_by_type": {"key": "lastModifiedByType", "type": "str"}, - "last_modified_at": {"key": "lastModifiedAt", "type": "iso-8601"}, + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "content_id": {"key": "properties.contentId", "type": "str"}, + "parent_id": {"key": "properties.parentId", "type": "str"}, + "version": {"key": "properties.version", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "content_kind": {"key": "properties.contentKind", "type": "str"}, + "source": {"key": "properties.source", "type": "MetadataSource"}, + "author": {"key": "properties.author", "type": "MetadataAuthor"}, + "support": {"key": "properties.support", "type": "MetadataSupport"}, + "dependencies": {"key": "properties.dependencies", "type": "MetadataDependencies"}, + "categories": {"key": "properties.categories", "type": "MetadataCategories"}, + "providers": {"key": "properties.providers", "type": "[str]"}, + "first_publish_date": {"key": "properties.firstPublishDate", "type": "date"}, + "last_publish_date": {"key": "properties.lastPublishDate", "type": "date"}, + "custom_version": {"key": "properties.customVersion", "type": "str"}, + "content_schema_version": {"key": "properties.contentSchemaVersion", "type": "str"}, + "icon": {"key": "properties.icon", "type": "str"}, + "threat_analysis_tactics": {"key": "properties.threatAnalysisTactics", "type": "[str]"}, + "threat_analysis_techniques": {"key": "properties.threatAnalysisTechniques", "type": "[str]"}, + "preview_images": {"key": "properties.previewImages", "type": "[str]"}, + "preview_images_dark": {"key": "properties.previewImagesDark", "type": "[str]"}, + "package_id": {"key": "properties.packageId", "type": "str"}, + "package_kind": {"key": "properties.packageKind", "type": "str"}, + "package_name": {"key": "properties.packageName", "type": "str"}, + "packaged_content": {"key": "properties.packagedContent", "type": "object"}, } - def __init__( + def __init__( # pylint: disable=too-many-locals self, *, - created_by: Optional[str] = None, - created_by_type: Optional[Union[str, "_models.CreatedByType"]] = None, - created_at: Optional[datetime.datetime] = None, - last_modified_by: Optional[str] = None, - last_modified_by_type: Optional[Union[str, "_models.CreatedByType"]] = None, - last_modified_at: Optional[datetime.datetime] = None, - **kwargs - ): + etag: Optional[str] = None, + content_id: Optional[str] = None, + parent_id: Optional[str] = None, + version: Optional[str] = None, + display_name: Optional[str] = None, + content_kind: Optional[Union[str, "_models.Kind"]] = None, + source: Optional["_models.MetadataSource"] = None, + author: Optional["_models.MetadataAuthor"] = None, + support: Optional["_models.MetadataSupport"] = None, + dependencies: Optional["_models.MetadataDependencies"] = None, + categories: Optional["_models.MetadataCategories"] = None, + providers: Optional[List[str]] = None, + first_publish_date: Optional[datetime.date] = None, + last_publish_date: Optional[datetime.date] = None, + custom_version: Optional[str] = None, + content_schema_version: Optional[str] = None, + icon: Optional[str] = None, + threat_analysis_tactics: Optional[List[str]] = None, + threat_analysis_techniques: Optional[List[str]] = None, + preview_images: Optional[List[str]] = None, + preview_images_dark: Optional[List[str]] = None, + package_id: Optional[str] = None, + package_kind: Optional[Union[str, "_models.PackageKind"]] = None, + package_name: Optional[str] = None, + packaged_content: Optional[JSON] = None, + **kwargs: Any + ) -> None: """ - :keyword created_by: The identity that created the resource. - :paramtype created_by: str - :keyword created_by_type: The type of identity that created the resource. Known values are: - "User", "Application", "ManagedIdentity", and "Key". - :paramtype created_by_type: str or ~azure.mgmt.securityinsight.models.CreatedByType - :keyword created_at: The timestamp of resource creation (UTC). - :paramtype created_at: ~datetime.datetime - :keyword last_modified_by: The identity that last modified the resource. - :paramtype last_modified_by: str - :keyword last_modified_by_type: The type of identity that last modified the resource. Known - values are: "User", "Application", "ManagedIdentity", and "Key". - :paramtype last_modified_by_type: str or ~azure.mgmt.securityinsight.models.CreatedByType - :keyword last_modified_at: The timestamp of resource last modification (UTC). - :paramtype last_modified_at: ~datetime.datetime + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword content_id: Static ID for the content. Used to identify dependencies and content from + solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic + for user-created. This is the resource name. + :paramtype content_id: str + :keyword parent_id: Full parent resource ID of the content item the template is for. This is + the full resource ID including the scope (subscription and resource group). + :paramtype parent_id: str + :keyword version: Version of the content. Default and recommended format is numeric (e.g. 1, + 1.0, 1.0.0, 1.0.0.0), following ARM metadata best practices. Can also be any string, but then + we cannot guarantee any version checks. + :paramtype version: str + :keyword display_name: The display name of the template. + :paramtype display_name: str + :keyword content_kind: The kind of content the template is for. Known values are: + "DataConnector", "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", + "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", + "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and + "AutomationRule". + :paramtype content_kind: str or ~azure.mgmt.securityinsight.models.Kind + :keyword source: Source of the content. This is where/how it was created. + :paramtype source: ~azure.mgmt.securityinsight.models.MetadataSource + :keyword author: The creator of the content item. + :paramtype author: ~azure.mgmt.securityinsight.models.MetadataAuthor + :keyword support: Support information for the template - type, name, contact information. + :paramtype support: ~azure.mgmt.securityinsight.models.MetadataSupport + :keyword dependencies: Dependencies for the content item, what other content items it requires + to work. Can describe more complex dependencies using a recursive/nested structure. For a + single dependency an id/kind/version can be supplied or operator/criteria for complex formats. + :paramtype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :keyword categories: Categories for the item. + :paramtype categories: ~azure.mgmt.securityinsight.models.MetadataCategories + :keyword providers: Providers for the content item. + :paramtype providers: list[str] + :keyword first_publish_date: first publish date content item. + :paramtype first_publish_date: ~datetime.date + :keyword last_publish_date: last publish date for the content item. + :paramtype last_publish_date: ~datetime.date + :keyword custom_version: The custom version of the content. A optional free text. + :paramtype custom_version: str + :keyword content_schema_version: Schema version of the content. Can be used to distinguish + between different flow based on the schema version. + :paramtype content_schema_version: str + :keyword icon: the icon identifier. this id can later be fetched from the content metadata. + :paramtype icon: str + :keyword threat_analysis_tactics: the tactics the resource covers. + :paramtype threat_analysis_tactics: list[str] + :keyword threat_analysis_techniques: the techniques the resource covers, these have to be + aligned with the tactics being used. + :paramtype threat_analysis_techniques: list[str] + :keyword preview_images: preview image file names. These will be taken from the solution + artifacts. + :paramtype preview_images: list[str] + :keyword preview_images_dark: preview image file names. These will be taken from the solution + artifacts. used for dark theme support. + :paramtype preview_images_dark: list[str] + :keyword package_id: the package Id contains this template. + :paramtype package_id: str + :keyword package_kind: the packageKind of the package contains this template. Known values are: + "Solution" and "Standalone". + :paramtype package_kind: str or ~azure.mgmt.securityinsight.models.PackageKind + :keyword package_name: the name of the package contains this template. + :paramtype package_name: str + :keyword packaged_content: the json to deploy. + :paramtype packaged_content: JSON """ - super().__init__(**kwargs) - self.created_by = created_by - self.created_by_type = created_by_type - self.created_at = created_at - self.last_modified_by = last_modified_by - self.last_modified_by_type = last_modified_by_type - self.last_modified_at = last_modified_at + super().__init__(etag=etag, **kwargs) + self.content_id = content_id + self.parent_id = parent_id + self.version = version + self.display_name = display_name + self.content_kind = content_kind + self.source = source + self.author = author + self.support = support + self.dependencies = dependencies + self.categories = categories + self.providers = providers + self.first_publish_date = first_publish_date + self.last_publish_date = last_publish_date + self.custom_version = custom_version + self.content_schema_version = content_schema_version + self.icon = icon + self.threat_analysis_tactics = threat_analysis_tactics + self.threat_analysis_techniques = threat_analysis_techniques + self.preview_images = preview_images + self.preview_images_dark = preview_images_dark + self.package_id = package_id + self.package_kind = package_kind + self.package_name = package_name + self.packaged_content = packaged_content -class TeamInformation(_serialization.Model): - """Describes team information. +class TemplateModelAutoGenerated(ResourceWithEtag): # pylint: disable=too-many-instance-attributes + """Template resource definition. Variables are only populated by the server, and will be ignored when sending a request. - :ivar team_id: Team ID. - :vartype team_id: str - :ivar primary_channel_url: The primary channel URL of the team. - :vartype primary_channel_url: str - :ivar team_creation_time_utc: The time the team was created. - :vartype team_creation_time_utc: ~datetime.datetime - :ivar name: The name of the team. + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. :vartype name: str - :ivar description: The description of the team. - :vartype description: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar content_id: Static ID for the content. Used to identify dependencies and content from + solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic + for user-created. This is the resource name. + :vartype content_id: str + :ivar version: Version of the content. Default and recommended format is numeric (e.g. 1, 1.0, + 1.0.0, 1.0.0.0), following ARM metadata best practices. Can also be any string, but then we + cannot guarantee any version checks. + :vartype version: str + :ivar display_name: The display name of the template. + :vartype display_name: str + :ivar content_kind: The kind of content the template is for. Known values are: "DataConnector", + "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", + "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", + "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and + "AutomationRule". + :vartype content_kind: str or ~azure.mgmt.securityinsight.models.Kind + :ivar source: Source of the content. This is where/how it was created. + :vartype source: ~azure.mgmt.securityinsight.models.MetadataSource + :ivar author: The creator of the content item. + :vartype author: ~azure.mgmt.securityinsight.models.MetadataAuthor + :ivar support: Support information for the template - type, name, contact information. + :vartype support: ~azure.mgmt.securityinsight.models.MetadataSupport + :ivar dependencies: Dependencies for the content item, what other content items it requires to + work. Can describe more complex dependencies using a recursive/nested structure. For a single + dependency an id/kind/version can be supplied or operator/criteria for complex formats. + :vartype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :ivar categories: Categories for the item. + :vartype categories: ~azure.mgmt.securityinsight.models.MetadataCategories + :ivar providers: Providers for the content item. + :vartype providers: list[str] + :ivar first_publish_date: first publish date content item. + :vartype first_publish_date: ~datetime.date + :ivar last_publish_date: last publish date for the content item. + :vartype last_publish_date: ~datetime.date + :ivar custom_version: The custom version of the content. A optional free text. + :vartype custom_version: str + :ivar content_schema_version: Schema version of the content. Can be used to distinguish between + different flow based on the schema version. + :vartype content_schema_version: str + :ivar icon: the icon identifier. this id can later be fetched from the content metadata. + :vartype icon: str + :ivar threat_analysis_tactics: the tactics the resource covers. + :vartype threat_analysis_tactics: list[str] + :ivar threat_analysis_techniques: the techniques the resource covers, these have to be aligned + with the tactics being used. + :vartype threat_analysis_techniques: list[str] + :ivar preview_images: preview image file names. These will be taken from the solution + artifacts. + :vartype preview_images: list[str] + :ivar preview_images_dark: preview image file names. These will be taken from the solution + artifacts. used for dark theme support. + :vartype preview_images_dark: list[str] + :ivar package_id: the package Id contains this template. + :vartype package_id: str + :ivar package_kind: the packageKind of the package contains this template. Known values are: + "Solution" and "Standalone". + :vartype package_kind: str or ~azure.mgmt.securityinsight.models.PackageKind + :ivar package_name: the name of the package contains this template. + :vartype package_name: str + :ivar main_template: The JSON of the ARM template to deploy active content. + :vartype main_template: JSON """ _validation = { - "team_id": {"readonly": True}, - "primary_channel_url": {"readonly": True}, - "team_creation_time_utc": {"readonly": True}, + "id": {"readonly": True}, "name": {"readonly": True}, - "description": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, } _attribute_map = { - "team_id": {"key": "teamId", "type": "str"}, - "primary_channel_url": {"key": "primaryChannelUrl", "type": "str"}, - "team_creation_time_utc": {"key": "teamCreationTimeUtc", "type": "iso-8601"}, + "id": {"key": "id", "type": "str"}, "name": {"key": "name", "type": "str"}, - "description": {"key": "description", "type": "str"}, - } - - def __init__(self, **kwargs): - """ """ - super().__init__(**kwargs) - self.team_id = None - self.primary_channel_url = None - self.team_creation_time_utc = None - self.name = None - self.description = None - - -class TeamProperties(_serialization.Model): - """Describes team properties. - - All required parameters must be populated in order to send to Azure. - - :ivar team_name: The name of the team. Required. - :vartype team_name: str - :ivar team_description: The description of the team. - :vartype team_description: str - :ivar group_ids: List of group IDs to add their members to the team. - :vartype group_ids: list[str] - :ivar member_ids: List of member IDs to add to the team. - :vartype member_ids: list[str] - """ - - _validation = { - "team_name": {"required": True}, - } - - _attribute_map = { - "team_name": {"key": "teamName", "type": "str"}, - "team_description": {"key": "teamDescription", "type": "str"}, - "group_ids": {"key": "groupIds", "type": "[str]"}, - "member_ids": {"key": "memberIds", "type": "[str]"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "content_id": {"key": "properties.contentId", "type": "str"}, + "version": {"key": "properties.version", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "content_kind": {"key": "properties.contentKind", "type": "str"}, + "source": {"key": "properties.source", "type": "MetadataSource"}, + "author": {"key": "properties.author", "type": "MetadataAuthor"}, + "support": {"key": "properties.support", "type": "MetadataSupport"}, + "dependencies": {"key": "properties.dependencies", "type": "MetadataDependencies"}, + "categories": {"key": "properties.categories", "type": "MetadataCategories"}, + "providers": {"key": "properties.providers", "type": "[str]"}, + "first_publish_date": {"key": "properties.firstPublishDate", "type": "date"}, + "last_publish_date": {"key": "properties.lastPublishDate", "type": "date"}, + "custom_version": {"key": "properties.customVersion", "type": "str"}, + "content_schema_version": {"key": "properties.contentSchemaVersion", "type": "str"}, + "icon": {"key": "properties.icon", "type": "str"}, + "threat_analysis_tactics": {"key": "properties.threatAnalysisTactics", "type": "[str]"}, + "threat_analysis_techniques": {"key": "properties.threatAnalysisTechniques", "type": "[str]"}, + "preview_images": {"key": "properties.previewImages", "type": "[str]"}, + "preview_images_dark": {"key": "properties.previewImagesDark", "type": "[str]"}, + "package_id": {"key": "properties.packageId", "type": "str"}, + "package_kind": {"key": "properties.packageKind", "type": "str"}, + "package_name": {"key": "properties.packageName", "type": "str"}, + "main_template": {"key": "properties.mainTemplate", "type": "object"}, } - def __init__( + def __init__( # pylint: disable=too-many-locals self, *, - team_name: str, - team_description: Optional[str] = None, - group_ids: Optional[List[str]] = None, - member_ids: Optional[List[str]] = None, - **kwargs - ): - """ - :keyword team_name: The name of the team. Required. - :paramtype team_name: str - :keyword team_description: The description of the team. - :paramtype team_description: str - :keyword group_ids: List of group IDs to add their members to the team. - :paramtype group_ids: list[str] - :keyword member_ids: List of member IDs to add to the team. - :paramtype member_ids: list[str] + etag: Optional[str] = None, + content_id: Optional[str] = None, + version: Optional[str] = None, + display_name: Optional[str] = None, + content_kind: Optional[Union[str, "_models.Kind"]] = None, + source: Optional["_models.MetadataSource"] = None, + author: Optional["_models.MetadataAuthor"] = None, + support: Optional["_models.MetadataSupport"] = None, + dependencies: Optional["_models.MetadataDependencies"] = None, + categories: Optional["_models.MetadataCategories"] = None, + providers: Optional[List[str]] = None, + first_publish_date: Optional[datetime.date] = None, + last_publish_date: Optional[datetime.date] = None, + custom_version: Optional[str] = None, + content_schema_version: Optional[str] = None, + icon: Optional[str] = None, + threat_analysis_tactics: Optional[List[str]] = None, + threat_analysis_techniques: Optional[List[str]] = None, + preview_images: Optional[List[str]] = None, + preview_images_dark: Optional[List[str]] = None, + package_id: Optional[str] = None, + package_kind: Optional[Union[str, "_models.PackageKind"]] = None, + package_name: Optional[str] = None, + main_template: Optional[JSON] = None, + **kwargs: Any + ) -> None: """ - super().__init__(**kwargs) - self.team_name = team_name - self.team_description = team_description - self.group_ids = group_ids - self.member_ids = member_ids + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword content_id: Static ID for the content. Used to identify dependencies and content from + solutions or community. Hard-coded/static for out of the box content and solutions. Dynamic + for user-created. This is the resource name. + :paramtype content_id: str + :keyword version: Version of the content. Default and recommended format is numeric (e.g. 1, + 1.0, 1.0.0, 1.0.0.0), following ARM metadata best practices. Can also be any string, but then + we cannot guarantee any version checks. + :paramtype version: str + :keyword display_name: The display name of the template. + :paramtype display_name: str + :keyword content_kind: The kind of content the template is for. Known values are: + "DataConnector", "DataType", "Workbook", "WorkbookTemplate", "Playbook", "PlaybookTemplate", + "AnalyticsRuleTemplate", "AnalyticsRule", "HuntingQuery", "InvestigationQuery", "Parser", + "Watchlist", "WatchlistTemplate", "Solution", "AzureFunction", "LogicAppsCustomConnector", and + "AutomationRule". + :paramtype content_kind: str or ~azure.mgmt.securityinsight.models.Kind + :keyword source: Source of the content. This is where/how it was created. + :paramtype source: ~azure.mgmt.securityinsight.models.MetadataSource + :keyword author: The creator of the content item. + :paramtype author: ~azure.mgmt.securityinsight.models.MetadataAuthor + :keyword support: Support information for the template - type, name, contact information. + :paramtype support: ~azure.mgmt.securityinsight.models.MetadataSupport + :keyword dependencies: Dependencies for the content item, what other content items it requires + to work. Can describe more complex dependencies using a recursive/nested structure. For a + single dependency an id/kind/version can be supplied or operator/criteria for complex formats. + :paramtype dependencies: ~azure.mgmt.securityinsight.models.MetadataDependencies + :keyword categories: Categories for the item. + :paramtype categories: ~azure.mgmt.securityinsight.models.MetadataCategories + :keyword providers: Providers for the content item. + :paramtype providers: list[str] + :keyword first_publish_date: first publish date content item. + :paramtype first_publish_date: ~datetime.date + :keyword last_publish_date: last publish date for the content item. + :paramtype last_publish_date: ~datetime.date + :keyword custom_version: The custom version of the content. A optional free text. + :paramtype custom_version: str + :keyword content_schema_version: Schema version of the content. Can be used to distinguish + between different flow based on the schema version. + :paramtype content_schema_version: str + :keyword icon: the icon identifier. this id can later be fetched from the content metadata. + :paramtype icon: str + :keyword threat_analysis_tactics: the tactics the resource covers. + :paramtype threat_analysis_tactics: list[str] + :keyword threat_analysis_techniques: the techniques the resource covers, these have to be + aligned with the tactics being used. + :paramtype threat_analysis_techniques: list[str] + :keyword preview_images: preview image file names. These will be taken from the solution + artifacts. + :paramtype preview_images: list[str] + :keyword preview_images_dark: preview image file names. These will be taken from the solution + artifacts. used for dark theme support. + :paramtype preview_images_dark: list[str] + :keyword package_id: the package Id contains this template. + :paramtype package_id: str + :keyword package_kind: the packageKind of the package contains this template. Known values are: + "Solution" and "Standalone". + :paramtype package_kind: str or ~azure.mgmt.securityinsight.models.PackageKind + :keyword package_name: the name of the package contains this template. + :paramtype package_name: str + :keyword main_template: The JSON of the ARM template to deploy active content. + :paramtype main_template: JSON + """ + super().__init__(etag=etag, **kwargs) + self.content_id = content_id + self.version = version + self.display_name = display_name + self.content_kind = content_kind + self.source = source + self.author = author + self.support = support + self.dependencies = dependencies + self.categories = categories + self.providers = providers + self.first_publish_date = first_publish_date + self.last_publish_date = last_publish_date + self.custom_version = custom_version + self.content_schema_version = content_schema_version + self.icon = icon + self.threat_analysis_tactics = threat_analysis_tactics + self.threat_analysis_techniques = threat_analysis_techniques + self.preview_images = preview_images + self.preview_images_dark = preview_images_dark + self.package_id = package_id + self.package_kind = package_kind + self.package_name = package_name + self.main_template = main_template class ThreatIntelligence(_serialization.Model): @@ -20978,7 +23301,7 @@ class ThreatIntelligence(_serialization.Model): "threat_type": {"key": "threatType", "type": "str"}, } - def __init__(self, **kwargs): + def __init__(self, **kwargs: Any) -> None: """ """ super().__init__(**kwargs) self.confidence = None @@ -21069,8 +23392,8 @@ def __init__( etag: Optional[str] = None, alert_rule_template_name: Optional[str] = None, enabled: Optional[bool] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -21182,8 +23505,8 @@ def __init__( tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, techniques: Optional[List[str]] = None, severity: Optional[Union[str, "_models.AlertSeverity"]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword alert_rules_created_by_template_count: the number of alert rules that were created by this template. @@ -21283,8 +23606,8 @@ def __init__( status: Optional[Union[str, "_models.TemplateStatus"]] = None, tactics: Optional[List[Union[str, "_models.AttackTactic"]]] = None, techniques: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword alert_rules_created_by_template_count: the number of alert rules that were created by this template. @@ -21331,7 +23654,7 @@ class ThreatIntelligenceAppendTags(_serialization.Model): "threat_intelligence_tags": {"key": "threatIntelligenceTags", "type": "[str]"}, } - def __init__(self, *, threat_intelligence_tags: Optional[List[str]] = None, **kwargs): + def __init__(self, *, threat_intelligence_tags: Optional[List[str]] = None, **kwargs: Any) -> None: """ :keyword threat_intelligence_tags: List of tags to be appended. :paramtype threat_intelligence_tags: list[str] @@ -21371,8 +23694,8 @@ def __init__( source_name: Optional[str] = None, url: Optional[str] = None, hashes: Optional[Dict[str, str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword description: External reference description. :paramtype description: str @@ -21456,8 +23779,8 @@ def __init__( ids: Optional[List[str]] = None, keywords: Optional[List[str]] = None, skip_token: Optional[str] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword page_size: Page size. :paramtype page_size: int @@ -21525,8 +23848,8 @@ def __init__( language: Optional[str] = None, marking_ref: Optional[int] = None, selectors: Optional[List[str]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword language: Language granular marking model. :paramtype language: str @@ -21565,7 +23888,7 @@ class ThreatIntelligenceInformation(ResourceWithEtag): :ivar etag: Etag of the azure resource. :vartype etag: str :ivar kind: The kind of the entity. Required. "indicator" - :vartype kind: str or ~azure.mgmt.securityinsight.models.ThreatIntelligenceResourceKindEnum + :vartype kind: str or ~azure.mgmt.securityinsight.models.ThreatIntelligenceResourceInnerKind """ _validation = { @@ -21587,7 +23910,7 @@ class ThreatIntelligenceInformation(ResourceWithEtag): _subtype_map = {"kind": {"indicator": "ThreatIntelligenceIndicatorModel"}} - def __init__(self, *, etag: Optional[str] = None, **kwargs): + def __init__(self, *, etag: Optional[str] = None, **kwargs: Any) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -21617,7 +23940,7 @@ class ThreatIntelligenceIndicatorModel(ThreatIntelligenceInformation): # pylint :ivar etag: Etag of the azure resource. :vartype etag: str :ivar kind: The kind of the entity. Required. "indicator" - :vartype kind: str or ~azure.mgmt.securityinsight.models.ThreatIntelligenceResourceKindEnum + :vartype kind: str or ~azure.mgmt.securityinsight.models.ThreatIntelligenceResourceInnerKind :ivar additional_data: A bag of custom fields that should be part of the entity and will be presented to the user. :vartype additional_data: dict[str, any] @@ -21770,8 +24093,8 @@ def __init__( # pylint: disable=too-many-locals created: Optional[str] = None, modified: Optional[str] = None, extensions: Optional[Dict[str, Any]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str @@ -22012,8 +24335,8 @@ def __init__( # pylint: disable=too-many-locals created: Optional[str] = None, modified: Optional[str] = None, extensions: Optional[Dict[str, Any]] = None, - **kwargs - ): + **kwargs: Any + ) -> None: """ :keyword threat_intelligence_tags: List of tags. :paramtype threat_intelligence_tags: list[str] @@ -22077,327 +24400,697 @@ def __init__( # pylint: disable=too-many-locals :paramtype extensions: dict[str, any] """ super().__init__(**kwargs) - self.threat_intelligence_tags = threat_intelligence_tags - self.last_updated_time_utc = last_updated_time_utc - self.source = source - self.display_name = display_name - self.description = description - self.indicator_types = indicator_types - self.pattern = pattern - self.pattern_type = pattern_type - self.pattern_version = pattern_version - self.kill_chain_phases = kill_chain_phases - self.parsed_pattern = parsed_pattern - self.external_id = external_id - self.created_by_ref = created_by_ref - self.defanged = defanged - self.external_last_updated_time_utc = external_last_updated_time_utc - self.external_references = external_references - self.granular_markings = granular_markings - self.labels = labels - self.revoked = revoked - self.confidence = confidence - self.object_marking_refs = object_marking_refs - self.language = language - self.threat_types = threat_types - self.valid_from = valid_from - self.valid_until = valid_until - self.created = created - self.modified = modified - self.extensions = extensions + self.threat_intelligence_tags = threat_intelligence_tags + self.last_updated_time_utc = last_updated_time_utc + self.source = source + self.display_name = display_name + self.description = description + self.indicator_types = indicator_types + self.pattern = pattern + self.pattern_type = pattern_type + self.pattern_version = pattern_version + self.kill_chain_phases = kill_chain_phases + self.parsed_pattern = parsed_pattern + self.external_id = external_id + self.created_by_ref = created_by_ref + self.defanged = defanged + self.external_last_updated_time_utc = external_last_updated_time_utc + self.external_references = external_references + self.granular_markings = granular_markings + self.labels = labels + self.revoked = revoked + self.confidence = confidence + self.object_marking_refs = object_marking_refs + self.language = language + self.threat_types = threat_types + self.valid_from = valid_from + self.valid_until = valid_until + self.created = created + self.modified = modified + self.extensions = extensions + + +class ThreatIntelligenceInformationList(_serialization.Model): + """List of all the threat intelligence information objects. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of information objects. + :vartype next_link: str + :ivar value: Array of threat intelligence information objects. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.ThreatIntelligenceInformation] + """ + + _validation = { + "next_link": {"readonly": True}, + "value": {"required": True}, + } + + _attribute_map = { + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[ThreatIntelligenceInformation]"}, + } + + def __init__(self, *, value: List["_models.ThreatIntelligenceInformation"], **kwargs: Any) -> None: + """ + :keyword value: Array of threat intelligence information objects. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.ThreatIntelligenceInformation] + """ + super().__init__(**kwargs) + self.next_link = None + self.value = value + + +class ThreatIntelligenceKillChainPhase(_serialization.Model): + """Describes threat kill chain phase entity. + + :ivar kill_chain_name: Kill chainName name. + :vartype kill_chain_name: str + :ivar phase_name: Phase name. + :vartype phase_name: str + """ + + _attribute_map = { + "kill_chain_name": {"key": "killChainName", "type": "str"}, + "phase_name": {"key": "phaseName", "type": "str"}, + } + + def __init__( + self, *, kill_chain_name: Optional[str] = None, phase_name: Optional[str] = None, **kwargs: Any + ) -> None: + """ + :keyword kill_chain_name: Kill chainName name. + :paramtype kill_chain_name: str + :keyword phase_name: Phase name. + :paramtype phase_name: str + """ + super().__init__(**kwargs) + self.kill_chain_name = kill_chain_name + self.phase_name = phase_name + + +class ThreatIntelligenceMetric(_serialization.Model): + """Describes threat intelligence metric. + + :ivar last_updated_time_utc: Last updated indicator metric. + :vartype last_updated_time_utc: str + :ivar threat_type_metrics: Threat type metrics. + :vartype threat_type_metrics: + list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] + :ivar pattern_type_metrics: Pattern type metrics. + :vartype pattern_type_metrics: + list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] + :ivar source_metrics: Source metrics. + :vartype source_metrics: + list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] + """ + + _attribute_map = { + "last_updated_time_utc": {"key": "lastUpdatedTimeUtc", "type": "str"}, + "threat_type_metrics": {"key": "threatTypeMetrics", "type": "[ThreatIntelligenceMetricEntity]"}, + "pattern_type_metrics": {"key": "patternTypeMetrics", "type": "[ThreatIntelligenceMetricEntity]"}, + "source_metrics": {"key": "sourceMetrics", "type": "[ThreatIntelligenceMetricEntity]"}, + } + + def __init__( + self, + *, + last_updated_time_utc: Optional[str] = None, + threat_type_metrics: Optional[List["_models.ThreatIntelligenceMetricEntity"]] = None, + pattern_type_metrics: Optional[List["_models.ThreatIntelligenceMetricEntity"]] = None, + source_metrics: Optional[List["_models.ThreatIntelligenceMetricEntity"]] = None, + **kwargs: Any + ) -> None: + """ + :keyword last_updated_time_utc: Last updated indicator metric. + :paramtype last_updated_time_utc: str + :keyword threat_type_metrics: Threat type metrics. + :paramtype threat_type_metrics: + list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] + :keyword pattern_type_metrics: Pattern type metrics. + :paramtype pattern_type_metrics: + list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] + :keyword source_metrics: Source metrics. + :paramtype source_metrics: + list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] + """ + super().__init__(**kwargs) + self.last_updated_time_utc = last_updated_time_utc + self.threat_type_metrics = threat_type_metrics + self.pattern_type_metrics = pattern_type_metrics + self.source_metrics = source_metrics + + +class ThreatIntelligenceMetricEntity(_serialization.Model): + """Describes threat intelligence metric entity. + + :ivar metric_name: Metric name. + :vartype metric_name: str + :ivar metric_value: Metric value. + :vartype metric_value: int + """ + + _attribute_map = { + "metric_name": {"key": "metricName", "type": "str"}, + "metric_value": {"key": "metricValue", "type": "int"}, + } + + def __init__(self, *, metric_name: Optional[str] = None, metric_value: Optional[int] = None, **kwargs: Any) -> None: + """ + :keyword metric_name: Metric name. + :paramtype metric_name: str + :keyword metric_value: Metric value. + :paramtype metric_value: int + """ + super().__init__(**kwargs) + self.metric_name = metric_name + self.metric_value = metric_value + + +class ThreatIntelligenceMetrics(_serialization.Model): + """Threat intelligence metrics. + + :ivar properties: Threat intelligence metrics. + :vartype properties: ~azure.mgmt.securityinsight.models.ThreatIntelligenceMetric + """ + + _attribute_map = { + "properties": {"key": "properties", "type": "ThreatIntelligenceMetric"}, + } + + def __init__(self, *, properties: Optional["_models.ThreatIntelligenceMetric"] = None, **kwargs: Any) -> None: + """ + :keyword properties: Threat intelligence metrics. + :paramtype properties: ~azure.mgmt.securityinsight.models.ThreatIntelligenceMetric + """ + super().__init__(**kwargs) + self.properties = properties + + +class ThreatIntelligenceMetricsList(_serialization.Model): + """List of all the threat intelligence metric fields (type/threat type/source). + + All required parameters must be populated in order to send to Azure. + + :ivar value: Array of threat intelligence metric fields (type/threat type/source). Required. + :vartype value: list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetrics] + """ + + _validation = { + "value": {"required": True}, + } + + _attribute_map = { + "value": {"key": "value", "type": "[ThreatIntelligenceMetrics]"}, + } + + def __init__(self, *, value: List["_models.ThreatIntelligenceMetrics"], **kwargs: Any) -> None: + """ + :keyword value: Array of threat intelligence metric fields (type/threat type/source). Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetrics] + """ + super().__init__(**kwargs) + self.value = value + + +class ThreatIntelligenceParsedPattern(_serialization.Model): + """Describes parsed pattern entity. + + :ivar pattern_type_key: Pattern type key. + :vartype pattern_type_key: str + :ivar pattern_type_values: Pattern type keys. + :vartype pattern_type_values: + list[~azure.mgmt.securityinsight.models.ThreatIntelligenceParsedPatternTypeValue] + """ + + _attribute_map = { + "pattern_type_key": {"key": "patternTypeKey", "type": "str"}, + "pattern_type_values": {"key": "patternTypeValues", "type": "[ThreatIntelligenceParsedPatternTypeValue]"}, + } + + def __init__( + self, + *, + pattern_type_key: Optional[str] = None, + pattern_type_values: Optional[List["_models.ThreatIntelligenceParsedPatternTypeValue"]] = None, + **kwargs: Any + ) -> None: + """ + :keyword pattern_type_key: Pattern type key. + :paramtype pattern_type_key: str + :keyword pattern_type_values: Pattern type keys. + :paramtype pattern_type_values: + list[~azure.mgmt.securityinsight.models.ThreatIntelligenceParsedPatternTypeValue] + """ + super().__init__(**kwargs) + self.pattern_type_key = pattern_type_key + self.pattern_type_values = pattern_type_values -class ThreatIntelligenceInformationList(_serialization.Model): - """List of all the threat intelligence information objects. +class ThreatIntelligenceParsedPatternTypeValue(_serialization.Model): + """Describes threat kill chain phase entity. - Variables are only populated by the server, and will be ignored when sending a request. + :ivar value_type: Type of the value. + :vartype value_type: str + :ivar value: Value of parsed pattern. + :vartype value: str + """ + + _attribute_map = { + "value_type": {"key": "valueType", "type": "str"}, + "value": {"key": "value", "type": "str"}, + } + + def __init__(self, *, value_type: Optional[str] = None, value: Optional[str] = None, **kwargs: Any) -> None: + """ + :keyword value_type: Type of the value. + :paramtype value_type: str + :keyword value: Value of parsed pattern. + :paramtype value: str + """ + super().__init__(**kwargs) + self.value_type = value_type + self.value = value + + +class ThreatIntelligenceSortingCriteria(_serialization.Model): + """List of available columns for sorting. + + :ivar item_key: Column name. + :vartype item_key: str + :ivar sort_order: Sorting order (ascending/descending/unsorted). Known values are: "unsorted", + "ascending", and "descending". + :vartype sort_order: str or ~azure.mgmt.securityinsight.models.ThreatIntelligenceSortingOrder + """ + + _attribute_map = { + "item_key": {"key": "itemKey", "type": "str"}, + "sort_order": {"key": "sortOrder", "type": "str"}, + } + + def __init__( + self, + *, + item_key: Optional[str] = None, + sort_order: Optional[Union[str, "_models.ThreatIntelligenceSortingOrder"]] = None, + **kwargs: Any + ) -> None: + """ + :keyword item_key: Column name. + :paramtype item_key: str + :keyword sort_order: Sorting order (ascending/descending/unsorted). Known values are: + "unsorted", "ascending", and "descending". + :paramtype sort_order: str or ~azure.mgmt.securityinsight.models.ThreatIntelligenceSortingOrder + """ + super().__init__(**kwargs) + self.item_key = item_key + self.sort_order = sort_order + + +class TICheckRequirements(DataConnectorsCheckRequirements): + """Threat Intelligence Platforms data connector check requirements. All required parameters must be populated in order to send to Azure. - :ivar next_link: URL to fetch the next set of information objects. - :vartype next_link: str - :ivar value: Array of threat intelligence information objects. Required. - :vartype value: list[~azure.mgmt.securityinsight.models.ThreatIntelligenceInformation] + :ivar kind: Describes the kind of connector to be checked. Required. Known values are: + "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", + "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str """ _validation = { - "next_link": {"readonly": True}, - "value": {"required": True}, + "kind": {"required": True}, } _attribute_map = { - "next_link": {"key": "nextLink", "type": "str"}, - "value": {"key": "value", "type": "[ThreatIntelligenceInformation]"}, + "kind": {"key": "kind", "type": "str"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, value: List["_models.ThreatIntelligenceInformation"], **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ - :keyword value: Array of threat intelligence information objects. Required. - :paramtype value: list[~azure.mgmt.securityinsight.models.ThreatIntelligenceInformation] + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str """ super().__init__(**kwargs) - self.next_link = None - self.value = value + self.kind: str = "ThreatIntelligence" + self.tenant_id = tenant_id -class ThreatIntelligenceKillChainPhase(_serialization.Model): - """Describes threat kill chain phase entity. +class TICheckRequirementsProperties(DataConnectorTenantId): + """Threat Intelligence Platforms data connector required properties. - :ivar kill_chain_name: Kill chainName name. - :vartype kill_chain_name: str - :ivar phase_name: Phase name. - :vartype phase_name: str + All required parameters must be populated in order to send to Azure. + + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str """ + _validation = { + "tenant_id": {"required": True}, + } + _attribute_map = { - "kill_chain_name": {"key": "killChainName", "type": "str"}, - "phase_name": {"key": "phaseName", "type": "str"}, + "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, kill_chain_name: Optional[str] = None, phase_name: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ - :keyword kill_chain_name: Kill chainName name. - :paramtype kill_chain_name: str - :keyword phase_name: Phase name. - :paramtype phase_name: str + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str """ - super().__init__(**kwargs) - self.kill_chain_name = kill_chain_name - self.phase_name = phase_name + super().__init__(tenant_id=tenant_id, **kwargs) -class ThreatIntelligenceMetric(_serialization.Model): - """Describes threat intelligence metric. +class TIDataConnector(DataConnector): + """Represents threat intelligence data connector. - :ivar last_updated_time_utc: Last updated indicator metric. - :vartype last_updated_time_utc: str - :ivar threat_type_metrics: Threat type metrics. - :vartype threat_type_metrics: - list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] - :ivar pattern_type_metrics: Pattern type metrics. - :vartype pattern_type_metrics: - list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] - :ivar source_metrics: Source metrics. - :vartype source_metrics: - list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", + "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", + "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". + :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind + :ivar tenant_id: The tenant id to connect to, and get the data from. + :vartype tenant_id: str + :ivar tip_lookback_period: The lookback period for the feed to be imported. + :vartype tip_lookback_period: ~datetime.datetime + :ivar data_types: The available data types for the connector. + :vartype data_types: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes """ + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, + } + _attribute_map = { - "last_updated_time_utc": {"key": "lastUpdatedTimeUtc", "type": "str"}, - "threat_type_metrics": {"key": "threatTypeMetrics", "type": "[ThreatIntelligenceMetricEntity]"}, - "pattern_type_metrics": {"key": "patternTypeMetrics", "type": "[ThreatIntelligenceMetricEntity]"}, - "source_metrics": {"key": "sourceMetrics", "type": "[ThreatIntelligenceMetricEntity]"}, + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "tip_lookback_period": {"key": "properties.tipLookbackPeriod", "type": "iso-8601"}, + "data_types": {"key": "properties.dataTypes", "type": "TIDataConnectorDataTypes"}, } def __init__( self, *, - last_updated_time_utc: Optional[str] = None, - threat_type_metrics: Optional[List["_models.ThreatIntelligenceMetricEntity"]] = None, - pattern_type_metrics: Optional[List["_models.ThreatIntelligenceMetricEntity"]] = None, - source_metrics: Optional[List["_models.ThreatIntelligenceMetricEntity"]] = None, - **kwargs - ): + etag: Optional[str] = None, + tenant_id: Optional[str] = None, + tip_lookback_period: Optional[datetime.datetime] = None, + data_types: Optional["_models.TIDataConnectorDataTypes"] = None, + **kwargs: Any + ) -> None: """ - :keyword last_updated_time_utc: Last updated indicator metric. - :paramtype last_updated_time_utc: str - :keyword threat_type_metrics: Threat type metrics. - :paramtype threat_type_metrics: - list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] - :keyword pattern_type_metrics: Pattern type metrics. - :paramtype pattern_type_metrics: - list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] - :keyword source_metrics: Source metrics. - :paramtype source_metrics: - list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetricEntity] + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword tenant_id: The tenant id to connect to, and get the data from. + :paramtype tenant_id: str + :keyword tip_lookback_period: The lookback period for the feed to be imported. + :paramtype tip_lookback_period: ~datetime.datetime + :keyword data_types: The available data types for the connector. + :paramtype data_types: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes """ - super().__init__(**kwargs) - self.last_updated_time_utc = last_updated_time_utc - self.threat_type_metrics = threat_type_metrics - self.pattern_type_metrics = pattern_type_metrics - self.source_metrics = source_metrics + super().__init__(etag=etag, **kwargs) + self.kind: str = "ThreatIntelligence" + self.tenant_id = tenant_id + self.tip_lookback_period = tip_lookback_period + self.data_types = data_types -class ThreatIntelligenceMetricEntity(_serialization.Model): - """Describes threat intelligence metric entity. +class TIDataConnectorDataTypes(_serialization.Model): + """The available data types for TI (Threat Intelligence) data connector. - :ivar metric_name: Metric name. - :vartype metric_name: str - :ivar metric_value: Metric value. - :vartype metric_value: int + All required parameters must be populated in order to send to Azure. + + :ivar indicators: Data type for indicators connection. Required. + :vartype indicators: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypesIndicators """ + _validation = { + "indicators": {"required": True}, + } + _attribute_map = { - "metric_name": {"key": "metricName", "type": "str"}, - "metric_value": {"key": "metricValue", "type": "int"}, + "indicators": {"key": "indicators", "type": "TIDataConnectorDataTypesIndicators"}, } - def __init__(self, *, metric_name: Optional[str] = None, metric_value: Optional[int] = None, **kwargs): + def __init__(self, *, indicators: "_models.TIDataConnectorDataTypesIndicators", **kwargs: Any) -> None: """ - :keyword metric_name: Metric name. - :paramtype metric_name: str - :keyword metric_value: Metric value. - :paramtype metric_value: int + :keyword indicators: Data type for indicators connection. Required. + :paramtype indicators: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypesIndicators """ super().__init__(**kwargs) - self.metric_name = metric_name - self.metric_value = metric_value + self.indicators = indicators -class ThreatIntelligenceMetrics(_serialization.Model): - """Threat intelligence metrics. +class TIDataConnectorDataTypesIndicators(DataConnectorDataTypeCommon): + """Data type for indicators connection. - :ivar properties: Threat intelligence metrics. - :vartype properties: ~azure.mgmt.securityinsight.models.ThreatIntelligenceMetric + All required parameters must be populated in order to send to Azure. + + :ivar state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ + _validation = { + "state": {"required": True}, + } + _attribute_map = { - "properties": {"key": "properties", "type": "ThreatIntelligenceMetric"}, + "state": {"key": "state", "type": "str"}, } - def __init__(self, *, properties: Optional["_models.ThreatIntelligenceMetric"] = None, **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ - :keyword properties: Threat intelligence metrics. - :paramtype properties: ~azure.mgmt.securityinsight.models.ThreatIntelligenceMetric + :keyword state: Describe whether this data type connection is enabled or not. Required. Known + values are: "Enabled" and "Disabled". + :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState """ - super().__init__(**kwargs) - self.properties = properties + super().__init__(state=state, **kwargs) -class ThreatIntelligenceMetricsList(_serialization.Model): - """List of all the threat intelligence metric fields (type/threat type/source). +class TIDataConnectorProperties(DataConnectorTenantId): + """TI (Threat Intelligence) data connector properties. All required parameters must be populated in order to send to Azure. - :ivar value: Array of threat intelligence metric fields (type/threat type/source). Required. - :vartype value: list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetrics] + :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :vartype tenant_id: str + :ivar tip_lookback_period: The lookback period for the feed to be imported. + :vartype tip_lookback_period: ~datetime.datetime + :ivar data_types: The available data types for the connector. Required. + :vartype data_types: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes """ _validation = { - "value": {"required": True}, + "tenant_id": {"required": True}, + "data_types": {"required": True}, } _attribute_map = { - "value": {"key": "value", "type": "[ThreatIntelligenceMetrics]"}, + "tenant_id": {"key": "tenantId", "type": "str"}, + "tip_lookback_period": {"key": "tipLookbackPeriod", "type": "iso-8601"}, + "data_types": {"key": "dataTypes", "type": "TIDataConnectorDataTypes"}, } - def __init__(self, *, value: List["_models.ThreatIntelligenceMetrics"], **kwargs): + def __init__( + self, + *, + tenant_id: str, + data_types: "_models.TIDataConnectorDataTypes", + tip_lookback_period: Optional[datetime.datetime] = None, + **kwargs: Any + ) -> None: """ - :keyword value: Array of threat intelligence metric fields (type/threat type/source). Required. - :paramtype value: list[~azure.mgmt.securityinsight.models.ThreatIntelligenceMetrics] + :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :paramtype tenant_id: str + :keyword tip_lookback_period: The lookback period for the feed to be imported. + :paramtype tip_lookback_period: ~datetime.datetime + :keyword data_types: The available data types for the connector. Required. + :paramtype data_types: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes """ - super().__init__(**kwargs) - self.value = value + super().__init__(tenant_id=tenant_id, **kwargs) + self.tip_lookback_period = tip_lookback_period + self.data_types = data_types -class ThreatIntelligenceParsedPattern(_serialization.Model): - """Describes parsed pattern entity. +class TimelineAggregation(_serialization.Model): + """timeline aggregation information per kind. - :ivar pattern_type_key: Pattern type key. - :vartype pattern_type_key: str - :ivar pattern_type_values: Pattern type keys. - :vartype pattern_type_values: - list[~azure.mgmt.securityinsight.models.ThreatIntelligenceParsedPatternTypeValue] + All required parameters must be populated in order to send to Azure. + + :ivar count: the total items found for a kind. Required. + :vartype count: int + :ivar kind: the query kind. Required. Known values are: "Activity", "Bookmark", + "SecurityAlert", and "Anomaly". + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityTimelineKind """ + _validation = { + "count": {"required": True}, + "kind": {"required": True}, + } + _attribute_map = { - "pattern_type_key": {"key": "patternTypeKey", "type": "str"}, - "pattern_type_values": {"key": "patternTypeValues", "type": "[ThreatIntelligenceParsedPatternTypeValue]"}, + "count": {"key": "count", "type": "int"}, + "kind": {"key": "kind", "type": "str"}, } - def __init__( - self, - *, - pattern_type_key: Optional[str] = None, - pattern_type_values: Optional[List["_models.ThreatIntelligenceParsedPatternTypeValue"]] = None, - **kwargs - ): + def __init__(self, *, count: int, kind: Union[str, "_models.EntityTimelineKind"], **kwargs: Any) -> None: """ - :keyword pattern_type_key: Pattern type key. - :paramtype pattern_type_key: str - :keyword pattern_type_values: Pattern type keys. - :paramtype pattern_type_values: - list[~azure.mgmt.securityinsight.models.ThreatIntelligenceParsedPatternTypeValue] + :keyword count: the total items found for a kind. Required. + :paramtype count: int + :keyword kind: the query kind. Required. Known values are: "Activity", "Bookmark", + "SecurityAlert", and "Anomaly". + :paramtype kind: str or ~azure.mgmt.securityinsight.models.EntityTimelineKind """ super().__init__(**kwargs) - self.pattern_type_key = pattern_type_key - self.pattern_type_values = pattern_type_values + self.count = count + self.kind = kind -class ThreatIntelligenceParsedPatternTypeValue(_serialization.Model): - """Describes threat kill chain phase entity. +class TimelineError(_serialization.Model): + """Timeline Query Errors. - :ivar value_type: Type of the value. - :vartype value_type: str - :ivar value: Value of parsed pattern. - :vartype value: str + All required parameters must be populated in order to send to Azure. + + :ivar kind: the query kind. Required. Known values are: "Activity", "Bookmark", + "SecurityAlert", and "Anomaly". + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityTimelineKind + :ivar query_id: the query id. + :vartype query_id: str + :ivar error_message: the error message. Required. + :vartype error_message: str """ + _validation = { + "kind": {"required": True}, + "error_message": {"required": True}, + } + _attribute_map = { - "value_type": {"key": "valueType", "type": "str"}, - "value": {"key": "value", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "query_id": {"key": "queryId", "type": "str"}, + "error_message": {"key": "errorMessage", "type": "str"}, } - def __init__(self, *, value_type: Optional[str] = None, value: Optional[str] = None, **kwargs): + def __init__( + self, + *, + kind: Union[str, "_models.EntityTimelineKind"], + error_message: str, + query_id: Optional[str] = None, + **kwargs: Any + ) -> None: """ - :keyword value_type: Type of the value. - :paramtype value_type: str - :keyword value: Value of parsed pattern. - :paramtype value: str + :keyword kind: the query kind. Required. Known values are: "Activity", "Bookmark", + "SecurityAlert", and "Anomaly". + :paramtype kind: str or ~azure.mgmt.securityinsight.models.EntityTimelineKind + :keyword query_id: the query id. + :paramtype query_id: str + :keyword error_message: the error message. Required. + :paramtype error_message: str """ super().__init__(**kwargs) - self.value_type = value_type - self.value = value + self.kind = kind + self.query_id = query_id + self.error_message = error_message -class ThreatIntelligenceSortingCriteria(_serialization.Model): - """List of available columns for sorting. +class TimelineResultsMetadata(_serialization.Model): + """Expansion result metadata. - :ivar item_key: Column name. - :vartype item_key: str - :ivar sort_order: Sorting order (ascending/descending/unsorted). Known values are: "unsorted", - "ascending", and "descending". - :vartype sort_order: str or - ~azure.mgmt.securityinsight.models.ThreatIntelligenceSortingCriteriaEnum + All required parameters must be populated in order to send to Azure. + + :ivar total_count: the total items found for the timeline request. Required. + :vartype total_count: int + :ivar aggregations: timeline aggregation per kind. Required. + :vartype aggregations: list[~azure.mgmt.securityinsight.models.TimelineAggregation] + :ivar errors: information about the failure queries. + :vartype errors: list[~azure.mgmt.securityinsight.models.TimelineError] """ + _validation = { + "total_count": {"required": True}, + "aggregations": {"required": True}, + } + _attribute_map = { - "item_key": {"key": "itemKey", "type": "str"}, - "sort_order": {"key": "sortOrder", "type": "str"}, + "total_count": {"key": "totalCount", "type": "int"}, + "aggregations": {"key": "aggregations", "type": "[TimelineAggregation]"}, + "errors": {"key": "errors", "type": "[TimelineError]"}, } def __init__( self, *, - item_key: Optional[str] = None, - sort_order: Optional[Union[str, "_models.ThreatIntelligenceSortingCriteriaEnum"]] = None, - **kwargs - ): + total_count: int, + aggregations: List["_models.TimelineAggregation"], + errors: Optional[List["_models.TimelineError"]] = None, + **kwargs: Any + ) -> None: """ - :keyword item_key: Column name. - :paramtype item_key: str - :keyword sort_order: Sorting order (ascending/descending/unsorted). Known values are: - "unsorted", "ascending", and "descending". - :paramtype sort_order: str or - ~azure.mgmt.securityinsight.models.ThreatIntelligenceSortingCriteriaEnum + :keyword total_count: the total items found for the timeline request. Required. + :paramtype total_count: int + :keyword aggregations: timeline aggregation per kind. Required. + :paramtype aggregations: list[~azure.mgmt.securityinsight.models.TimelineAggregation] + :keyword errors: information about the failure queries. + :paramtype errors: list[~azure.mgmt.securityinsight.models.TimelineError] """ super().__init__(**kwargs) - self.item_key = item_key - self.sort_order = sort_order + self.total_count = total_count + self.aggregations = aggregations + self.errors = errors -class TICheckRequirements(DataConnectorsCheckRequirements): - """Threat Intelligence Platforms data connector check requirements. +class TiTaxiiCheckRequirements(DataConnectorsCheckRequirements): + """Threat Intelligence TAXII data connector check requirements. All required parameters must be populated in order to send to Azure. :ivar kind: Describes the kind of connector to be checked. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "Office365Project", "MicrosoftPurviewInformationProtection", "OfficePowerBI", + "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str @@ -22412,18 +25105,18 @@ class TICheckRequirements(DataConnectorsCheckRequirements): "tenant_id": {"key": "properties.tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, tenant_id: Optional[str] = None, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str """ super().__init__(**kwargs) - self.kind: str = "ThreatIntelligence" + self.kind: str = "ThreatIntelligenceTaxii" self.tenant_id = tenant_id -class TICheckRequirementsProperties(DataConnectorTenantId): - """Threat Intelligence Platforms data connector required properties. +class TiTaxiiCheckRequirementsProperties(DataConnectorTenantId): + """Threat Intelligence TAXII data connector required properties. All required parameters must be populated in order to send to Azure. @@ -22439,7 +25132,7 @@ class TICheckRequirementsProperties(DataConnectorTenantId): "tenant_id": {"key": "tenantId", "type": "str"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__(self, *, tenant_id: str, **kwargs: Any) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str @@ -22447,8 +25140,8 @@ def __init__(self, *, tenant_id: str, **kwargs): super().__init__(tenant_id=tenant_id, **kwargs) -class TIDataConnector(DataConnector): - """Represents threat intelligence data connector. +class TiTaxiiDataConnector(DataConnector): # pylint: disable=too-many-instance-attributes + """Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server. Variables are only populated by the server, and will be ignored when sending a request. @@ -22470,17 +25163,32 @@ class TIDataConnector(DataConnector): :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". + "MicrosoftPurviewInformationProtection", "OfficePowerBI", "AmazonWebServicesCloudTrail", + "AmazonWebServicesS3", "AzureAdvancedThreatProtection", + "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", "MicrosoftThreatProtection", + "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and "IOT". :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind :ivar tenant_id: The tenant id to connect to, and get the data from. :vartype tenant_id: str - :ivar tip_lookback_period: The lookback period for the feed to be imported. - :vartype tip_lookback_period: ~datetime.datetime - :ivar data_types: The available data types for the connector. - :vartype data_types: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes + :ivar workspace_id: The workspace id. + :vartype workspace_id: str + :ivar friendly_name: The friendly name for the TAXII server. + :vartype friendly_name: str + :ivar taxii_server: The API root for the TAXII server. + :vartype taxii_server: str + :ivar collection_id: The collection id of the TAXII server. + :vartype collection_id: str + :ivar user_name: The userName for the TAXII server. + :vartype user_name: str + :ivar password: The password for the TAXII server. + :vartype password: str + :ivar taxii_lookback_period: The lookback period for the TAXII server. + :vartype taxii_lookback_period: ~datetime.datetime + :ivar polling_frequency: The polling frequency for the TAXII server. Known values are: + "OnceAMinute", "OnceAnHour", and "OnceADay". + :vartype polling_frequency: str or ~azure.mgmt.securityinsight.models.PollingFrequency + :ivar data_types: The available data types for Threat Intelligence TAXII data connector. + :vartype data_types: ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypes """ _validation = { @@ -22499,8 +25207,15 @@ class TIDataConnector(DataConnector): "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "tip_lookback_period": {"key": "properties.tipLookbackPeriod", "type": "iso-8601"}, - "data_types": {"key": "properties.dataTypes", "type": "TIDataConnectorDataTypes"}, + "workspace_id": {"key": "properties.workspaceId", "type": "str"}, + "friendly_name": {"key": "properties.friendlyName", "type": "str"}, + "taxii_server": {"key": "properties.taxiiServer", "type": "str"}, + "collection_id": {"key": "properties.collectionId", "type": "str"}, + "user_name": {"key": "properties.userName", "type": "str"}, + "password": {"key": "properties.password", "type": "str"}, + "taxii_lookback_period": {"key": "properties.taxiiLookbackPeriod", "type": "iso-8601"}, + "polling_frequency": {"key": "properties.pollingFrequency", "type": "str"}, + "data_types": {"key": "properties.dataTypes", "type": "TiTaxiiDataConnectorDataTypes"}, } def __init__( @@ -22508,55 +25223,86 @@ def __init__( *, etag: Optional[str] = None, tenant_id: Optional[str] = None, - tip_lookback_period: Optional[datetime.datetime] = None, - data_types: Optional["_models.TIDataConnectorDataTypes"] = None, - **kwargs - ): + workspace_id: Optional[str] = None, + friendly_name: Optional[str] = None, + taxii_server: Optional[str] = None, + collection_id: Optional[str] = None, + user_name: Optional[str] = None, + password: Optional[str] = None, + taxii_lookback_period: Optional[datetime.datetime] = None, + polling_frequency: Optional[Union[str, "_models.PollingFrequency"]] = None, + data_types: Optional["_models.TiTaxiiDataConnectorDataTypes"] = None, + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str :keyword tenant_id: The tenant id to connect to, and get the data from. :paramtype tenant_id: str - :keyword tip_lookback_period: The lookback period for the feed to be imported. - :paramtype tip_lookback_period: ~datetime.datetime - :keyword data_types: The available data types for the connector. - :paramtype data_types: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes + :keyword workspace_id: The workspace id. + :paramtype workspace_id: str + :keyword friendly_name: The friendly name for the TAXII server. + :paramtype friendly_name: str + :keyword taxii_server: The API root for the TAXII server. + :paramtype taxii_server: str + :keyword collection_id: The collection id of the TAXII server. + :paramtype collection_id: str + :keyword user_name: The userName for the TAXII server. + :paramtype user_name: str + :keyword password: The password for the TAXII server. + :paramtype password: str + :keyword taxii_lookback_period: The lookback period for the TAXII server. + :paramtype taxii_lookback_period: ~datetime.datetime + :keyword polling_frequency: The polling frequency for the TAXII server. Known values are: + "OnceAMinute", "OnceAnHour", and "OnceADay". + :paramtype polling_frequency: str or ~azure.mgmt.securityinsight.models.PollingFrequency + :keyword data_types: The available data types for Threat Intelligence TAXII data connector. + :paramtype data_types: ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypes """ super().__init__(etag=etag, **kwargs) - self.kind: str = "ThreatIntelligence" + self.kind: str = "ThreatIntelligenceTaxii" self.tenant_id = tenant_id - self.tip_lookback_period = tip_lookback_period + self.workspace_id = workspace_id + self.friendly_name = friendly_name + self.taxii_server = taxii_server + self.collection_id = collection_id + self.user_name = user_name + self.password = password + self.taxii_lookback_period = taxii_lookback_period + self.polling_frequency = polling_frequency self.data_types = data_types -class TIDataConnectorDataTypes(_serialization.Model): - """The available data types for TI (Threat Intelligence) data connector. +class TiTaxiiDataConnectorDataTypes(_serialization.Model): + """The available data types for Threat Intelligence TAXII data connector. All required parameters must be populated in order to send to Azure. - :ivar indicators: Data type for indicators connection. Required. - :vartype indicators: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypesIndicators + :ivar taxii_client: Data type for TAXII connector. Required. + :vartype taxii_client: + ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypesTaxiiClient """ _validation = { - "indicators": {"required": True}, + "taxii_client": {"required": True}, } _attribute_map = { - "indicators": {"key": "indicators", "type": "TIDataConnectorDataTypesIndicators"}, + "taxii_client": {"key": "taxiiClient", "type": "TiTaxiiDataConnectorDataTypesTaxiiClient"}, } - def __init__(self, *, indicators: "_models.TIDataConnectorDataTypesIndicators", **kwargs): + def __init__(self, *, taxii_client: "_models.TiTaxiiDataConnectorDataTypesTaxiiClient", **kwargs: Any) -> None: """ - :keyword indicators: Data type for indicators connection. Required. - :paramtype indicators: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypesIndicators + :keyword taxii_client: Data type for TAXII connector. Required. + :paramtype taxii_client: + ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypesTaxiiClient """ super().__init__(**kwargs) - self.indicators = indicators + self.taxii_client = taxii_client -class TIDataConnectorDataTypesIndicators(DataConnectorDataTypeCommon): - """Data type for indicators connection. +class TiTaxiiDataConnectorDataTypesTaxiiClient(DataConnectorDataTypeCommon): + """Data type for TAXII connector. All required parameters must be populated in order to send to Azure. @@ -22573,7 +25319,7 @@ class TIDataConnectorDataTypesIndicators(DataConnectorDataTypeCommon): "state": {"key": "state", "type": "str"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs: Any) -> None: """ :keyword state: Describe whether this data type connection is enabled or not. Required. Known values are: "Enabled" and "Disabled". @@ -22582,243 +25328,294 @@ def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): super().__init__(state=state, **kwargs) -class TIDataConnectorProperties(DataConnectorTenantId): - """TI (Threat Intelligence) data connector properties. +class TiTaxiiDataConnectorProperties(DataConnectorTenantId): + """Threat Intelligence TAXII data connector properties. All required parameters must be populated in order to send to Azure. :ivar tenant_id: The tenant id to connect to, and get the data from. Required. :vartype tenant_id: str - :ivar tip_lookback_period: The lookback period for the feed to be imported. - :vartype tip_lookback_period: ~datetime.datetime - :ivar data_types: The available data types for the connector. Required. - :vartype data_types: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes + :ivar workspace_id: The workspace id. + :vartype workspace_id: str + :ivar friendly_name: The friendly name for the TAXII server. + :vartype friendly_name: str + :ivar taxii_server: The API root for the TAXII server. + :vartype taxii_server: str + :ivar collection_id: The collection id of the TAXII server. + :vartype collection_id: str + :ivar user_name: The userName for the TAXII server. + :vartype user_name: str + :ivar password: The password for the TAXII server. + :vartype password: str + :ivar taxii_lookback_period: The lookback period for the TAXII server. + :vartype taxii_lookback_period: ~datetime.datetime + :ivar polling_frequency: The polling frequency for the TAXII server. Required. Known values + are: "OnceAMinute", "OnceAnHour", and "OnceADay". + :vartype polling_frequency: str or ~azure.mgmt.securityinsight.models.PollingFrequency + :ivar data_types: The available data types for Threat Intelligence TAXII data connector. + Required. + :vartype data_types: ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypes """ _validation = { "tenant_id": {"required": True}, + "polling_frequency": {"required": True}, "data_types": {"required": True}, } _attribute_map = { "tenant_id": {"key": "tenantId", "type": "str"}, - "tip_lookback_period": {"key": "tipLookbackPeriod", "type": "iso-8601"}, - "data_types": {"key": "dataTypes", "type": "TIDataConnectorDataTypes"}, + "workspace_id": {"key": "workspaceId", "type": "str"}, + "friendly_name": {"key": "friendlyName", "type": "str"}, + "taxii_server": {"key": "taxiiServer", "type": "str"}, + "collection_id": {"key": "collectionId", "type": "str"}, + "user_name": {"key": "userName", "type": "str"}, + "password": {"key": "password", "type": "str"}, + "taxii_lookback_period": {"key": "taxiiLookbackPeriod", "type": "iso-8601"}, + "polling_frequency": {"key": "pollingFrequency", "type": "str"}, + "data_types": {"key": "dataTypes", "type": "TiTaxiiDataConnectorDataTypes"}, } def __init__( self, *, tenant_id: str, - data_types: "_models.TIDataConnectorDataTypes", - tip_lookback_period: Optional[datetime.datetime] = None, - **kwargs - ): + polling_frequency: Union[str, "_models.PollingFrequency"], + data_types: "_models.TiTaxiiDataConnectorDataTypes", + workspace_id: Optional[str] = None, + friendly_name: Optional[str] = None, + taxii_server: Optional[str] = None, + collection_id: Optional[str] = None, + user_name: Optional[str] = None, + password: Optional[str] = None, + taxii_lookback_period: Optional[datetime.datetime] = None, + **kwargs: Any + ) -> None: """ :keyword tenant_id: The tenant id to connect to, and get the data from. Required. :paramtype tenant_id: str - :keyword tip_lookback_period: The lookback period for the feed to be imported. - :paramtype tip_lookback_period: ~datetime.datetime - :keyword data_types: The available data types for the connector. Required. - :paramtype data_types: ~azure.mgmt.securityinsight.models.TIDataConnectorDataTypes + :keyword workspace_id: The workspace id. + :paramtype workspace_id: str + :keyword friendly_name: The friendly name for the TAXII server. + :paramtype friendly_name: str + :keyword taxii_server: The API root for the TAXII server. + :paramtype taxii_server: str + :keyword collection_id: The collection id of the TAXII server. + :paramtype collection_id: str + :keyword user_name: The userName for the TAXII server. + :paramtype user_name: str + :keyword password: The password for the TAXII server. + :paramtype password: str + :keyword taxii_lookback_period: The lookback period for the TAXII server. + :paramtype taxii_lookback_period: ~datetime.datetime + :keyword polling_frequency: The polling frequency for the TAXII server. Required. Known values + are: "OnceAMinute", "OnceAnHour", and "OnceADay". + :paramtype polling_frequency: str or ~azure.mgmt.securityinsight.models.PollingFrequency + :keyword data_types: The available data types for Threat Intelligence TAXII data connector. + Required. + :paramtype data_types: ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypes """ super().__init__(tenant_id=tenant_id, **kwargs) - self.tip_lookback_period = tip_lookback_period + self.workspace_id = workspace_id + self.friendly_name = friendly_name + self.taxii_server = taxii_server + self.collection_id = collection_id + self.user_name = user_name + self.password = password + self.taxii_lookback_period = taxii_lookback_period + self.polling_frequency = polling_frequency self.data_types = data_types -class TimelineAggregation(_serialization.Model): - """timeline aggregation information per kind. - - All required parameters must be populated in order to send to Azure. - - :ivar count: the total items found for a kind. Required. - :vartype count: int - :ivar kind: the query kind. Required. Known values are: "Activity", "Bookmark", - "SecurityAlert", and "Anomaly". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityTimelineKind - """ - - _validation = { - "count": {"required": True}, - "kind": {"required": True}, - } - - _attribute_map = { - "count": {"key": "count", "type": "int"}, - "kind": {"key": "kind", "type": "str"}, - } - - def __init__(self, *, count: int, kind: Union[str, "_models.EntityTimelineKind"], **kwargs): - """ - :keyword count: the total items found for a kind. Required. - :paramtype count: int - :keyword kind: the query kind. Required. Known values are: "Activity", "Bookmark", - "SecurityAlert", and "Anomaly". - :paramtype kind: str or ~azure.mgmt.securityinsight.models.EntityTimelineKind - """ - super().__init__(**kwargs) - self.count = count - self.kind = kind - - -class TimelineError(_serialization.Model): - """Timeline Query Errors. - - All required parameters must be populated in order to send to Azure. - - :ivar kind: the query kind. Required. Known values are: "Activity", "Bookmark", - "SecurityAlert", and "Anomaly". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityTimelineKind - :ivar query_id: the query id. - :vartype query_id: str - :ivar error_message: the error message. Required. - :vartype error_message: str - """ - - _validation = { - "kind": {"required": True}, - "error_message": {"required": True}, - } - - _attribute_map = { - "kind": {"key": "kind", "type": "str"}, - "query_id": {"key": "queryId", "type": "str"}, - "error_message": {"key": "errorMessage", "type": "str"}, - } - - def __init__( - self, - *, - kind: Union[str, "_models.EntityTimelineKind"], - error_message: str, - query_id: Optional[str] = None, - **kwargs - ): - """ - :keyword kind: the query kind. Required. Known values are: "Activity", "Bookmark", - "SecurityAlert", and "Anomaly". - :paramtype kind: str or ~azure.mgmt.securityinsight.models.EntityTimelineKind - :keyword query_id: the query id. - :paramtype query_id: str - :keyword error_message: the error message. Required. - :paramtype error_message: str - """ - super().__init__(**kwargs) - self.kind = kind - self.query_id = query_id - self.error_message = error_message - +class TriggeredAnalyticsRuleRun(ResourceWithEtag): + """The triggered analytics rule run. -class TimelineResultsMetadata(_serialization.Model): - """Expansion result metadata. + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar total_count: the total items found for the timeline request. Required. - :vartype total_count: int - :ivar aggregations: timeline aggregation per kind. Required. - :vartype aggregations: list[~azure.mgmt.securityinsight.models.TimelineAggregation] - :ivar errors: information about the failure queries. - :vartype errors: list[~azure.mgmt.securityinsight.models.TimelineError] + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar execution_time_utc: Required. + :vartype execution_time_utc: ~datetime.datetime + :ivar rule_id: Required. + :vartype rule_id: str + :ivar triggered_analytics_rule_run_id: Required. + :vartype triggered_analytics_rule_run_id: str + :ivar provisioning_state: The triggered analytics rule run provisioning state. Required. Known + values are: "Accepted", "InProgress", "Succeeded", "Failed", and "Canceled". + :vartype provisioning_state: str or ~azure.mgmt.securityinsight.models.ProvisioningState + :ivar rule_run_additional_data: Dictionary of :code:``. + :vartype rule_run_additional_data: dict[str, any] """ _validation = { - "total_count": {"required": True}, - "aggregations": {"required": True}, + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "execution_time_utc": {"required": True}, + "rule_id": {"required": True}, + "triggered_analytics_rule_run_id": {"required": True}, + "provisioning_state": {"required": True}, } _attribute_map = { - "total_count": {"key": "totalCount", "type": "int"}, - "aggregations": {"key": "aggregations", "type": "[TimelineAggregation]"}, - "errors": {"key": "errors", "type": "[TimelineError]"}, + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "execution_time_utc": {"key": "properties.executionTimeUtc", "type": "iso-8601"}, + "rule_id": {"key": "properties.ruleId", "type": "str"}, + "triggered_analytics_rule_run_id": {"key": "properties.triggeredAnalyticsRuleRunId", "type": "str"}, + "provisioning_state": {"key": "properties.provisioningState", "type": "str"}, + "rule_run_additional_data": {"key": "properties.ruleRunAdditionalData", "type": "{object}"}, } def __init__( self, *, - total_count: int, - aggregations: List["_models.TimelineAggregation"], - errors: Optional[List["_models.TimelineError"]] = None, - **kwargs - ): + execution_time_utc: datetime.datetime, + rule_id: str, + triggered_analytics_rule_run_id: str, + provisioning_state: Union[str, "_models.ProvisioningState"], + etag: Optional[str] = None, + rule_run_additional_data: Optional[Dict[str, Any]] = None, + **kwargs: Any + ) -> None: """ - :keyword total_count: the total items found for the timeline request. Required. - :paramtype total_count: int - :keyword aggregations: timeline aggregation per kind. Required. - :paramtype aggregations: list[~azure.mgmt.securityinsight.models.TimelineAggregation] - :keyword errors: information about the failure queries. - :paramtype errors: list[~azure.mgmt.securityinsight.models.TimelineError] + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword execution_time_utc: Required. + :paramtype execution_time_utc: ~datetime.datetime + :keyword rule_id: Required. + :paramtype rule_id: str + :keyword triggered_analytics_rule_run_id: Required. + :paramtype triggered_analytics_rule_run_id: str + :keyword provisioning_state: The triggered analytics rule run provisioning state. Required. + Known values are: "Accepted", "InProgress", "Succeeded", "Failed", and "Canceled". + :paramtype provisioning_state: str or ~azure.mgmt.securityinsight.models.ProvisioningState + :keyword rule_run_additional_data: Dictionary of :code:``. + :paramtype rule_run_additional_data: dict[str, any] """ - super().__init__(**kwargs) - self.total_count = total_count - self.aggregations = aggregations - self.errors = errors + super().__init__(etag=etag, **kwargs) + self.execution_time_utc = execution_time_utc + self.rule_id = rule_id + self.triggered_analytics_rule_run_id = triggered_analytics_rule_run_id + self.provisioning_state = provisioning_state + self.rule_run_additional_data = rule_run_additional_data -class TiTaxiiCheckRequirements(DataConnectorsCheckRequirements): - """Threat Intelligence TAXII data connector check requirements. +class TriggeredAnalyticsRuleRuns(_serialization.Model): + """The triggered analytics rule run array. + + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar kind: Describes the kind of connector to be checked. Required. Known values are: - "AzureActiveDirectory", "AzureSecurityCenter", "MicrosoftCloudAppSecurity", - "ThreatIntelligence", "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", - "Office365Project", "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. - :vartype tenant_id: str + :ivar value: Required. + :vartype value: list[~azure.mgmt.securityinsight.models.TriggeredAnalyticsRuleRun] + :ivar next_link: + :vartype next_link: str """ _validation = { - "kind": {"required": True}, + "value": {"required": True}, + "next_link": {"readonly": True}, } _attribute_map = { - "kind": {"key": "kind", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "value": {"key": "value", "type": "[TriggeredAnalyticsRuleRun]"}, + "next_link": {"key": "nextLink", "type": "str"}, } - def __init__(self, *, tenant_id: Optional[str] = None, **kwargs): + def __init__(self, *, value: List["_models.TriggeredAnalyticsRuleRun"], **kwargs: Any) -> None: """ - :keyword tenant_id: The tenant id to connect to, and get the data from. - :paramtype tenant_id: str + :keyword value: Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.TriggeredAnalyticsRuleRun] """ super().__init__(**kwargs) - self.kind: str = "ThreatIntelligenceTaxii" - self.tenant_id = tenant_id + self.value = value + self.next_link = None -class TiTaxiiCheckRequirementsProperties(DataConnectorTenantId): - """Threat Intelligence TAXII data connector required properties. +class Ueba(Settings): + """Settings with single toggle. + + Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. - :vartype tenant_id: str + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar kind: The kind of the setting. Required. Known values are: "Anomalies", "EyesOn", + "EntityAnalytics", and "Ueba". + :vartype kind: str or ~azure.mgmt.securityinsight.models.SettingKind + :ivar data_sources: The relevant data sources that enriched by ueba. + :vartype data_sources: list[str or ~azure.mgmt.securityinsight.models.UebaDataSources] """ _validation = { - "tenant_id": {"required": True}, + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "kind": {"required": True}, } _attribute_map = { - "tenant_id": {"key": "tenantId", "type": "str"}, + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "kind": {"key": "kind", "type": "str"}, + "data_sources": {"key": "properties.dataSources", "type": "[str]"}, } - def __init__(self, *, tenant_id: str, **kwargs): + def __init__( + self, + *, + etag: Optional[str] = None, + data_sources: Optional[List[Union[str, "_models.UebaDataSources"]]] = None, + **kwargs: Any + ) -> None: """ - :keyword tenant_id: The tenant id to connect to, and get the data from. Required. - :paramtype tenant_id: str + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword data_sources: The relevant data sources that enriched by ueba. + :paramtype data_sources: list[str or ~azure.mgmt.securityinsight.models.UebaDataSources] """ - super().__init__(tenant_id=tenant_id, **kwargs) + super().__init__(etag=etag, **kwargs) + self.kind: str = "Ueba" + self.data_sources = data_sources -class TiTaxiiDataConnector(DataConnector): # pylint: disable=too-many-instance-attributes - """Data connector to pull Threat intelligence data from TAXII 2.0/2.1 server. +class UrlEntity(Entity): + """Represents a url entity. Variables are only populated by the server, and will be ignored when sending a request. @@ -22835,37 +25632,19 @@ class TiTaxiiDataConnector(DataConnector): # pylint: disable=too-many-instance- :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy information. :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar etag: Etag of the azure resource. - :vartype etag: str - :ivar kind: The data connector kind. Required. Known values are: "AzureActiveDirectory", - "AzureSecurityCenter", "MicrosoftCloudAppSecurity", "ThreatIntelligence", - "ThreatIntelligenceTaxii", "Office365", "OfficeATP", "OfficeIRM", "Office365Project", - "OfficePowerBI", "AmazonWebServicesCloudTrail", "AmazonWebServicesS3", - "AzureAdvancedThreatProtection", "MicrosoftDefenderAdvancedThreatProtection", "Dynamics365", - "MicrosoftThreatProtection", "MicrosoftThreatIntelligence", "GenericUI", "APIPolling", and - "IOT". - :vartype kind: str or ~azure.mgmt.securityinsight.models.DataConnectorKind - :ivar tenant_id: The tenant id to connect to, and get the data from. - :vartype tenant_id: str - :ivar workspace_id: The workspace id. - :vartype workspace_id: str - :ivar friendly_name: The friendly name for the TAXII server. + :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", + "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", + "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", + "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". + :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKindEnum + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. :vartype friendly_name: str - :ivar taxii_server: The API root for the TAXII server. - :vartype taxii_server: str - :ivar collection_id: The collection id of the TAXII server. - :vartype collection_id: str - :ivar user_name: The userName for the TAXII server. - :vartype user_name: str - :ivar password: The password for the TAXII server. - :vartype password: str - :ivar taxii_lookback_period: The lookback period for the TAXII server. - :vartype taxii_lookback_period: ~datetime.datetime - :ivar polling_frequency: The polling frequency for the TAXII server. Known values are: - "OnceAMinute", "OnceAnHour", and "OnceADay". - :vartype polling_frequency: str or ~azure.mgmt.securityinsight.models.PollingFrequency - :ivar data_types: The available data types for Threat Intelligence TAXII data connector. - :vartype data_types: ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypes + :ivar url: A full URL the entity points to. + :vartype url: str """ _validation = { @@ -22874,6 +25653,9 @@ class TiTaxiiDataConnector(DataConnector): # pylint: disable=too-many-instance- "type": {"readonly": True}, "system_data": {"readonly": True}, "kind": {"required": True}, + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "url": {"readonly": True}, } _attribute_map = { @@ -22881,236 +25663,333 @@ class TiTaxiiDataConnector(DataConnector): # pylint: disable=too-many-instance- "name": {"key": "name", "type": "str"}, "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, - "etag": {"key": "etag", "type": "str"}, "kind": {"key": "kind", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "workspace_id": {"key": "properties.workspaceId", "type": "str"}, + "additional_data": {"key": "properties.additionalData", "type": "{object}"}, "friendly_name": {"key": "properties.friendlyName", "type": "str"}, - "taxii_server": {"key": "properties.taxiiServer", "type": "str"}, - "collection_id": {"key": "properties.collectionId", "type": "str"}, - "user_name": {"key": "properties.userName", "type": "str"}, - "password": {"key": "properties.password", "type": "str"}, - "taxii_lookback_period": {"key": "properties.taxiiLookbackPeriod", "type": "iso-8601"}, - "polling_frequency": {"key": "properties.pollingFrequency", "type": "str"}, - "data_types": {"key": "properties.dataTypes", "type": "TiTaxiiDataConnectorDataTypes"}, + "url": {"key": "properties.url", "type": "str"}, } - def __init__( - self, - *, - etag: Optional[str] = None, - tenant_id: Optional[str] = None, - workspace_id: Optional[str] = None, - friendly_name: Optional[str] = None, - taxii_server: Optional[str] = None, - collection_id: Optional[str] = None, - user_name: Optional[str] = None, - password: Optional[str] = None, - taxii_lookback_period: Optional[datetime.datetime] = None, - polling_frequency: Optional[Union[str, "_models.PollingFrequency"]] = None, - data_types: Optional["_models.TiTaxiiDataConnectorDataTypes"] = None, - **kwargs - ): - """ - :keyword etag: Etag of the azure resource. - :paramtype etag: str - :keyword tenant_id: The tenant id to connect to, and get the data from. - :paramtype tenant_id: str - :keyword workspace_id: The workspace id. - :paramtype workspace_id: str - :keyword friendly_name: The friendly name for the TAXII server. - :paramtype friendly_name: str - :keyword taxii_server: The API root for the TAXII server. - :paramtype taxii_server: str - :keyword collection_id: The collection id of the TAXII server. - :paramtype collection_id: str - :keyword user_name: The userName for the TAXII server. - :paramtype user_name: str - :keyword password: The password for the TAXII server. - :paramtype password: str - :keyword taxii_lookback_period: The lookback period for the TAXII server. - :paramtype taxii_lookback_period: ~datetime.datetime - :keyword polling_frequency: The polling frequency for the TAXII server. Known values are: - "OnceAMinute", "OnceAnHour", and "OnceADay". - :paramtype polling_frequency: str or ~azure.mgmt.securityinsight.models.PollingFrequency - :keyword data_types: The available data types for Threat Intelligence TAXII data connector. - :paramtype data_types: ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypes - """ - super().__init__(etag=etag, **kwargs) - self.kind: str = "ThreatIntelligenceTaxii" - self.tenant_id = tenant_id - self.workspace_id = workspace_id - self.friendly_name = friendly_name - self.taxii_server = taxii_server - self.collection_id = collection_id - self.user_name = user_name - self.password = password - self.taxii_lookback_period = taxii_lookback_period - self.polling_frequency = polling_frequency - self.data_types = data_types + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.kind: str = "Url" + self.additional_data = None + self.friendly_name = None + self.url = None + + +class UrlEntityProperties(EntityCommonProperties): + """Url entity property bag. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar additional_data: A bag of custom fields that should be part of the entity and will be + presented to the user. + :vartype additional_data: dict[str, any] + :ivar friendly_name: The graph item display name which is a short humanly readable description + of the graph item instance. This property is optional and might be system generated. + :vartype friendly_name: str + :ivar url: A full URL the entity points to. + :vartype url: str + """ + + _validation = { + "additional_data": {"readonly": True}, + "friendly_name": {"readonly": True}, + "url": {"readonly": True}, + } + + _attribute_map = { + "additional_data": {"key": "additionalData", "type": "{object}"}, + "friendly_name": {"key": "friendlyName", "type": "str"}, + "url": {"key": "url", "type": "str"}, + } + def __init__(self, **kwargs: Any) -> None: + """ """ + super().__init__(**kwargs) + self.url = None -class TiTaxiiDataConnectorDataTypes(_serialization.Model): - """The available data types for Threat Intelligence TAXII data connector. - All required parameters must be populated in order to send to Azure. +class UserInfo(_serialization.Model): + """User information that made some action. - :ivar taxii_client: Data type for TAXII connector. Required. - :vartype taxii_client: - ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypesTaxiiClient + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar email: The email of the user. + :vartype email: str + :ivar name: The name of the user. + :vartype name: str + :ivar object_id: The object id of the user. + :vartype object_id: str """ _validation = { - "taxii_client": {"required": True}, + "email": {"readonly": True}, + "name": {"readonly": True}, } _attribute_map = { - "taxii_client": {"key": "taxiiClient", "type": "TiTaxiiDataConnectorDataTypesTaxiiClient"}, + "email": {"key": "email", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "object_id": {"key": "objectId", "type": "str"}, } - def __init__(self, *, taxii_client: "_models.TiTaxiiDataConnectorDataTypesTaxiiClient", **kwargs): + def __init__(self, *, object_id: Optional[str] = None, **kwargs: Any) -> None: """ - :keyword taxii_client: Data type for TAXII connector. Required. - :paramtype taxii_client: - ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypesTaxiiClient + :keyword object_id: The object id of the user. + :paramtype object_id: str """ super().__init__(**kwargs) - self.taxii_client = taxii_client + self.email = None + self.name = None + self.object_id = object_id -class TiTaxiiDataConnectorDataTypesTaxiiClient(DataConnectorDataTypeCommon): - """Data type for TAXII connector. +class ValidationError(_serialization.Model): + """Describes an error encountered in the file during validation. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :ivar state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :vartype state: str or ~azure.mgmt.securityinsight.models.DataTypeState + :ivar record_index: The number of the record that has the error. + :vartype record_index: int + :ivar error_messages: A list of descriptions of the error. + :vartype error_messages: list[str] """ _validation = { - "state": {"required": True}, + "error_messages": {"readonly": True}, } _attribute_map = { - "state": {"key": "state", "type": "str"}, + "record_index": {"key": "recordIndex", "type": "int"}, + "error_messages": {"key": "errorMessages", "type": "[str]"}, } - def __init__(self, *, state: Union[str, "_models.DataTypeState"], **kwargs): + def __init__(self, *, record_index: Optional[int] = None, **kwargs: Any) -> None: """ - :keyword state: Describe whether this data type connection is enabled or not. Required. Known - values are: "Enabled" and "Disabled". - :paramtype state: str or ~azure.mgmt.securityinsight.models.DataTypeState + :keyword record_index: The number of the record that has the error. + :paramtype record_index: int """ - super().__init__(state=state, **kwargs) + super().__init__(**kwargs) + self.record_index = record_index + self.error_messages = None -class TiTaxiiDataConnectorProperties(DataConnectorTenantId): - """Threat Intelligence TAXII data connector properties. +class Watchlist(ResourceWithEtag): # pylint: disable=too-many-instance-attributes + """Represents a Watchlist in Azure Security Insights. - All required parameters must be populated in order to send to Azure. + Variables are only populated by the server, and will be ignored when sending a request. - :ivar tenant_id: The tenant id to connect to, and get the data from. Required. + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Etag of the azure resource. + :vartype etag: str + :ivar watchlist_id: The id (a Guid) of the watchlist. + :vartype watchlist_id: str + :ivar display_name: The display name of the watchlist. + :vartype display_name: str + :ivar provider: The provider of the watchlist. + :vartype provider: str + :ivar source: The filename of the watchlist, called 'source'. + :vartype source: str + :ivar source_type: The sourceType of the watchlist. Known values are: "Local file" and "Remote + storage". + :vartype source_type: str or ~azure.mgmt.securityinsight.models.SourceType + :ivar created: The time the watchlist was created. + :vartype created: ~datetime.datetime + :ivar updated: The last time the watchlist was updated. + :vartype updated: ~datetime.datetime + :ivar created_by: Describes a user that created the watchlist. + :vartype created_by: ~azure.mgmt.securityinsight.models.UserInfo + :ivar updated_by: Describes a user that updated the watchlist. + :vartype updated_by: ~azure.mgmt.securityinsight.models.UserInfo + :ivar description: A description of the watchlist. + :vartype description: str + :ivar watchlist_type: The type of the watchlist. + :vartype watchlist_type: str + :ivar watchlist_alias: The alias of the watchlist. + :vartype watchlist_alias: str + :ivar is_deleted: A flag that indicates if the watchlist is deleted or not. + :vartype is_deleted: bool + :ivar labels: List of labels relevant to this watchlist. + :vartype labels: list[str] + :ivar default_duration: The default duration of a watchlist (in ISO 8601 duration format). + :vartype default_duration: ~datetime.timedelta + :ivar tenant_id: The tenantId where the watchlist belongs to. :vartype tenant_id: str - :ivar workspace_id: The workspace id. - :vartype workspace_id: str - :ivar friendly_name: The friendly name for the TAXII server. - :vartype friendly_name: str - :ivar taxii_server: The API root for the TAXII server. - :vartype taxii_server: str - :ivar collection_id: The collection id of the TAXII server. - :vartype collection_id: str - :ivar user_name: The userName for the TAXII server. - :vartype user_name: str - :ivar password: The password for the TAXII server. - :vartype password: str - :ivar taxii_lookback_period: The lookback period for the TAXII server. - :vartype taxii_lookback_period: ~datetime.datetime - :ivar polling_frequency: The polling frequency for the TAXII server. Required. Known values - are: "OnceAMinute", "OnceAnHour", and "OnceADay". - :vartype polling_frequency: str or ~azure.mgmt.securityinsight.models.PollingFrequency - :ivar data_types: The available data types for Threat Intelligence TAXII data connector. - Required. - :vartype data_types: ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypes + :ivar number_of_lines_to_skip: The number of lines in a csv/tsv content to skip before the + header. + :vartype number_of_lines_to_skip: int + :ivar raw_content: The raw content that represents to watchlist items to create. In case of + csv/tsv content type, it's the content of the file that will parsed by the endpoint. + :vartype raw_content: str + :ivar items_search_key: The search key is used to optimize query performance when using + watchlists for joins with other data. For example, enable a column with IP addresses to be the + designated SearchKey field, then use this field as the key field when joining to other event + data by IP address. + :vartype items_search_key: str + :ivar content_type: The content type of the raw content. Example : text/csv or text/tsv. + :vartype content_type: str + :ivar upload_status: The status of the Watchlist upload : New, InProgress or Complete. Pls note + : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted. + :vartype upload_status: str """ _validation = { - "tenant_id": {"required": True}, - "polling_frequency": {"required": True}, - "data_types": {"required": True}, + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, } _attribute_map = { - "tenant_id": {"key": "tenantId", "type": "str"}, - "workspace_id": {"key": "workspaceId", "type": "str"}, - "friendly_name": {"key": "friendlyName", "type": "str"}, - "taxii_server": {"key": "taxiiServer", "type": "str"}, - "collection_id": {"key": "collectionId", "type": "str"}, - "user_name": {"key": "userName", "type": "str"}, - "password": {"key": "password", "type": "str"}, - "taxii_lookback_period": {"key": "taxiiLookbackPeriod", "type": "iso-8601"}, - "polling_frequency": {"key": "pollingFrequency", "type": "str"}, - "data_types": {"key": "dataTypes", "type": "TiTaxiiDataConnectorDataTypes"}, + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "watchlist_id": {"key": "properties.watchlistId", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "provider": {"key": "properties.provider", "type": "str"}, + "source": {"key": "properties.source", "type": "str"}, + "source_type": {"key": "properties.sourceType", "type": "str"}, + "created": {"key": "properties.created", "type": "iso-8601"}, + "updated": {"key": "properties.updated", "type": "iso-8601"}, + "created_by": {"key": "properties.createdBy", "type": "UserInfo"}, + "updated_by": {"key": "properties.updatedBy", "type": "UserInfo"}, + "description": {"key": "properties.description", "type": "str"}, + "watchlist_type": {"key": "properties.watchlistType", "type": "str"}, + "watchlist_alias": {"key": "properties.watchlistAlias", "type": "str"}, + "is_deleted": {"key": "properties.isDeleted", "type": "bool"}, + "labels": {"key": "properties.labels", "type": "[str]"}, + "default_duration": {"key": "properties.defaultDuration", "type": "duration"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "number_of_lines_to_skip": {"key": "properties.numberOfLinesToSkip", "type": "int"}, + "raw_content": {"key": "properties.rawContent", "type": "str"}, + "items_search_key": {"key": "properties.itemsSearchKey", "type": "str"}, + "content_type": {"key": "properties.contentType", "type": "str"}, + "upload_status": {"key": "properties.uploadStatus", "type": "str"}, } - def __init__( + def __init__( # pylint: disable=too-many-locals self, *, - tenant_id: str, - polling_frequency: Union[str, "_models.PollingFrequency"], - data_types: "_models.TiTaxiiDataConnectorDataTypes", - workspace_id: Optional[str] = None, - friendly_name: Optional[str] = None, - taxii_server: Optional[str] = None, - collection_id: Optional[str] = None, - user_name: Optional[str] = None, - password: Optional[str] = None, - taxii_lookback_period: Optional[datetime.datetime] = None, - **kwargs - ): + etag: Optional[str] = None, + watchlist_id: Optional[str] = None, + display_name: Optional[str] = None, + provider: Optional[str] = None, + source: Optional[str] = None, + source_type: Optional[Union[str, "_models.SourceType"]] = None, + created: Optional[datetime.datetime] = None, + updated: Optional[datetime.datetime] = None, + created_by: Optional["_models.UserInfo"] = None, + updated_by: Optional["_models.UserInfo"] = None, + description: Optional[str] = None, + watchlist_type: Optional[str] = None, + watchlist_alias: Optional[str] = None, + is_deleted: Optional[bool] = None, + labels: Optional[List[str]] = None, + default_duration: Optional[datetime.timedelta] = None, + tenant_id: Optional[str] = None, + number_of_lines_to_skip: Optional[int] = None, + raw_content: Optional[str] = None, + items_search_key: Optional[str] = None, + content_type: Optional[str] = None, + upload_status: Optional[str] = None, + **kwargs: Any + ) -> None: """ - :keyword tenant_id: The tenant id to connect to, and get the data from. Required. + :keyword etag: Etag of the azure resource. + :paramtype etag: str + :keyword watchlist_id: The id (a Guid) of the watchlist. + :paramtype watchlist_id: str + :keyword display_name: The display name of the watchlist. + :paramtype display_name: str + :keyword provider: The provider of the watchlist. + :paramtype provider: str + :keyword source: The filename of the watchlist, called 'source'. + :paramtype source: str + :keyword source_type: The sourceType of the watchlist. Known values are: "Local file" and + "Remote storage". + :paramtype source_type: str or ~azure.mgmt.securityinsight.models.SourceType + :keyword created: The time the watchlist was created. + :paramtype created: ~datetime.datetime + :keyword updated: The last time the watchlist was updated. + :paramtype updated: ~datetime.datetime + :keyword created_by: Describes a user that created the watchlist. + :paramtype created_by: ~azure.mgmt.securityinsight.models.UserInfo + :keyword updated_by: Describes a user that updated the watchlist. + :paramtype updated_by: ~azure.mgmt.securityinsight.models.UserInfo + :keyword description: A description of the watchlist. + :paramtype description: str + :keyword watchlist_type: The type of the watchlist. + :paramtype watchlist_type: str + :keyword watchlist_alias: The alias of the watchlist. + :paramtype watchlist_alias: str + :keyword is_deleted: A flag that indicates if the watchlist is deleted or not. + :paramtype is_deleted: bool + :keyword labels: List of labels relevant to this watchlist. + :paramtype labels: list[str] + :keyword default_duration: The default duration of a watchlist (in ISO 8601 duration format). + :paramtype default_duration: ~datetime.timedelta + :keyword tenant_id: The tenantId where the watchlist belongs to. :paramtype tenant_id: str - :keyword workspace_id: The workspace id. - :paramtype workspace_id: str - :keyword friendly_name: The friendly name for the TAXII server. - :paramtype friendly_name: str - :keyword taxii_server: The API root for the TAXII server. - :paramtype taxii_server: str - :keyword collection_id: The collection id of the TAXII server. - :paramtype collection_id: str - :keyword user_name: The userName for the TAXII server. - :paramtype user_name: str - :keyword password: The password for the TAXII server. - :paramtype password: str - :keyword taxii_lookback_period: The lookback period for the TAXII server. - :paramtype taxii_lookback_period: ~datetime.datetime - :keyword polling_frequency: The polling frequency for the TAXII server. Required. Known values - are: "OnceAMinute", "OnceAnHour", and "OnceADay". - :paramtype polling_frequency: str or ~azure.mgmt.securityinsight.models.PollingFrequency - :keyword data_types: The available data types for Threat Intelligence TAXII data connector. - Required. - :paramtype data_types: ~azure.mgmt.securityinsight.models.TiTaxiiDataConnectorDataTypes + :keyword number_of_lines_to_skip: The number of lines in a csv/tsv content to skip before the + header. + :paramtype number_of_lines_to_skip: int + :keyword raw_content: The raw content that represents to watchlist items to create. In case of + csv/tsv content type, it's the content of the file that will parsed by the endpoint. + :paramtype raw_content: str + :keyword items_search_key: The search key is used to optimize query performance when using + watchlists for joins with other data. For example, enable a column with IP addresses to be the + designated SearchKey field, then use this field as the key field when joining to other event + data by IP address. + :paramtype items_search_key: str + :keyword content_type: The content type of the raw content. Example : text/csv or text/tsv. + :paramtype content_type: str + :keyword upload_status: The status of the Watchlist upload : New, InProgress or Complete. Pls + note : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted. + :paramtype upload_status: str """ - super().__init__(tenant_id=tenant_id, **kwargs) - self.workspace_id = workspace_id - self.friendly_name = friendly_name - self.taxii_server = taxii_server - self.collection_id = collection_id - self.user_name = user_name - self.password = password - self.taxii_lookback_period = taxii_lookback_period - self.polling_frequency = polling_frequency - self.data_types = data_types + super().__init__(etag=etag, **kwargs) + self.watchlist_id = watchlist_id + self.display_name = display_name + self.provider = provider + self.source = source + self.source_type = source_type + self.created = created + self.updated = updated + self.created_by = created_by + self.updated_by = updated_by + self.description = description + self.watchlist_type = watchlist_type + self.watchlist_alias = watchlist_alias + self.is_deleted = is_deleted + self.labels = labels + self.default_duration = default_duration + self.tenant_id = tenant_id + self.number_of_lines_to_skip = number_of_lines_to_skip + self.raw_content = raw_content + self.items_search_key = items_search_key + self.content_type = content_type + self.upload_status = upload_status -class Ueba(Settings): - """Settings with single toggle. +class WatchlistItem(ResourceWithEtag): # pylint: disable=too-many-instance-attributes + """Represents a Watchlist item in Azure Security Insights. Variables are only populated by the server, and will be ignored when sending a request. - All required parameters must be populated in order to send to Azure. - :ivar id: Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. :vartype id: str @@ -23124,11 +26003,26 @@ class Ueba(Settings): :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData :ivar etag: Etag of the azure resource. :vartype etag: str - :ivar kind: The kind of the setting. Required. Known values are: "Anomalies", "EyesOn", - "EntityAnalytics", and "Ueba". - :vartype kind: str or ~azure.mgmt.securityinsight.models.SettingKind - :ivar data_sources: The relevant data sources that enriched by ueba. - :vartype data_sources: list[str or ~azure.mgmt.securityinsight.models.UebaDataSources] + :ivar watchlist_item_type: The type of the watchlist item. + :vartype watchlist_item_type: str + :ivar watchlist_item_id: The id (a Guid) of the watchlist item. + :vartype watchlist_item_id: str + :ivar tenant_id: The tenantId to which the watchlist item belongs to. + :vartype tenant_id: str + :ivar is_deleted: A flag that indicates if the watchlist item is deleted or not. + :vartype is_deleted: bool + :ivar created: The time the watchlist item was created. + :vartype created: ~datetime.datetime + :ivar updated: The last time the watchlist item was updated. + :vartype updated: ~datetime.datetime + :ivar created_by: Describes a user that created the watchlist item. + :vartype created_by: ~azure.mgmt.securityinsight.models.UserInfo + :ivar updated_by: Describes a user that updated the watchlist item. + :vartype updated_by: ~azure.mgmt.securityinsight.models.UserInfo + :ivar items_key_value: key-value pairs for a watchlist item. + :vartype items_key_value: dict[str, any] + :ivar entity_mapping: key-value pairs for a watchlist item entity mapping. + :vartype entity_mapping: dict[str, any] """ _validation = { @@ -23136,7 +26030,6 @@ class Ueba(Settings): "name": {"readonly": True}, "type": {"readonly": True}, "system_data": {"readonly": True}, - "kind": {"required": True}, } _attribute_map = { @@ -23145,192 +26038,186 @@ class Ueba(Settings): "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, "etag": {"key": "etag", "type": "str"}, - "kind": {"key": "kind", "type": "str"}, - "data_sources": {"key": "properties.dataSources", "type": "[str]"}, + "watchlist_item_type": {"key": "properties.watchlistItemType", "type": "str"}, + "watchlist_item_id": {"key": "properties.watchlistItemId", "type": "str"}, + "tenant_id": {"key": "properties.tenantId", "type": "str"}, + "is_deleted": {"key": "properties.isDeleted", "type": "bool"}, + "created": {"key": "properties.created", "type": "iso-8601"}, + "updated": {"key": "properties.updated", "type": "iso-8601"}, + "created_by": {"key": "properties.createdBy", "type": "UserInfo"}, + "updated_by": {"key": "properties.updatedBy", "type": "UserInfo"}, + "items_key_value": {"key": "properties.itemsKeyValue", "type": "{object}"}, + "entity_mapping": {"key": "properties.entityMapping", "type": "{object}"}, } def __init__( self, *, etag: Optional[str] = None, - data_sources: Optional[List[Union[str, "_models.UebaDataSources"]]] = None, - **kwargs - ): + watchlist_item_type: Optional[str] = None, + watchlist_item_id: Optional[str] = None, + tenant_id: Optional[str] = None, + is_deleted: Optional[bool] = None, + created: Optional[datetime.datetime] = None, + updated: Optional[datetime.datetime] = None, + created_by: Optional["_models.UserInfo"] = None, + updated_by: Optional["_models.UserInfo"] = None, + items_key_value: Optional[Dict[str, Any]] = None, + entity_mapping: Optional[Dict[str, Any]] = None, + **kwargs: Any + ) -> None: """ :keyword etag: Etag of the azure resource. :paramtype etag: str - :keyword data_sources: The relevant data sources that enriched by ueba. - :paramtype data_sources: list[str or ~azure.mgmt.securityinsight.models.UebaDataSources] + :keyword watchlist_item_type: The type of the watchlist item. + :paramtype watchlist_item_type: str + :keyword watchlist_item_id: The id (a Guid) of the watchlist item. + :paramtype watchlist_item_id: str + :keyword tenant_id: The tenantId to which the watchlist item belongs to. + :paramtype tenant_id: str + :keyword is_deleted: A flag that indicates if the watchlist item is deleted or not. + :paramtype is_deleted: bool + :keyword created: The time the watchlist item was created. + :paramtype created: ~datetime.datetime + :keyword updated: The last time the watchlist item was updated. + :paramtype updated: ~datetime.datetime + :keyword created_by: Describes a user that created the watchlist item. + :paramtype created_by: ~azure.mgmt.securityinsight.models.UserInfo + :keyword updated_by: Describes a user that updated the watchlist item. + :paramtype updated_by: ~azure.mgmt.securityinsight.models.UserInfo + :keyword items_key_value: key-value pairs for a watchlist item. + :paramtype items_key_value: dict[str, any] + :keyword entity_mapping: key-value pairs for a watchlist item entity mapping. + :paramtype entity_mapping: dict[str, any] """ super().__init__(etag=etag, **kwargs) - self.kind: str = "Ueba" - self.data_sources = data_sources + self.watchlist_item_type = watchlist_item_type + self.watchlist_item_id = watchlist_item_id + self.tenant_id = tenant_id + self.is_deleted = is_deleted + self.created = created + self.updated = updated + self.created_by = created_by + self.updated_by = updated_by + self.items_key_value = items_key_value + self.entity_mapping = entity_mapping -class UrlEntity(Entity): - """Represents a url entity. +class WatchlistItemList(_serialization.Model): + """List all the watchlist items. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar id: Fully qualified resource ID for the resource. Ex - - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. - :vartype id: str - :ivar name: The name of the resource. - :vartype name: str - :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or - "Microsoft.Storage/storageAccounts". - :vartype type: str - :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy - information. - :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar kind: The kind of the entity. Required. Known values are: "Account", "Host", "File", - "AzureResource", "CloudApplication", "DnsResolution", "FileHash", "Ip", "Malware", "Process", - "RegistryKey", "RegistryValue", "SecurityGroup", "Url", "IoTDevice", "SecurityAlert", - "Bookmark", "MailCluster", "MailMessage", "Mailbox", "SubmissionMail", and "Nic". - :vartype kind: str or ~azure.mgmt.securityinsight.models.EntityKind - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar url: A full URL the entity points to. - :vartype url: str - """ - - _validation = { - "id": {"readonly": True}, - "name": {"readonly": True}, - "type": {"readonly": True}, - "system_data": {"readonly": True}, - "kind": {"required": True}, - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "url": {"readonly": True}, - } - - _attribute_map = { - "id": {"key": "id", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "type": {"key": "type", "type": "str"}, - "system_data": {"key": "systemData", "type": "SystemData"}, - "kind": {"key": "kind", "type": "str"}, - "additional_data": {"key": "properties.additionalData", "type": "{object}"}, - "friendly_name": {"key": "properties.friendlyName", "type": "str"}, - "url": {"key": "properties.url", "type": "str"}, - } - - def __init__(self, **kwargs): - """ """ - super().__init__(**kwargs) - self.kind: str = "Url" - self.additional_data = None - self.friendly_name = None - self.url = None - - -class UrlEntityProperties(EntityCommonProperties): - """Url entity property bag. - - Variables are only populated by the server, and will be ignored when sending a request. - - :ivar additional_data: A bag of custom fields that should be part of the entity and will be - presented to the user. - :vartype additional_data: dict[str, any] - :ivar friendly_name: The graph item display name which is a short humanly readable description - of the graph item instance. This property is optional and might be system generated. - :vartype friendly_name: str - :ivar url: A full URL the entity points to. - :vartype url: str + :ivar next_link: URL to fetch the next set of watchlist item. + :vartype next_link: str + :ivar value: Array of watchlist items. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.WatchlistItem] """ _validation = { - "additional_data": {"readonly": True}, - "friendly_name": {"readonly": True}, - "url": {"readonly": True}, + "next_link": {"readonly": True}, + "value": {"required": True}, } _attribute_map = { - "additional_data": {"key": "additionalData", "type": "{object}"}, - "friendly_name": {"key": "friendlyName", "type": "str"}, - "url": {"key": "url", "type": "str"}, + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[WatchlistItem]"}, } - def __init__(self, **kwargs): - """ """ + def __init__(self, *, value: List["_models.WatchlistItem"], **kwargs: Any) -> None: + """ + :keyword value: Array of watchlist items. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.WatchlistItem] + """ super().__init__(**kwargs) - self.url = None + self.next_link = None + self.value = value -class UserInfo(_serialization.Model): - """User information that made some action. +class WatchlistList(_serialization.Model): + """List all the watchlists. Variables are only populated by the server, and will be ignored when sending a request. - :ivar email: The email of the user. - :vartype email: str - :ivar name: The name of the user. - :vartype name: str - :ivar object_id: The object id of the user. - :vartype object_id: str + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of watchlists. + :vartype next_link: str + :ivar value: Array of watchlist. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.Watchlist] """ _validation = { - "email": {"readonly": True}, - "name": {"readonly": True}, + "next_link": {"readonly": True}, + "value": {"required": True}, } _attribute_map = { - "email": {"key": "email", "type": "str"}, - "name": {"key": "name", "type": "str"}, - "object_id": {"key": "objectId", "type": "str"}, + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[Watchlist]"}, } - def __init__(self, *, object_id: Optional[str] = None, **kwargs): + def __init__(self, *, value: List["_models.Watchlist"], **kwargs: Any) -> None: """ - :keyword object_id: The object id of the user. - :paramtype object_id: str + :keyword value: Array of watchlist. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.Watchlist] """ super().__init__(**kwargs) - self.email = None - self.name = None - self.object_id = object_id - + self.next_link = None + self.value = value -class ValidationError(_serialization.Model): - """Describes an error encountered in the file during validation. - Variables are only populated by the server, and will be ignored when sending a request. +class Webhook(_serialization.Model): + """Detail about the webhook object. - :ivar record_index: The number of the record that has the error. - :vartype record_index: int - :ivar error_messages: A list of descriptions of the error. - :vartype error_messages: list[str] + :ivar webhook_id: Unique identifier for the webhook. + :vartype webhook_id: str + :ivar webhook_url: URL that gets invoked by the webhook. + :vartype webhook_url: str + :ivar webhook_secret_update_time: Time when the webhook secret was updated. + :vartype webhook_secret_update_time: str + :ivar rotate_webhook_secret: A flag to instruct the backend service to rotate webhook secret. + :vartype rotate_webhook_secret: bool """ - _validation = { - "error_messages": {"readonly": True}, - } - _attribute_map = { - "record_index": {"key": "recordIndex", "type": "int"}, - "error_messages": {"key": "errorMessages", "type": "[str]"}, + "webhook_id": {"key": "webhookId", "type": "str"}, + "webhook_url": {"key": "webhookUrl", "type": "str"}, + "webhook_secret_update_time": {"key": "webhookSecretUpdateTime", "type": "str"}, + "rotate_webhook_secret": {"key": "rotateWebhookSecret", "type": "bool"}, } - def __init__(self, *, record_index: Optional[int] = None, **kwargs): + def __init__( + self, + *, + webhook_id: Optional[str] = None, + webhook_url: Optional[str] = None, + webhook_secret_update_time: Optional[str] = None, + rotate_webhook_secret: Optional[bool] = None, + **kwargs: Any + ) -> None: """ - :keyword record_index: The number of the record that has the error. - :paramtype record_index: int + :keyword webhook_id: Unique identifier for the webhook. + :paramtype webhook_id: str + :keyword webhook_url: URL that gets invoked by the webhook. + :paramtype webhook_url: str + :keyword webhook_secret_update_time: Time when the webhook secret was updated. + :paramtype webhook_secret_update_time: str + :keyword rotate_webhook_secret: A flag to instruct the backend service to rotate webhook + secret. + :paramtype rotate_webhook_secret: bool """ super().__init__(**kwargs) - self.record_index = record_index - self.error_messages = None + self.webhook_id = webhook_id + self.webhook_url = webhook_url + self.webhook_secret_update_time = webhook_secret_update_time + self.rotate_webhook_secret = rotate_webhook_secret -class Watchlist(ResourceWithEtag): # pylint: disable=too-many-instance-attributes - """Represents a Watchlist in Azure Security Insights. +class WorkspaceManagerAssignment(AzureEntityResource): + """The workspace manager assignment. Variables are only populated by the server, and will be ignored when sending a request. @@ -23345,57 +26232,19 @@ class Watchlist(ResourceWithEtag): # pylint: disable=too-many-instance-attribut :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy information. :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar etag: Etag of the azure resource. + :ivar etag: Resource Etag. :vartype etag: str - :ivar watchlist_id: The id (a Guid) of the watchlist. - :vartype watchlist_id: str - :ivar display_name: The display name of the watchlist. - :vartype display_name: str - :ivar provider: The provider of the watchlist. - :vartype provider: str - :ivar source: The filename of the watchlist, called 'source'. - :vartype source: str - :ivar source_type: The sourceType of the watchlist. Known values are: "Local file" and "Remote - storage". - :vartype source_type: str or ~azure.mgmt.securityinsight.models.SourceType - :ivar created: The time the watchlist was created. - :vartype created: ~datetime.datetime - :ivar updated: The last time the watchlist was updated. - :vartype updated: ~datetime.datetime - :ivar created_by: Describes a user that created the watchlist. - :vartype created_by: ~azure.mgmt.securityinsight.models.UserInfo - :ivar updated_by: Describes a user that updated the watchlist. - :vartype updated_by: ~azure.mgmt.securityinsight.models.UserInfo - :ivar description: A description of the watchlist. - :vartype description: str - :ivar watchlist_type: The type of the watchlist. - :vartype watchlist_type: str - :ivar watchlist_alias: The alias of the watchlist. - :vartype watchlist_alias: str - :ivar is_deleted: A flag that indicates if the watchlist is deleted or not. - :vartype is_deleted: bool - :ivar labels: List of labels relevant to this watchlist. - :vartype labels: list[str] - :ivar default_duration: The default duration of a watchlist (in ISO 8601 duration format). - :vartype default_duration: ~datetime.timedelta - :ivar tenant_id: The tenantId where the watchlist belongs to. - :vartype tenant_id: str - :ivar number_of_lines_to_skip: The number of lines in a csv/tsv content to skip before the - header. - :vartype number_of_lines_to_skip: int - :ivar raw_content: The raw content that represents to watchlist items to create. In case of - csv/tsv content type, it's the content of the file that will parsed by the endpoint. - :vartype raw_content: str - :ivar items_search_key: The search key is used to optimize query performance when using - watchlists for joins with other data. For example, enable a column with IP addresses to be the - designated SearchKey field, then use this field as the key field when joining to other event - data by IP address. - :vartype items_search_key: str - :ivar content_type: The content type of the raw content. Example : text/csv or text/tsv. - :vartype content_type: str - :ivar upload_status: The status of the Watchlist upload : New, InProgress or Complete. Pls note - : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted. - :vartype upload_status: str + :ivar target_resource_name: The resource name of the workspace manager group targeted by the + workspace manager assignment. + :vartype target_resource_name: str + :ivar last_job_end_time: The time the last job associated to this assignment ended at. + :vartype last_job_end_time: ~datetime.datetime + :ivar last_job_provisioning_state: State of the last job associated to this assignment. Known + values are: "Accepted", "InProgress", "Succeeded", "Failed", and "Canceled". + :vartype last_job_provisioning_state: str or + ~azure.mgmt.securityinsight.models.ProvisioningState + :ivar items: List of resources included in this workspace manager assignment. + :vartype items: list[~azure.mgmt.securityinsight.models.AssignmentItem] """ _validation = { @@ -23403,6 +26252,9 @@ class Watchlist(ResourceWithEtag): # pylint: disable=too-many-instance-attribut "name": {"readonly": True}, "type": {"readonly": True}, "system_data": {"readonly": True}, + "etag": {"readonly": True}, + "last_job_end_time": {"readonly": True}, + "last_job_provisioning_state": {"readonly": True}, } _attribute_map = { @@ -23411,135 +26263,68 @@ class Watchlist(ResourceWithEtag): # pylint: disable=too-many-instance-attribut "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, "etag": {"key": "etag", "type": "str"}, - "watchlist_id": {"key": "properties.watchlistId", "type": "str"}, - "display_name": {"key": "properties.displayName", "type": "str"}, - "provider": {"key": "properties.provider", "type": "str"}, - "source": {"key": "properties.source", "type": "str"}, - "source_type": {"key": "properties.sourceType", "type": "str"}, - "created": {"key": "properties.created", "type": "iso-8601"}, - "updated": {"key": "properties.updated", "type": "iso-8601"}, - "created_by": {"key": "properties.createdBy", "type": "UserInfo"}, - "updated_by": {"key": "properties.updatedBy", "type": "UserInfo"}, - "description": {"key": "properties.description", "type": "str"}, - "watchlist_type": {"key": "properties.watchlistType", "type": "str"}, - "watchlist_alias": {"key": "properties.watchlistAlias", "type": "str"}, - "is_deleted": {"key": "properties.isDeleted", "type": "bool"}, - "labels": {"key": "properties.labels", "type": "[str]"}, - "default_duration": {"key": "properties.defaultDuration", "type": "duration"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "number_of_lines_to_skip": {"key": "properties.numberOfLinesToSkip", "type": "int"}, - "raw_content": {"key": "properties.rawContent", "type": "str"}, - "items_search_key": {"key": "properties.itemsSearchKey", "type": "str"}, - "content_type": {"key": "properties.contentType", "type": "str"}, - "upload_status": {"key": "properties.uploadStatus", "type": "str"}, + "target_resource_name": {"key": "properties.targetResourceName", "type": "str"}, + "last_job_end_time": {"key": "properties.lastJobEndTime", "type": "iso-8601"}, + "last_job_provisioning_state": {"key": "properties.lastJobProvisioningState", "type": "str"}, + "items": {"key": "properties.items", "type": "[AssignmentItem]"}, } - def __init__( # pylint: disable=too-many-locals + def __init__( self, *, - etag: Optional[str] = None, - watchlist_id: Optional[str] = None, - display_name: Optional[str] = None, - provider: Optional[str] = None, - source: Optional[str] = None, - source_type: Optional[Union[str, "_models.SourceType"]] = None, - created: Optional[datetime.datetime] = None, - updated: Optional[datetime.datetime] = None, - created_by: Optional["_models.UserInfo"] = None, - updated_by: Optional["_models.UserInfo"] = None, - description: Optional[str] = None, - watchlist_type: Optional[str] = None, - watchlist_alias: Optional[str] = None, - is_deleted: Optional[bool] = None, - labels: Optional[List[str]] = None, - default_duration: Optional[datetime.timedelta] = None, - tenant_id: Optional[str] = None, - number_of_lines_to_skip: Optional[int] = None, - raw_content: Optional[str] = None, - items_search_key: Optional[str] = None, - content_type: Optional[str] = None, - upload_status: Optional[str] = None, - **kwargs - ): + target_resource_name: Optional[str] = None, + items: Optional[List["_models.AssignmentItem"]] = None, + **kwargs: Any + ) -> None: """ - :keyword etag: Etag of the azure resource. - :paramtype etag: str - :keyword watchlist_id: The id (a Guid) of the watchlist. - :paramtype watchlist_id: str - :keyword display_name: The display name of the watchlist. - :paramtype display_name: str - :keyword provider: The provider of the watchlist. - :paramtype provider: str - :keyword source: The filename of the watchlist, called 'source'. - :paramtype source: str - :keyword source_type: The sourceType of the watchlist. Known values are: "Local file" and - "Remote storage". - :paramtype source_type: str or ~azure.mgmt.securityinsight.models.SourceType - :keyword created: The time the watchlist was created. - :paramtype created: ~datetime.datetime - :keyword updated: The last time the watchlist was updated. - :paramtype updated: ~datetime.datetime - :keyword created_by: Describes a user that created the watchlist. - :paramtype created_by: ~azure.mgmt.securityinsight.models.UserInfo - :keyword updated_by: Describes a user that updated the watchlist. - :paramtype updated_by: ~azure.mgmt.securityinsight.models.UserInfo - :keyword description: A description of the watchlist. - :paramtype description: str - :keyword watchlist_type: The type of the watchlist. - :paramtype watchlist_type: str - :keyword watchlist_alias: The alias of the watchlist. - :paramtype watchlist_alias: str - :keyword is_deleted: A flag that indicates if the watchlist is deleted or not. - :paramtype is_deleted: bool - :keyword labels: List of labels relevant to this watchlist. - :paramtype labels: list[str] - :keyword default_duration: The default duration of a watchlist (in ISO 8601 duration format). - :paramtype default_duration: ~datetime.timedelta - :keyword tenant_id: The tenantId where the watchlist belongs to. - :paramtype tenant_id: str - :keyword number_of_lines_to_skip: The number of lines in a csv/tsv content to skip before the - header. - :paramtype number_of_lines_to_skip: int - :keyword raw_content: The raw content that represents to watchlist items to create. In case of - csv/tsv content type, it's the content of the file that will parsed by the endpoint. - :paramtype raw_content: str - :keyword items_search_key: The search key is used to optimize query performance when using - watchlists for joins with other data. For example, enable a column with IP addresses to be the - designated SearchKey field, then use this field as the key field when joining to other event - data by IP address. - :paramtype items_search_key: str - :keyword content_type: The content type of the raw content. Example : text/csv or text/tsv. - :paramtype content_type: str - :keyword upload_status: The status of the Watchlist upload : New, InProgress or Complete. Pls - note : When a Watchlist upload status is equal to InProgress, the Watchlist cannot be deleted. - :paramtype upload_status: str + :keyword target_resource_name: The resource name of the workspace manager group targeted by the + workspace manager assignment. + :paramtype target_resource_name: str + :keyword items: List of resources included in this workspace manager assignment. + :paramtype items: list[~azure.mgmt.securityinsight.models.AssignmentItem] + """ + super().__init__(**kwargs) + self.target_resource_name = target_resource_name + self.last_job_end_time = None + self.last_job_provisioning_state = None + self.items = items + + +class WorkspaceManagerAssignmentList(_serialization.Model): + """List of all the workspace manager assignments. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of workspace manager assignments. + :vartype next_link: str + :ivar value: Array of workspace manager assignments. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment] + """ + + _validation = { + "next_link": {"readonly": True}, + "value": {"required": True}, + } + + _attribute_map = { + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[WorkspaceManagerAssignment]"}, + } + + def __init__(self, *, value: List["_models.WorkspaceManagerAssignment"], **kwargs: Any) -> None: """ - super().__init__(etag=etag, **kwargs) - self.watchlist_id = watchlist_id - self.display_name = display_name - self.provider = provider - self.source = source - self.source_type = source_type - self.created = created - self.updated = updated - self.created_by = created_by - self.updated_by = updated_by - self.description = description - self.watchlist_type = watchlist_type - self.watchlist_alias = watchlist_alias - self.is_deleted = is_deleted - self.labels = labels - self.default_duration = default_duration - self.tenant_id = tenant_id - self.number_of_lines_to_skip = number_of_lines_to_skip - self.raw_content = raw_content - self.items_search_key = items_search_key - self.content_type = content_type - self.upload_status = upload_status + :keyword value: Array of workspace manager assignments. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment] + """ + super().__init__(**kwargs) + self.next_link = None + self.value = value -class WatchlistItem(ResourceWithEtag): # pylint: disable=too-many-instance-attributes - """Represents a Watchlist item in Azure Security Insights. +class WorkspaceManagerConfiguration(AzureEntityResource): + """The workspace manager configuration. Variables are only populated by the server, and will be ignored when sending a request. @@ -23554,28 +26339,11 @@ class WatchlistItem(ResourceWithEtag): # pylint: disable=too-many-instance-attr :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy information. :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData - :ivar etag: Etag of the azure resource. + :ivar etag: Resource Etag. :vartype etag: str - :ivar watchlist_item_type: The type of the watchlist item. - :vartype watchlist_item_type: str - :ivar watchlist_item_id: The id (a Guid) of the watchlist item. - :vartype watchlist_item_id: str - :ivar tenant_id: The tenantId to which the watchlist item belongs to. - :vartype tenant_id: str - :ivar is_deleted: A flag that indicates if the watchlist item is deleted or not. - :vartype is_deleted: bool - :ivar created: The time the watchlist item was created. - :vartype created: ~datetime.datetime - :ivar updated: The last time the watchlist item was updated. - :vartype updated: ~datetime.datetime - :ivar created_by: Describes a user that created the watchlist item. - :vartype created_by: ~azure.mgmt.securityinsight.models.UserInfo - :ivar updated_by: Describes a user that updated the watchlist item. - :vartype updated_by: ~azure.mgmt.securityinsight.models.UserInfo - :ivar items_key_value: key-value pairs for a watchlist item. - :vartype items_key_value: dict[str, any] - :ivar entity_mapping: key-value pairs for a watchlist item entity mapping. - :vartype entity_mapping: dict[str, any] + :ivar mode: The current mode of the workspace manager configuration. Known values are: + "Enabled" and "Disabled". + :vartype mode: str or ~azure.mgmt.securityinsight.models.Mode """ _validation = { @@ -23583,6 +26351,7 @@ class WatchlistItem(ResourceWithEtag): # pylint: disable=too-many-instance-attr "name": {"readonly": True}, "type": {"readonly": True}, "system_data": {"readonly": True}, + "etag": {"readonly": True}, } _attribute_map = { @@ -23591,82 +26360,30 @@ class WatchlistItem(ResourceWithEtag): # pylint: disable=too-many-instance-attr "type": {"key": "type", "type": "str"}, "system_data": {"key": "systemData", "type": "SystemData"}, "etag": {"key": "etag", "type": "str"}, - "watchlist_item_type": {"key": "properties.watchlistItemType", "type": "str"}, - "watchlist_item_id": {"key": "properties.watchlistItemId", "type": "str"}, - "tenant_id": {"key": "properties.tenantId", "type": "str"}, - "is_deleted": {"key": "properties.isDeleted", "type": "bool"}, - "created": {"key": "properties.created", "type": "iso-8601"}, - "updated": {"key": "properties.updated", "type": "iso-8601"}, - "created_by": {"key": "properties.createdBy", "type": "UserInfo"}, - "updated_by": {"key": "properties.updatedBy", "type": "UserInfo"}, - "items_key_value": {"key": "properties.itemsKeyValue", "type": "{object}"}, - "entity_mapping": {"key": "properties.entityMapping", "type": "{object}"}, + "mode": {"key": "properties.mode", "type": "str"}, } - def __init__( - self, - *, - etag: Optional[str] = None, - watchlist_item_type: Optional[str] = None, - watchlist_item_id: Optional[str] = None, - tenant_id: Optional[str] = None, - is_deleted: Optional[bool] = None, - created: Optional[datetime.datetime] = None, - updated: Optional[datetime.datetime] = None, - created_by: Optional["_models.UserInfo"] = None, - updated_by: Optional["_models.UserInfo"] = None, - items_key_value: Optional[Dict[str, Any]] = None, - entity_mapping: Optional[Dict[str, Any]] = None, - **kwargs - ): + def __init__(self, *, mode: Optional[Union[str, "_models.Mode"]] = None, **kwargs: Any) -> None: """ - :keyword etag: Etag of the azure resource. - :paramtype etag: str - :keyword watchlist_item_type: The type of the watchlist item. - :paramtype watchlist_item_type: str - :keyword watchlist_item_id: The id (a Guid) of the watchlist item. - :paramtype watchlist_item_id: str - :keyword tenant_id: The tenantId to which the watchlist item belongs to. - :paramtype tenant_id: str - :keyword is_deleted: A flag that indicates if the watchlist item is deleted or not. - :paramtype is_deleted: bool - :keyword created: The time the watchlist item was created. - :paramtype created: ~datetime.datetime - :keyword updated: The last time the watchlist item was updated. - :paramtype updated: ~datetime.datetime - :keyword created_by: Describes a user that created the watchlist item. - :paramtype created_by: ~azure.mgmt.securityinsight.models.UserInfo - :keyword updated_by: Describes a user that updated the watchlist item. - :paramtype updated_by: ~azure.mgmt.securityinsight.models.UserInfo - :keyword items_key_value: key-value pairs for a watchlist item. - :paramtype items_key_value: dict[str, any] - :keyword entity_mapping: key-value pairs for a watchlist item entity mapping. - :paramtype entity_mapping: dict[str, any] + :keyword mode: The current mode of the workspace manager configuration. Known values are: + "Enabled" and "Disabled". + :paramtype mode: str or ~azure.mgmt.securityinsight.models.Mode """ - super().__init__(etag=etag, **kwargs) - self.watchlist_item_type = watchlist_item_type - self.watchlist_item_id = watchlist_item_id - self.tenant_id = tenant_id - self.is_deleted = is_deleted - self.created = created - self.updated = updated - self.created_by = created_by - self.updated_by = updated_by - self.items_key_value = items_key_value - self.entity_mapping = entity_mapping + super().__init__(**kwargs) + self.mode = mode -class WatchlistItemList(_serialization.Model): - """List all the watchlist items. +class WorkspaceManagerConfigurationList(_serialization.Model): + """List all the workspace manager configurations for the workspace. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar next_link: URL to fetch the next set of watchlist item. + :ivar next_link: URL to fetch the next set of workspace manager configurations. :vartype next_link: str - :ivar value: Array of watchlist items. Required. - :vartype value: list[~azure.mgmt.securityinsight.models.WatchlistItem] + :ivar value: Array of workspace manager configurations. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration] """ _validation = { @@ -23676,30 +26393,99 @@ class WatchlistItemList(_serialization.Model): _attribute_map = { "next_link": {"key": "nextLink", "type": "str"}, - "value": {"key": "value", "type": "[WatchlistItem]"}, + "value": {"key": "value", "type": "[WorkspaceManagerConfiguration]"}, } - def __init__(self, *, value: List["_models.WatchlistItem"], **kwargs): + def __init__(self, *, value: List["_models.WorkspaceManagerConfiguration"], **kwargs: Any) -> None: """ - :keyword value: Array of watchlist items. Required. - :paramtype value: list[~azure.mgmt.securityinsight.models.WatchlistItem] + :keyword value: Array of workspace manager configurations. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration] """ super().__init__(**kwargs) self.next_link = None self.value = value -class WatchlistList(_serialization.Model): - """List all the watchlists. +class WorkspaceManagerGroup(AzureEntityResource): + """The workspace manager group. + + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Resource Etag. + :vartype etag: str + :ivar description: The description of the workspace manager group. + :vartype description: str + :ivar display_name: The display name of the workspace manager group. + :vartype display_name: str + :ivar member_resource_names: The names of the workspace manager members participating in this + group. + :vartype member_resource_names: list[str] + """ + + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "etag": {"readonly": True}, + } + + _attribute_map = { + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "description": {"key": "properties.description", "type": "str"}, + "display_name": {"key": "properties.displayName", "type": "str"}, + "member_resource_names": {"key": "properties.memberResourceNames", "type": "[str]"}, + } + + def __init__( + self, + *, + description: Optional[str] = None, + display_name: Optional[str] = None, + member_resource_names: Optional[List[str]] = None, + **kwargs: Any + ) -> None: + """ + :keyword description: The description of the workspace manager group. + :paramtype description: str + :keyword display_name: The display name of the workspace manager group. + :paramtype display_name: str + :keyword member_resource_names: The names of the workspace manager members participating in + this group. + :paramtype member_resource_names: list[str] + """ + super().__init__(**kwargs) + self.description = description + self.display_name = display_name + self.member_resource_names = member_resource_names + + +class WorkspaceManagerGroupList(_serialization.Model): + """List of all the workspace manager groups. Variables are only populated by the server, and will be ignored when sending a request. All required parameters must be populated in order to send to Azure. - :ivar next_link: URL to fetch the next set of watchlists. + :ivar next_link: URL to fetch the next set of workspace manager groups. :vartype next_link: str - :ivar value: Array of watchlist. Required. - :vartype value: list[~azure.mgmt.securityinsight.models.Watchlist] + :ivar value: Array of workspace manager groups. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.WorkspaceManagerGroup] """ _validation = { @@ -23709,61 +26495,111 @@ class WatchlistList(_serialization.Model): _attribute_map = { "next_link": {"key": "nextLink", "type": "str"}, - "value": {"key": "value", "type": "[Watchlist]"}, + "value": {"key": "value", "type": "[WorkspaceManagerGroup]"}, } - def __init__(self, *, value: List["_models.Watchlist"], **kwargs): + def __init__(self, *, value: List["_models.WorkspaceManagerGroup"], **kwargs: Any) -> None: """ - :keyword value: Array of watchlist. Required. - :paramtype value: list[~azure.mgmt.securityinsight.models.Watchlist] + :keyword value: Array of workspace manager groups. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.WorkspaceManagerGroup] """ super().__init__(**kwargs) self.next_link = None self.value = value -class Webhook(_serialization.Model): - """Detail about the webhook object. +class WorkspaceManagerMember(AzureEntityResource): + """The workspace manager member. - :ivar webhook_id: Unique identifier for the webhook. - :vartype webhook_id: str - :ivar webhook_url: URL that gets invoked by the webhook. - :vartype webhook_url: str - :ivar webhook_secret_update_time: Time when the webhook secret was updated. - :vartype webhook_secret_update_time: str - :ivar rotate_webhook_secret: A flag to instruct the backend service to rotate webhook secret. - :vartype rotate_webhook_secret: bool + Variables are only populated by the server, and will be ignored when sending a request. + + :ivar id: Fully qualified resource ID for the resource. Ex - + /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}. + :vartype id: str + :ivar name: The name of the resource. + :vartype name: str + :ivar type: The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or + "Microsoft.Storage/storageAccounts". + :vartype type: str + :ivar system_data: Azure Resource Manager metadata containing createdBy and modifiedBy + information. + :vartype system_data: ~azure.mgmt.securityinsight.models.SystemData + :ivar etag: Resource Etag. + :vartype etag: str + :ivar target_workspace_id: Fully qualified resource ID of the target Sentinel workspace joining + the given Sentinel workspace manager. + :vartype target_workspace_id: str + :ivar target_workspace_tenant_id: Tenant id of the target Sentinel workspace joining the given + Sentinel workspace manager. + :vartype target_workspace_tenant_id: str """ + _validation = { + "id": {"readonly": True}, + "name": {"readonly": True}, + "type": {"readonly": True}, + "system_data": {"readonly": True}, + "etag": {"readonly": True}, + } + _attribute_map = { - "webhook_id": {"key": "webhookId", "type": "str"}, - "webhook_url": {"key": "webhookUrl", "type": "str"}, - "webhook_secret_update_time": {"key": "webhookSecretUpdateTime", "type": "str"}, - "rotate_webhook_secret": {"key": "rotateWebhookSecret", "type": "bool"}, + "id": {"key": "id", "type": "str"}, + "name": {"key": "name", "type": "str"}, + "type": {"key": "type", "type": "str"}, + "system_data": {"key": "systemData", "type": "SystemData"}, + "etag": {"key": "etag", "type": "str"}, + "target_workspace_id": {"key": "properties.targetWorkspaceId", "type": "str"}, + "target_workspace_tenant_id": {"key": "properties.targetWorkspaceTenantId", "type": "str"}, } def __init__( self, *, - webhook_id: Optional[str] = None, - webhook_url: Optional[str] = None, - webhook_secret_update_time: Optional[str] = None, - rotate_webhook_secret: Optional[bool] = None, - **kwargs - ): + target_workspace_id: Optional[str] = None, + target_workspace_tenant_id: Optional[str] = None, + **kwargs: Any + ) -> None: """ - :keyword webhook_id: Unique identifier for the webhook. - :paramtype webhook_id: str - :keyword webhook_url: URL that gets invoked by the webhook. - :paramtype webhook_url: str - :keyword webhook_secret_update_time: Time when the webhook secret was updated. - :paramtype webhook_secret_update_time: str - :keyword rotate_webhook_secret: A flag to instruct the backend service to rotate webhook - secret. - :paramtype rotate_webhook_secret: bool + :keyword target_workspace_id: Fully qualified resource ID of the target Sentinel workspace + joining the given Sentinel workspace manager. + :paramtype target_workspace_id: str + :keyword target_workspace_tenant_id: Tenant id of the target Sentinel workspace joining the + given Sentinel workspace manager. + :paramtype target_workspace_tenant_id: str """ super().__init__(**kwargs) - self.webhook_id = webhook_id - self.webhook_url = webhook_url - self.webhook_secret_update_time = webhook_secret_update_time - self.rotate_webhook_secret = rotate_webhook_secret + self.target_workspace_id = target_workspace_id + self.target_workspace_tenant_id = target_workspace_tenant_id + + +class WorkspaceManagerMembersList(_serialization.Model): + """List of workspace manager members. + + Variables are only populated by the server, and will be ignored when sending a request. + + All required parameters must be populated in order to send to Azure. + + :ivar next_link: URL to fetch the next set of workspace manager members. + :vartype next_link: str + :ivar value: Array of workspace manager members. Required. + :vartype value: list[~azure.mgmt.securityinsight.models.WorkspaceManagerMember] + """ + + _validation = { + "next_link": {"readonly": True}, + "value": {"required": True}, + } + + _attribute_map = { + "next_link": {"key": "nextLink", "type": "str"}, + "value": {"key": "value", "type": "[WorkspaceManagerMember]"}, + } + + def __init__(self, *, value: List["_models.WorkspaceManagerMember"], **kwargs: Any) -> None: + """ + :keyword value: Array of workspace manager members. Required. + :paramtype value: list[~azure.mgmt.securityinsight.models.WorkspaceManagerMember] + """ + super().__init__(**kwargs) + self.next_link = None + self.value = value diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/_security_insights_enums.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/_security_insights_enums.py index 455b7f96600f..47267a00f9ba 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/_security_insights_enums.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/models/_security_insights_enums.py @@ -13,44 +13,44 @@ class ActionType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The type of the automation rule action.""" - #: Modify an object's properties MODIFY_PROPERTIES = "ModifyProperties" - #: Run a playbook on an object + """Modify an object's properties""" RUN_PLAYBOOK = "RunPlaybook" - #: Add a task to an incident object + """Run a playbook on an object""" ADD_INCIDENT_TASK = "AddIncidentTask" + """Add a task to an incident object""" class AlertDetail(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Alert detail.""" - #: Alert display name DISPLAY_NAME = "DisplayName" - #: Alert severity + """Alert display name""" SEVERITY = "Severity" + """Alert severity""" class AlertProperty(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The V3 alert property.""" - #: Alert's link ALERT_LINK = "AlertLink" - #: Confidence level property + """Alert's link""" CONFIDENCE_LEVEL = "ConfidenceLevel" - #: Confidence score + """Confidence level property""" CONFIDENCE_SCORE = "ConfidenceScore" - #: Extended links to the alert + """Confidence score""" EXTENDED_LINKS = "ExtendedLinks" - #: Product name alert property + """Extended links to the alert""" PRODUCT_NAME = "ProductName" - #: Provider name alert property + """Product name alert property""" PROVIDER_NAME = "ProviderName" - #: Product component name alert property + """Provider name alert property""" PRODUCT_COMPONENT_NAME = "ProductComponentName" - #: Remediation steps alert property + """Product component name alert property""" REMEDIATION_STEPS = "RemediationSteps" - #: Techniques alert property + """Remediation steps alert property""" TECHNIQUES = "Techniques" + """Techniques alert property""" class AlertRuleKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -67,42 +67,42 @@ class AlertRuleKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): class AlertSeverity(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The severity of the alert.""" - #: High severity HIGH = "High" - #: Medium severity + """High severity""" MEDIUM = "Medium" - #: Low severity + """Medium severity""" LOW = "Low" - #: Informational severity + """Low severity""" INFORMATIONAL = "Informational" + """Informational severity""" class AlertStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The lifecycle status of the alert.""" - #: Unknown value UNKNOWN = "Unknown" - #: New alert + """Unknown value""" NEW = "New" - #: Alert closed after handling + """New alert""" RESOLVED = "Resolved" - #: Alert dismissed as false positive + """Alert closed after handling""" DISMISSED = "Dismissed" - #: Alert is being handled + """Alert dismissed as false positive""" IN_PROGRESS = "InProgress" + """Alert is being handled""" class AntispamMailDirection(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The directionality of this mail message.""" - #: Unknown UNKNOWN = "Unknown" - #: Inbound + """Unknown""" INBOUND = "Inbound" - #: Outbound + """Inbound""" OUTBOUND = "Outbound" - #: Intraorg + """Outbound""" INTRAORG = "Intraorg" + """Intraorg""" class AttackTactic(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -130,249 +130,253 @@ class AttackTactic(str, Enum, metaclass=CaseInsensitiveEnumMeta): class AutomationRuleBooleanConditionSupportedOperator(str, Enum, metaclass=CaseInsensitiveEnumMeta): """AutomationRuleBooleanConditionSupportedOperator.""" - #: Evaluates as true if all the item conditions are evaluated as true AND = "And" - #: Evaluates as true if at least one of the item conditions are evaluated as true + """Evaluates as true if all the item conditions are evaluated as true""" OR = "Or" + """Evaluates as true if at least one of the item conditions are evaluated as true""" + AND_ENUM = "And" + """Evaluates as true if all the item conditions are evaluated as true""" + OR_ENUM = "Or" + """Evaluates as true if at least one of the item conditions are evaluated as true""" class AutomationRulePropertyArrayChangedConditionSupportedArrayType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """AutomationRulePropertyArrayChangedConditionSupportedArrayType.""" - #: Evaluate the condition on the alerts ALERTS = "Alerts" - #: Evaluate the condition on the labels + """Evaluate the condition on the alerts""" LABELS = "Labels" - #: Evaluate the condition on the tactics + """Evaluate the condition on the labels""" TACTICS = "Tactics" - #: Evaluate the condition on the comments + """Evaluate the condition on the tactics""" COMMENTS = "Comments" + """Evaluate the condition on the comments""" class AutomationRulePropertyArrayChangedConditionSupportedChangeType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """AutomationRulePropertyArrayChangedConditionSupportedChangeType.""" - #: Evaluate the condition on items added to the array ADDED = "Added" + """Evaluate the condition on items added to the array""" class AutomationRulePropertyArrayConditionSupportedArrayConditionType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """AutomationRulePropertyArrayConditionSupportedArrayConditionType.""" - #: Evaluate the condition as true if any item fulfills it ANY_ITEM = "AnyItem" + """Evaluate the condition as true if any item fulfills it""" class AutomationRulePropertyArrayConditionSupportedArrayType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """AutomationRulePropertyArrayConditionSupportedArrayType.""" - #: Evaluate the condition on the custom detail keys CUSTOM_DETAILS = "CustomDetails" - #: Evaluate the condition on a custom detail's values + """Evaluate the condition on the custom detail keys""" CUSTOM_DETAIL_VALUES = "CustomDetailValues" + """Evaluate the condition on a custom detail's values""" class AutomationRulePropertyChangedConditionSupportedChangedType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """AutomationRulePropertyChangedConditionSupportedChangedType.""" - #: Evaluate the condition on the previous value of the property CHANGED_FROM = "ChangedFrom" - #: Evaluate the condition on the updated value of the property + """Evaluate the condition on the previous value of the property""" CHANGED_TO = "ChangedTo" + """Evaluate the condition on the updated value of the property""" class AutomationRulePropertyChangedConditionSupportedPropertyType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """AutomationRulePropertyChangedConditionSupportedPropertyType.""" - #: Evaluate the condition on the incident severity INCIDENT_SEVERITY = "IncidentSeverity" - #: Evaluate the condition on the incident status + """Evaluate the condition on the incident severity""" INCIDENT_STATUS = "IncidentStatus" - #: Evaluate the condition on the incident owner + """Evaluate the condition on the incident status""" INCIDENT_OWNER = "IncidentOwner" + """Evaluate the condition on the incident owner""" class AutomationRulePropertyConditionSupportedOperator(str, Enum, metaclass=CaseInsensitiveEnumMeta): """AutomationRulePropertyConditionSupportedOperator.""" - #: Evaluates if the property equals at least one of the condition values EQUALS = "Equals" - #: Evaluates if the property does not equal any of the condition values + """Evaluates if the property equals at least one of the condition values""" NOT_EQUALS = "NotEquals" - #: Evaluates if the property contains at least one of the condition values + """Evaluates if the property does not equal any of the condition values""" CONTAINS = "Contains" - #: Evaluates if the property does not contain any of the condition values + """Evaluates if the property contains at least one of the condition values""" NOT_CONTAINS = "NotContains" - #: Evaluates if the property starts with any of the condition values + """Evaluates if the property does not contain any of the condition values""" STARTS_WITH = "StartsWith" - #: Evaluates if the property does not start with any of the condition values + """Evaluates if the property starts with any of the condition values""" NOT_STARTS_WITH = "NotStartsWith" - #: Evaluates if the property ends with any of the condition values + """Evaluates if the property does not start with any of the condition values""" ENDS_WITH = "EndsWith" - #: Evaluates if the property does not end with any of the condition values + """Evaluates if the property ends with any of the condition values""" NOT_ENDS_WITH = "NotEndsWith" + """Evaluates if the property does not end with any of the condition values""" class AutomationRulePropertyConditionSupportedProperty(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The property to evaluate in an automation rule property condition.""" - #: The title of the incident INCIDENT_TITLE = "IncidentTitle" - #: The description of the incident + """The title of the incident""" INCIDENT_DESCRIPTION = "IncidentDescription" - #: The severity of the incident + """The description of the incident""" INCIDENT_SEVERITY = "IncidentSeverity" - #: The status of the incident + """The severity of the incident""" INCIDENT_STATUS = "IncidentStatus" - #: The related Analytic rule ids of the incident + """The status of the incident""" INCIDENT_RELATED_ANALYTIC_RULE_IDS = "IncidentRelatedAnalyticRuleIds" - #: The tactics of the incident + """The related Analytic rule ids of the incident""" INCIDENT_TACTICS = "IncidentTactics" - #: The labels of the incident + """The tactics of the incident""" INCIDENT_LABEL = "IncidentLabel" - #: The provider name of the incident + """The labels of the incident""" INCIDENT_PROVIDER_NAME = "IncidentProviderName" - #: The update source of the incident + """The provider name of the incident""" INCIDENT_UPDATED_BY_SOURCE = "IncidentUpdatedBySource" - #: The incident custom detail key + """The update source of the incident""" INCIDENT_CUSTOM_DETAILS_KEY = "IncidentCustomDetailsKey" - #: The incident custom detail value + """The incident custom detail key""" INCIDENT_CUSTOM_DETAILS_VALUE = "IncidentCustomDetailsValue" - #: The account Azure Active Directory tenant id + """The incident custom detail value""" ACCOUNT_AAD_TENANT_ID = "AccountAadTenantId" - #: The account Azure Active Directory user id + """The account Azure Active Directory tenant id""" ACCOUNT_AAD_USER_ID = "AccountAadUserId" - #: The account name + """The account Azure Active Directory user id""" ACCOUNT_NAME = "AccountName" - #: The account NetBIOS domain name + """The account name""" ACCOUNT_NT_DOMAIN = "AccountNTDomain" - #: The account Azure Active Directory Passport User ID + """The account NetBIOS domain name""" ACCOUNT_PUID = "AccountPUID" - #: The account security identifier + """The account Azure Active Directory Passport User ID""" ACCOUNT_SID = "AccountSid" - #: The account unique identifier + """The account security identifier""" ACCOUNT_OBJECT_GUID = "AccountObjectGuid" - #: The account user principal name suffix + """The account unique identifier""" ACCOUNT_UPN_SUFFIX = "AccountUPNSuffix" - #: The name of the product of the alert + """The account user principal name suffix""" ALERT_PRODUCT_NAMES = "AlertProductNames" - #: The analytic rule ids of the alert + """The name of the product of the alert""" ALERT_ANALYTIC_RULE_IDS = "AlertAnalyticRuleIds" - #: The Azure resource id + """The analytic rule ids of the alert""" AZURE_RESOURCE_RESOURCE_ID = "AzureResourceResourceId" - #: The Azure resource subscription id + """The Azure resource id""" AZURE_RESOURCE_SUBSCRIPTION_ID = "AzureResourceSubscriptionId" - #: The cloud application identifier + """The Azure resource subscription id""" CLOUD_APPLICATION_APP_ID = "CloudApplicationAppId" - #: The cloud application name + """The cloud application identifier""" CLOUD_APPLICATION_APP_NAME = "CloudApplicationAppName" - #: The dns record domain name + """The cloud application name""" DNS_DOMAIN_NAME = "DNSDomainName" - #: The file directory full path + """The dns record domain name""" FILE_DIRECTORY = "FileDirectory" - #: The file name without path + """The file directory full path""" FILE_NAME = "FileName" - #: The file hash value + """The file name without path""" FILE_HASH_VALUE = "FileHashValue" - #: The host Azure resource id + """The file hash value""" HOST_AZURE_ID = "HostAzureID" - #: The host name without domain + """The host Azure resource id""" HOST_NAME = "HostName" - #: The host NetBIOS name + """The host name without domain""" HOST_NET_BIOS_NAME = "HostNetBiosName" - #: The host NT domain + """The host NetBIOS name""" HOST_NT_DOMAIN = "HostNTDomain" - #: The host operating system + """The host NT domain""" HOST_OS_VERSION = "HostOSVersion" - #: "The IoT device id + """The host operating system""" IO_T_DEVICE_ID = "IoTDeviceId" - #: The IoT device name + """"The IoT device id""" IO_T_DEVICE_NAME = "IoTDeviceName" - #: The IoT device type + """The IoT device name""" IO_T_DEVICE_TYPE = "IoTDeviceType" - #: The IoT device vendor + """The IoT device type""" IO_T_DEVICE_VENDOR = "IoTDeviceVendor" - #: The IoT device model + """The IoT device vendor""" IO_T_DEVICE_MODEL = "IoTDeviceModel" - #: The IoT device operating system + """The IoT device model""" IO_T_DEVICE_OPERATING_SYSTEM = "IoTDeviceOperatingSystem" - #: The IP address + """The IoT device operating system""" IP_ADDRESS = "IPAddress" - #: The mailbox display name + """The IP address""" MAILBOX_DISPLAY_NAME = "MailboxDisplayName" - #: The mailbox primary address + """The mailbox display name""" MAILBOX_PRIMARY_ADDRESS = "MailboxPrimaryAddress" - #: The mailbox user principal name + """The mailbox primary address""" MAILBOX_UPN = "MailboxUPN" - #: The mail message delivery action + """The mailbox user principal name""" MAIL_MESSAGE_DELIVERY_ACTION = "MailMessageDeliveryAction" - #: The mail message delivery location + """The mail message delivery action""" MAIL_MESSAGE_DELIVERY_LOCATION = "MailMessageDeliveryLocation" - #: The mail message recipient + """The mail message delivery location""" MAIL_MESSAGE_RECIPIENT = "MailMessageRecipient" - #: The mail message sender IP address + """The mail message recipient""" MAIL_MESSAGE_SENDER_IP = "MailMessageSenderIP" - #: The mail message subject + """The mail message sender IP address""" MAIL_MESSAGE_SUBJECT = "MailMessageSubject" - #: The mail message P1 sender + """The mail message subject""" MAIL_MESSAGE_P1_SENDER = "MailMessageP1Sender" - #: The mail message P2 sender + """The mail message P1 sender""" MAIL_MESSAGE_P2_SENDER = "MailMessageP2Sender" - #: The malware category + """The mail message P2 sender""" MALWARE_CATEGORY = "MalwareCategory" - #: The malware name + """The malware category""" MALWARE_NAME = "MalwareName" - #: The process execution command line + """The malware name""" PROCESS_COMMAND_LINE = "ProcessCommandLine" - #: The process id + """The process execution command line""" PROCESS_ID = "ProcessId" - #: The registry key path + """The process id""" REGISTRY_KEY = "RegistryKey" - #: The registry key value in string formatted representation + """The registry key path""" REGISTRY_VALUE_DATA = "RegistryValueData" - #: The url + """The registry key value in string formatted representation""" URL = "Url" + """The url""" class Category(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Categories of recommendations.""" - #: Onboarding recommendation. ONBOARDING = "Onboarding" - #: New feature recommendation. + """Onboarding recommendation.""" NEW_FEATURE = "NewFeature" - #: Soc Efficiency recommendation. + """New feature recommendation.""" SOC_EFFICIENCY = "SocEfficiency" - #: Cost optimization recommendation. + """Soc Efficiency recommendation.""" COST_OPTIMIZATION = "CostOptimization" - #: Demo recommendation. + """Cost optimization recommendation.""" DEMO = "Demo" + """Demo recommendation.""" class ConditionType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """ConditionType.""" - #: Evaluate an object property value PROPERTY = "Property" - #: Evaluate an object array property value + """Evaluate an object property value""" PROPERTY_ARRAY = "PropertyArray" - #: Evaluate an object property changed value + """Evaluate an object array property value""" PROPERTY_CHANGED = "PropertyChanged" - #: Evaluate an object array property changed value + """Evaluate an object property changed value""" PROPERTY_ARRAY_CHANGED = "PropertyArrayChanged" - #: Apply a boolean operator (e.g AND, OR) to conditions + """Evaluate an object array property changed value""" BOOLEAN = "Boolean" + """Apply a boolean operator (e.g AND, OR) to conditions""" class ConfidenceLevel(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The confidence level of this alert.""" - #: Unknown confidence, the is the default value UNKNOWN = "Unknown" - #: Low confidence, meaning we have some doubts this is indeed malicious or part of an attack + """Unknown confidence, the is the default value""" LOW = "Low" - #: High confidence that the alert is true positive malicious + """Low confidence, meaning we have some doubts this is indeed malicious or part of an attack""" HIGH = "High" + """High confidence that the alert is true positive malicious""" class ConfidenceScoreStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -380,15 +384,15 @@ class ConfidenceScoreStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): this alert, not applicable or final. """ - #: Score will not be calculated for this alert as it is not supported by virtual analyst NOT_APPLICABLE = "NotApplicable" - #: No score was set yet and calculation is in progress + """Score will not be calculated for this alert as it is not supported by virtual analyst""" IN_PROCESS = "InProcess" - #: Score is calculated and shown as part of the alert, but may be updated again at a later time - #: following the processing of additional data + """No score was set yet and calculation is in progress""" NOT_FINAL = "NotFinal" - #: Final score was calculated and available + """Score is calculated and shown as part of the alert, but may be updated again at a later time + #: following the processing of additional data""" FINAL = "Final" + """Final score was calculated and available""" class ConnectAuthKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -415,14 +419,14 @@ class ContentType(str, Enum, metaclass=CaseInsensitiveEnumMeta): class Context(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Context of recommendation.""" - #: Analytics context. ANALYTICS = "Analytics" - #: Incidents context. + """Analytics context.""" INCIDENTS = "Incidents" - #: Overview context. + """Incidents context.""" OVERVIEW = "Overview" - #: No context. + """Overview context.""" NONE = "None" + """No context.""" class CreatedByType(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -459,6 +463,7 @@ class DataConnectorKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): OFFICE_ATP = "OfficeATP" OFFICE_IRM = "OfficeIRM" OFFICE365_PROJECT = "Office365Project" + MICROSOFT_PURVIEW_INFORMATION_PROTECTION = "MicrosoftPurviewInformationProtection" OFFICE_POWER_BI = "OfficePowerBI" AMAZON_WEB_SERVICES_CLOUD_TRAIL = "AmazonWebServicesCloudTrail" AMAZON_WEB_SERVICES_S3 = "AmazonWebServicesS3" @@ -490,50 +495,50 @@ class DataTypeState(str, Enum, metaclass=CaseInsensitiveEnumMeta): class DeleteStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Indicates whether the file was deleted from the storage account.""" - #: The file was deleted. DELETED = "Deleted" - #: The file was not deleted. + """The file was deleted.""" NOT_DELETED = "NotDeleted" - #: Unspecified + """The file was not deleted.""" UNSPECIFIED = "Unspecified" + """Unspecified""" class DeliveryAction(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The delivery action of this mail message like Delivered, Blocked, Replaced etc.""" - #: Unknown UNKNOWN = "Unknown" - #: DeliveredAsSpam + """Unknown""" DELIVERED_AS_SPAM = "DeliveredAsSpam" - #: Delivered + """DeliveredAsSpam""" DELIVERED = "Delivered" - #: Blocked + """Delivered""" BLOCKED = "Blocked" - #: Replaced + """Blocked""" REPLACED = "Replaced" + """Replaced""" class DeliveryLocation(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The delivery location of this mail message like Inbox, JunkFolder etc.""" - #: Unknown UNKNOWN = "Unknown" - #: Inbox + """Unknown""" INBOX = "Inbox" - #: JunkFolder + """Inbox""" JUNK_FOLDER = "JunkFolder" - #: DeletedFolder + """JunkFolder""" DELETED_FOLDER = "DeletedFolder" - #: Quarantine + """DeletedFolder""" QUARANTINE = "Quarantine" - #: External + """Quarantine""" EXTERNAL = "External" - #: Failed + """External""" FAILED = "Failed" - #: Dropped + """Failed""" DROPPED = "Dropped" - #: Forwarded + """Dropped""" FORWARDED = "Forwarded" + """Forwarded""" class DeploymentFetchStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -564,122 +569,122 @@ class DeploymentState(str, Enum, metaclass=CaseInsensitiveEnumMeta): class DeviceImportance(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Device importance, determines if the device classified as 'crown jewel'.""" - #: Unknown - Default value UNKNOWN = "Unknown" - #: Low + """Unknown - Default value""" LOW = "Low" - #: Normal + """Low""" NORMAL = "Normal" - #: High + """Normal""" HIGH = "High" + """High""" class ElevationToken(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The elevation token associated with the process.""" - #: Default elevation token DEFAULT = "Default" - #: Full elevation token + """Default elevation token""" FULL = "Full" - #: Limited elevation token + """Full elevation token""" LIMITED = "Limited" + """Limited elevation token""" class EntityItemQueryKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): """EntityItemQueryKind.""" - #: insight INSIGHT = "Insight" + """insight""" -class EntityKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): +class EntityKindEnum(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The kind of the entity.""" - #: Entity represents account in the system. ACCOUNT = "Account" - #: Entity represents host in the system. + """Entity represents account in the system.""" HOST = "Host" - #: Entity represents file in the system. + """Entity represents host in the system.""" FILE = "File" - #: Entity represents azure resource in the system. + """Entity represents file in the system.""" AZURE_RESOURCE = "AzureResource" - #: Entity represents cloud application in the system. + """Entity represents azure resource in the system.""" CLOUD_APPLICATION = "CloudApplication" - #: Entity represents dns resolution in the system. + """Entity represents cloud application in the system.""" DNS_RESOLUTION = "DnsResolution" - #: Entity represents file hash in the system. + """Entity represents dns resolution in the system.""" FILE_HASH = "FileHash" - #: Entity represents ip in the system. + """Entity represents file hash in the system.""" IP = "Ip" - #: Entity represents malware in the system. + """Entity represents ip in the system.""" MALWARE = "Malware" - #: Entity represents process in the system. + """Entity represents malware in the system.""" PROCESS = "Process" - #: Entity represents registry key in the system. + """Entity represents process in the system.""" REGISTRY_KEY = "RegistryKey" - #: Entity represents registry value in the system. + """Entity represents registry key in the system.""" REGISTRY_VALUE = "RegistryValue" - #: Entity represents security group in the system. + """Entity represents registry value in the system.""" SECURITY_GROUP = "SecurityGroup" - #: Entity represents url in the system. + """Entity represents security group in the system.""" URL = "Url" - #: Entity represents IoT device in the system. + """Entity represents url in the system.""" IO_T_DEVICE = "IoTDevice" - #: Entity represents security alert in the system. + """Entity represents IoT device in the system.""" SECURITY_ALERT = "SecurityAlert" - #: Entity represents bookmark in the system. + """Entity represents security alert in the system.""" BOOKMARK = "Bookmark" - #: Entity represents mail cluster in the system. + """Entity represents bookmark in the system.""" MAIL_CLUSTER = "MailCluster" - #: Entity represents mail message in the system. + """Entity represents mail cluster in the system.""" MAIL_MESSAGE = "MailMessage" - #: Entity represents mailbox in the system. + """Entity represents mail message in the system.""" MAILBOX = "Mailbox" - #: Entity represents submission mail in the system. + """Entity represents mailbox in the system.""" SUBMISSION_MAIL = "SubmissionMail" - #: Entity represents network interface in the system. + """Entity represents submission mail in the system.""" NIC = "Nic" + """Entity represents network interface in the system.""" class EntityMappingType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The V3 type of the mapped entity.""" - #: User account entity type ACCOUNT = "Account" - #: Host entity type + """User account entity type""" HOST = "Host" - #: IP address entity type + """Host entity type""" IP = "IP" - #: Malware entity type + """IP address entity type""" MALWARE = "Malware" - #: System file entity type + """Malware entity type""" FILE = "File" - #: Process entity type + """System file entity type""" PROCESS = "Process" - #: Cloud app entity type + """Process entity type""" CLOUD_APPLICATION = "CloudApplication" - #: DNS entity type + """Cloud app entity type""" DNS = "DNS" - #: Azure resource entity type + """DNS entity type""" AZURE_RESOURCE = "AzureResource" - #: File-hash entity type + """Azure resource entity type""" FILE_HASH = "FileHash" - #: Registry key entity type + """File-hash entity type""" REGISTRY_KEY = "RegistryKey" - #: Registry value entity type + """Registry key entity type""" REGISTRY_VALUE = "RegistryValue" - #: Security group entity type + """Registry value entity type""" SECURITY_GROUP = "SecurityGroup" - #: URL entity type + """Security group entity type""" URL = "URL" - #: Mailbox entity type + """URL entity type""" MAILBOX = "Mailbox" - #: Mail cluster entity type + """Mailbox entity type""" MAIL_CLUSTER = "MailCluster" - #: Mail message entity type + """Mail cluster entity type""" MAIL_MESSAGE = "MailMessage" - #: Submission mail entity type + """Mail message entity type""" SUBMISSION_MAIL = "SubmissionMail" + """Submission mail entity type""" class EntityProviders(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -706,74 +711,74 @@ class EntityQueryTemplateKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): class EntityTimelineKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The entity query kind.""" - #: activity ACTIVITY = "Activity" - #: bookmarks + """activity""" BOOKMARK = "Bookmark" - #: security alerts + """bookmarks""" SECURITY_ALERT = "SecurityAlert" - #: anomaly + """security alerts""" ANOMALY = "Anomaly" + """anomaly""" class EntityType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The type of the entity.""" - #: Entity represents account in the system. ACCOUNT = "Account" - #: Entity represents host in the system. + """Entity represents account in the system.""" HOST = "Host" - #: Entity represents file in the system. + """Entity represents host in the system.""" FILE = "File" - #: Entity represents azure resource in the system. + """Entity represents file in the system.""" AZURE_RESOURCE = "AzureResource" - #: Entity represents cloud application in the system. + """Entity represents azure resource in the system.""" CLOUD_APPLICATION = "CloudApplication" - #: Entity represents dns in the system. + """Entity represents cloud application in the system.""" DNS = "DNS" - #: Entity represents file hash in the system. + """Entity represents dns in the system.""" FILE_HASH = "FileHash" - #: Entity represents ip in the system. + """Entity represents file hash in the system.""" IP = "IP" - #: Entity represents malware in the system. + """Entity represents ip in the system.""" MALWARE = "Malware" - #: Entity represents process in the system. + """Entity represents malware in the system.""" PROCESS = "Process" - #: Entity represents registry key in the system. + """Entity represents process in the system.""" REGISTRY_KEY = "RegistryKey" - #: Entity represents registry value in the system. + """Entity represents registry key in the system.""" REGISTRY_VALUE = "RegistryValue" - #: Entity represents security group in the system. + """Entity represents registry value in the system.""" SECURITY_GROUP = "SecurityGroup" - #: Entity represents url in the system. + """Entity represents security group in the system.""" URL = "URL" - #: Entity represents IoT device in the system. + """Entity represents url in the system.""" IO_T_DEVICE = "IoTDevice" - #: Entity represents security alert in the system. + """Entity represents IoT device in the system.""" SECURITY_ALERT = "SecurityAlert" - #: Entity represents HuntingBookmark in the system. + """Entity represents security alert in the system.""" HUNTING_BOOKMARK = "HuntingBookmark" - #: Entity represents mail cluster in the system. + """Entity represents HuntingBookmark in the system.""" MAIL_CLUSTER = "MailCluster" - #: Entity represents mail message in the system. + """Entity represents mail cluster in the system.""" MAIL_MESSAGE = "MailMessage" - #: Entity represents mailbox in the system. + """Entity represents mail message in the system.""" MAILBOX = "Mailbox" - #: Entity represents submission mail in the system. + """Entity represents mailbox in the system.""" SUBMISSION_MAIL = "SubmissionMail" - #: Entity represents network interface in the system. + """Entity represents submission mail in the system.""" NIC = "Nic" + """Entity represents network interface in the system.""" -class Enum13(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """Enum13.""" +class Enum19(str, Enum, metaclass=CaseInsensitiveEnumMeta): + """Enum19.""" EXPANSION = "Expansion" ACTIVITY = "Activity" -class Enum15(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """Enum15.""" +class Enum21(str, Enum, metaclass=CaseInsensitiveEnumMeta): + """Enum21.""" ACTIVITY = "Activity" @@ -788,58 +793,65 @@ class EventGroupingAggregationKind(str, Enum, metaclass=CaseInsensitiveEnumMeta) class FileFormat(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The format of the file.""" - #: A CSV file. CSV = "CSV" - #: A JSON file. + """A CSV file.""" JSON = "JSON" - #: A file of other format. + """A JSON file.""" UNSPECIFIED = "Unspecified" + """A file of other format.""" class FileHashAlgorithm(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The hash algorithm type.""" - #: Unknown hash algorithm UNKNOWN = "Unknown" - #: MD5 hash type + """Unknown hash algorithm""" MD5 = "MD5" - #: SHA1 hash type + """MD5 hash type""" SHA1 = "SHA1" - #: SHA256 hash type + """SHA1 hash type""" SHA256 = "SHA256" - #: SHA256 Authenticode hash type + """SHA256 hash type""" SHA256_AC = "SHA256AC" + """SHA256 Authenticode hash type""" class FileImportContentType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The content type of this file.""" - #: File containing records with the core fields of an indicator, plus the observables to construct - #: the STIX pattern. BASIC_INDICATOR = "BasicIndicator" - #: File containing STIX indicators. + """File containing records with the core fields of an indicator, plus the observables to construct + #: the STIX pattern.""" STIX_INDICATOR = "StixIndicator" - #: File containing other records. + """File containing STIX indicators.""" UNSPECIFIED = "Unspecified" + """File containing other records.""" class FileImportState(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The state of the file import.""" - #: A fatal error has occurred while ingesting the file. FATAL_ERROR = "FatalError" - #: The file has been ingested. + """A fatal error has occurred while ingesting the file.""" INGESTED = "Ingested" - #: The file has been ingested with errors. + """The file has been ingested.""" INGESTED_WITH_ERRORS = "IngestedWithErrors" - #: The file ingestion is in progress. + """The file has been ingested with errors.""" IN_PROGRESS = "InProgress" - #: The file is invalid. + """The file ingestion is in progress.""" INVALID = "Invalid" - #: Waiting for the file to be uploaded. + """The file is invalid.""" WAITING_FOR_UPLOAD = "WaitingForUpload" - #: Unspecified state. + """Waiting for the file to be uploaded.""" UNSPECIFIED = "Unspecified" + """Unspecified state.""" + + +class Flag(str, Enum, metaclass=CaseInsensitiveEnumMeta): + """The boolean value the metadata is for.""" + + TRUE = "true" + FALSE = "false" class GetInsightsError(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -848,156 +860,164 @@ class GetInsightsError(str, Enum, metaclass=CaseInsensitiveEnumMeta): INSIGHT = "Insight" +class HypothesisStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): + """The hypothesis status of the hunt.""" + + UNKNOWN = "Unknown" + INVALIDATED = "Invalidated" + VALIDATED = "Validated" + + class IncidentClassification(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The reason the incident was closed.""" - #: Incident classification was undetermined UNDETERMINED = "Undetermined" - #: Incident was true positive + """Incident classification was undetermined""" TRUE_POSITIVE = "TruePositive" - #: Incident was benign positive + """Incident was true positive""" BENIGN_POSITIVE = "BenignPositive" - #: Incident was false positive + """Incident was benign positive""" FALSE_POSITIVE = "FalsePositive" + """Incident was false positive""" class IncidentClassificationReason(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The classification reason the incident was closed with.""" - #: Classification reason was suspicious activity SUSPICIOUS_ACTIVITY = "SuspiciousActivity" - #: Classification reason was suspicious but expected + """Classification reason was suspicious activity""" SUSPICIOUS_BUT_EXPECTED = "SuspiciousButExpected" - #: Classification reason was incorrect alert logic + """Classification reason was suspicious but expected""" INCORRECT_ALERT_LOGIC = "IncorrectAlertLogic" - #: Classification reason was inaccurate data + """Classification reason was incorrect alert logic""" INACCURATE_DATA = "InaccurateData" + """Classification reason was inaccurate data""" class IncidentLabelType(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The type of the label.""" - #: Label manually created by a user USER = "User" - #: Label automatically created by the system + """Label manually created by a user""" AUTO_ASSIGNED = "AutoAssigned" + """Label automatically created by the system""" class IncidentSeverity(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The severity of the incident.""" - #: High severity HIGH = "High" - #: Medium severity + """High severity""" MEDIUM = "Medium" - #: Low severity + """Medium severity""" LOW = "Low" - #: Informational severity + """Low severity""" INFORMATIONAL = "Informational" + """Informational severity""" class IncidentStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The status of the incident.""" - #: An active incident which isn't being handled currently NEW = "New" - #: An active incident which is being handled + """An active incident which isn't being handled currently""" ACTIVE = "Active" - #: A non-active incident + """An active incident which is being handled""" CLOSED = "Closed" + """A non-active incident""" class IncidentTaskStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): """IncidentTaskStatus.""" - #: A new task NEW = "New" - #: A completed task + """A new task""" COMPLETED = "Completed" + """A completed task""" class IngestionMode(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Describes how to ingest the records in the file.""" - #: No records should be ingested when invalid records are detected. INGEST_ONLY_IF_ALL_ARE_VALID = "IngestOnlyIfAllAreValid" - #: Valid records should still be ingested when invalid records are detected. + """No records should be ingested when invalid records are detected.""" INGEST_ANY_VALID_RECORDS = "IngestAnyValidRecords" - #: Unspecified + """Valid records should still be ingested when invalid records are detected.""" UNSPECIFIED = "Unspecified" + """Unspecified""" class KillChainIntent(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The intent of the alert.""" - #: The default value. UNKNOWN = "Unknown" - #: Probing could be an attempt to access a certain resource regardless of a malicious intent or a + """The default value.""" + PROBING = "Probing" + """Probing could be an attempt to access a certain resource regardless of a malicious intent or a #: failed attempt to gain access to a target system to gather information prior to exploitation. #: This step is usually detected as an attempt originating from outside the network in attempt to - #: scan the target system and find a way in. - PROBING = "Probing" - #: Exploitation is the stage where an attacker manage to get foothold on the attacked resource. + #: scan the target system and find a way in.""" + EXPLOITATION = "Exploitation" + """Exploitation is the stage where an attacker manage to get foothold on the attacked resource. #: This stage is applicable not only for compute hosts, but also for resources such as user #: accounts, certificates etc. Adversaries will often be able to control the resource after this - #: stage. - EXPLOITATION = "Exploitation" - #: Persistence is any access, action, or configuration change to a system that gives an adversary + #: stage.""" + PERSISTENCE = "Persistence" + """Persistence is any access, action, or configuration change to a system that gives an adversary #: a persistent presence on that system. Adversaries will often need to maintain access to systems #: through interruptions such as system restarts, loss of credentials, or other failures that - #: would require a remote access tool to restart or alternate backdoor for them to regain access. - PERSISTENCE = "Persistence" - #: Privilege escalation is the result of actions that allow an adversary to obtain a higher level + #: would require a remote access tool to restart or alternate backdoor for them to regain access.""" + PRIVILEGE_ESCALATION = "PrivilegeEscalation" + """Privilege escalation is the result of actions that allow an adversary to obtain a higher level #: of permissions on a system or network. Certain tools or actions require a higher level of #: privilege to work and are likely necessary at many points throughout an operation. User #: accounts with permissions to access specific systems or perform specific functions necessary - #: for adversaries to achieve their objective may also be considered an escalation of privilege. - PRIVILEGE_ESCALATION = "PrivilegeEscalation" - #: Defense evasion consists of techniques an adversary may use to evade detection or avoid other - #: defenses. Sometimes these actions are the same as or variations of techniques in other - #: categories that have the added benefit of subverting a particular defense or mitigation. + #: for adversaries to achieve their objective may also be considered an escalation of privilege.""" DEFENSE_EVASION = "DefenseEvasion" - #: Credential access represents techniques resulting in access to or control over system, domain, + """Defense evasion consists of techniques an adversary may use to evade detection or avoid other + #: defenses. Sometimes these actions are the same as or variations of techniques in other + #: categories that have the added benefit of subverting a particular defense or mitigation.""" + CREDENTIAL_ACCESS = "CredentialAccess" + """Credential access represents techniques resulting in access to or control over system, domain, #: or service credentials that are used within an enterprise environment. Adversaries will likely #: attempt to obtain legitimate credentials from users or administrator accounts (local system #: administrator or domain users with administrator access) to use within the network. With #: sufficient access within a network, an adversary can create accounts for later use within the - #: environment. - CREDENTIAL_ACCESS = "CredentialAccess" - #: Discovery consists of techniques that allow the adversary to gain knowledge about the system - #: and internal network. When adversaries gain access to a new system, they must orient themselves - #: to what they now have control of and what benefits operating from that system give to their - #: current objective or overall goals during the intrusion. The operating system provides many - #: native tools that aid in this post-compromise information-gathering phase. + #: environment.""" DISCOVERY = "Discovery" - #: Lateral movement consists of techniques that enable an adversary to access and control remote + """Discovery consists of techniques that allow the adversary to gain knowledge about the system + #: and internal network. When adversaries gain access to a new system, they must navigate + #: themselves to what they now have control of and what benefits operating from that system give + #: to their current objective or overall goals during the intrusion. The operating system provides + #: many native tools that aid in this post-compromise information-gathering phase.""" + LATERAL_MOVEMENT = "LateralMovement" + """Lateral movement consists of techniques that enable an adversary to access and control remote #: systems on a network and could, but does not necessarily, include execution of tools on remote #: systems. The lateral movement techniques could allow an adversary to gather information from a #: system without needing additional tools, such as a remote access tool. An adversary can use #: lateral movement for many purposes, including remote Execution of tools, pivoting to additional #: systems, access to specific information or files, access to additional credentials, or to cause - #: an effect. - LATERAL_MOVEMENT = "LateralMovement" - #: The execution tactic represents techniques that result in execution of adversary-controlled - #: code on a local or remote system. This tactic is often used in conjunction with lateral - #: movement to expand access to remote systems on a network. + #: an effect.""" EXECUTION = "Execution" - #: Collection consists of techniques used to identify and gather information, such as sensitive - #: files, from a target network prior to exfiltration. This category also covers locations on a - #: system or network where the adversary may look for information to exfiltrate. + """The execution tactic represents techniques that result in execution of adversary-controlled + #: code on a local or remote system. This tactic is often used in conjunction with lateral + #: movement to expand access to remote systems on a network.""" COLLECTION = "Collection" - #: Exfiltration refers to techniques and attributes that result or aid in the adversary removing - #: files and information from a target network. This category also covers locations on a system or - #: network where the adversary may look for information to exfiltrate. + """Collection consists of techniques used to identify and gather information, such as sensitive + #: files, from a target network prior to exfiltration. This category also covers locations on a + #: system or network where the adversary may look for information to exfiltrate.""" EXFILTRATION = "Exfiltration" - #: The command and control tactic represents how adversaries communicate with systems under their - #: control within a target network. + """Exfiltration refers to techniques and attributes that result or aid in the adversary removing + #: files and information from a target network. This category also covers locations on a system or + #: network where the adversary may look for information to exfiltrate.""" COMMAND_AND_CONTROL = "CommandAndControl" - #: The impact intent primary objective is to directly reduce the availability or integrity of a + """The command and control tactic represents how adversaries communicate with systems under their + #: control within a target network.""" + IMPACT = "Impact" + """The impact intent primary objective is to directly reduce the availability or integrity of a #: system, service, or network; including manipulation of data to impact a business or operational #: process. This would often refer to techniques such as ransom-ware, defacement, data - #: manipulation and others. - IMPACT = "Impact" + #: manipulation and others.""" class Kind(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -1027,13 +1047,13 @@ class MatchingMethod(str, Enum, metaclass=CaseInsensitiveEnumMeta): groupByAlertDetails, groupByCustomDetails must be provided and not empty. """ - #: Grouping alerts into a single incident if all the entities match ALL_ENTITIES = "AllEntities" - #: Grouping any alerts triggered by this rule into a single incident + """Grouping alerts into a single incident if all the entities match""" ANY_ALERT = "AnyAlert" - #: Grouping alerts into a single incident if the selected entities, custom details and alert - #: details match + """Grouping any alerts triggered by this rule into a single incident""" SELECTED = "Selected" + """Grouping alerts into a single incident if the selected entities, custom details and alert + #: details match""" class MicrosoftSecurityProductName(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -1048,26 +1068,44 @@ class MicrosoftSecurityProductName(str, Enum, metaclass=CaseInsensitiveEnumMeta) MICROSOFT_DEFENDER_ADVANCED_THREAT_PROTECTION = "Microsoft Defender Advanced Threat Protection" +class Mode(str, Enum, metaclass=CaseInsensitiveEnumMeta): + """The current mode of the workspace manager configuration.""" + + ENABLED = "Enabled" + """The workspace manager configuration is enabled""" + DISABLED = "Disabled" + """The workspace manager configuration is disabled""" + + +class MtpProvider(str, Enum, metaclass=CaseInsensitiveEnumMeta): + """The available data providers.""" + + MICROSOFT_DEFENDER_FOR_CLOUD_APPS = "microsoftDefenderForCloudApps" + MICROSOFT_DEFENDER_FOR_IDENTITY = "microsoftDefenderForIdentity" + + class Operator(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Operator used for list of dependencies in criteria array.""" AND = "AND" OR = "OR" + AND_ENUM = "AND" + OR_ENUM = "OR" class OSFamily(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The operating system type.""" - #: Host with Linux operating system. LINUX = "Linux" - #: Host with Windows operating system. + """Host with Linux operating system.""" WINDOWS = "Windows" - #: Host with Android operating system. + """Host with Windows operating system.""" ANDROID = "Android" - #: Host with IOS operating system. + """Host with Android operating system.""" IOS = "IOS" - #: Host with Unknown operating system. + """Host with IOS operating system.""" UNKNOWN = "Unknown" + """Host with Unknown operating system.""" class OutputType(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -1080,14 +1118,21 @@ class OutputType(str, Enum, metaclass=CaseInsensitiveEnumMeta): class OwnerType(str, Enum, metaclass=CaseInsensitiveEnumMeta): - """The type of the owner the incident is assigned to.""" + """The type of the owner the hunt is assigned to.""" - #: The incident owner type is unknown UNKNOWN = "Unknown" - #: The incident owner type is an AAD user + """The hunt owner type is unknown""" USER = "User" - #: The incident owner type is an AAD group + """The hunt owner type is an AAD user""" GROUP = "Group" + """The hunt owner type is an AAD group""" + + +class PackageKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): + """The package kind.""" + + SOLUTION = "Solution" + STANDALONE = "Standalone" class PermissionProviderScope(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -1101,23 +1146,23 @@ class PermissionProviderScope(str, Enum, metaclass=CaseInsensitiveEnumMeta): class PollingFrequency(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The polling frequency for the TAXII server.""" - #: Once a minute ONCE_A_MINUTE = "OnceAMinute" - #: Once an hour + """Once a minute""" ONCE_AN_HOUR = "OnceAnHour" - #: Once a day + """Once an hour""" ONCE_A_DAY = "OnceADay" + """Once a day""" class Priority(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Priority of recommendation.""" - #: Low priority for recommendation. LOW = "Low" - #: Medium priority for recommendation. + """Low priority for recommendation.""" MEDIUM = "Medium" - #: High priority for recommendation. + """Medium priority for recommendation.""" HIGH = "High" + """High priority for recommendation.""" class ProviderName(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -1131,29 +1176,39 @@ class ProviderName(str, Enum, metaclass=CaseInsensitiveEnumMeta): MICROSOFT_AUTHORIZATION_POLICY_ASSIGNMENTS = "Microsoft.Authorization/policyAssignments" +class ProvisioningState(str, Enum, metaclass=CaseInsensitiveEnumMeta): + """The triggered analytics rule run provisioning state.""" + + ACCEPTED = "Accepted" + IN_PROGRESS = "InProgress" + SUCCEEDED = "Succeeded" + FAILED = "Failed" + CANCELED = "Canceled" + + class RegistryHive(str, Enum, metaclass=CaseInsensitiveEnumMeta): """the hive that holds the registry key.""" - #: HKEY_LOCAL_MACHINE HKEY_LOCAL_MACHINE = "HKEY_LOCAL_MACHINE" - #: HKEY_CLASSES_ROOT + """HKEY_LOCAL_MACHINE""" HKEY_CLASSES_ROOT = "HKEY_CLASSES_ROOT" - #: HKEY_CURRENT_CONFIG + """HKEY_CLASSES_ROOT""" HKEY_CURRENT_CONFIG = "HKEY_CURRENT_CONFIG" - #: HKEY_USERS + """HKEY_CURRENT_CONFIG""" HKEY_USERS = "HKEY_USERS" - #: HKEY_CURRENT_USER_LOCAL_SETTINGS + """HKEY_USERS""" HKEY_CURRENT_USER_LOCAL_SETTINGS = "HKEY_CURRENT_USER_LOCAL_SETTINGS" - #: HKEY_PERFORMANCE_DATA + """HKEY_CURRENT_USER_LOCAL_SETTINGS""" HKEY_PERFORMANCE_DATA = "HKEY_PERFORMANCE_DATA" - #: HKEY_PERFORMANCE_NLSTEXT + """HKEY_PERFORMANCE_DATA""" HKEY_PERFORMANCE_NLSTEXT = "HKEY_PERFORMANCE_NLSTEXT" - #: HKEY_PERFORMANCE_TEXT + """HKEY_PERFORMANCE_NLSTEXT""" HKEY_PERFORMANCE_TEXT = "HKEY_PERFORMANCE_TEXT" - #: HKEY_A + """HKEY_PERFORMANCE_TEXT""" HKEY_A = "HKEY_A" - #: HKEY_CURRENT_USER + """HKEY_A""" HKEY_CURRENT_USER = "HKEY_CURRENT_USER" + """HKEY_CURRENT_USER""" class RegistryValueKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -1161,22 +1216,22 @@ class RegistryValueKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): type of a value in the registry. """ - #: None NONE = "None" - #: Unknown value type + """None""" UNKNOWN = "Unknown" - #: String value type + """Unknown value type""" STRING = "String" - #: ExpandString value type + """String value type""" EXPAND_STRING = "ExpandString" - #: Binary value type + """ExpandString value type""" BINARY = "Binary" - #: DWord value type + """Binary value type""" D_WORD = "DWord" - #: MultiString value type + """DWord value type""" MULTI_STRING = "MultiString" - #: QWord value type + """MultiString value type""" Q_WORD = "QWord" + """QWord value type""" class RepoType(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -1204,10 +1259,10 @@ class SettingKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): class SettingsStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The anomaly SecurityMLAnalyticsSettings status.""" - #: Anomaly settings status in Production mode PRODUCTION = "Production" - #: Anomaly settings status in Flighting mode + """Anomaly settings status in Production mode""" FLIGHTING = "Flighting" + """Anomaly settings status in Flighting mode""" class SettingType(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -1237,16 +1292,27 @@ class SourceType(str, Enum, metaclass=CaseInsensitiveEnumMeta): class State(str, Enum, metaclass=CaseInsensitiveEnumMeta): """State of recommendation.""" - #: Recommendation is active. ACTIVE = "Active" - #: Recommendation is disabled. + """Recommendation is active.""" DISABLED = "Disabled" - #: Recommendation has been completed by user. + """Recommendation is disabled.""" COMPLETED_BY_USER = "CompletedByUser" - #: Recommendation has been completed by action. + """Recommendation has been completed by user.""" COMPLETED_BY_ACTION = "CompletedByAction" - #: Recommendation is hidden. + """Recommendation has been completed by action.""" HIDDEN = "Hidden" + """Recommendation is hidden.""" + + +class Status(str, Enum, metaclass=CaseInsensitiveEnumMeta): + """The status of the hunt.""" + + NEW = "New" + ACTIVE = "Active" + CLOSED = "Closed" + SUCCEEDED = "Succeeded" + FAILED = "Failed" + IN_PROGRESS = "InProgress" class SupportTier(str, Enum, metaclass=CaseInsensitiveEnumMeta): @@ -1260,22 +1326,22 @@ class SupportTier(str, Enum, metaclass=CaseInsensitiveEnumMeta): class TemplateStatus(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The alert rule template status.""" - #: Alert rule template installed. and can not use more then once INSTALLED = "Installed" - #: Alert rule template is available. + """Alert rule template installed. and can not use more then once""" AVAILABLE = "Available" - #: Alert rule template is not available + """Alert rule template is available.""" NOT_AVAILABLE = "NotAvailable" + """Alert rule template is not available""" -class ThreatIntelligenceResourceKindEnum(str, Enum, metaclass=CaseInsensitiveEnumMeta): +class ThreatIntelligenceResourceInnerKind(str, Enum, metaclass=CaseInsensitiveEnumMeta): """The kind of the threat intelligence entity.""" - #: Entity represents threat intelligence indicator in the system. INDICATOR = "indicator" + """Entity represents threat intelligence indicator in the system.""" -class ThreatIntelligenceSortingCriteriaEnum(str, Enum, metaclass=CaseInsensitiveEnumMeta): +class ThreatIntelligenceSortingOrder(str, Enum, metaclass=CaseInsensitiveEnumMeta): """Sorting order (ascending/descending/unsorted).""" UNSORTED = "unsorted" @@ -1295,19 +1361,19 @@ class TriggerOperator(str, Enum, metaclass=CaseInsensitiveEnumMeta): class TriggersOn(str, Enum, metaclass=CaseInsensitiveEnumMeta): """TriggersOn.""" - #: Trigger on Incidents INCIDENTS = "Incidents" - #: Trigger on Alerts + """Trigger on Incidents""" ALERTS = "Alerts" + """Trigger on Alerts""" class TriggersWhen(str, Enum, metaclass=CaseInsensitiveEnumMeta): """TriggersWhen.""" - #: Trigger on created objects CREATED = "Created" - #: Trigger on updated objects + """Trigger on created objects""" UPDATED = "Updated" + """Trigger on updated objects""" class UebaDataSources(str, Enum, metaclass=CaseInsensitiveEnumMeta): diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py index 802d895ef601..54bb2e1de07e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/__init__.py @@ -10,19 +10,30 @@ from ._actions_operations import ActionsOperations from ._alert_rule_templates_operations import AlertRuleTemplatesOperations from ._automation_rules_operations import AutomationRulesOperations +from ._entities_operations import EntitiesOperations from ._incidents_operations import IncidentsOperations from ._bookmarks_operations import BookmarksOperations from ._bookmark_relations_operations import BookmarkRelationsOperations from ._bookmark_operations import BookmarkOperations +from ._content_packages_operations import ContentPackagesOperations +from ._content_package_operations import ContentPackageOperations +from ._product_packages_operations import ProductPackagesOperations +from ._product_package_operations import ProductPackageOperations +from ._product_templates_operations import ProductTemplatesOperations +from ._product_template_operations import ProductTemplateOperations +from ._content_templates_operations import ContentTemplatesOperations +from ._content_template_operations import ContentTemplateOperations from ._ip_geodata_operations import IPGeodataOperations from ._domain_whois_operations import DomainWhoisOperations -from ._entities_operations import EntitiesOperations from ._entities_get_timeline_operations import EntitiesGetTimelineOperations from ._entities_relations_operations import EntitiesRelationsOperations from ._entity_relations_operations import EntityRelationsOperations from ._entity_queries_operations import EntityQueriesOperations from ._entity_query_templates_operations import EntityQueryTemplatesOperations from ._file_imports_operations import FileImportsOperations +from ._hunts_operations import HuntsOperations +from ._hunt_relations_operations import HuntRelationsOperations +from ._hunt_comments_operations import HuntCommentsOperations from ._incident_comments_operations import IncidentCommentsOperations from ._incident_relations_operations import IncidentRelationsOperations from ._incident_tasks_operations import IncidentTasksOperations @@ -39,8 +50,16 @@ from ._threat_intelligence_indicator_operations import ThreatIntelligenceIndicatorOperations from ._threat_intelligence_indicators_operations import ThreatIntelligenceIndicatorsOperations from ._threat_intelligence_indicator_metrics_operations import ThreatIntelligenceIndicatorMetricsOperations +from ._triggered_analytics_rule_run_operations import TriggeredAnalyticsRuleRunOperations +from ._get_triggered_analytics_rule_runs_operations import GetTriggeredAnalyticsRuleRunsOperations +from ._alert_rule_operations import AlertRuleOperations from ._watchlists_operations import WatchlistsOperations from ._watchlist_items_operations import WatchlistItemsOperations +from ._workspace_manager_groups_operations import WorkspaceManagerGroupsOperations +from ._workspace_manager_assignments_operations import WorkspaceManagerAssignmentsOperations +from ._workspace_manager_assignment_jobs_operations import WorkspaceManagerAssignmentJobsOperations +from ._workspace_manager_configurations_operations import WorkspaceManagerConfigurationsOperations +from ._workspace_manager_members_operations import WorkspaceManagerMembersOperations from ._data_connectors_operations import DataConnectorsOperations from ._data_connectors_check_requirements_operations import DataConnectorsCheckRequirementsOperations from ._operations import Operations @@ -54,19 +73,30 @@ "ActionsOperations", "AlertRuleTemplatesOperations", "AutomationRulesOperations", + "EntitiesOperations", "IncidentsOperations", "BookmarksOperations", "BookmarkRelationsOperations", "BookmarkOperations", + "ContentPackagesOperations", + "ContentPackageOperations", + "ProductPackagesOperations", + "ProductPackageOperations", + "ProductTemplatesOperations", + "ProductTemplateOperations", + "ContentTemplatesOperations", + "ContentTemplateOperations", "IPGeodataOperations", "DomainWhoisOperations", - "EntitiesOperations", "EntitiesGetTimelineOperations", "EntitiesRelationsOperations", "EntityRelationsOperations", "EntityQueriesOperations", "EntityQueryTemplatesOperations", "FileImportsOperations", + "HuntsOperations", + "HuntRelationsOperations", + "HuntCommentsOperations", "IncidentCommentsOperations", "IncidentRelationsOperations", "IncidentTasksOperations", @@ -83,8 +113,16 @@ "ThreatIntelligenceIndicatorOperations", "ThreatIntelligenceIndicatorsOperations", "ThreatIntelligenceIndicatorMetricsOperations", + "TriggeredAnalyticsRuleRunOperations", + "GetTriggeredAnalyticsRuleRunsOperations", + "AlertRuleOperations", "WatchlistsOperations", "WatchlistItemsOperations", + "WorkspaceManagerGroupsOperations", + "WorkspaceManagerAssignmentsOperations", + "WorkspaceManagerAssignmentJobsOperations", + "WorkspaceManagerConfigurationsOperations", + "WorkspaceManagerMembersOperations", "DataConnectorsOperations", "DataConnectorsCheckRequirementsOperations", "Operations", diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_actions_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_actions_operations.py index a26c034dbc69..2c60b89457b7 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_actions_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_actions_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_list_by_alert_rule_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -90,9 +83,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -134,9 +125,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -181,9 +170,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -259,9 +246,7 @@ def list_by_alert_rule( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ActionsList] = kwargs.pop("cls", None) error_map = { @@ -316,8 +301,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -364,9 +350,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ActionResponse] = kwargs.pop("cls", None) request = build_get_request( @@ -383,8 +367,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -493,7 +478,7 @@ def create_or_update( :type rule_id: str :param action_id: Action ID. Required. :type action_id: str - :param action: The action. Is either a model type or a IO type. Required. + :param action: The action. Is either a ActionRequest type or a IO type. Required. :type action: ~azure.mgmt.securityinsight.models.ActionRequest or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -514,9 +499,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ActionResponse] = kwargs.pop("cls", None) @@ -545,8 +528,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -601,9 +585,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -620,8 +602,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rule_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rule_operations.py new file mode 100644 index 000000000000..f5cb2df1ff3c --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rule_operations.py @@ -0,0 +1,333 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, cast, overload + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.polling import LROPoller, NoPolling, PollingMethod +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat +from azure.mgmt.core.polling.arm_polling import ARMPolling + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_trigger_rule_run_request( + resource_group_name: str, workspace_name: str, rule_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/triggerRuleRun", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "ruleId": _SERIALIZER.url("rule_id", rule_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) + + +class AlertRuleOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`alert_rule` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + def _trigger_rule_run_initial( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + rule_id: str, + analytics_rule_run_trigger_parameter: Union[_models.AnalyticsRuleRunTrigger, IO], + **kwargs: Any + ) -> None: + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[None] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(analytics_rule_run_trigger_parameter, (IO, bytes)): + _content = analytics_rule_run_trigger_parameter + else: + _json = self._serialize.body(analytics_rule_run_trigger_parameter, "AnalyticsRuleRunTrigger") + + request = build_trigger_rule_run_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + rule_id=rule_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self._trigger_rule_run_initial.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [202]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + response_headers = {} + response_headers["Location"] = self._deserialize("str", response.headers.get("Location")) + + if cls: + return cls(pipeline_response, None, response_headers) + + _trigger_rule_run_initial.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/triggerRuleRun" + } + + @overload + def begin_trigger_rule_run( + self, + resource_group_name: str, + workspace_name: str, + rule_id: str, + analytics_rule_run_trigger_parameter: _models.AnalyticsRuleRunTrigger, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> LROPoller[None]: + """triggers analytics rule run. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param rule_id: Alert rule ID. Required. + :type rule_id: str + :param analytics_rule_run_trigger_parameter: The Analytics Rule Run Trigger parameter. + Required. + :type analytics_rule_run_trigger_parameter: + ~azure.mgmt.securityinsight.models.AnalyticsRuleRunTrigger + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :keyword str continuation_token: A continuation token to restart a poller from a saved state. + :keyword polling: By default, your polling method will be ARMPolling. Pass in False for this + operation to not poll, or pass in your own initialized polling object for a personal polling + strategy. + :paramtype polling: bool or ~azure.core.polling.PollingMethod + :keyword int polling_interval: Default waiting time between two polls for LRO operations if no + Retry-After header is present. + :return: An instance of LROPoller that returns either None or the result of cls(response) + :rtype: ~azure.core.polling.LROPoller[None] + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def begin_trigger_rule_run( + self, + resource_group_name: str, + workspace_name: str, + rule_id: str, + analytics_rule_run_trigger_parameter: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> LROPoller[None]: + """triggers analytics rule run. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param rule_id: Alert rule ID. Required. + :type rule_id: str + :param analytics_rule_run_trigger_parameter: The Analytics Rule Run Trigger parameter. + Required. + :type analytics_rule_run_trigger_parameter: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :keyword str continuation_token: A continuation token to restart a poller from a saved state. + :keyword polling: By default, your polling method will be ARMPolling. Pass in False for this + operation to not poll, or pass in your own initialized polling object for a personal polling + strategy. + :paramtype polling: bool or ~azure.core.polling.PollingMethod + :keyword int polling_interval: Default waiting time between two polls for LRO operations if no + Retry-After header is present. + :return: An instance of LROPoller that returns either None or the result of cls(response) + :rtype: ~azure.core.polling.LROPoller[None] + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def begin_trigger_rule_run( + self, + resource_group_name: str, + workspace_name: str, + rule_id: str, + analytics_rule_run_trigger_parameter: Union[_models.AnalyticsRuleRunTrigger, IO], + **kwargs: Any + ) -> LROPoller[None]: + """triggers analytics rule run. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param rule_id: Alert rule ID. Required. + :type rule_id: str + :param analytics_rule_run_trigger_parameter: The Analytics Rule Run Trigger parameter. Is + either a AnalyticsRuleRunTrigger type or a IO type. Required. + :type analytics_rule_run_trigger_parameter: + ~azure.mgmt.securityinsight.models.AnalyticsRuleRunTrigger or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :keyword str continuation_token: A continuation token to restart a poller from a saved state. + :keyword polling: By default, your polling method will be ARMPolling. Pass in False for this + operation to not poll, or pass in your own initialized polling object for a personal polling + strategy. + :paramtype polling: bool or ~azure.core.polling.PollingMethod + :keyword int polling_interval: Default waiting time between two polls for LRO operations if no + Retry-After header is present. + :return: An instance of LROPoller that returns either None or the result of cls(response) + :rtype: ~azure.core.polling.LROPoller[None] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[None] = kwargs.pop("cls", None) + polling: Union[bool, PollingMethod] = kwargs.pop("polling", True) + lro_delay = kwargs.pop("polling_interval", self._config.polling_interval) + cont_token: Optional[str] = kwargs.pop("continuation_token", None) + if cont_token is None: + raw_result = self._trigger_rule_run_initial( # type: ignore + resource_group_name=resource_group_name, + workspace_name=workspace_name, + rule_id=rule_id, + analytics_rule_run_trigger_parameter=analytics_rule_run_trigger_parameter, + api_version=api_version, + content_type=content_type, + cls=lambda x, y, z: x, + headers=_headers, + params=_params, + **kwargs + ) + kwargs.pop("error_map", None) + + def get_long_running_output(pipeline_response): # pylint: disable=inconsistent-return-statements + if cls: + return cls(pipeline_response, None, {}) + + if polling is True: + polling_method: PollingMethod = cast( + PollingMethod, ARMPolling(lro_delay, lro_options={"final-state-via": "location"}, **kwargs) + ) + elif polling is False: + polling_method = cast(PollingMethod, NoPolling()) + else: + polling_method = polling + if cont_token: + return LROPoller.from_continuation_token( + polling_method=polling_method, + continuation_token=cont_token, + client=self._client, + deserialization_callback=get_long_running_output, + ) + return LROPoller(self._client, raw_result, get_long_running_output, polling_method) # type: ignore + + begin_trigger_rule_run.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/triggerRuleRun" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rule_templates_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rule_templates_operations.py index 938d7e565001..d0925760b0f2 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rule_templates_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rule_templates_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Iterable, Optional, TypeVar import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -89,9 +82,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -164,9 +155,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AlertRuleTemplatesList] = kwargs.pop("cls", None) error_map = { @@ -220,8 +209,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -266,9 +256,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AlertRuleTemplate] = kwargs.pop("cls", None) request = build_get_request( @@ -284,8 +272,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rules_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rules_operations.py index 911942febd7a..01b0195f51c3 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rules_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_alert_rules_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -89,9 +82,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -132,9 +123,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -178,9 +167,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -251,9 +238,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AlertRulesList] = kwargs.pop("cls", None) error_map = { @@ -307,8 +292,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -351,9 +337,7 @@ def get(self, resource_group_name: str, workspace_name: str, rule_id: str, **kwa _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AlertRule] = kwargs.pop("cls", None) request = build_get_request( @@ -369,8 +353,9 @@ def get(self, resource_group_name: str, workspace_name: str, rule_id: str, **kwa request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -470,7 +455,7 @@ def create_or_update( :type workspace_name: str :param rule_id: Alert rule ID. Required. :type rule_id: str - :param alert_rule: The alert rule. Is either a model type or a IO type. Required. + :param alert_rule: The alert rule. Is either a AlertRule type or a IO type. Required. :type alert_rule: ~azure.mgmt.securityinsight.models.AlertRule or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -491,9 +476,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.AlertRule] = kwargs.pop("cls", None) @@ -521,8 +504,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -575,9 +559,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -593,8 +575,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_automation_rules_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_automation_rules_operations.py index bb9e386f6773..8586f4133268 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_automation_rules_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_automation_rules_operations.py @@ -34,10 +34,6 @@ from collections.abc import MutableMapping else: from typing import MutableMapping # type: ignore # pylint: disable=ungrouped-imports -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports JSON = MutableMapping[str, Any] # pylint: disable=unsubscriptable-object T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -52,9 +48,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -95,9 +89,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -141,9 +133,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -184,9 +174,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -268,9 +256,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AutomationRule] = kwargs.pop("cls", None) request = build_get_request( @@ -286,8 +272,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -387,8 +374,8 @@ def create_or_update( :type workspace_name: str :param automation_rule_id: Automation rule ID. Required. :type automation_rule_id: str - :param automation_rule_to_upsert: The automation rule. Is either a model type or a IO type. - Default value is None. + :param automation_rule_to_upsert: The automation rule. Is either a AutomationRule type or a IO + type. Default value is None. :type automation_rule_to_upsert: ~azure.mgmt.securityinsight.models.AutomationRule or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -409,9 +396,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.AutomationRule] = kwargs.pop("cls", None) @@ -442,8 +427,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -494,9 +480,7 @@ def delete(self, resource_group_name: str, workspace_name: str, automation_rule_ _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[JSON] = kwargs.pop("cls", None) request = build_delete_request( @@ -512,8 +496,9 @@ def delete(self, resource_group_name: str, workspace_name: str, automation_rule_ request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -554,9 +539,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.AutomationRulesList] = kwargs.pop("cls", None) error_map = { @@ -610,8 +593,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmark_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmark_operations.py index 493b78b645ee..b79e528192b9 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmark_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmark_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -45,9 +40,7 @@ def build_expand_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -187,7 +180,7 @@ def expand( :param bookmark_id: Bookmark ID. Required. :type bookmark_id: str :param parameters: The parameters required to execute an expand operation on the given - bookmark. Is either a model type or a IO type. Required. + bookmark. Is either a BookmarkExpandParameters type or a IO type. Required. :type parameters: ~azure.mgmt.securityinsight.models.BookmarkExpandParameters or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -208,9 +201,7 @@ def expand( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.BookmarkExpandResponse] = kwargs.pop("cls", None) @@ -238,8 +229,9 @@ def expand( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmark_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmark_relations_operations.py index ea17c2058589..3d665e78e9a8 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmark_relations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmark_relations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -56,9 +51,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -112,9 +105,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -161,9 +152,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -213,9 +202,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -311,9 +298,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.RelationList] = kwargs.pop("cls", None) error_map = { @@ -372,8 +357,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -420,9 +406,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) request = build_get_request( @@ -439,8 +423,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -549,7 +534,7 @@ def create_or_update( :type bookmark_id: str :param relation_name: Relation Name. Required. :type relation_name: str - :param relation: The relation model. Is either a model type or a IO type. Required. + :param relation: The relation model. Is either a Relation type or a IO type. Required. :type relation: ~azure.mgmt.securityinsight.models.Relation or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -570,9 +555,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) @@ -601,8 +584,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -657,9 +641,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -676,8 +658,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmarks_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmarks_operations.py index 3f7b2f8ad3de..d83b843ab155 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmarks_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_bookmarks_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -89,9 +82,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -132,9 +123,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -178,9 +167,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -251,9 +238,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.BookmarkList] = kwargs.pop("cls", None) error_map = { @@ -307,8 +292,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -351,9 +337,7 @@ def get(self, resource_group_name: str, workspace_name: str, bookmark_id: str, * _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Bookmark] = kwargs.pop("cls", None) request = build_get_request( @@ -369,8 +353,9 @@ def get(self, resource_group_name: str, workspace_name: str, bookmark_id: str, * request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -470,7 +455,7 @@ def create_or_update( :type workspace_name: str :param bookmark_id: Bookmark ID. Required. :type bookmark_id: str - :param bookmark: The bookmark. Is either a model type or a IO type. Required. + :param bookmark: The bookmark. Is either a Bookmark type or a IO type. Required. :type bookmark: ~azure.mgmt.securityinsight.models.Bookmark or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -491,9 +476,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Bookmark] = kwargs.pop("cls", None) @@ -521,8 +504,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -575,9 +559,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -593,8 +575,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_package_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_package_operations.py new file mode 100644 index 000000000000..ee000d43b55e --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_package_operations.py @@ -0,0 +1,358 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_install_request( + resource_group_name: str, workspace_name: str, package_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "packageId": _SERIALIZER.url("package_id", package_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="PUT", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_uninstall_request( + resource_group_name: str, workspace_name: str, package_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "packageId": _SERIALIZER.url("package_id", package_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +class ContentPackageOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`content_package` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @overload + def install( + self, + resource_group_name: str, + workspace_name: str, + package_id: str, + package_installation_properties: _models.PackageModel, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.PackageModel: + """Install a package to the workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :param package_installation_properties: Package installation properties. Required. + :type package_installation_properties: ~azure.mgmt.securityinsight.models.PackageModel + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def install( + self, + resource_group_name: str, + workspace_name: str, + package_id: str, + package_installation_properties: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.PackageModel: + """Install a package to the workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :param package_installation_properties: Package installation properties. Required. + :type package_installation_properties: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def install( + self, + resource_group_name: str, + workspace_name: str, + package_id: str, + package_installation_properties: Union[_models.PackageModel, IO], + **kwargs: Any + ) -> _models.PackageModel: + """Install a package to the workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :param package_installation_properties: Package installation properties. Is either a + PackageModel type or a IO type. Required. + :type package_installation_properties: ~azure.mgmt.securityinsight.models.PackageModel or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.PackageModel] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(package_installation_properties, (IO, bytes)): + _content = package_installation_properties + else: + _json = self._serialize.body(package_installation_properties, "PackageModel") + + request = build_install_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + package_id=package_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.install.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("PackageModel", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("PackageModel", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + install.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + } + + @distributed_trace + def uninstall( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, package_id: str, **kwargs: Any + ) -> None: + """Uninstall a package from the workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_uninstall_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + package_id=package_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.uninstall.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + uninstall.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_packages_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_packages_operations.py new file mode 100644 index 000000000000..a72167a5ae51 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_packages_operations.py @@ -0,0 +1,334 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Iterable, Optional, TypeVar +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + subscription_id: str, + *, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if filter is not None: + _params["$filter"] = _SERIALIZER.query("filter", filter, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, workspace_name: str, package_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "packageId": _SERIALIZER.url("package_id", package_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +class ContentPackagesOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`content_packages` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.PackageModel"]: + """Gets all installed packages. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either PackageModel or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.PackageModel] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.PackageList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("PackageList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages" + } + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, package_id: str, **kwargs: Any + ) -> _models.PackageModel: + """Gets an installed packages by its id. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.PackageModel] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + package_id=package_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("PackageModel", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentPackages/{packageId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_template_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_template_operations.py new file mode 100644 index 000000000000..dad93970c8c4 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_template_operations.py @@ -0,0 +1,468 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_install_request( + resource_group_name: str, workspace_name: str, template_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "templateId": _SERIALIZER.url("template_id", template_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="PUT", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, workspace_name: str, template_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "templateId": _SERIALIZER.url("template_id", template_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_delete_request( + resource_group_name: str, workspace_name: str, template_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "templateId": _SERIALIZER.url("template_id", template_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +class ContentTemplateOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`content_template` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @overload + def install( + self, + resource_group_name: str, + workspace_name: str, + template_id: str, + template_installation_properties: _models.TemplateModelAutoGenerated, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.TemplateModelAutoGenerated: + """Install a template. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :param template_installation_properties: Template installation properties. Required. + :type template_installation_properties: + ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def install( + self, + resource_group_name: str, + workspace_name: str, + template_id: str, + template_installation_properties: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.TemplateModelAutoGenerated: + """Install a template. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :param template_installation_properties: Template installation properties. Required. + :type template_installation_properties: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def install( + self, + resource_group_name: str, + workspace_name: str, + template_id: str, + template_installation_properties: Union[_models.TemplateModelAutoGenerated, IO], + **kwargs: Any + ) -> _models.TemplateModelAutoGenerated: + """Install a template. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :param template_installation_properties: Template installation properties. Is either a + TemplateModelAutoGenerated type or a IO type. Required. + :type template_installation_properties: + ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.TemplateModelAutoGenerated] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(template_installation_properties, (IO, bytes)): + _content = template_installation_properties + else: + _json = self._serialize.body(template_installation_properties, "TemplateModelAutoGenerated") + + request = build_install_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + template_id=template_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.install.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("TemplateModelAutoGenerated", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("TemplateModelAutoGenerated", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + install.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + } + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, template_id: str, **kwargs: Any + ) -> _models.TemplateModelAutoGenerated: + """Gets a template byt its identifier. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TemplateModelAutoGenerated] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + template_id=template_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("TemplateModelAutoGenerated", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + } + + @distributed_trace + def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, template_id: str, **kwargs: Any + ) -> None: + """Delete an installed template. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + template_id=template_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates/{templateId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_templates_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_templates_operations.py new file mode 100644 index 000000000000..4fd2c1f45471 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_content_templates_operations.py @@ -0,0 +1,228 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Iterable, Optional, TypeVar +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + subscription_id: str, + *, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if filter is not None: + _params["$filter"] = _SERIALIZER.query("filter", filter, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +class ContentTemplatesOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`content_templates` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.TemplateModelAutoGenerated"]: + """Gets all installed templates. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either TemplateModelAutoGenerated or the result of + cls(response) + :rtype: + ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.TemplateModelAutoGenerated] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TemplateListAutoGenerated] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("TemplateListAutoGenerated", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentTemplates" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_data_connectors_check_requirements_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_data_connectors_check_requirements_operations.py index a443aede96d7..078631fd98de 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_data_connectors_check_requirements_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_data_connectors_check_requirements_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -45,9 +40,7 @@ def build_post_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -178,7 +171,7 @@ def post( :param workspace_name: The name of the workspace. Required. :type workspace_name: str :param data_connectors_check_requirements: The parameters for requirements check message. Is - either a model type or a IO type. Required. + either a DataConnectorsCheckRequirements type or a IO type. Required. :type data_connectors_check_requirements: ~azure.mgmt.securityinsight.models.DataConnectorsCheckRequirements or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -200,9 +193,7 @@ def post( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.DataConnectorRequirementsState] = kwargs.pop("cls", None) @@ -229,8 +220,9 @@ def post( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_data_connectors_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_data_connectors_operations.py index d0adeeadb0c8..e9a1f7694b05 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_data_connectors_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_data_connectors_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -89,9 +82,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -132,9 +123,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -178,9 +167,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -221,9 +208,7 @@ def build_connect_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -267,9 +252,7 @@ def build_disconnect_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -340,9 +323,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.DataConnectorList] = kwargs.pop("cls", None) error_map = { @@ -396,8 +377,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -442,9 +424,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.DataConnector] = kwargs.pop("cls", None) request = build_get_request( @@ -460,8 +440,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -561,7 +542,8 @@ def create_or_update( :type workspace_name: str :param data_connector_id: Connector ID. Required. :type data_connector_id: str - :param data_connector: The data connector. Is either a model type or a IO type. Required. + :param data_connector: The data connector. Is either a DataConnector type or a IO type. + Required. :type data_connector: ~azure.mgmt.securityinsight.models.DataConnector or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -582,9 +564,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.DataConnector] = kwargs.pop("cls", None) @@ -612,8 +592,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -666,9 +647,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -684,8 +663,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -781,7 +761,8 @@ def connect( # pylint: disable=inconsistent-return-statements :type workspace_name: str :param data_connector_id: Connector ID. Required. :type data_connector_id: str - :param connect_body: The data connector. Is either a model type or a IO type. Required. + :param connect_body: The data connector. Is either a DataConnectorConnectBody type or a IO + type. Required. :type connect_body: ~azure.mgmt.securityinsight.models.DataConnectorConnectBody or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -802,9 +783,7 @@ def connect( # pylint: disable=inconsistent-return-statements _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[None] = kwargs.pop("cls", None) @@ -832,8 +811,9 @@ def connect( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -878,9 +858,7 @@ def disconnect( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_disconnect_request( @@ -896,8 +874,9 @@ def disconnect( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_domain_whois_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_domain_whois_operations.py index ce39a050336d..41a8de269989 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_domain_whois_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_domain_whois_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -43,9 +38,7 @@ def build_get_request(resource_group_name: str, subscription_id: str, *, domain: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -116,9 +109,7 @@ def get(self, resource_group_name: str, domain: str, **kwargs: Any) -> _models.E _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EnrichmentDomainWhois] = kwargs.pop("cls", None) request = build_get_request( @@ -133,8 +124,9 @@ def get(self, resource_group_name: str, domain: str, **kwargs: Any) -> _models.E request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_get_timeline_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_get_timeline_operations.py index 0cdd1ffdd887..529e819b52ee 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_get_timeline_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_get_timeline_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -45,9 +40,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -187,7 +180,7 @@ def list( :param entity_id: entity ID. Required. :type entity_id: str :param parameters: The parameters required to execute an timeline operation on the given - entity. Is either a model type or a IO type. Required. + entity. Is either a EntityTimelineParameters type or a IO type. Required. :type parameters: ~azure.mgmt.securityinsight.models.EntityTimelineParameters or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -208,9 +201,7 @@ def list( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.EntityTimelineResponse] = kwargs.pop("cls", None) @@ -238,8 +229,9 @@ def list( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_operations.py index 7a25ea360d46..bc71fb590fa7 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -41,15 +36,57 @@ _SERIALIZER.client_side_validation = False +def build_run_playbook_request( + resource_group_name: str, workspace_name: str, entity_identifier: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityIdentifier}/runPlaybook", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "entityIdentifier": _SERIALIZER.url("entity_identifier", entity_identifier, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) + + def build_list_request( resource_group_name: str, workspace_name: str, subscription_id: str, **kwargs: Any ) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -89,9 +126,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -132,9 +167,7 @@ def build_expand_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -184,9 +217,7 @@ def build_queries_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -228,9 +259,7 @@ def build_get_insights_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -287,6 +316,159 @@ def __init__(self, *args, **kwargs): self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + @overload + def run_playbook( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + entity_identifier: str, + request_body: Optional[_models.EntityManualTriggerRequestBody] = None, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> None: + """Triggers playbook on a specific entity. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param entity_identifier: Entity identifier. Required. + :type entity_identifier: str + :param request_body: Describes the request body for triggering a playbook on an entity. Default + value is None. + :type request_body: ~azure.mgmt.securityinsight.models.EntityManualTriggerRequestBody + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def run_playbook( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + entity_identifier: str, + request_body: Optional[IO] = None, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> None: + """Triggers playbook on a specific entity. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param entity_identifier: Entity identifier. Required. + :type entity_identifier: str + :param request_body: Describes the request body for triggering a playbook on an entity. Default + value is None. + :type request_body: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def run_playbook( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + entity_identifier: str, + request_body: Optional[Union[_models.EntityManualTriggerRequestBody, IO]] = None, + **kwargs: Any + ) -> None: + """Triggers playbook on a specific entity. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param entity_identifier: Entity identifier. Required. + :type entity_identifier: str + :param request_body: Describes the request body for triggering a playbook on an entity. Is + either a EntityManualTriggerRequestBody type or a IO type. Default value is None. + :type request_body: ~azure.mgmt.securityinsight.models.EntityManualTriggerRequestBody or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[None] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(request_body, (IO, bytes)): + _content = request_body + else: + if request_body is not None: + _json = self._serialize.body(request_body, "EntityManualTriggerRequestBody") + else: + _json = None + + request = build_run_playbook_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + entity_identifier=entity_identifier, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.run_playbook.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + run_playbook.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityIdentifier}/runPlaybook" + } + @distributed_trace def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> Iterable["_models.Entity"]: """Gets all entities. @@ -304,9 +486,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityList] = kwargs.pop("cls", None) error_map = { @@ -360,8 +540,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -404,9 +585,7 @@ def get(self, resource_group_name: str, workspace_name: str, entity_id: str, **k _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Entity] = kwargs.pop("cls", None) request = build_get_request( @@ -422,8 +601,9 @@ def get(self, resource_group_name: str, workspace_name: str, entity_id: str, **k request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -526,7 +706,7 @@ def expand( :param entity_id: entity ID. Required. :type entity_id: str :param parameters: The parameters required to execute an expand operation on the given entity. - Is either a model type or a IO type. Required. + Is either a EntityExpandParameters type or a IO type. Required. :type parameters: ~azure.mgmt.securityinsight.models.EntityExpandParameters or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -547,9 +727,7 @@ def expand( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.EntityExpandResponse] = kwargs.pop("cls", None) @@ -577,8 +755,9 @@ def expand( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -634,9 +813,7 @@ def queries( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.GetQueriesResponse] = kwargs.pop("cls", None) request = build_queries_request( @@ -653,8 +830,9 @@ def queries( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -755,7 +933,7 @@ def get_insights( :param entity_id: entity ID. Required. :type entity_id: str :param parameters: The parameters required to execute insights on the given entity. Is either a - model type or a IO type. Required. + EntityGetInsightsParameters type or a IO type. Required. :type parameters: ~azure.mgmt.securityinsight.models.EntityGetInsightsParameters or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -776,9 +954,7 @@ def get_insights( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.EntityGetInsightsResponse] = kwargs.pop("cls", None) @@ -806,8 +982,9 @@ def get_insights( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_relations_operations.py index e160a77e83f7..d808251c4acd 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_relations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entities_relations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Iterable, Optional, TypeVar import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -56,9 +51,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -161,9 +154,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.RelationList] = kwargs.pop("cls", None) error_map = { @@ -222,8 +213,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_queries_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_queries_operations.py index 89f9d636c466..08f60ae70534 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_queries_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_queries_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -46,15 +41,13 @@ def build_list_request( workspace_name: str, subscription_id: str, *, - kind: Optional[Union[str, _models.Enum13]] = None, + kind: Optional[Union[str, _models.Enum19]] = None, **kwargs: Any ) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -96,9 +89,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -139,9 +130,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -185,9 +174,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -246,7 +233,7 @@ def list( self, resource_group_name: str, workspace_name: str, - kind: Optional[Union[str, _models.Enum13]] = None, + kind: Optional[Union[str, _models.Enum19]] = None, **kwargs: Any ) -> Iterable["_models.EntityQuery"]: """Gets all entity queries. @@ -258,7 +245,7 @@ def list( :type workspace_name: str :param kind: The entity query kind we want to fetch. Known values are: "Expansion" and "Activity". Default value is None. - :type kind: str or ~azure.mgmt.securityinsight.models.Enum13 + :type kind: str or ~azure.mgmt.securityinsight.models.Enum19 :keyword callable cls: A custom type or function that will be passed the direct response :return: An iterator like instance of either EntityQuery or the result of cls(response) :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.EntityQuery] @@ -267,9 +254,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityQueryList] = kwargs.pop("cls", None) error_map = { @@ -324,8 +309,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -370,9 +356,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityQuery] = kwargs.pop("cls", None) request = build_get_request( @@ -388,8 +372,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -489,8 +474,8 @@ def create_or_update( :type workspace_name: str :param entity_query_id: entity query ID. Required. :type entity_query_id: str - :param entity_query: The entity query we want to create or update. Is either a model type or a - IO type. Required. + :param entity_query: The entity query we want to create or update. Is either a + CustomEntityQuery type or a IO type. Required. :type entity_query: ~azure.mgmt.securityinsight.models.CustomEntityQuery or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -511,9 +496,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.EntityQuery] = kwargs.pop("cls", None) @@ -541,8 +524,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -595,9 +579,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -613,8 +595,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_query_templates_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_query_templates_operations.py index cd961f94a317..ad0617dcb83b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_query_templates_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_query_templates_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Iterable, Optional, TypeVar, Union import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -46,15 +41,13 @@ def build_list_request( workspace_name: str, subscription_id: str, *, - kind: Optional[Union[str, _models.Enum15]] = None, + kind: Optional[Union[str, _models.Enum21]] = None, **kwargs: Any ) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -96,9 +89,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -157,7 +148,7 @@ def list( self, resource_group_name: str, workspace_name: str, - kind: Optional[Union[str, _models.Enum15]] = None, + kind: Optional[Union[str, _models.Enum21]] = None, **kwargs: Any ) -> Iterable["_models.EntityQueryTemplate"]: """Gets all entity query templates. @@ -168,7 +159,7 @@ def list( :param workspace_name: The name of the workspace. Required. :type workspace_name: str :param kind: The entity template query kind we want to fetch. "Activity" Default value is None. - :type kind: str or ~azure.mgmt.securityinsight.models.Enum15 + :type kind: str or ~azure.mgmt.securityinsight.models.Enum21 :keyword callable cls: A custom type or function that will be passed the direct response :return: An iterator like instance of either EntityQueryTemplate or the result of cls(response) :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.EntityQueryTemplate] @@ -177,9 +168,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityQueryTemplateList] = kwargs.pop("cls", None) error_map = { @@ -234,8 +223,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -280,9 +270,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EntityQueryTemplate] = kwargs.pop("cls", None) request = build_get_request( @@ -298,8 +286,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_relations_operations.py index 676e478cc9d2..66376fdaa6b8 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_relations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_entity_relations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -50,9 +45,7 @@ def build_get_relation_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -138,9 +131,7 @@ def get_relation( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) request = build_get_relation_request( @@ -157,8 +148,9 @@ def get_relation( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_file_imports_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_file_imports_operations.py index 156bf96f7654..43ac02d5b5ca 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_file_imports_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_file_imports_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, cast, overload import urllib.parse @@ -32,10 +31,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -57,9 +52,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -107,9 +100,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -150,9 +141,7 @@ def build_create_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -196,9 +185,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -290,9 +277,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.FileImportList] = kwargs.pop("cls", None) error_map = { @@ -350,8 +335,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -396,9 +382,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.FileImport] = kwargs.pop("cls", None) request = build_get_request( @@ -414,8 +398,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -515,7 +500,7 @@ def create( :type workspace_name: str :param file_import_id: File import ID. Required. :type file_import_id: str - :param file_import: The file import. Is either a model type or a IO type. Required. + :param file_import: The file import. Is either a FileImport type or a IO type. Required. :type file_import: ~azure.mgmt.securityinsight.models.FileImport or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -536,9 +521,7 @@ def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.FileImport] = kwargs.pop("cls", None) @@ -566,8 +549,9 @@ def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -601,9 +585,7 @@ def _delete_initial( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[Optional[_models.FileImport]] = kwargs.pop("cls", None) request = build_delete_request( @@ -619,8 +601,9 @@ def _delete_initial( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -670,9 +653,7 @@ def begin_delete( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.FileImport] = kwargs.pop("cls", None) polling: Union[bool, PollingMethod] = kwargs.pop("polling", True) lro_delay = kwargs.pop("polling_interval", self._config.polling_interval) diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_operations.py index 8d495ea329ef..8e80b5aede3f 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -45,9 +40,7 @@ def build_single_recommendation_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -130,9 +123,7 @@ def single_recommendation( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Recommendation] = kwargs.pop("cls", None) request = build_single_recommendation_request( @@ -148,8 +139,9 @@ def single_recommendation( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_recommendations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_recommendations_operations.py index a6e5f145a99f..36712e0e6328 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_recommendations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_recommendations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -45,9 +40,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -125,9 +118,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.RecommendationList] = kwargs.pop("cls", None) request = build_list_request( @@ -142,8 +133,9 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_triggered_analytics_rule_runs_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_triggered_analytics_rule_runs_operations.py new file mode 100644 index 000000000000..7c52e4b1f89c --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_get_triggered_analytics_rule_runs_operations.py @@ -0,0 +1,189 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Iterable, Optional, TypeVar +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, workspace_name: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +class GetTriggeredAnalyticsRuleRunsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`get_triggered_analytics_rule_runs` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, resource_group_name: str, workspace_name: str, **kwargs: Any + ) -> Iterable["_models.TriggeredAnalyticsRuleRun"]: + """Gets the triggered analytics rule runs. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either TriggeredAnalyticsRuleRun or the result of + cls(response) + :rtype: + ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.TriggeredAnalyticsRuleRun] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TriggeredAnalyticsRuleRuns] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("TriggeredAnalyticsRuleRuns", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_hunt_comments_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_hunt_comments_operations.py new file mode 100644 index 000000000000..c13d31392fc1 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_hunt_comments_operations.py @@ -0,0 +1,677 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + hunt_id: str, + subscription_id: str, + *, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if filter is not None: + _params["$filter"] = _SERIALIZER.query("filter", filter, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_comment_id: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + "huntCommentId": _SERIALIZER.url("hunt_comment_id", hunt_comment_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_delete_request( + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_comment_id: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + "huntCommentId": _SERIALIZER.url("hunt_comment_id", hunt_comment_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_create_or_update_request( + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_comment_id: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + "huntCommentId": _SERIALIZER.url("hunt_comment_id", hunt_comment_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="PUT", url=_url, params=_params, headers=_headers, **kwargs) + + +class HuntCommentsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`hunt_comments` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.HuntComment"]: + """Gets all hunt comments. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either HuntComment or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.HuntComment] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntCommentList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("HuntCommentList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments" + } + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt_comment_id: str, **kwargs: Any + ) -> _models.HuntComment: + """Gets a hunt comment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntComment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntComment + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntComment] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_comment_id=hunt_comment_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("HuntComment", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + } + + @distributed_trace + def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt_comment_id: str, **kwargs: Any + ) -> None: + """Delete a hunt comment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_comment_id=hunt_comment_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + } + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_comment_id: str, + hunt_comment: _models.HuntComment, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.HuntComment: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :param hunt_comment: The hunt comment. Required. + :type hunt_comment: ~azure.mgmt.securityinsight.models.HuntComment + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntComment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntComment + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_comment_id: str, + hunt_comment: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.HuntComment: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :param hunt_comment: The hunt comment. Required. + :type hunt_comment: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntComment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntComment + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_comment_id: str, + hunt_comment: Union[_models.HuntComment, IO], + **kwargs: Any + ) -> _models.HuntComment: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_comment_id: The hunt comment id (GUID). Required. + :type hunt_comment_id: str + :param hunt_comment: The hunt comment. Is either a HuntComment type or a IO type. Required. + :type hunt_comment: ~azure.mgmt.securityinsight.models.HuntComment or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntComment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntComment + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.HuntComment] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(hunt_comment, (IO, bytes)): + _content = hunt_comment + else: + _json = self._serialize.body(hunt_comment, "HuntComment") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_comment_id=hunt_comment_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("HuntComment", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("HuntComment", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/comments/{huntCommentId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_hunt_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_hunt_relations_operations.py new file mode 100644 index 000000000000..bdee04f6117e --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_hunt_relations_operations.py @@ -0,0 +1,677 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + hunt_id: str, + subscription_id: str, + *, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if filter is not None: + _params["$filter"] = _SERIALIZER.query("filter", filter, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_relation_id: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + "huntRelationId": _SERIALIZER.url("hunt_relation_id", hunt_relation_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_delete_request( + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_relation_id: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + "huntRelationId": _SERIALIZER.url("hunt_relation_id", hunt_relation_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_create_or_update_request( + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_relation_id: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + "huntRelationId": _SERIALIZER.url("hunt_relation_id", hunt_relation_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="PUT", url=_url, params=_params, headers=_headers, **kwargs) + + +class HuntRelationsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`hunt_relations` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.HuntRelation"]: + """Gets all hunt relations. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either HuntRelation or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.HuntRelation] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntRelationList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("HuntRelationList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations" + } + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt_relation_id: str, **kwargs: Any + ) -> _models.HuntRelation: + """Gets a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntRelation or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntRelation + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntRelation] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_relation_id=hunt_relation_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("HuntRelation", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + } + + @distributed_trace + def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt_relation_id: str, **kwargs: Any + ) -> None: + """Delete a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_relation_id=hunt_relation_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + } + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_relation_id: str, + hunt_relation: _models.HuntRelation, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.HuntRelation: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :param hunt_relation: The hunt relation. Required. + :type hunt_relation: ~azure.mgmt.securityinsight.models.HuntRelation + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntRelation or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntRelation + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_relation_id: str, + hunt_relation: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.HuntRelation: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :param hunt_relation: The hunt relation. Required. + :type hunt_relation: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntRelation or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntRelation + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt_relation_id: str, + hunt_relation: Union[_models.HuntRelation, IO], + **kwargs: Any + ) -> _models.HuntRelation: + """Creates or updates a hunt relation. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt_relation_id: The hunt relation id (GUID). Required. + :type hunt_relation_id: str + :param hunt_relation: The hunt relation. Is either a HuntRelation type or a IO type. Required. + :type hunt_relation: ~azure.mgmt.securityinsight.models.HuntRelation or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: HuntRelation or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.HuntRelation + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.HuntRelation] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(hunt_relation, (IO, bytes)): + _content = hunt_relation + else: + _json = self._serialize.body(hunt_relation, "HuntRelation") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + hunt_relation_id=hunt_relation_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("HuntRelation", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("HuntRelation", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}/relations/{huntRelationId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_hunts_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_hunts_operations.py new file mode 100644 index 000000000000..4d69bde431b0 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_hunts_operations.py @@ -0,0 +1,630 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + subscription_id: str, + *, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if filter is not None: + _params["$filter"] = _SERIALIZER.query("filter", filter, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, workspace_name: str, hunt_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_delete_request( + resource_group_name: str, workspace_name: str, hunt_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_create_or_update_request( + resource_group_name: str, workspace_name: str, hunt_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "huntId": _SERIALIZER.url("hunt_id", hunt_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="PUT", url=_url, params=_params, headers=_headers, **kwargs) + + +class HuntsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`hunts` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.Hunt"]: + """Gets all hunts, without relations and comments. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either Hunt or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.Hunt] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.HuntList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("HuntList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts" + } + + @distributed_trace + def get(self, resource_group_name: str, workspace_name: str, hunt_id: str, **kwargs: Any) -> _models.Hunt: + """Gets a hunt, without relations and comments. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Hunt or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Hunt + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.Hunt] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("Hunt", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + } + + @distributed_trace + def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, hunt_id: str, **kwargs: Any + ) -> None: + """Delete a hunt. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + } + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt: _models.Hunt, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.Hunt: + """Create or update a hunt. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt: The hunt. Required. + :type hunt: ~azure.mgmt.securityinsight.models.Hunt + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Hunt or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Hunt + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + hunt_id: str, + hunt: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.Hunt: + """Create or update a hunt. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt: The hunt. Required. + :type hunt: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Hunt or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Hunt + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def create_or_update( + self, resource_group_name: str, workspace_name: str, hunt_id: str, hunt: Union[_models.Hunt, IO], **kwargs: Any + ) -> _models.Hunt: + """Create or update a hunt. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param hunt_id: The hunt id (GUID). Required. + :type hunt_id: str + :param hunt: The hunt. Is either a Hunt type or a IO type. Required. + :type hunt: ~azure.mgmt.securityinsight.models.Hunt or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Hunt or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Hunt + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.Hunt] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(hunt, (IO, bytes)): + _content = hunt + else: + _json = self._serialize.body(hunt, "Hunt") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + hunt_id=hunt_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("Hunt", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("Hunt", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/hunts/{huntId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_comments_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_comments_operations.py index 8b63ffbf0831..093bcc18a858 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_comments_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_comments_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -56,9 +51,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -112,9 +105,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -161,9 +152,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -213,9 +202,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -311,9 +298,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentCommentList] = kwargs.pop("cls", None) error_map = { @@ -372,8 +357,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -420,9 +406,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentComment] = kwargs.pop("cls", None) request = build_get_request( @@ -439,8 +423,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -549,7 +534,8 @@ def create_or_update( :type incident_id: str :param incident_comment_id: Incident comment ID. Required. :type incident_comment_id: str - :param incident_comment: The incident comment. Is either a model type or a IO type. Required. + :param incident_comment: The incident comment. Is either a IncidentComment type or a IO type. + Required. :type incident_comment: ~azure.mgmt.securityinsight.models.IncidentComment or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -570,9 +556,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.IncidentComment] = kwargs.pop("cls", None) @@ -601,8 +585,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -657,9 +642,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -676,8 +659,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_relations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_relations_operations.py index 4c9164691097..d2a9646c8200 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_relations_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_relations_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -56,9 +51,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -112,9 +105,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -161,9 +152,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -213,9 +202,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -311,9 +298,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.RelationList] = kwargs.pop("cls", None) error_map = { @@ -372,8 +357,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -420,9 +406,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) request = build_get_request( @@ -439,8 +423,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -549,7 +534,7 @@ def create_or_update( :type incident_id: str :param relation_name: Relation Name. Required. :type relation_name: str - :param relation: The relation model. Is either a model type or a IO type. Required. + :param relation: The relation model. Is either a Relation type or a IO type. Required. :type relation: ~azure.mgmt.securityinsight.models.Relation or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -570,9 +555,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Relation] = kwargs.pop("cls", None) @@ -601,8 +584,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -657,9 +641,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -676,8 +658,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_tasks_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_tasks_operations.py index 95ff858a910f..fd5afbfed4ac 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_tasks_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incident_tasks_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -95,9 +88,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -144,9 +135,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -196,9 +185,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -274,9 +261,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentTaskList] = kwargs.pop("cls", None) error_map = { @@ -331,8 +316,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -379,9 +365,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentTask] = kwargs.pop("cls", None) request = build_get_request( @@ -398,8 +382,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -508,7 +493,7 @@ def create_or_update( :type incident_id: str :param incident_task_id: Incident task ID. Required. :type incident_task_id: str - :param incident_task: The incident task. Is either a model type or a IO type. Required. + :param incident_task: The incident task. Is either a IncidentTask type or a IO type. Required. :type incident_task: ~azure.mgmt.securityinsight.models.IncidentTask or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -529,9 +514,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.IncidentTask] = kwargs.pop("cls", None) @@ -560,8 +543,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -616,9 +600,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -635,8 +617,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incidents_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incidents_operations.py index fcbe3e15a34c..81ed4e918968 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incidents_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_incidents_operations.py @@ -34,10 +34,6 @@ from collections.abc import MutableMapping else: from typing import MutableMapping # type: ignore # pylint: disable=ungrouped-imports -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports JSON = MutableMapping[str, Any] # pylint: disable=unsubscriptable-object T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -52,9 +48,7 @@ def build_run_playbook_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -106,9 +100,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -156,9 +148,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -199,9 +189,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -245,9 +233,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -288,9 +274,7 @@ def build_create_team_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -334,9 +318,7 @@ def build_list_alerts_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -377,9 +359,7 @@ def build_list_bookmarks_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -420,9 +400,7 @@ def build_list_entities_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -556,7 +534,8 @@ def run_playbook( :type workspace_name: str :param incident_identifier: Required. :type incident_identifier: str - :param request_body: Is either a model type or a IO type. Default value is None. + :param request_body: Is either a ManualTriggerRequestBody type or a IO type. Default value is + None. :type request_body: ~azure.mgmt.securityinsight.models.ManualTriggerRequestBody or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -577,9 +556,7 @@ def run_playbook( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[JSON] = kwargs.pop("cls", None) @@ -610,8 +587,9 @@ def run_playbook( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -669,9 +647,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentList] = kwargs.pop("cls", None) error_map = { @@ -729,8 +705,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -773,9 +750,7 @@ def get(self, resource_group_name: str, workspace_name: str, incident_id: str, * _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Incident] = kwargs.pop("cls", None) request = build_get_request( @@ -791,8 +766,9 @@ def get(self, resource_group_name: str, workspace_name: str, incident_id: str, * request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -892,7 +868,7 @@ def create_or_update( :type workspace_name: str :param incident_id: Incident ID. Required. :type incident_id: str - :param incident: The incident. Is either a model type or a IO type. Required. + :param incident: The incident. Is either a Incident type or a IO type. Required. :type incident: ~azure.mgmt.securityinsight.models.Incident or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -913,9 +889,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Incident] = kwargs.pop("cls", None) @@ -943,8 +917,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -997,9 +972,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -1015,8 +988,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -1115,7 +1089,8 @@ def create_team( :type workspace_name: str :param incident_id: Incident ID. Required. :type incident_id: str - :param team_properties: Team properties. Is either a model type or a IO type. Required. + :param team_properties: Team properties. Is either a TeamInformation type or a IO type. + Required. :type team_properties: ~azure.mgmt.securityinsight.models.TeamInformation or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -1136,9 +1111,7 @@ def create_team( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.TeamInformation] = kwargs.pop("cls", None) @@ -1166,8 +1139,9 @@ def create_team( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -1216,9 +1190,7 @@ def list_alerts( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentAlertList] = kwargs.pop("cls", None) request = build_list_alerts_request( @@ -1234,8 +1206,9 @@ def list_alerts( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -1284,9 +1257,7 @@ def list_bookmarks( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentBookmarkList] = kwargs.pop("cls", None) request = build_list_bookmarks_request( @@ -1302,8 +1273,9 @@ def list_bookmarks( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -1352,9 +1324,7 @@ def list_entities( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.IncidentEntitiesResponse] = kwargs.pop("cls", None) request = build_list_entities_request( @@ -1370,8 +1340,9 @@ def list_entities( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_ip_geodata_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_ip_geodata_operations.py index 89c8e309e108..b3d68caaf4a0 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_ip_geodata_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_ip_geodata_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -43,9 +38,7 @@ def build_get_request(resource_group_name: str, subscription_id: str, *, ip_addr _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -116,9 +109,7 @@ def get(self, resource_group_name: str, ip_address: str, **kwargs: Any) -> _mode _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.EnrichmentIpGeodata] = kwargs.pop("cls", None) request = build_get_request( @@ -133,8 +124,9 @@ def get(self, resource_group_name: str, ip_address: str, **kwargs: Any) -> _mode request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_metadata_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_metadata_operations.py index 532bea1e8db1..c3e70ff579ed 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_metadata_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_metadata_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -55,9 +50,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -105,9 +98,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -128,7 +119,7 @@ def build_get_request( min_length=1, pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", ), - "metadataName": _SERIALIZER.url("metadata_name", metadata_name, "str"), + "metadataName": _SERIALIZER.url("metadata_name", metadata_name, "str", pattern=r"^\S+$"), } _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore @@ -148,9 +139,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -171,7 +160,7 @@ def build_delete_request( min_length=1, pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", ), - "metadataName": _SERIALIZER.url("metadata_name", metadata_name, "str"), + "metadataName": _SERIALIZER.url("metadata_name", metadata_name, "str", pattern=r"^\S+$"), } _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore @@ -191,9 +180,7 @@ def build_create_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -215,7 +202,7 @@ def build_create_request( min_length=1, pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", ), - "metadataName": _SERIALIZER.url("metadata_name", metadata_name, "str"), + "metadataName": _SERIALIZER.url("metadata_name", metadata_name, "str", pattern=r"^\S+$"), } _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore @@ -237,9 +224,7 @@ def build_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -261,7 +246,7 @@ def build_update_request( min_length=1, pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", ), - "metadataName": _SERIALIZER.url("metadata_name", metadata_name, "str"), + "metadataName": _SERIALIZER.url("metadata_name", metadata_name, "str", pattern=r"^\S+$"), } _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore @@ -332,9 +317,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.MetadataList] = kwargs.pop("cls", None) error_map = { @@ -392,8 +375,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -438,9 +422,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.MetadataModel] = kwargs.pop("cls", None) request = build_get_request( @@ -456,8 +438,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -506,9 +489,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -524,8 +505,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -621,7 +603,7 @@ def create( :type workspace_name: str :param metadata_name: The Metadata name. Required. :type metadata_name: str - :param metadata: Metadata resource. Is either a model type or a IO type. Required. + :param metadata: Metadata resource. Is either a MetadataModel type or a IO type. Required. :type metadata: ~azure.mgmt.securityinsight.models.MetadataModel or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -642,9 +624,7 @@ def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.MetadataModel] = kwargs.pop("cls", None) @@ -672,8 +652,9 @@ def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -777,7 +758,8 @@ def update( :type workspace_name: str :param metadata_name: The Metadata name. Required. :type metadata_name: str - :param metadata_patch: Partial metadata request. Is either a model type or a IO type. Required. + :param metadata_patch: Partial metadata request. Is either a MetadataPatch type or a IO type. + Required. :type metadata_patch: ~azure.mgmt.securityinsight.models.MetadataPatch or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -798,9 +780,7 @@ def update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.MetadataModel] = kwargs.pop("cls", None) @@ -828,8 +808,9 @@ def update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_office_consents_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_office_consents_operations.py index 6c185d8b07ac..58ad88469c5e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_office_consents_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_office_consents_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Iterable, Optional, TypeVar import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -89,9 +82,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -132,9 +123,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -205,9 +194,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.OfficeConsentList] = kwargs.pop("cls", None) error_map = { @@ -261,8 +248,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -307,9 +295,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.OfficeConsent] = kwargs.pop("cls", None) request = build_get_request( @@ -325,8 +311,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -375,9 +362,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -393,8 +378,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_operations.py index e74ff2e56de3..be66295c1860 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Iterable, Optional, TypeVar import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -45,9 +40,7 @@ def build_list_request(**kwargs: Any) -> HttpRequest: _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -93,9 +86,7 @@ def list(self, **kwargs: Any) -> Iterable["_models.Operation"]: _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.OperationsList] = kwargs.pop("cls", None) error_map = { @@ -146,8 +137,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_package_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_package_operations.py new file mode 100644 index 000000000000..0ed18e7d33de --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_package_operations.py @@ -0,0 +1,162 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Optional, TypeVar + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_get_request( + resource_group_name: str, workspace_name: str, package_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages/{packageId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "packageId": _SERIALIZER.url("package_id", package_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +class ProductPackageOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`product_package` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, package_id: str, **kwargs: Any + ) -> _models.PackageModelAutoGenerated: + """Gets a package by its identifier from the catalog. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param package_id: package Id. Required. + :type package_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: PackageModelAutoGenerated or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.PackageModelAutoGenerated + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.PackageModelAutoGenerated] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + package_id=package_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("PackageModelAutoGenerated", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages/{packageId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_packages_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_packages_operations.py new file mode 100644 index 000000000000..650b4b48526e --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_packages_operations.py @@ -0,0 +1,228 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Iterable, Optional, TypeVar +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + subscription_id: str, + *, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if filter is not None: + _params["$filter"] = _SERIALIZER.query("filter", filter, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +class ProductPackagesOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`product_packages` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.PackageModelAutoGenerated"]: + """Gets all packages from the catalog. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either PackageModelAutoGenerated or the result of + cls(response) + :rtype: + ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.PackageModelAutoGenerated] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.PackageListAutoGenerated] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("PackageListAutoGenerated", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductPackages" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_settings_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_settings_operations.py index 86def718fd40..809cfd1ea646 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_settings_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_settings_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -45,9 +40,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -87,9 +80,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -130,9 +121,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -173,9 +162,7 @@ def build_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -257,9 +244,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SettingList] = kwargs.pop("cls", None) request = build_list_request( @@ -274,8 +259,9 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -323,9 +309,7 @@ def get(self, resource_group_name: str, workspace_name: str, settings_name: str, _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Settings] = kwargs.pop("cls", None) request = build_get_request( @@ -341,8 +325,9 @@ def get(self, resource_group_name: str, workspace_name: str, settings_name: str, request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -392,9 +377,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -410,8 +393,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -510,7 +494,7 @@ def update( :param settings_name: The setting name. Supports - Anomalies, EyesOn, EntityAnalytics, Ueba. Required. :type settings_name: str - :param settings: The setting. Is either a model type or a IO type. Required. + :param settings: The setting. Is either a Settings type or a IO type. Required. :type settings: ~azure.mgmt.securityinsight.models.Settings or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -531,9 +515,7 @@ def update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Settings] = kwargs.pop("cls", None) @@ -561,8 +543,9 @@ def update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_template_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_template_operations.py new file mode 100644 index 000000000000..6d99c401ac99 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_template_operations.py @@ -0,0 +1,162 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Optional, TypeVar + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_get_request( + resource_group_name: str, workspace_name: str, template_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentproducttemplates/{templateId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "templateId": _SERIALIZER.url("template_id", template_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +class ProductTemplateOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`product_template` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, template_id: str, **kwargs: Any + ) -> _models.TemplateModel: + """Gets a template by its identifier. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param template_id: template Id. Required. + :type template_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TemplateModel or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TemplateModel + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TemplateModel] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + template_id=template_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("TemplateModel", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentproducttemplates/{templateId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_templates_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_templates_operations.py new file mode 100644 index 000000000000..f341de36a495 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_product_templates_operations.py @@ -0,0 +1,226 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Iterable, Optional, TypeVar +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + subscription_id: str, + *, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductTemplates", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if filter is not None: + _params["$filter"] = _SERIALIZER.query("filter", filter, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +class ProductTemplatesOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`product_templates` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + filter: Optional[str] = None, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.TemplateModel"]: + """Gets all templates in the catalog. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param filter: Filters the results, based on a Boolean condition. Optional. Default value is + None. + :type filter: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either TemplateModel or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.TemplateModel] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TemplateList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + filter=filter, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("TemplateList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/contentProductTemplates" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_security_ml_analytics_settings_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_security_ml_analytics_settings_operations.py index 67f7732a0682..fd4d09e71d13 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_security_ml_analytics_settings_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_security_ml_analytics_settings_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -89,9 +82,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -132,9 +123,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -178,9 +167,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -255,9 +242,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SecurityMLAnalyticsSettingsList] = kwargs.pop("cls", None) error_map = { @@ -311,8 +296,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -357,9 +343,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SecurityMLAnalyticsSetting] = kwargs.pop("cls", None) request = build_get_request( @@ -375,8 +359,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -477,8 +462,8 @@ def create_or_update( :type workspace_name: str :param settings_resource_name: Security ML Analytics Settings resource name. Required. :type settings_resource_name: str - :param security_ml_analytics_setting: The security ML Analytics setting. Is either a model type - or a IO type. Required. + :param security_ml_analytics_setting: The security ML Analytics setting. Is either a + SecurityMLAnalyticsSetting type or a IO type. Required. :type security_ml_analytics_setting: ~azure.mgmt.securityinsight.models.SecurityMLAnalyticsSetting or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -500,9 +485,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.SecurityMLAnalyticsSetting] = kwargs.pop("cls", None) @@ -530,8 +513,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -584,9 +568,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -602,8 +584,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_sentinel_onboarding_states_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_sentinel_onboarding_states_operations.py index dede32ea1345..f08c1cfc6dcc 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_sentinel_onboarding_states_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_sentinel_onboarding_states_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Optional, TypeVar, Union, overload from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -49,9 +44,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -98,9 +91,7 @@ def build_create_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -150,9 +141,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -195,9 +184,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -280,9 +267,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SentinelOnboardingState] = kwargs.pop("cls", None) request = build_get_request( @@ -298,8 +283,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -406,7 +392,7 @@ def create( Required. :type sentinel_onboarding_state_name: str :param sentinel_onboarding_state_parameter: The Sentinel onboarding state parameter. Is either - a model type or a IO type. Default value is None. + a SentinelOnboardingState type or a IO type. Default value is None. :type sentinel_onboarding_state_parameter: ~azure.mgmt.securityinsight.models.SentinelOnboardingState or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -428,9 +414,7 @@ def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.SentinelOnboardingState] = kwargs.pop("cls", None) @@ -461,8 +445,9 @@ def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -516,9 +501,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -534,8 +517,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -578,9 +562,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SentinelOnboardingStatesList] = kwargs.pop("cls", None) request = build_list_request( @@ -595,8 +577,9 @@ def list( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_source_control_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_source_control_operations.py index 4a4957b10d8d..059b2dabfc6e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_source_control_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_source_control_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Iterable, Optional, TypeVar, Union import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -52,9 +47,7 @@ def build_list_repositories_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -131,9 +124,7 @@ def list_repositories( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: str = kwargs.pop("content_type", _headers.pop("Content-Type", "application/json")) cls: ClsType[_models.RepoList] = kwargs.pop("cls", None) @@ -191,8 +182,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_source_controls_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_source_controls_operations.py index e4f8c1291dc3..cf08370d207c 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_source_controls_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_source_controls_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -89,9 +82,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -132,9 +123,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -175,9 +164,7 @@ def build_create_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -251,9 +238,7 @@ def list(self, resource_group_name: str, workspace_name: str, **kwargs: Any) -> _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SourceControlList] = kwargs.pop("cls", None) error_map = { @@ -307,8 +292,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -353,9 +339,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.SourceControl] = kwargs.pop("cls", None) request = build_get_request( @@ -371,8 +355,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -421,9 +406,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -439,8 +422,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -536,7 +520,8 @@ def create( :type workspace_name: str :param source_control_id: Source control Id. Required. :type source_control_id: str - :param source_control: The SourceControl. Is either a model type or a IO type. Required. + :param source_control: The SourceControl. Is either a SourceControl type or a IO type. + Required. :type source_control: ~azure.mgmt.securityinsight.models.SourceControl or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -557,9 +542,7 @@ def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.SourceControl] = kwargs.pop("cls", None) @@ -587,8 +570,9 @@ def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicator_metrics_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicator_metrics_operations.py index 282e791e6ca8..cb61d318adcd 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicator_metrics_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicator_metrics_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Optional, TypeVar from azure.core.exceptions import ( @@ -28,10 +27,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -45,9 +40,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -127,9 +120,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ThreatIntelligenceMetricsList] = kwargs.pop("cls", None) request = build_list_request( @@ -144,8 +135,9 @@ def list( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicator_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicator_operations.py index 6800898f0f65..81b0d6d37edc 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicator_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicator_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_create_indicator_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -92,9 +85,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -135,9 +126,7 @@ def build_create_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -181,9 +170,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -224,9 +211,7 @@ def build_query_indicators_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -269,9 +254,7 @@ def build_append_tags_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -315,9 +298,7 @@ def build_replace_tags_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -449,7 +430,7 @@ def create_indicator( :param workspace_name: The name of the workspace. Required. :type workspace_name: str :param threat_intelligence_properties: Properties of threat intelligence indicators to create - and update. Is either a model type or a IO type. Required. + and update. Is either a ThreatIntelligenceIndicatorModel type or a IO type. Required. :type threat_intelligence_properties: ~azure.mgmt.securityinsight.models.ThreatIntelligenceIndicatorModel or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -471,9 +452,7 @@ def create_indicator( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ThreatIntelligenceInformation] = kwargs.pop("cls", None) @@ -500,8 +479,9 @@ def create_indicator( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -554,9 +534,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ThreatIntelligenceInformation] = kwargs.pop("cls", None) request = build_get_request( @@ -572,8 +550,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -677,7 +656,7 @@ def create( :param name: Threat intelligence indicator name field. Required. :type name: str :param threat_intelligence_properties: Properties of threat intelligence indicators to create - and update. Is either a model type or a IO type. Required. + and update. Is either a ThreatIntelligenceIndicatorModel type or a IO type. Required. :type threat_intelligence_properties: ~azure.mgmt.securityinsight.models.ThreatIntelligenceIndicatorModel or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -699,9 +678,7 @@ def create( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ThreatIntelligenceInformation] = kwargs.pop("cls", None) @@ -729,8 +706,9 @@ def create( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -783,9 +761,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -801,8 +777,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -897,7 +874,8 @@ def query_indicators( :param workspace_name: The name of the workspace. Required. :type workspace_name: str :param threat_intelligence_filtering_criteria: Filtering criteria for querying threat - intelligence indicators. Is either a model type or a IO type. Required. + intelligence indicators. Is either a ThreatIntelligenceFilteringCriteria type or a IO type. + Required. :type threat_intelligence_filtering_criteria: ~azure.mgmt.securityinsight.models.ThreatIntelligenceFilteringCriteria or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -913,9 +891,7 @@ def query_indicators( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ThreatIntelligenceInformationList] = kwargs.pop("cls", None) @@ -980,8 +956,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -1081,7 +1058,7 @@ def append_tags( # pylint: disable=inconsistent-return-statements :param name: Threat intelligence indicator name field. Required. :type name: str :param threat_intelligence_append_tags: The threat intelligence append tags request body. Is - either a model type or a IO type. Required. + either a ThreatIntelligenceAppendTags type or a IO type. Required. :type threat_intelligence_append_tags: ~azure.mgmt.securityinsight.models.ThreatIntelligenceAppendTags or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -1103,9 +1080,7 @@ def append_tags( # pylint: disable=inconsistent-return-statements _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[None] = kwargs.pop("cls", None) @@ -1133,8 +1108,9 @@ def append_tags( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -1234,7 +1210,7 @@ def replace_tags( :param name: Threat intelligence indicator name field. Required. :type name: str :param threat_intelligence_replace_tags: Tags in the threat intelligence indicator to be - replaced. Is either a model type or a IO type. Required. + replaced. Is either a ThreatIntelligenceIndicatorModel type or a IO type. Required. :type threat_intelligence_replace_tags: ~azure.mgmt.securityinsight.models.ThreatIntelligenceIndicatorModel or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. @@ -1256,9 +1232,7 @@ def replace_tags( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.ThreatIntelligenceInformation] = kwargs.pop("cls", None) @@ -1286,8 +1260,9 @@ def replace_tags( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicators_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicators_operations.py index 8353884e05ce..7771722d292f 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicators_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_threat_intelligence_indicators_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, Iterable, Optional, TypeVar import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -55,9 +50,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -158,9 +151,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.ThreatIntelligenceInformationList] = kwargs.pop("cls", None) error_map = { @@ -218,8 +209,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_triggered_analytics_rule_run_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_triggered_analytics_rule_run_operations.py new file mode 100644 index 000000000000..c38aafcbf558 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_triggered_analytics_rule_run_operations.py @@ -0,0 +1,162 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Optional, TypeVar + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_get_request( + resource_group_name: str, workspace_name: str, rule_run_id: str, subscription_id: str, **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns/{ruleRunId}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "ruleRunId": _SERIALIZER.url("rule_run_id", rule_run_id, "str"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +class TriggeredAnalyticsRuleRunOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`triggered_analytics_rule_run` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, rule_run_id: str, **kwargs: Any + ) -> _models.TriggeredAnalyticsRuleRun: + """Gets the triggered analytics rule run. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param rule_run_id: the triggered rule id. Required. + :type rule_run_id: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: TriggeredAnalyticsRuleRun or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.TriggeredAnalyticsRuleRun + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.TriggeredAnalyticsRuleRun] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + rule_run_id=rule_run_id, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + raise HttpResponseError(response=response, error_format=ARMErrorFormat) + + deserialized = self._deserialize("TriggeredAnalyticsRuleRun", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/triggeredAnalyticsRuleRuns/{ruleRunId}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_update_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_update_operations.py index b35219b0a81e..d15bdd33c458 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_update_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_update_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, List, Optional, TypeVar, Union, cast, overload from azure.core.exceptions import ( @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -47,9 +42,7 @@ def build_recommendation_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -125,9 +118,7 @@ def _recommendation_initial( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Recommendation] = kwargs.pop("cls", None) @@ -155,8 +146,9 @@ def _recommendation_initial( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -272,8 +264,8 @@ def begin_recommendation( :type workspace_name: str :param recommendation_id: Recommendation Id. Required. :type recommendation_id: str - :param recommendation_patch: Recommendation Fields to Update. Is either a list type or a IO - type. Required. + :param recommendation_patch: Recommendation Fields to Update. Is either a [RecommendationPatch] + type or a IO type. Required. :type recommendation_patch: list[~azure.mgmt.securityinsight.models.RecommendationPatch] or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -294,9 +286,7 @@ def begin_recommendation( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Recommendation] = kwargs.pop("cls", None) polling: Union[bool, PollingMethod] = kwargs.pop("polling", True) diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_watchlist_items_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_watchlist_items_operations.py index 1139c4e49331..bf63ce7d06ff 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_watchlist_items_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_watchlist_items_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -53,9 +48,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -103,9 +96,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -152,9 +143,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -201,9 +190,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -292,9 +279,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.WatchlistItemList] = kwargs.pop("cls", None) error_map = { @@ -350,8 +335,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -398,9 +384,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.WatchlistItem] = kwargs.pop("cls", None) request = build_get_request( @@ -417,8 +401,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -469,9 +454,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -488,8 +471,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -594,7 +578,8 @@ def create_or_update( :type watchlist_alias: str :param watchlist_item_id: Watchlist Item Id (GUID). Required. :type watchlist_item_id: str - :param watchlist_item: The watchlist item. Is either a model type or a IO type. Required. + :param watchlist_item: The watchlist item. Is either a WatchlistItem type or a IO type. + Required. :type watchlist_item: ~azure.mgmt.securityinsight.models.WatchlistItem or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -615,9 +600,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.WatchlistItem] = kwargs.pop("cls", None) @@ -646,8 +629,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_watchlists_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_watchlists_operations.py index c675404d4edb..af9566b057f1 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_watchlists_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_watchlists_operations.py @@ -6,7 +6,6 @@ # Code generated by Microsoft (R) AutoRest Code Generator. # Changes may cause incorrect behavior and will be lost if the code is regenerated. # -------------------------------------------------------------------------- -import sys from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload import urllib.parse @@ -30,10 +29,6 @@ from .._serialization import Serializer from .._vendor import _convert_request, _format_url_section -if sys.version_info >= (3, 8): - from typing import Literal # pylint: disable=no-name-in-module, ungrouped-imports -else: - from typing_extensions import Literal # type: ignore # pylint: disable=ungrouped-imports T = TypeVar("T") ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] @@ -52,9 +47,7 @@ def build_list_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -96,9 +89,7 @@ def build_get_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -139,9 +130,7 @@ def build_delete_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) accept = _headers.pop("Accept", "application/json") # Construct URL @@ -182,9 +171,7 @@ def build_create_or_update_request( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", "2022-12-01-preview") - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) accept = _headers.pop("Accept", "application/json") @@ -265,9 +252,7 @@ def list( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.WatchlistList] = kwargs.pop("cls", None) error_map = { @@ -322,8 +307,9 @@ def extract_data(pipeline_response): def get_next(next_link=None): request = prepare_request(next_link) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -368,9 +354,7 @@ def get( _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[_models.Watchlist] = kwargs.pop("cls", None) request = build_get_request( @@ -386,8 +370,9 @@ def get( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -436,9 +421,7 @@ def delete( # pylint: disable=inconsistent-return-statements _headers = kwargs.pop("headers", {}) or {} _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) cls: ClsType[None] = kwargs.pop("cls", None) request = build_delete_request( @@ -454,8 +437,9 @@ def delete( # pylint: disable=inconsistent-return-statements request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response @@ -572,7 +556,7 @@ def create_or_update( :type workspace_name: str :param watchlist_alias: Watchlist Alias. Required. :type watchlist_alias: str - :param watchlist: The watchlist. Is either a model type or a IO type. Required. + :param watchlist: The watchlist. Is either a Watchlist type or a IO type. Required. :type watchlist: ~azure.mgmt.securityinsight.models.Watchlist or IO :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. Default value is None. @@ -593,9 +577,7 @@ def create_or_update( _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) - api_version: Literal["2022-12-01-preview"] = kwargs.pop( - "api_version", _params.pop("api-version", self._config.api_version) - ) + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) cls: ClsType[_models.Watchlist] = kwargs.pop("cls", None) @@ -623,8 +605,9 @@ def create_or_update( request = _convert_request(request) request.url = self._client.format_url(request.url) + _stream = False pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access - request, stream=False, **kwargs + request, stream=_stream, **kwargs ) response = pipeline_response.http_response diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_assignment_jobs_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_assignment_jobs_operations.py new file mode 100644 index 000000000000..0856ccc206cb --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_assignment_jobs_operations.py @@ -0,0 +1,604 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, Iterable, Optional, TypeVar +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + subscription_id: str, + *, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerAssignmentName": _SERIALIZER.url( + "workspace_manager_assignment_name", + workspace_manager_assignment_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_create_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerAssignmentName": _SERIALIZER.url( + "workspace_manager_assignment_name", + workspace_manager_assignment_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="POST", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + job_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerAssignmentName": _SERIALIZER.url( + "workspace_manager_assignment_name", + workspace_manager_assignment_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "jobName": _SERIALIZER.url("job_name", job_name, "str", pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_delete_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + job_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerAssignmentName": _SERIALIZER.url( + "workspace_manager_assignment_name", + workspace_manager_assignment_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "jobName": _SERIALIZER.url("job_name", job_name, "str", pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$"), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +class WorkspaceManagerAssignmentJobsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`workspace_manager_assignment_jobs` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.Job"]: + """Get all jobs for the specified workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either Job or the result of cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.Job] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.JobList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("JobList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs" + } + + @distributed_trace + def create( + self, resource_group_name: str, workspace_name: str, workspace_manager_assignment_name: str, **kwargs: Any + ) -> _models.Job: + """Create a job for the specified workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Job or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Job + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.Job] = kwargs.pop("cls", None) + + request = build_create_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.create.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("Job", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + create.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs" + } + + @distributed_trace + def get( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + job_name: str, + **kwargs: Any + ) -> _models.Job: + """Gets a job. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param job_name: The job name. Required. + :type job_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: Job or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.Job + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.Job] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + job_name=job_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("Job", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}" + } + + @distributed_trace + def delete( # pylint: disable=inconsistent-return-statements + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + job_name: str, + **kwargs: Any + ) -> None: + """Deletes the specified job from the specified workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param job_name: The job name. Required. + :type job_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + job_name=job_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}/jobs/{jobName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_assignments_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_assignments_operations.py new file mode 100644 index 000000000000..175c6197d960 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_assignments_operations.py @@ -0,0 +1,670 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + subscription_id: str, + *, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerAssignmentName": _SERIALIZER.url( + "workspace_manager_assignment_name", + workspace_manager_assignment_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_create_or_update_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerAssignmentName": _SERIALIZER.url( + "workspace_manager_assignment_name", + workspace_manager_assignment_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="PUT", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_delete_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerAssignmentName": _SERIALIZER.url( + "workspace_manager_assignment_name", + workspace_manager_assignment_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +class WorkspaceManagerAssignmentsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`workspace_manager_assignments` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.WorkspaceManagerAssignment"]: + """Get all workspace manager assignments for the Sentinel workspace manager. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either WorkspaceManagerAssignment or the result of + cls(response) + :rtype: + ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerAssignmentList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("WorkspaceManagerAssignmentList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments" + } + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, workspace_manager_assignment_name: str, **kwargs: Any + ) -> _models.WorkspaceManagerAssignment: + """Gets a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerAssignment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerAssignment] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("WorkspaceManagerAssignment", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + } + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + workspace_manager_assignment: _models.WorkspaceManagerAssignment, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerAssignment: + """Creates or updates a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param workspace_manager_assignment: The workspace manager assignment. Required. + :type workspace_manager_assignment: + ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerAssignment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + workspace_manager_assignment: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerAssignment: + """Creates or updates a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param workspace_manager_assignment: The workspace manager assignment. Required. + :type workspace_manager_assignment: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerAssignment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_assignment_name: str, + workspace_manager_assignment: Union[_models.WorkspaceManagerAssignment, IO], + **kwargs: Any + ) -> _models.WorkspaceManagerAssignment: + """Creates or updates a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :param workspace_manager_assignment: The workspace manager assignment. Is either a + WorkspaceManagerAssignment type or a IO type. Required. + :type workspace_manager_assignment: + ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerAssignment or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerAssignment + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.WorkspaceManagerAssignment] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(workspace_manager_assignment, (IO, bytes)): + _content = workspace_manager_assignment + else: + _json = self._serialize.body(workspace_manager_assignment, "WorkspaceManagerAssignment") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("WorkspaceManagerAssignment", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("WorkspaceManagerAssignment", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + } + + @distributed_trace + def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, workspace_manager_assignment_name: str, **kwargs: Any + ) -> None: + """Deletes a workspace manager assignment. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_assignment_name: The name of the workspace manager assignment. + Required. + :type workspace_manager_assignment_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_assignment_name=workspace_manager_assignment_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerAssignments/{workspaceManagerAssignmentName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_configurations_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_configurations_operations.py new file mode 100644 index 000000000000..9d092435cfc7 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_configurations_operations.py @@ -0,0 +1,670 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + subscription_id: str, + *, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_configuration_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerConfigurationName": _SERIALIZER.url( + "workspace_manager_configuration_name", + workspace_manager_configuration_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_delete_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_configuration_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerConfigurationName": _SERIALIZER.url( + "workspace_manager_configuration_name", + workspace_manager_configuration_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_create_or_update_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_configuration_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerConfigurationName": _SERIALIZER.url( + "workspace_manager_configuration_name", + workspace_manager_configuration_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="PUT", url=_url, params=_params, headers=_headers, **kwargs) + + +class WorkspaceManagerConfigurationsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`workspace_manager_configurations` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.WorkspaceManagerConfiguration"]: + """Gets all workspace manager configurations for a Sentinel workspace. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either WorkspaceManagerConfiguration or the result of + cls(response) + :rtype: + ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerConfigurationList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("WorkspaceManagerConfigurationList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations" + } + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, workspace_manager_configuration_name: str, **kwargs: Any + ) -> _models.WorkspaceManagerConfiguration: + """Gets a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerConfiguration or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerConfiguration] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_configuration_name=workspace_manager_configuration_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("WorkspaceManagerConfiguration", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + } + + @distributed_trace + def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, workspace_manager_configuration_name: str, **kwargs: Any + ) -> None: + """Deletes a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_configuration_name=workspace_manager_configuration_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + } + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_configuration_name: str, + workspace_manager_configuration: _models.WorkspaceManagerConfiguration, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerConfiguration: + """Creates or updates a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :param workspace_manager_configuration: The workspace manager configuration. Required. + :type workspace_manager_configuration: + ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerConfiguration or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_configuration_name: str, + workspace_manager_configuration: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerConfiguration: + """Creates or updates a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :param workspace_manager_configuration: The workspace manager configuration. Required. + :type workspace_manager_configuration: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerConfiguration or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_configuration_name: str, + workspace_manager_configuration: Union[_models.WorkspaceManagerConfiguration, IO], + **kwargs: Any + ) -> _models.WorkspaceManagerConfiguration: + """Creates or updates a workspace manager configuration. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_configuration_name: The name of the workspace manager configuration. + Required. + :type workspace_manager_configuration_name: str + :param workspace_manager_configuration: The workspace manager configuration. Is either a + WorkspaceManagerConfiguration type or a IO type. Required. + :type workspace_manager_configuration: + ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerConfiguration or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerConfiguration + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.WorkspaceManagerConfiguration] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(workspace_manager_configuration, (IO, bytes)): + _content = workspace_manager_configuration + else: + _json = self._serialize.body(workspace_manager_configuration, "WorkspaceManagerConfiguration") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_configuration_name=workspace_manager_configuration_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("WorkspaceManagerConfiguration", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("WorkspaceManagerConfiguration", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerConfigurations/{workspaceManagerConfigurationName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_groups_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_groups_operations.py new file mode 100644 index 000000000000..739680a0ac35 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_groups_operations.py @@ -0,0 +1,662 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + subscription_id: str, + *, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_group_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerGroupName": _SERIALIZER.url( + "workspace_manager_group_name", + workspace_manager_group_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_create_or_update_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_group_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerGroupName": _SERIALIZER.url( + "workspace_manager_group_name", + workspace_manager_group_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="PUT", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_delete_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_group_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerGroupName": _SERIALIZER.url( + "workspace_manager_group_name", + workspace_manager_group_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +class WorkspaceManagerGroupsOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`workspace_manager_groups` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.WorkspaceManagerGroup"]: + """Gets all workspace manager groups in the Sentinel workspace manager. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either WorkspaceManagerGroup or the result of + cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.WorkspaceManagerGroup] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerGroupList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("WorkspaceManagerGroupList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups" + } + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, workspace_manager_group_name: str, **kwargs: Any + ) -> _models.WorkspaceManagerGroup: + """Gets a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerGroup or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerGroup] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_group_name=workspace_manager_group_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("WorkspaceManagerGroup", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + } + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_group_name: str, + workspace_manager_group: _models.WorkspaceManagerGroup, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerGroup: + """Creates or updates a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :param workspace_manager_group: The workspace manager group object. Required. + :type workspace_manager_group: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerGroup or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_group_name: str, + workspace_manager_group: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerGroup: + """Creates or updates a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :param workspace_manager_group: The workspace manager group object. Required. + :type workspace_manager_group: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerGroup or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_group_name: str, + workspace_manager_group: Union[_models.WorkspaceManagerGroup, IO], + **kwargs: Any + ) -> _models.WorkspaceManagerGroup: + """Creates or updates a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :param workspace_manager_group: The workspace manager group object. Is either a + WorkspaceManagerGroup type or a IO type. Required. + :type workspace_manager_group: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerGroup or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerGroup + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.WorkspaceManagerGroup] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(workspace_manager_group, (IO, bytes)): + _content = workspace_manager_group + else: + _json = self._serialize.body(workspace_manager_group, "WorkspaceManagerGroup") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_group_name=workspace_manager_group_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("WorkspaceManagerGroup", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("WorkspaceManagerGroup", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + } + + @distributed_trace + def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, workspace_manager_group_name: str, **kwargs: Any + ) -> None: + """Deletes a workspace manager group. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_group_name: The name of the workspace manager group. Required. + :type workspace_manager_group_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_group_name=workspace_manager_group_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerGroups/{workspaceManagerGroupName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_members_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_members_operations.py new file mode 100644 index 000000000000..9025a3fec3ef --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/azure/mgmt/securityinsight/operations/_workspace_manager_members_operations.py @@ -0,0 +1,662 @@ +# pylint: disable=too-many-lines +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- +from typing import Any, Callable, Dict, IO, Iterable, Optional, TypeVar, Union, overload +import urllib.parse + +from azure.core.exceptions import ( + ClientAuthenticationError, + HttpResponseError, + ResourceExistsError, + ResourceNotFoundError, + ResourceNotModifiedError, + map_error, +) +from azure.core.paging import ItemPaged +from azure.core.pipeline import PipelineResponse +from azure.core.pipeline.transport import HttpResponse +from azure.core.rest import HttpRequest +from azure.core.tracing.decorator import distributed_trace +from azure.core.utils import case_insensitive_dict +from azure.mgmt.core.exceptions import ARMErrorFormat + +from .. import models as _models +from .._serialization import Serializer +from .._vendor import _convert_request, _format_url_section + +T = TypeVar("T") +ClsType = Optional[Callable[[PipelineResponse[HttpRequest, HttpResponse], T, Dict[str, Any]], Any]] + +_SERIALIZER = Serializer() +_SERIALIZER.client_side_validation = False + + +def build_list_request( + resource_group_name: str, + workspace_name: str, + subscription_id: str, + *, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + if orderby is not None: + _params["$orderby"] = _SERIALIZER.query("orderby", orderby, "str") + if top is not None: + _params["$top"] = _SERIALIZER.query("top", top, "int") + if skip_token is not None: + _params["$skipToken"] = _SERIALIZER.query("skip_token", skip_token, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_get_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_member_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerMemberName": _SERIALIZER.url( + "workspace_manager_member_name", + workspace_manager_member_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="GET", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_create_or_update_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_member_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerMemberName": _SERIALIZER.url( + "workspace_manager_member_name", + workspace_manager_member_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + if content_type is not None: + _headers["Content-Type"] = _SERIALIZER.header("content_type", content_type, "str") + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="PUT", url=_url, params=_params, headers=_headers, **kwargs) + + +def build_delete_request( + resource_group_name: str, + workspace_name: str, + workspace_manager_member_name: str, + subscription_id: str, + **kwargs: Any +) -> HttpRequest: + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", "2023-04-01-preview")) + accept = _headers.pop("Accept", "application/json") + + # Construct URL + _url = kwargs.pop( + "template_url", + "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}", + ) # pylint: disable=line-too-long + path_format_arguments = { + "subscriptionId": _SERIALIZER.url("subscription_id", subscription_id, "str", min_length=1), + "resourceGroupName": _SERIALIZER.url( + "resource_group_name", resource_group_name, "str", max_length=90, min_length=1 + ), + "workspaceName": _SERIALIZER.url( + "workspace_name", + workspace_name, + "str", + max_length=90, + min_length=1, + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + "workspaceManagerMemberName": _SERIALIZER.url( + "workspace_manager_member_name", + workspace_manager_member_name, + "str", + pattern=r"^[A-Za-z0-9][A-Za-z0-9-]+[A-Za-z0-9]$", + ), + } + + _url: str = _format_url_section(_url, **path_format_arguments) # type: ignore + + # Construct parameters + _params["api-version"] = _SERIALIZER.query("api_version", api_version, "str") + + # Construct headers + _headers["Accept"] = _SERIALIZER.header("accept", accept, "str") + + return HttpRequest(method="DELETE", url=_url, params=_params, headers=_headers, **kwargs) + + +class WorkspaceManagerMembersOperations: + """ + .. warning:: + **DO NOT** instantiate this class directly. + + Instead, you should access the following operations through + :class:`~azure.mgmt.securityinsight.SecurityInsights`'s + :attr:`workspace_manager_members` attribute. + """ + + models = _models + + def __init__(self, *args, **kwargs): + input_args = list(args) + self._client = input_args.pop(0) if input_args else kwargs.pop("client") + self._config = input_args.pop(0) if input_args else kwargs.pop("config") + self._serialize = input_args.pop(0) if input_args else kwargs.pop("serializer") + self._deserialize = input_args.pop(0) if input_args else kwargs.pop("deserializer") + + @distributed_trace + def list( + self, + resource_group_name: str, + workspace_name: str, + orderby: Optional[str] = None, + top: Optional[int] = None, + skip_token: Optional[str] = None, + **kwargs: Any + ) -> Iterable["_models.WorkspaceManagerMember"]: + """Gets all workspace manager members that exist for the given Sentinel workspace manager. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param orderby: Sorts the results. Optional. Default value is None. + :type orderby: str + :param top: Returns only the first n results. Optional. Default value is None. + :type top: int + :param skip_token: Skiptoken is only used if a previous operation returned a partial result. If + a previous response contains a nextLink element, the value of the nextLink element will include + a skiptoken parameter that specifies a starting point to use for subsequent calls. Optional. + Default value is None. + :type skip_token: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: An iterator like instance of either WorkspaceManagerMember or the result of + cls(response) + :rtype: ~azure.core.paging.ItemPaged[~azure.mgmt.securityinsight.models.WorkspaceManagerMember] + :raises ~azure.core.exceptions.HttpResponseError: + """ + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerMembersList] = kwargs.pop("cls", None) + + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + def prepare_request(next_link=None): + if not next_link: + + request = build_list_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + subscription_id=self._config.subscription_id, + orderby=orderby, + top=top, + skip_token=skip_token, + api_version=api_version, + template_url=self.list.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + else: + # make call to next link with the client's api-version + _parsed_next_link = urllib.parse.urlparse(next_link) + _next_request_params = case_insensitive_dict( + { + key: [urllib.parse.quote(v) for v in value] + for key, value in urllib.parse.parse_qs(_parsed_next_link.query).items() + } + ) + _next_request_params["api-version"] = self._config.api_version + request = HttpRequest( + "GET", urllib.parse.urljoin(next_link, _parsed_next_link.path), params=_next_request_params + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + request.method = "GET" + return request + + def extract_data(pipeline_response): + deserialized = self._deserialize("WorkspaceManagerMembersList", pipeline_response) + list_of_elem = deserialized.value + if cls: + list_of_elem = cls(list_of_elem) # type: ignore + return deserialized.next_link or None, iter(list_of_elem) + + def get_next(next_link=None): + request = prepare_request(next_link) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + return pipeline_response + + return ItemPaged(get_next, extract_data) + + list.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/" + } + + @distributed_trace + def get( + self, resource_group_name: str, workspace_name: str, workspace_manager_member_name: str, **kwargs: Any + ) -> _models.WorkspaceManagerMember: + """Gets a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerMember or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[_models.WorkspaceManagerMember] = kwargs.pop("cls", None) + + request = build_get_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_member_name=workspace_manager_member_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.get.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + deserialized = self._deserialize("WorkspaceManagerMember", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) + + return deserialized + + get.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + } + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_member_name: str, + workspace_manager_member: _models.WorkspaceManagerMember, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerMember: + """Creates or updates a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :param workspace_manager_member: The workspace manager member object. Required. + :type workspace_manager_member: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :keyword content_type: Body Parameter content-type. Content type parameter for JSON body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerMember or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @overload + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_member_name: str, + workspace_manager_member: IO, + *, + content_type: str = "application/json", + **kwargs: Any + ) -> _models.WorkspaceManagerMember: + """Creates or updates a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :param workspace_manager_member: The workspace manager member object. Required. + :type workspace_manager_member: IO + :keyword content_type: Body Parameter content-type. Content type parameter for binary body. + Default value is "application/json". + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerMember or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :raises ~azure.core.exceptions.HttpResponseError: + """ + + @distributed_trace + def create_or_update( + self, + resource_group_name: str, + workspace_name: str, + workspace_manager_member_name: str, + workspace_manager_member: Union[_models.WorkspaceManagerMember, IO], + **kwargs: Any + ) -> _models.WorkspaceManagerMember: + """Creates or updates a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :param workspace_manager_member: The workspace manager member object. Is either a + WorkspaceManagerMember type or a IO type. Required. + :type workspace_manager_member: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember or IO + :keyword content_type: Body Parameter content-type. Known values are: 'application/json'. + Default value is None. + :paramtype content_type: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: WorkspaceManagerMember or the result of cls(response) + :rtype: ~azure.mgmt.securityinsight.models.WorkspaceManagerMember + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = case_insensitive_dict(kwargs.pop("headers", {}) or {}) + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + content_type: Optional[str] = kwargs.pop("content_type", _headers.pop("Content-Type", None)) + cls: ClsType[_models.WorkspaceManagerMember] = kwargs.pop("cls", None) + + content_type = content_type or "application/json" + _json = None + _content = None + if isinstance(workspace_manager_member, (IO, bytes)): + _content = workspace_manager_member + else: + _json = self._serialize.body(workspace_manager_member, "WorkspaceManagerMember") + + request = build_create_or_update_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_member_name=workspace_manager_member_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + content_type=content_type, + json=_json, + content=_content, + template_url=self.create_or_update.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 201]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if response.status_code == 200: + deserialized = self._deserialize("WorkspaceManagerMember", pipeline_response) + + if response.status_code == 201: + deserialized = self._deserialize("WorkspaceManagerMember", pipeline_response) + + if cls: + return cls(pipeline_response, deserialized, {}) # type: ignore + + return deserialized # type: ignore + + create_or_update.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + } + + @distributed_trace + def delete( # pylint: disable=inconsistent-return-statements + self, resource_group_name: str, workspace_name: str, workspace_manager_member_name: str, **kwargs: Any + ) -> None: + """Deletes a workspace manager member. + + :param resource_group_name: The name of the resource group. The name is case insensitive. + Required. + :type resource_group_name: str + :param workspace_name: The name of the workspace. Required. + :type workspace_name: str + :param workspace_manager_member_name: The name of the workspace manager member. Required. + :type workspace_manager_member_name: str + :keyword callable cls: A custom type or function that will be passed the direct response + :return: None or the result of cls(response) + :rtype: None + :raises ~azure.core.exceptions.HttpResponseError: + """ + error_map = { + 401: ClientAuthenticationError, + 404: ResourceNotFoundError, + 409: ResourceExistsError, + 304: ResourceNotModifiedError, + } + error_map.update(kwargs.pop("error_map", {}) or {}) + + _headers = kwargs.pop("headers", {}) or {} + _params = case_insensitive_dict(kwargs.pop("params", {}) or {}) + + api_version: str = kwargs.pop("api_version", _params.pop("api-version", self._config.api_version)) + cls: ClsType[None] = kwargs.pop("cls", None) + + request = build_delete_request( + resource_group_name=resource_group_name, + workspace_name=workspace_name, + workspace_manager_member_name=workspace_manager_member_name, + subscription_id=self._config.subscription_id, + api_version=api_version, + template_url=self.delete.metadata["url"], + headers=_headers, + params=_params, + ) + request = _convert_request(request) + request.url = self._client.format_url(request.url) + + _stream = False + pipeline_response: PipelineResponse = self._client._pipeline.run( # pylint: disable=protected-access + request, stream=_stream, **kwargs + ) + + response = pipeline_response.http_response + + if response.status_code not in [200, 204]: + map_error(status_code=response.status_code, response=response, error_map=error_map) + error = self._deserialize.failsafe_deserialize(_models.ErrorResponse, pipeline_response) + raise HttpResponseError(response=response, model=error, error_format=ARMErrorFormat) + + if cls: + return cls(pipeline_response, None, {}) + + delete.metadata = { + "url": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.OperationalInsights/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/workspaceManagerMembers/{workspaceManagerMemberName}" + } diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_create_or_update.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_create_or_update.py index 41e25ad33c82..e72ea6b1a995 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_create_or_update.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_create_or_update.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/automationRules/AutomationRules_CreateOrUpdate.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/automationRules/AutomationRules_CreateOrUpdate.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_delete.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_delete.py index 5425a32f6ccd..cf15778c499b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_delete.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_delete.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/automationRules/AutomationRules_Delete.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/automationRules/AutomationRules_Delete.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_get.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_get.py index 56075cbd2de2..fa759b1cafaa 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_get.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_get.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/automationRules/AutomationRules_Get.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/automationRules/AutomationRules_Get.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_list.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_list.py index 5916a50c7a2a..28900e522a12 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_list.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/automation_rules_list.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/automationRules/AutomationRules_List.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/automationRules/AutomationRules_List.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/collect_threat_intelligence_metrics.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/collect_threat_intelligence_metrics.py index a75c2fbfdef1..476f945549f3 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/collect_threat_intelligence_metrics.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/collect_threat_intelligence_metrics.py @@ -36,6 +36,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/threatintelligence/CollectThreatIntelligenceMetrics.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/threatintelligence/CollectThreatIntelligenceMetrics.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/connect_api_polling.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/connect_api_polling.py index 2a05669c46df..7f56b5a59971 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/connect_api_polling.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/connect_api_polling.py @@ -49,6 +49,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/ConnectAPIPolling.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/ConnectAPIPolling.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/connect_api_polling_v2_logs.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/connect_api_polling_v2_logs.py index f63f252194af..32da3099bb4a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/connect_api_polling_v2_logs.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/connect_api_polling_v2_logs.py @@ -52,6 +52,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/ConnectAPIPollingV2Logs.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/ConnectAPIPollingV2Logs.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_action_of_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_action_of_alert_rule.py index 805f96e8a4ec..b022159e4468 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_action_of_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_action_of_alert_rule.py @@ -45,6 +45,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/actions/CreateActionOfAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/actions/CreateActionOfAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_api_polling.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_api_polling.py index ceceb21be0af..5572763d4cf3 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_api_polling.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_api_polling.py @@ -121,6 +121,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/CreateAPIPolling.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateAPIPolling.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_bookmark.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_bookmark.py index 44e578eca8d0..f9668efb1271 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_bookmark.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_bookmark.py @@ -59,6 +59,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/bookmarks/CreateBookmark.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/bookmarks/CreateBookmark.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_bookmark_relation.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_bookmark_relation.py index fa4c8433745e..ccfd1b518e7e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_bookmark_relation.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_bookmark_relation.py @@ -43,6 +43,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/bookmarks/relations/CreateBookmarkRelation.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/bookmarks/relations/CreateBookmarkRelation.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_dynamics365_data_connetor.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_dynamics365_data_connetor.py index 14c0e141de06..cabbe4655f5b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_dynamics365_data_connetor.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_dynamics365_data_connetor.py @@ -45,6 +45,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/CreateDynamics365DataConnetor.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateDynamics365DataConnetor.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_entity_query_activity.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_entity_query_activity.py index 0d31fbd40726..83572a9ac74a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_entity_query_activity.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_entity_query_activity.py @@ -59,6 +59,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entityQueries/CreateEntityQueryActivity.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entityQueries/CreateEntityQueryActivity.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_file_import.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_file_import.py index 9a9744fd6ec9..5151646e698d 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_file_import.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_file_import.py @@ -45,6 +45,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/fileImports/CreateFileImport.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/fileImports/CreateFileImport.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_fusion_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_fusion_alert_rule.py index 7f4268b32cbc..dbd8228fa808 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_fusion_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_fusion_alert_rule.py @@ -174,6 +174,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/CreateFusionAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/CreateFusionAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_fusion_alert_rule_with_fusion_scenario_exclusion.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_fusion_alert_rule_with_fusion_scenario_exclusion.py index cea2c133fe51..fd138a452de7 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_fusion_alert_rule_with_fusion_scenario_exclusion.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_fusion_alert_rule_with_fusion_scenario_exclusion.py @@ -174,6 +174,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/CreateFusionAlertRuleWithFusionScenarioExclusion.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/CreateFusionAlertRuleWithFusionScenarioExclusion.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_generic_ui.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_generic_ui.py index b28a4a25f666..37d44958328d 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_generic_ui.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_generic_ui.py @@ -156,6 +156,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/CreateGenericUI.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateGenericUI.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_hunt.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_hunt.py new file mode 100644 index 000000000000..fd241d59972c --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_hunt.py @@ -0,0 +1,54 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_hunt.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunts.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + hunt={ + "properties": { + "attackTactics": ["Reconnaissance"], + "attackTechniques": ["T1595"], + "description": "Log4J Hunt Description", + "displayName": "Log4J new hunt", + "hypothesisStatus": "Unknown", + "labels": ["Label1", "Label2"], + "owner": {"objectId": "873b5263-5d34-4149-b356-ad341b01e123"}, + "status": "New", + } + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/CreateHunt.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_hunt_comment.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_hunt_comment.py new file mode 100644 index 000000000000..92ef84b32d93 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_hunt_comment.py @@ -0,0 +1,44 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_hunt_comment.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunt_comments.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + hunt_comment_id="2216d0e1-91e3-4902-89fd-d2df8c535096", + hunt_comment={"properties": {"message": "This is a test comment."}}, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/CreateHuntComment.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_hunt_relation.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_hunt_relation.py new file mode 100644 index 000000000000..995c575745d4 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_hunt_relation.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_hunt_relation.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunt_relations.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + hunt_relation_id="2216d0e1-91e3-4902-89fd-d2df8c535096", + hunt_relation={ + "properties": { + "labels": ["Test Label"], + "relatedResourceId": "/subscriptions/bd794837-4d29-4647-9105-6339bfdb4e6a/resourceGroups/mms-eus/providers/Microsoft.OperationalInsights/workspaces/avdvirint/providers/Microsoft.SecurityInsights/Bookmarks/2216d0e1-91e3-4902-89fd-d2df8c535096", + } + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/CreateHuntRelation.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_incident_relation.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_incident_relation.py index 18684885840e..b556a220a331 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_incident_relation.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_incident_relation.py @@ -43,6 +43,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/relations/CreateIncidentRelation.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/relations/CreateIncidentRelation.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_job.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_job.py new file mode 100644 index 000000000000..a3555dbc20a3 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_job.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_job.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_assignment_jobs.create( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_assignment_name="47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerAssignments/CreateJob.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_purview_information_protection_data_connetor.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_purview_information_protection_data_connetor.py new file mode 100644 index 000000000000..f2c05959bdba --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_purview_information_protection_data_connetor.py @@ -0,0 +1,50 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_microsoft_purview_information_protection_data_connetor.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.data_connectors.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + data_connector_id="73e01a99-5cd7-4139-a149-9f2736ff2ab5", + data_connector={ + "etag": '"0300bf09-0000-0000-0000-5c37296e0000"', + "kind": "MicrosoftPurviewInformationProtection", + "properties": { + "dataTypes": {"logs": {"state": "Enabled"}}, + "tenantId": "2070ecc9-b4d5-4ae4-adaa-936fa1954fa8", + }, + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateMicrosoftPurviewInformationProtectionDataConnetor.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_security_incident_creation_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_security_incident_creation_alert_rule.py index f1dae6d1fced..c4dec48e8c44 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_security_incident_creation_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_security_incident_creation_alert_rule.py @@ -46,6 +46,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/CreateMicrosoftSecurityIncidentCreationAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/CreateMicrosoftSecurityIncidentCreationAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_threat_intelligence_data_connector.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_threat_intelligence_data_connector.py new file mode 100644 index 000000000000..0203c0160c8a --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_threat_intelligence_data_connector.py @@ -0,0 +1,51 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_microsoft_threat_intelligence_data_connector.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.data_connectors.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + data_connector_id="c345bf40-8509-4ed2-b947-50cb773aaf04", + data_connector={ + "kind": "MicrosoftThreatIntelligence", + "properties": { + "dataTypes": { + "microsoftEmergingThreatFeed": {"lookbackPeriod": "1970-01-01T00:00:00.000Z", "state": "Enabled"} + }, + "tenantId": "06b3ccb8-1384-4bcc-aec7-852f6d57161b", + }, + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateMicrosoftThreatIntelligenceDataConnector.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_threat_protection_data_connetor.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_threat_protection_data_connetor.py new file mode 100644 index 000000000000..426d0fcaed0d --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_microsoft_threat_protection_data_connetor.py @@ -0,0 +1,51 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_microsoft_threat_protection_data_connetor.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.data_connectors.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + data_connector_id="73e01a99-5cd7-4139-a149-9f2736ff2ab5", + data_connector={ + "etag": '"0300bf09-0000-0000-0000-5c37296e0000"', + "kind": "MicrosoftThreatProtection", + "properties": { + "dataTypes": {"alerts": {"state": "Enabled"}, "incidents": {"state": "Disabled"}}, + "filteredProviders": {"alerts": ["microsoftDefenderForCloudApps"]}, + "tenantId": "178265c4-3136-4ff6-8ed1-b5b62b4cb5f5", + }, + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateMicrosoftThreatProtectionDataConnetor.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_nrt_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_nrt_alert_rule.py index b52313895455..76378971a167 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_nrt_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_nrt_alert_rule.py @@ -63,6 +63,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/CreateNrtAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/CreateNrtAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office365_project_data_connetor.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office365_project_data_connetor.py index 17400d2e0bbe..f316bb87bf68 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office365_project_data_connetor.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office365_project_data_connetor.py @@ -45,6 +45,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/CreateOffice365ProjectDataConnetor.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateOffice365ProjectDataConnetor.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office_data_connetor.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office_data_connetor.py index e64dbac15d70..0af7498f2bc9 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office_data_connetor.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office_data_connetor.py @@ -49,6 +49,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/CreateOfficeDataConnetor.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateOfficeDataConnetor.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office_power_bi_data_connector.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office_power_bi_data_connector.py index c2c0e69ee1c2..185c2c566159 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office_power_bi_data_connector.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_office_power_bi_data_connector.py @@ -45,6 +45,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/CreateOfficePowerBIDataConnector.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateOfficePowerBIDataConnector.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_assignment.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_assignment.py new file mode 100644 index 000000000000..ec07f3f27b67 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_assignment.py @@ -0,0 +1,55 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_or_update_workspace_manager_assignment.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_assignments.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_assignment_name="47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", + workspace_manager_assignment={ + "properties": { + "items": [ + { + "resourceId": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspac-es/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExampleOne" + }, + { + "resourceId": "/subscriptions/d0cfe6b2-9ac0-4464-9919-dccaee2e48c0/resourceGroups/myRg/providers/Microsoft.OperationalInsights/workspac-es/myWorkspace/providers/Microsoft.SecurityInsights/alertRules/microsoftSecurityIncidentCreationRuleExampleTwo" + }, + ], + "targetResourceName": "37207a7a-3b8a-438f-a559-c7df400e1b96", + } + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerAssignments/CreateOrUpdateWorkspaceManagerAssignment.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_configuration.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_configuration.py new file mode 100644 index 000000000000..e0d53d6b2838 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_configuration.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_or_update_workspace_manager_configuration.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_configurations.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_configuration_name="default", + workspace_manager_configuration={"properties": {"mode": "Enabled"}}, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerConfigurations/CreateOrUpdateWorkspaceManagerConfiguration.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_group.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_group.py new file mode 100644 index 000000000000..5383d5bc47ce --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_group.py @@ -0,0 +1,49 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_or_update_workspace_manager_group.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_groups.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_group_name="37207a7a-3b8a-438f-a559-c7df400e1b96", + workspace_manager_group={ + "properties": { + "description": "Group of all financial and banking institutions", + "displayName": "Banks", + "memberResourceNames": ["afbd324f-6c48-459c-8710-8d1e1cd03812", "f5fa104e-c0e3-4747-9182-d342dc048a9e"], + } + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerGroups/CreateOrUpdateWorkspaceManagerGroup.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_member.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_member.py new file mode 100644 index 000000000000..bddb341974aa --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_or_update_workspace_manager_member.py @@ -0,0 +1,48 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python create_or_update_workspace_manager_member.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_members.create_or_update( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_member_name="afbd324f-6c48-459c-8710-8d1e1cd03812", + workspace_manager_member={ + "properties": { + "targetWorkspaceId": "/subscriptions/7aef9d48-814f-45ad-b644-b0343316e174/resourceGroups/otherRg/providers/Microsoft.OperationalInsights/workspaces/Example_Workspace", + "targetWorkspaceTenantId": "f676d436-8d16-42db-81b7-ab578e110ccd", + } + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerMembers/CreateOrUpdateWorkspaceManagerMember.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_scheduled_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_scheduled_alert_rule.py index 41f7815cc6e8..060066bb5096 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_scheduled_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_scheduled_alert_rule.py @@ -84,6 +84,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/CreateScheduledAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/CreateScheduledAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_sentinel_onboarding_state.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_sentinel_onboarding_state.py index 5c8fe53f325f..aa58863dd91e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_sentinel_onboarding_state.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_sentinel_onboarding_state.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/onboardingStates/CreateSentinelOnboardingState.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/onboardingStates/CreateSentinelOnboardingState.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_source_control.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_source_control.py index e4ba898e9ea7..3f7c1f2ee1b6 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_source_control.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_source_control.py @@ -55,6 +55,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/sourcecontrols/CreateSourceControl.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/sourcecontrols/CreateSourceControl.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_threat_intelligence_data_connector.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_threat_intelligence_data_connector.py index e58c78df5816..9421923c76fd 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_threat_intelligence_data_connector.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_threat_intelligence_data_connector.py @@ -45,6 +45,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/CreateThreatIntelligenceDataConnector.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateThreatIntelligenceDataConnector.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_threat_intelligence_taxii_data_connector.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_threat_intelligence_taxii_data_connector.py index 1b4a4587c163..27007afb6c86 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_threat_intelligence_taxii_data_connector.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_threat_intelligence_taxii_data_connector.py @@ -53,6 +53,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/CreateThreatIntelligenceTaxiiDataConnector.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/CreateThreatIntelligenceTaxiiDataConnector.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist.py index 47b0e922392f..40943bc43a93 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist.py @@ -48,6 +48,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/watchlists/CreateWatchlist.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/watchlists/CreateWatchlist.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist_and_watchlist_items.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist_and_watchlist_items.py index 96205b46222e..f5ff2b7cc5b1 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist_and_watchlist_items.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist_and_watchlist_items.py @@ -51,6 +51,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/watchlists/CreateWatchlistAndWatchlistItems.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/watchlists/CreateWatchlistAndWatchlistItems.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist_item.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist_item.py index f527c1dbf8eb..f7f760d907d5 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist_item.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/create_watchlist_item.py @@ -51,6 +51,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/watchlists/CreateWatchlistItem.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/watchlists/CreateWatchlistItem.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_action_of_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_action_of_alert_rule.py index 01907457a01d..88255741ba9c 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_action_of_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_action_of_alert_rule.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/actions/DeleteActionOfAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/actions/DeleteActionOfAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_alert_rule.py index e8eccd69f4ac..2de0519c7cba 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_alert_rule.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/DeleteAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/DeleteAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_api_polling.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_api_polling.py index 49864982ae30..a19ca244abc7 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_api_polling.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_api_polling.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/DeleteAPIPolling.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/DeleteAPIPolling.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_bookmark.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_bookmark.py index 5f63071b1758..7ad7ea99c157 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_bookmark.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_bookmark.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/bookmarks/DeleteBookmark.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/bookmarks/DeleteBookmark.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_bookmark_relation.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_bookmark_relation.py index 940f286c435e..4d92d09194d2 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_bookmark_relation.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_bookmark_relation.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/bookmarks/relations/DeleteBookmarkRelation.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/bookmarks/relations/DeleteBookmarkRelation.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_entity_query.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_entity_query.py index a65893898988..368e62af9239 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_entity_query.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_entity_query.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entityQueries/DeleteEntityQuery.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entityQueries/DeleteEntityQuery.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_eyes_on_setting.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_eyes_on_setting.py index 599eaa20379e..31c28871efa1 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_eyes_on_setting.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_eyes_on_setting.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/settings/DeleteEyesOnSetting.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/settings/DeleteEyesOnSetting.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_file_import.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_file_import.py index 3b966a3523f3..5b6c3691eeed 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_file_import.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_file_import.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/fileImports/DeleteFileImport.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/fileImports/DeleteFileImport.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_generic_ui.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_generic_ui.py index b73a6e33886e..8bd25ef2c478 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_generic_ui.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_generic_ui.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/DeleteGenericUI.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/DeleteGenericUI.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_hunt.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_hunt.py new file mode 100644 index 000000000000..280f43722be6 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_hunt.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_hunt.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunts.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/DeleteHunt.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_hunt_comment.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_hunt_comment.py new file mode 100644 index 000000000000..1b55c72ccb65 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_hunt_comment.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_hunt_comment.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunt_comments.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + hunt_comment_id="2216d0e1-91e3-4902-89fd-d2df8c123456", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/DeleteHuntComment.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_hunt_relation.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_hunt_relation.py new file mode 100644 index 000000000000..852eb930e4c7 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_hunt_relation.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_hunt_relation.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunt_relations.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + hunt_relation_id="2216d0e1-91e3-4902-89fd-d2df8c535096", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/DeleteHuntRelation.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_incident_relation.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_incident_relation.py index 78337555b97a..dd7a41f986d1 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_incident_relation.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_incident_relation.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/relations/DeleteIncidentRelation.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/relations/DeleteIncidentRelation.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_job.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_job.py new file mode 100644 index 000000000000..b8073c87c918 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_job.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_job.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_assignment_jobs.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_assignment_name="47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", + job_name="cfbe1338-8276-4d5d-8b96-931117f9fa0e", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerAssignments/DeleteJob.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_metadata.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_metadata.py index 49bd06ba9428..b64e7db2f2cf 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_metadata.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_metadata.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/metadata/DeleteMetadata.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/metadata/DeleteMetadata.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_microsoft_purview_information_protection_data_connetor.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_microsoft_purview_information_protection_data_connetor.py new file mode 100644 index 000000000000..d37a692ea08f --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_microsoft_purview_information_protection_data_connetor.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_microsoft_purview_information_protection_data_connetor.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.data_connectors.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + data_connector_id="73e01a99-5cd7-4139-a149-9f2736ff2ab5", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/DeleteMicrosoftPurviewInformationProtectionDataConnetor.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_microsoft_threat_intelligence_data_connector.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_microsoft_threat_intelligence_data_connector.py new file mode 100644 index 000000000000..0ca85c096e90 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_microsoft_threat_intelligence_data_connector.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_microsoft_threat_intelligence_data_connector.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.data_connectors.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + data_connector_id="c345bf40-8509-4ed2-b947-50cb773aaf04", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/DeleteMicrosoftThreatIntelligenceDataConnector.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office365_project_data_connetor.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office365_project_data_connetor.py index 8b565c226eb2..0dc0b1b18ead 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office365_project_data_connetor.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office365_project_data_connetor.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/DeleteOffice365ProjectDataConnetor.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/DeleteOffice365ProjectDataConnetor.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_consents.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_consents.py index d66ae4ac7351..2ad18feb998a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_consents.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_consents.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/officeConsents/DeleteOfficeConsents.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/officeConsents/DeleteOfficeConsents.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_data_connetor.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_data_connetor.py index ea1346bce56e..75ab83f10994 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_data_connetor.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_data_connetor.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/DeleteOfficeDataConnetor.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/DeleteOfficeDataConnetor.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_power_bi_data_connetor.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_power_bi_data_connetor.py index 9e48c8e08851..fc49043864bd 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_power_bi_data_connetor.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_office_power_bi_data_connetor.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/DeleteOfficePowerBIDataConnetor.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/DeleteOfficePowerBIDataConnetor.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_security_ml_analytics_setting.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_security_ml_analytics_setting.py index 10c84d42cbb3..c823f291f554 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_security_ml_analytics_setting.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_security_ml_analytics_setting.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/securityMLAnalyticsSettings/DeleteSecurityMLAnalyticsSetting.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/securityMLAnalyticsSettings/DeleteSecurityMLAnalyticsSetting.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_sentinel_onboarding_state.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_sentinel_onboarding_state.py index 7efd7e514297..897ff0e26929 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_sentinel_onboarding_state.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_sentinel_onboarding_state.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/onboardingStates/DeleteSentinelOnboardingState.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/onboardingStates/DeleteSentinelOnboardingState.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_source_control.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_source_control.py index b39bed43c896..8b0e828bdd37 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_source_control.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_source_control.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/sourcecontrols/DeleteSourceControl.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/sourcecontrols/DeleteSourceControl.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_template.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_template.py new file mode 100644 index 000000000000..a3940fa8c46c --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_template.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_template.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.content_template.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + template_id="8365ebfe-a381-45b7-ad08-7d818070e11f", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentTemplates/DeleteTemplate.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_threat_intelligence.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_threat_intelligence.py index 254248e2572d..93cae3155c46 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_threat_intelligence.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_threat_intelligence.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/threatintelligence/DeleteThreatIntelligence.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/threatintelligence/DeleteThreatIntelligence.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_watchlist.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_watchlist.py index 657798684a34..d932ced713ca 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_watchlist.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_watchlist.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/watchlists/DeleteWatchlist.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/watchlists/DeleteWatchlist.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_watchlist_item.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_watchlist_item.py index d22cdfb7f9df..b7f44986a749 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_watchlist_item.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_watchlist_item.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/watchlists/DeleteWatchlistItem.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/watchlists/DeleteWatchlistItem.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_assignment.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_assignment.py new file mode 100644 index 000000000000..a87dee8365e7 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_assignment.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_workspace_manager_assignment.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_assignments.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_assignment_name="47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerAssignments/DeleteWorkspaceManagerAssignment.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_configuration.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_configuration.py new file mode 100644 index 000000000000..63f0a12c7a19 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_configuration.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_workspace_manager_configuration.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_configurations.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_configuration_name="default", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerConfigurations/DeleteWorkspaceManagerConfiguration.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_group.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_group.py new file mode 100644 index 000000000000..5e16a92199d6 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_group.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_workspace_manager_group.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_groups.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_group_name="37207a7a-3b8a-438f-a559-c7df400e1b96", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerGroups/DeleteWorkspaceManagerGroup.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_member.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_member.py new file mode 100644 index 000000000000..16b19718ca1b --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/delete_workspace_manager_member.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python delete_workspace_manager_member.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_members.delete( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_member_name="afbd324f-6c48-459c-8710-8d1e1cd03812", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerMembers/DeleteWorkspaceManagerMember.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/disconnect_api_polling.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/disconnect_api_polling.py index 86acefb3218e..9376d616c20a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/disconnect_api_polling.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/disconnect_api_polling.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/DisconnectAPIPolling.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/DisconnectAPIPolling.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/entities_run_playbook.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/entities_run_playbook.py new file mode 100644 index 000000000000..1ed8fc280b85 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/entities_run_playbook.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python entities_run_playbook.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.entities.run_playbook( + resource_group_name="myRg", + workspace_name="myWorkspace", + entity_identifier="72e01a22-5cd2-4139-a149-9f2736ff2ar2", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/manualTrigger/Entities_RunPlaybook.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_account_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_account_entity_by_id.py index 4cdf7445de26..2a34f92eef5d 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_account_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_account_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetAccountEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetAccountEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_action_of_alert_rule_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_action_of_alert_rule_by_id.py index 6bf9693e038f..05662e95f22a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_action_of_alert_rule_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_action_of_alert_rule_by_id.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/actions/GetActionOfAlertRuleById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/actions/GetActionOfAlertRuleById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_activity_entity_query_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_activity_entity_query_by_id.py index 627d89dee6b5..fbbbdad556cf 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_activity_entity_query_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_activity_entity_query_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entityQueries/GetActivityEntityQueryById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entityQueries/GetActivityEntityQueryById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_activity_entity_query_template_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_activity_entity_query_template_by_id.py index 8535ed42977e..66be046e1da3 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_activity_entity_query_template_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_activity_entity_query_template_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entityQueryTemplates/GetActivityEntityQueryTemplateById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entityQueryTemplates/GetActivityEntityQueryTemplateById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_alert_rule_template_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_alert_rule_template_by_id.py index 1d18bbcb0164..4fb854a66ec4 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_alert_rule_template_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_alert_rule_template_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplateById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplateById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_alert_rule_templates.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_alert_rule_templates.py index 4f232d8a66d2..0b59236169a9 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_alert_rule_templates.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_alert_rule_templates.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplates.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRuleTemplates/GetAlertRuleTemplates.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_actions_by_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_actions_by_alert_rule.py index 71e28322c8e7..5d3c47d49cc2 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_actions_by_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_actions_by_alert_rule.py @@ -38,6 +38,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/actions/GetAllActionsByAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/actions/GetAllActionsByAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_alert_rules.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_alert_rules.py index 6bfe39da69fe..031eb74b0c26 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_alert_rules.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_alert_rules.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/GetAllAlertRules.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/GetAllAlertRules.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_bookmark_relations.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_bookmark_relations.py index dd257f859112..045d393e8604 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_bookmark_relations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_bookmark_relations.py @@ -38,6 +38,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/bookmarks/relations/GetAllBookmarkRelations.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/bookmarks/relations/GetAllBookmarkRelations.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_entity_relations.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_entity_relations.py index 292751766fbf..203f6731d045 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_entity_relations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_entity_relations.py @@ -38,6 +38,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/relations/GetAllEntityRelations.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/relations/GetAllEntityRelations.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_incident_relations.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_incident_relations.py index d51befaed744..eda9a890223a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_incident_relations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_incident_relations.py @@ -38,6 +38,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/relations/GetAllIncidentRelations.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/relations/GetAllIncidentRelations.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_jobs.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_jobs.py new file mode 100644 index 000000000000..7235fa5e42af --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_jobs.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_all_jobs.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_assignment_jobs.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_assignment_name="47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerAssignments/GetAllJobs.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_metadata.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_metadata.py index 7db4cc0f8c28..d83a91728356 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_metadata.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_metadata.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/metadata/GetAllMetadata.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/metadata/GetAllMetadata.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_metadata_odata.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_metadata_odata.py index 5b4257bac619..9a2a049eed7e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_metadata_odata.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_metadata_odata.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/metadata/GetAllMetadataOData.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/metadata/GetAllMetadataOData.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_security_ml_analytics_settings.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_security_ml_analytics_settings.py index 1a674b133d69..5e9a19ce319e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_security_ml_analytics_settings.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_security_ml_analytics_settings.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/securityMLAnalyticsSettings/GetAllSecurityMLAnalyticsSettings.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/securityMLAnalyticsSettings/GetAllSecurityMLAnalyticsSettings.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_sentinel_onboarding_states.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_sentinel_onboarding_states.py index 50414b351665..19cf3793caf6 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_sentinel_onboarding_states.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_sentinel_onboarding_states.py @@ -36,6 +36,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/onboardingStates/GetAllSentinelOnboardingStates.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/onboardingStates/GetAllSentinelOnboardingStates.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_settings.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_settings.py index 9686f64f3e57..79c8c2d86b34 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_settings.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_settings.py @@ -36,6 +36,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/settings/GetAllSettings.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/settings/GetAllSettings.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_assignments.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_assignments.py new file mode 100644 index 000000000000..5e70fe777af4 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_assignments.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_all_workspace_manager_assignments.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_assignments.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerAssignments/GetAllWorkspaceManagerAssignments.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_configurations.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_configurations.py new file mode 100644 index 000000000000..b846f63b6a15 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_configurations.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_all_workspace_manager_configurations.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_configurations.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerConfigurations/GetAllWorkspaceManagerConfigurations.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_groups.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_groups.py new file mode 100644 index 000000000000..2a5f08d0904d --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_groups.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_all_workspace_manager_groups.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_groups.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerGroups/GetAllWorkspaceManagerGroups.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_members.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_members.py new file mode 100644 index 000000000000..135ae4ed611e --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_all_workspace_manager_members.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_all_workspace_manager_members.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_members.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerMembers/GetAllWorkspaceManagerMembers.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_amazon_web_services_cloud_trail_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_amazon_web_services_cloud_trail_by_id.py index 763052e052f7..de1c09fd6f0c 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_amazon_web_services_cloud_trail_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_amazon_web_services_cloud_trail_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetAmazonWebServicesCloudTrailById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetAmazonWebServicesCloudTrailById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_amazon_web_services_s3_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_amazon_web_services_s3_by_id.py index 6738b3b06f21..6f2acbb6c128 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_amazon_web_services_s3_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_amazon_web_services_s3_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetAmazonWebServicesS3ById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetAmazonWebServicesS3ById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_anomaly_security_ml_analytics_setting.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_anomaly_security_ml_analytics_setting.py index 58c9a9583e24..d784c1e0548c 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_anomaly_security_ml_analytics_setting.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_anomaly_security_ml_analytics_setting.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/securityMLAnalyticsSettings/GetAnomalySecurityMLAnalyticsSetting.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/securityMLAnalyticsSettings/GetAnomalySecurityMLAnalyticsSetting.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_api_polling.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_api_polling.py index e36510675dde..758adee9dd9d 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_api_polling.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_api_polling.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetAPIPolling.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetAPIPolling.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_active_directory_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_active_directory_by_id.py index 6fce52a1fd6c..3f554134a53b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_active_directory_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_active_directory_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetAzureActiveDirectoryById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetAzureActiveDirectoryById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_advanced_threat_protection_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_advanced_threat_protection_by_id.py index b6d603f21861..8ef5e1cda05f 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_advanced_threat_protection_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_advanced_threat_protection_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetAzureAdvancedThreatProtectionById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetAzureAdvancedThreatProtectionById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_resource_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_resource_entity_by_id.py index b050cca4c7c5..269f0b98c781 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_resource_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_resource_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetAzureResourceEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetAzureResourceEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_security_center_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_security_center_by_id.py index efd0ea37571e..6c922fc44851 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_security_center_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_azure_security_center_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetAzureSecurityCenterById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetAzureSecurityCenterById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmark_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmark_by_id.py index 8e87468ceb1e..04418c16e530 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmark_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmark_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/bookmarks/GetBookmarkById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/bookmarks/GetBookmarkById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmark_relation_by_name.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmark_relation_by_name.py index 7426af196f31..ba941b29f92f 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmark_relation_by_name.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmark_relation_by_name.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/bookmarks/relations/GetBookmarkRelationByName.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/bookmarks/relations/GetBookmarkRelationByName.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmarks.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmarks.py index 3bfe6238bf16..13d9adcac62a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmarks.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_bookmarks.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/bookmarks/GetBookmarks.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/bookmarks/GetBookmarks.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_cloud_application_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_cloud_application_entity_by_id.py index 6f0e16b2e736..af664da2ad16 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_cloud_application_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_cloud_application_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetCloudApplicationEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetCloudApplicationEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_data_connectors.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_data_connectors.py index 3427dc2447ff..c7ec15188360 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_data_connectors.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_data_connectors.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetDataConnectors.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetDataConnectors.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_dns_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_dns_entity_by_id.py index d12e56266b46..68d181762eef 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_dns_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_dns_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetDnsEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetDnsEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_dynamics365_data_connector_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_dynamics365_data_connector_by_id.py index 7b5578864e8a..c59c3430f3af 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_dynamics365_data_connector_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_dynamics365_data_connector_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetDynamics365DataConnectorById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetDynamics365DataConnectorById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entities.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entities.py index 7497dda7be87..17de841ef5ec 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entities.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entities.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetEntities.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetEntities.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_queries.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_queries.py index 8cee24ba1398..c54e31c9a3cb 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_queries.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_queries.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entityQueries/GetEntityQueries.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entityQueries/GetEntityQueries.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_query_templates.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_query_templates.py index 9891a363b78b..313a946bf16e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_query_templates.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_query_templates.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entityQueryTemplates/GetEntityQueryTemplates.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entityQueryTemplates/GetEntityQueryTemplates.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_relation_by_name.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_relation_by_name.py index 9f6da60a51c1..59c5ae1742c8 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_relation_by_name.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_entity_relation_by_name.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/relations/GetEntityRelationByName.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/relations/GetEntityRelationByName.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_expansion_entity_query_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_expansion_entity_query_by_id.py index b602cd4c4c5f..817839c6d978 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_expansion_entity_query_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_expansion_entity_query_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entityQueries/GetExpansionEntityQueryById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entityQueries/GetExpansionEntityQueryById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_eyes_on_setting.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_eyes_on_setting.py index 631125a81101..4dcf3bbfb3c9 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_eyes_on_setting.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_eyes_on_setting.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/settings/GetEyesOnSetting.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/settings/GetEyesOnSetting.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_entity_by_id.py index 91f2d212d0ef..150d645ea069 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetFileEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetFileEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_hash_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_hash_entity_by_id.py index e3191f6d250b..ea039ceea9b8 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_hash_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_hash_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetFileHashEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetFileHashEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_import_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_import_by_id.py index 31cca3f33ca3..5aa5eced91b8 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_import_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_import_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/fileImports/GetFileImportById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/fileImports/GetFileImportById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_imports.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_imports.py index 453ebae65bdc..e16664d479a5 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_imports.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_file_imports.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/fileImports/GetFileImports.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/fileImports/GetFileImports.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_fusion_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_fusion_alert_rule.py index 20bbac08277f..b26626038eaa 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_fusion_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_fusion_alert_rule.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/GetFusionAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/GetFusionAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_generic_ui.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_generic_ui.py index 3d93903adcd8..3ed64e0aadc5 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_generic_ui.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_generic_ui.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetGenericUI.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetGenericUI.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_geodata_by_ip.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_geodata_by_ip.py index 93496f23f2d7..5f0e8ecceab4 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_geodata_by_ip.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_geodata_by_ip.py @@ -36,6 +36,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/enrichment/GetGeodataByIp.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/enrichment/GetGeodataByIp.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_host_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_host_entity_by_id.py index da73796bf50e..55513f9066ff 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_host_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_host_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetHostEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetHostEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_by_id.py new file mode 100644 index 000000000000..7b0c842d894e --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_by_id.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_hunt_by_id.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunts.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/GetHuntById.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_comment_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_comment_by_id.py new file mode 100644 index 000000000000..e71eadf06c2e --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_comment_by_id.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_hunt_comment_by_id.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunt_comments.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + hunt_comment_id="2216d0e1-91e3-4902-89fd-d2df8c535096", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/GetHuntCommentById.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_comments.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_comments.py new file mode 100644 index 000000000000..6c9f5fb56ed8 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_comments.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_hunt_comments.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunt_comments.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/GetHuntComments.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_relation_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_relation_by_id.py new file mode 100644 index 000000000000..8f3a6c4dda43 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_relation_by_id.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_hunt_relation_by_id.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunt_relations.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + hunt_relation_id="2216d0e1-91e3-4902-89fd-d2df8c535096", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/GetHuntRelationById.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_relations.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_relations.py new file mode 100644 index 000000000000..6f95fc231298 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunt_relations.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_hunt_relations.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunt_relations.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + hunt_id="163e7b2a-a2ec-4041-aaba-d878a38f265f", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/GetHuntRelations.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunts.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunts.py new file mode 100644 index 000000000000..eec949ac2cf0 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_hunts.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_hunts.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="bd794837-4d29-4647-9105-6339bfdb4e6a", + ) + + response = client.hunts.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/hunts/GetHunts.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_incident_relation_by_name.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_incident_relation_by_name.py index 56607932ef56..1c6410ebb0d5 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_incident_relation_by_name.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_incident_relation_by_name.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/relations/GetIncidentRelationByName.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/relations/GetIncidentRelationByName.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_io_tby_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_io_tby_id.py index 2862942122ce..9a82942423f5 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_io_tby_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_io_tby_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetIoTById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetIoTById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_io_tdevice_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_io_tdevice_entity_by_id.py index eb492445a610..bbfec37836a6 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_io_tdevice_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_io_tdevice_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetIoTDeviceEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetIoTDeviceEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_ip_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_ip_entity_by_id.py index 0df0f6826bed..d9c48ca17b9c 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_ip_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_ip_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetIpEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetIpEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_job.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_job.py new file mode 100644 index 000000000000..4b9af65a6f10 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_job.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_job.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_assignment_jobs.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_assignment_name="47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", + job_name="cfbe1338-8276-4d5d-8b96-931117f9fa0e", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerAssignments/GetJob.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mail_cluster_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mail_cluster_entity_by_id.py index f43526065efd..97854fc3babe 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mail_cluster_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mail_cluster_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetMailClusterEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetMailClusterEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mail_message_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mail_message_entity_by_id.py index 5d9c55a18e9f..f240262a5b1b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mail_message_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mail_message_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetMailMessageEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetMailMessageEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mailbox_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mailbox_entity_by_id.py index ab443b71cfd7..3cb2486c4dc1 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mailbox_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_mailbox_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetMailboxEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetMailboxEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_malware_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_malware_entity_by_id.py index 5c8a14d51428..cd879eaf76b9 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_malware_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_malware_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetMalwareEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetMalwareEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_metadata.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_metadata.py index e8d786700ebb..60981d2fdc07 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_metadata.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_metadata.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/metadata/GetMetadata.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/metadata/GetMetadata.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_cloud_app_security_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_cloud_app_security_by_id.py index 31c5ac11df7d..88a9b205f407 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_cloud_app_security_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_cloud_app_security_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetMicrosoftCloudAppSecurityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetMicrosoftCloudAppSecurityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_defender_advanced_threat_protection_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_defender_advanced_threat_protection_by_id.py index b1d6154e90aa..a6fc96b8be16 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_defender_advanced_threat_protection_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_defender_advanced_threat_protection_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetMicrosoftDefenderAdvancedThreatProtectionById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetMicrosoftDefenderAdvancedThreatProtectionById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_insider_risk_management_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_insider_risk_management_by_id.py index 51ae83893b7d..4d212a6a9451 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_insider_risk_management_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_insider_risk_management_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetMicrosoftInsiderRiskManagementById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetMicrosoftInsiderRiskManagementById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_purview_information_protection_data_connetor_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_purview_information_protection_data_connetor_by_id.py new file mode 100644 index 000000000000..b82edb2ccb0c --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_purview_information_protection_data_connetor_by_id.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_microsoft_purview_information_protection_data_connetor_by_id.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.data_connectors.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + data_connector_id="73e01a99-5cd7-4139-a149-9f2736ff2ab5", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetMicrosoftPurviewInformationProtectionDataConnetorById.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_security_incident_creation_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_security_incident_creation_alert_rule.py index fd1493e29bb6..9441837cd662 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_security_incident_creation_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_security_incident_creation_alert_rule.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/GetMicrosoftSecurityIncidentCreationAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/GetMicrosoftSecurityIncidentCreationAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_threat_intelligence_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_threat_intelligence_by_id.py index 404e3265f958..c2708025353a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_threat_intelligence_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_threat_intelligence_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetMicrosoftThreatIntelligenceById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetMicrosoftThreatIntelligenceById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_threat_protection_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_threat_protection_by_id.py index d97c5ff04218..30a39e02be33 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_threat_protection_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_microsoft_threat_protection_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetMicrosoftThreatProtectionById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetMicrosoftThreatProtectionById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_nrt_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_nrt_alert_rule.py index e3ffcd9605df..35fe9103acc5 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_nrt_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_nrt_alert_rule.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/GetNrtAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/GetNrtAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office365_advanced_threat_protection_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office365_advanced_threat_protection_by_id.py index ce52eaf4847f..eefe27e0033a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office365_advanced_threat_protection_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office365_advanced_threat_protection_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetOffice365AdvancedThreatProtectionById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetOffice365AdvancedThreatProtectionById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office365_project_data_connetor_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office365_project_data_connetor_by_id.py index 5486268cc6f0..1c7ea859fd33 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office365_project_data_connetor_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office365_project_data_connetor_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetOffice365ProjectDataConnetorById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetOffice365ProjectDataConnetorById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_consents.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_consents.py index 047adb41a559..8307e65c2b1c 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_consents.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_consents.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/officeConsents/GetOfficeConsents.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/officeConsents/GetOfficeConsents.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_consents_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_consents_by_id.py index 07d171e85fe9..107274746a27 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_consents_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_consents_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/officeConsents/GetOfficeConsentsById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/officeConsents/GetOfficeConsentsById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_data_connetor_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_data_connetor_by_id.py index 0a4e4319b4f7..1a1d2c60da38 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_data_connetor_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_data_connetor_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetOfficeDataConnetorById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetOfficeDataConnetorById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_power_bi_data_connetor_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_power_bi_data_connetor_by_id.py index 6136caf31c43..bb8815c8d934 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_power_bi_data_connetor_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_office_power_bi_data_connetor_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetOfficePowerBIDataConnetorById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetOfficePowerBIDataConnetorById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_package_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_package_by_id.py new file mode 100644 index 000000000000..82bfe8d3be19 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_package_by_id.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_package_by_id.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.content_packages.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + package_id="str.azure-sentinel-solution-str", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentPackages/GetPackageById.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_packages.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_packages.py new file mode 100644 index 000000000000..ef0b666995c9 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_packages.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_packages.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.content_packages.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentPackages/GetPackages.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_process_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_process_entity_by_id.py index f00cd0a7d744..1384b074ce93 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_process_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_process_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetProcessEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetProcessEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_package_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_package_by_id.py new file mode 100644 index 000000000000..ba66c2545afe --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_package_by_id.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_product_package_by_id.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.product_package.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + package_id="str.azure-sentinel-solution-str", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentPackages/GetProductPackageById.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_packages.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_packages.py new file mode 100644 index 000000000000..1fd979a05587 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_packages.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_product_packages.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.product_packages.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentPackages/GetProductPackages.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_template_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_template_by_id.py new file mode 100644 index 000000000000..509feb693f2f --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_template_by_id.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_product_template_by_id.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.product_template.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + template_id="8365ebfe-a381-45b7-ad08-7d818070e11f", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentTemplates/GetProductTemplateById.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_templates.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_templates.py new file mode 100644 index 000000000000..f5d64762a579 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_product_templates.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_product_templates.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.product_templates.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentTemplates/GetProductTemplates.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_queries.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_queries.py index eb816400aa67..a977fbd22b21 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_queries.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_queries.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetQueries.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetQueries.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_recommendation.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_recommendation.py index 10ce219569fc..6eaed7a9e004 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_recommendation.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_recommendation.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/recommendations/GetRecommendation.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/recommendations/GetRecommendation.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_recommendations.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_recommendations.py index 049b5a6b8a82..dcda094fd79b 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_recommendations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_recommendations.py @@ -36,6 +36,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/recommendations/GetRecommendations.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/recommendations/GetRecommendations.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_registry_key_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_registry_key_entity_by_id.py index cb4e42df61ca..363adbabed27 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_registry_key_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_registry_key_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetRegistryKeyEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetRegistryKeyEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_registry_value_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_registry_value_entity_by_id.py index 5081e924eae9..6960e7c52f52 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_registry_value_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_registry_value_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetRegistryValueEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetRegistryValueEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_repositories.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_repositories.py index a79ba4b95ce1..2755c6119a16 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_repositories.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_repositories.py @@ -38,6 +38,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/repositories/GetRepositories.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/repositories/GetRepositories.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_scheduled_alert_rule.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_scheduled_alert_rule.py index fe0d97781a54..ff5823f416b9 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_scheduled_alert_rule.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_scheduled_alert_rule.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/alertRules/GetScheduledAlertRule.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/alertRules/GetScheduledAlertRule.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_security_alert_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_security_alert_entity_by_id.py index d97f34e82268..3711bbeb6d32 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_security_alert_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_security_alert_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetSecurityAlertEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetSecurityAlertEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_security_group_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_security_group_entity_by_id.py index 4dbc57ea7730..76a9926f3d54 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_security_group_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_security_group_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetSecurityGroupEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetSecurityGroupEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_sentinel_onboarding_state.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_sentinel_onboarding_state.py index 9913163dbb50..d8e391d4a1b2 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_sentinel_onboarding_state.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_sentinel_onboarding_state.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/onboardingStates/GetSentinelOnboardingState.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/onboardingStates/GetSentinelOnboardingState.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_source_control_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_source_control_by_id.py index 340237ce6a45..c96aaff9b334 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_source_control_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_source_control_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/sourcecontrols/GetSourceControlById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/sourcecontrols/GetSourceControlById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_source_controls.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_source_controls.py index ceb9628d252b..c0eb4f7e483d 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_source_controls.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_source_controls.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/sourcecontrols/GetSourceControls.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/sourcecontrols/GetSourceControls.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_submission_mail_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_submission_mail_entity_by_id.py index 3ee652535e57..7bdb1ee6841d 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_submission_mail_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_submission_mail_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetSubmissionMailEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetSubmissionMailEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_template_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_template_by_id.py new file mode 100644 index 000000000000..50ca48c979ad --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_template_by_id.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_template_by_id.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.content_template.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + template_id="8365ebfe-a381-45b7-ad08-7d818070e11f", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentTemplates/GetTemplateById.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_templates.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_templates.py new file mode 100644 index 000000000000..2db28eb8287f --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_templates.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_templates.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.content_templates.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentTemplates/GetTemplates.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence.py index 6dc9762759ac..081735bbe884 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/threatintelligence/GetThreatIntelligence.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/threatintelligence/GetThreatIntelligence.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence_by_id.py index 41e6c872c5ee..08a69c997f10 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/threatintelligence/GetThreatIntelligenceById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/threatintelligence/GetThreatIntelligenceById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence_taxii_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence_taxii_by_id.py index 52cb79c118e1..b4ec48901171 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence_taxii_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_threat_intelligence_taxii_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/dataConnectors/GetThreatIntelligenceTaxiiById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/dataConnectors/GetThreatIntelligenceTaxiiById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_url_entity_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_url_entity_by_id.py index fb4d819a677e..c8deff7745c5 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_url_entity_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_url_entity_by_id.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/GetUrlEntityById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/GetUrlEntityById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_by_alias.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_by_alias.py index 52d3b745e293..3628c110576f 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_by_alias.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_by_alias.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/watchlists/GetWatchlistByAlias.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/watchlists/GetWatchlistByAlias.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_item_by_id.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_item_by_id.py index 412ba40fef43..d66b25f1a5d0 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_item_by_id.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_item_by_id.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/watchlists/GetWatchlistItemById.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/watchlists/GetWatchlistItemById.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_items.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_items.py index ca7c80699b5b..d273d7d2eae6 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_items.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlist_items.py @@ -38,6 +38,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/watchlists/GetWatchlistItems.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/watchlists/GetWatchlistItems.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlists.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlists.py index 2546e29b6ff9..8b6d83054192 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlists.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_watchlists.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/watchlists/GetWatchlists.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/watchlists/GetWatchlists.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_whois_by_domain_name.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_whois_by_domain_name.py index 53f54bfb1d25..91f932bb5379 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_whois_by_domain_name.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_whois_by_domain_name.py @@ -36,6 +36,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/enrichment/GetWhoisByDomainName.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/enrichment/GetWhoisByDomainName.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_assignment.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_assignment.py new file mode 100644 index 000000000000..7b9a759f00e9 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_assignment.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_workspace_manager_assignment.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_assignments.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_assignment_name="47cdc5f5-37c4-47b5-bd5f-83c84b8bdd58", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerAssignments/GetWorkspaceManagerAssignment.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_configuration.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_configuration.py new file mode 100644 index 000000000000..f825538fd447 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_configuration.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_workspace_manager_configuration.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_configurations.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_configuration_name="default", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerConfigurations/GetWorkspaceManagerConfiguration.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_group.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_group.py new file mode 100644 index 000000000000..2a2f4421b03d --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_group.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_workspace_manager_group.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_groups.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_group_name="37207a7a-3b8a-438f-a559-c7df400e1b96", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerGroups/GetWorkspaceManagerGroup.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_member.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_member.py new file mode 100644 index 000000000000..f6b19cf18008 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/get_workspace_manager_member.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python get_workspace_manager_member.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.workspace_manager_members.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + workspace_manager_member_name="afbd324f-6c48-459c-8710-8d1e1cd03812", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/workspaceManagerMembers/GetWorkspaceManagerMember.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_create_or_update.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_create_or_update.py index 76b762bca38f..f2785c1abe44 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_create_or_update.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_create_or_update.py @@ -39,6 +39,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentComments/IncidentComments_CreateOrUpdate.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentComments/IncidentComments_CreateOrUpdate.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_delete.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_delete.py index 41de0f2f027c..fe31dfac466e 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_delete.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_delete.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentComments/IncidentComments_Delete.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentComments/IncidentComments_Delete.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_get.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_get.py index 376e884be9ca..85e476ca755d 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_get.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_get.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentComments/IncidentComments_Get.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentComments/IncidentComments_Get.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_list.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_list.py index 7fce290b89df..c0d72692d2c0 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_list.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_comments_list.py @@ -38,6 +38,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentComments/IncidentComments_List.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentComments/IncidentComments_List.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_create_or_update.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_create_or_update.py index 358cd15f754e..ce545bef9ba7 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_create_or_update.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_create_or_update.py @@ -39,6 +39,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentTasks/IncidentTasks_CreateOrUpdate.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentTasks/IncidentTasks_CreateOrUpdate.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_delete.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_delete.py index 4e742bfbd432..0cf8452f9186 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_delete.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_delete.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentTasks/IncidentTasks_Delete.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentTasks/IncidentTasks_Delete.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_get.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_get.py index e825d109fd60..21ea6ea8dd5f 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_get.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_get.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentTasks/IncidentTasks_Get.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentTasks/IncidentTasks_Get.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_list.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_list.py index 371a20ddd697..d82d3eca41f4 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_list.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incident_tasks_list.py @@ -38,6 +38,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentTasks/IncidentTasks_List.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentTasks/IncidentTasks_List.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_create_or_update.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_create_or_update.py index 99dd33a78950..0c3e62b434a8 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_create_or_update.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_create_or_update.py @@ -58,6 +58,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/Incidents_CreateOrUpdate.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/Incidents_CreateOrUpdate.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_create_team.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_create_team.py index 6f3462eb2a73..ec209b722a97 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_create_team.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_create_team.py @@ -43,6 +43,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentTeam/Incidents_CreateTeam.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentTeam/Incidents_CreateTeam.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_delete.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_delete.py index 46d6ef624106..ab5991a09611 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_delete.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_delete.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/Incidents_Delete.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/Incidents_Delete.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_get.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_get.py index 159a603b2460..d37e5179a672 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_get.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_get.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/Incidents_Get.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/Incidents_Get.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list.py index 92ad2ea10b6b..315a72080cd5 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list.py @@ -37,6 +37,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/Incidents_List.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/Incidents_List.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_alerts.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_alerts.py index a62de178a146..104f8f70a107 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_alerts.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_alerts.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentAlerts/Incidents_ListAlerts.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentAlerts/Incidents_ListAlerts.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_bookmarks.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_bookmarks.py index b931f0ff5499..25f219d38e93 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_bookmarks.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_bookmarks.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentBookmarks/Incidents_ListBookmarks.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentBookmarks/Incidents_ListBookmarks.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_entities.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_entities.py index 93dbebcc10c5..b2d8750c2e6a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_entities.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_list_entities.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/incidents/IncidentEntities/Incidents_ListEntities.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/incidents/IncidentEntities/Incidents_ListEntities.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_run_playbook.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_run_playbook.py index eeccd2e1694d..c5bf5ea03080 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_run_playbook.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/incidents_run_playbook.py @@ -37,6 +37,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/manualTrigger/Incidents_RunPlaybook.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/manualTrigger/Incidents_RunPlaybook.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/install_package.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/install_package.py new file mode 100644 index 000000000000..188e15c2ec13 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/install_package.py @@ -0,0 +1,51 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python install_package.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.content_package.install( + resource_group_name="myRg", + workspace_name="myWorkspace", + package_id="str.azure-sentinel-solution-str", + package_installation_properties={ + "properties": { + "contentId": "str.azure-sentinel-solution-str", + "contentKind": "Solution", + "displayName": "str", + "version": "2.0.0", + }, + "tags": {"tag1": "str"}, + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentPackages/InstallPackage.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/install_template.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/install_template.py new file mode 100644 index 000000000000..7276c0b0fa98 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/install_template.py @@ -0,0 +1,113 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python install_template.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.content_template.install( + resource_group_name="myRg", + workspace_name="myWorkspace", + template_id="str.azure-sentinel-solution-str", + template_installation_properties={ + "properties": { + "author": {"email": "support@microsoft.com", "name": "Microsoft"}, + "contentId": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "contentKind": "AnalyticsRule", + "displayName": "API Protection workbook template", + "mainTemplate": { + "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", + "contentVersion": "1.0.1", + "resources": [ + { + "apiVersion": "2022-04-01-preview", + "kind": "Scheduled", + "location": "[parameters('workspace-location')]", + "name": "8365ebfe-a381-45b7-ad08-7d818070e11f", + "properties": { + "description": "Creates an incident when a large number of Critical/High severity CrowdStrike Falcon sensor detections is triggered by a single user", + "displayName": "Critical or High Severity Detections by User", + "enabled": False, + "query": "...", + "queryFrequency": "PT1H", + "queryPeriod": "PT1H", + "severity": "High", + "status": "Available", + "suppressionDuration": "PT1H", + "suppressionEnabled": False, + "triggerOperator": "GreaterThan", + "triggerThreshold": 0, + }, + "type": "Microsoft.SecurityInsights/AlertRuleTemplates", + }, + { + "apiVersion": "2022-01-01-preview", + "name": "[concat(parameters('workspace'),'/Microsoft.SecurityInsights/',concat('AnalyticsRule-', last(split([resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 8365ebfe-a381-45b7-ad08-7d818070e11f)],'/'))))]", + "properties": { + "author": {"email": "support@microsoft.com", "name": "Microsoft"}, + "contentId": "4465ebde-b381-45f7-ad08-7d818070a11c", + "description": "CrowdStrike Falcon Endpoint Protection Analytics Rule 1", + "kind": "AnalyticsRule", + "parentId": "[resourceId('Microsoft.SecurityInsights/AlertRuleTemplates', 8365ebfe-a381-45b7-ad08-7d818070e11f)]", + "source": { + "kind": "Solution", + "name": "str", + "sourceId": "str.azure-sentinel-solution-str", + }, + "support": { + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/", + "name": "Microsoft Corporation", + "tier": "Microsoft", + }, + "version": "1.0.0", + }, + "type": "Microsoft.OperationalInsights/workspaces/providers/metadata", + }, + ], + }, + "packageId": "str.azure-sentinel-solution-str", + "packageKind": "Solution", + "packageName": "str", + "source": {"kind": "Solution", "name": "str", "sourceId": "str.azure-sentinel-solution-str"}, + "support": { + "email": "support@microsoft.com", + "link": "https://support.microsoft.com/", + "name": "Microsoft Corporation", + "tier": "Microsoft", + }, + "version": "1.0.1", + }, + "tags": {"tag1": "str"}, + }, + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentTemplates/InstallTemplate.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/list_operations.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/list_operations.py index c5bdf9face9c..9604eea5a87a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/list_operations.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/list_operations.py @@ -34,6 +34,6 @@ def main(): print(item) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/operations/ListOperations.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/operations/ListOperations.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/patch_metadata.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/patch_metadata.py index 7cbdf1b8fb56..8b8372b72301 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/patch_metadata.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/patch_metadata.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/metadata/PatchMetadata.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/metadata/PatchMetadata.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/patch_recommendation.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/patch_recommendation.py index 42ed7cf1e6ac..ff86b4c49ae6 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/patch_recommendation.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/patch_recommendation.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/recommendations/PatchRecommendation.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/recommendations/PatchRecommendation.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_expand_bookmark.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_expand_bookmark.py index 49329bae179a..1c62c13a9593 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_expand_bookmark.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_expand_bookmark.py @@ -42,6 +42,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/bookmarks/expand/PostExpandBookmark.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/bookmarks/expand/PostExpandBookmark.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_expand_entity.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_expand_entity.py index 6419a34d794d..d0d4e7d5e448 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_expand_entity.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_expand_entity.py @@ -42,6 +42,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/expand/PostExpandEntity.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/expand/PostExpandEntity.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_get_insights.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_get_insights.py index 4e210c82efb3..47b4e91234bf 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_get_insights.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_get_insights.py @@ -43,6 +43,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/insights/PostGetInsights.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/insights/PostGetInsights.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_timeline_entity.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_timeline_entity.py index 8d224b26250a..b02b32908017 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_timeline_entity.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/post_timeline_entity.py @@ -42,6 +42,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/entities/timeline/PostTimelineEntity.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/entities/timeline/PostTimelineEntity.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/put_metadata.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/put_metadata.py index 62ff77bced8a..deb3482a947a 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/put_metadata.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/put_metadata.py @@ -90,6 +90,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/metadata/PutMetadata.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/metadata/PutMetadata.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/put_metadata_minimal.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/put_metadata_minimal.py index 10215a694f1a..aad6adc93fd2 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/put_metadata_minimal.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/put_metadata_minimal.py @@ -44,6 +44,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/metadata/PutMetadataMinimal.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/metadata/PutMetadataMinimal.json if __name__ == "__main__": main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/trigger_rule_run_post.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/trigger_rule_run_post.py new file mode 100644 index 000000000000..7e43bd8109d9 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/trigger_rule_run_post.py @@ -0,0 +1,43 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python trigger_rule_run_post.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.alert_rule.begin_trigger_rule_run( + resource_group_name="myRg", + workspace_name="myWorkspace", + rule_id="65360bb0-8986-4ade-a89d-af3cf44d28aa", + analytics_rule_run_trigger_parameter={"properties": {"executionTimeUtc": "2022-12-22T15:37:03.074Z"}}, + ).result() + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/triggeredAnalyticsRuleRuns/triggerRuleRun_Post.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/triggered_analytics_rule_run_get.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/triggered_analytics_rule_run_get.py new file mode 100644 index 000000000000..5ffa15d9b9a5 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/triggered_analytics_rule_run_get.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python triggered_analytics_rule_run_get.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.triggered_analytics_rule_run.get( + resource_group_name="myRg", + workspace_name="myWorkspace", + rule_run_id="65360bb0-8986-4ade-a89d-af3cf44d28aa", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/triggeredAnalyticsRuleRuns/triggeredAnalyticsRuleRun_Get.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/triggered_analytics_rule_runs_get.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/triggered_analytics_rule_runs_get.py new file mode 100644 index 000000000000..90ce79cd75f4 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/triggered_analytics_rule_runs_get.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python triggered_analytics_rule_runs_get.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfe6b2-9ac0-4464-9919-dccaee2e48c0", + ) + + response = client.get_triggered_analytics_rule_runs.list( + resource_group_name="myRg", + workspace_name="myWorkspace", + ) + for item in response: + print(item) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/triggeredAnalyticsRuleRuns/triggeredAnalyticsRuleRuns_Get.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/uninstall_package.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/uninstall_package.py new file mode 100644 index 000000000000..7561486343b2 --- /dev/null +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/uninstall_package.py @@ -0,0 +1,42 @@ +# coding=utf-8 +# -------------------------------------------------------------------------- +# Copyright (c) Microsoft Corporation. All rights reserved. +# Licensed under the MIT License. See License.txt in the project root for license information. +# Code generated by Microsoft (R) AutoRest Code Generator. +# Changes may cause incorrect behavior and will be lost if the code is regenerated. +# -------------------------------------------------------------------------- + +from azure.identity import DefaultAzureCredential +from azure.mgmt.securityinsight import SecurityInsights + +""" +# PREREQUISITES + pip install azure-identity + pip install azure-mgmt-securityinsight +# USAGE + python uninstall_package.py + + Before run the sample, please set the values of the client ID, tenant ID and client secret + of the AAD application as environment variables: AZURE_CLIENT_ID, AZURE_TENANT_ID, + AZURE_CLIENT_SECRET. For more info about how to get the value, please see: + https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal +""" + + +def main(): + client = SecurityInsights( + credential=DefaultAzureCredential(), + subscription_id="d0cfeab2-9ae0-4464-9919-dccaee2e48f0", + ) + + response = client.content_package.uninstall( + resource_group_name="myRg", + workspace_name="myWorkspace", + package_id="str.azure-sentinel-solution-str", + ) + print(response) + + +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/contentPackages/UninstallPackage.json +if __name__ == "__main__": + main() diff --git a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/update_eyes_on_setting.py b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/update_eyes_on_setting.py index 9f10f20bb113..8d41274c03f6 100644 --- a/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/update_eyes_on_setting.py +++ b/sdk/securityinsight/azure-mgmt-securityinsight/generated_samples/update_eyes_on_setting.py @@ -38,6 +38,6 @@ def main(): print(response) -# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2022-12-01-preview/examples/settings/UpdateEyesOnSetting.json +# x-ms-original-file: specification/securityinsights/resource-manager/Microsoft.SecurityInsights/preview/2023-04-01-preview/examples/settings/UpdateEyesOnSetting.json if __name__ == "__main__": main()