diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entitiesrelations.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entitiesrelations.go new file mode 100644 index 000000000000..843c44df8e1d --- /dev/null +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entitiesrelations.go @@ -0,0 +1,196 @@ +package securityinsight + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// EntitiesRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type EntitiesRelationsClient struct { + BaseClient +} + +// NewEntitiesRelationsClient creates an instance of the EntitiesRelationsClient client. +func NewEntitiesRelationsClient(subscriptionID string) EntitiesRelationsClient { + return NewEntitiesRelationsClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewEntitiesRelationsClientWithBaseURI creates an instance of the EntitiesRelationsClient client using a custom +// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure +// stack). +func NewEntitiesRelationsClientWithBaseURI(baseURI string, subscriptionID string) EntitiesRelationsClient { + return EntitiesRelationsClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// List gets all relations of an entity. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// entityID - entity ID +// filter - filters the results, based on a Boolean condition. Optional. +// orderby - sorts the results. Optional. +// top - returns only the first n results. Optional. +// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response +// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that +// specifies a starting point to use for subsequent calls. Optional. +func (client EntitiesRelationsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesRelationsClient.List") + defer func() { + sc := -1 + if result.rl.Response.Response != nil { + sc = result.rl.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.EntitiesRelationsClient", "List", err.Error()) + } + + result.fn = client.listNextResults + req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, filter, orderby, top, skipToken) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntitiesRelationsClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.rl.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.EntitiesRelationsClient", "List", resp, "Failure sending request") + return + } + + result.rl, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntitiesRelationsClient", "List", resp, "Failure responding to request") + } + + return +} + +// ListPreparer prepares the List request. +func (client EntitiesRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "entityId": autorest.Encode("path", entityID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(filter) > 0 { + queryParameters["$filter"] = autorest.Encode("query", filter) + } + if len(orderby) > 0 { + queryParameters["$orderby"] = autorest.Encode("query", orderby) + } + if top != nil { + queryParameters["$top"] = autorest.Encode("query", *top) + } + if len(skipToken) > 0 { + queryParameters["$skipToken"] = autorest.Encode("query", skipToken) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client EntitiesRelationsClient) ListSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client EntitiesRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client EntitiesRelationsClient) listNextResults(ctx context.Context, lastResults RelationList) (result RelationList, err error) { + req, err := lastResults.relationListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.EntitiesRelationsClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.EntitiesRelationsClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntitiesRelationsClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client EntitiesRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntitiesRelationsClient.List") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, filter, orderby, top, skipToken) + return +} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entityrelations.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entityrelations.go new file mode 100644 index 000000000000..a14f11e9203a --- /dev/null +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/entityrelations.go @@ -0,0 +1,141 @@ +package securityinsight + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// EntityRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type EntityRelationsClient struct { + BaseClient +} + +// NewEntityRelationsClient creates an instance of the EntityRelationsClient client. +func NewEntityRelationsClient(subscriptionID string) EntityRelationsClient { + return NewEntityRelationsClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewEntityRelationsClientWithBaseURI creates an instance of the EntityRelationsClient client using a custom endpoint. +// Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). +func NewEntityRelationsClientWithBaseURI(baseURI string, subscriptionID string) EntityRelationsClient { + return EntityRelationsClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// GetRelation gets an entity relation. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// entityID - entity ID +// relationName - relation Name +func (client EntityRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, relationName string) (result Relation, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/EntityRelationsClient.GetRelation") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.EntityRelationsClient", "GetRelation", err.Error()) + } + + req, err := client.GetRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, entityID, relationName) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityRelationsClient", "GetRelation", nil, "Failure preparing request") + return + } + + resp, err := client.GetRelationSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.EntityRelationsClient", "GetRelation", resp, "Failure sending request") + return + } + + result, err = client.GetRelationResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.EntityRelationsClient", "GetRelation", resp, "Failure responding to request") + } + + return +} + +// GetRelationPreparer prepares the GetRelation request. +func (client EntityRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, relationName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "entityId": autorest.Encode("path", entityID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/entities/{entityId}/relations/{relationName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetRelationSender sends the GetRelation request. The method will close the +// http.Response Body if it receives an error. +func (client EntityRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// GetRelationResponder handles the response to the GetRelation request. The method always +// closes the http.Response Body. +func (client EntityRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/incidentcomments.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/incidentcomments.go new file mode 100644 index 000000000000..90dfe427eb9c --- /dev/null +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/incidentcomments.go @@ -0,0 +1,398 @@ +package securityinsight + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// IncidentCommentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type IncidentCommentsClient struct { + BaseClient +} + +// NewIncidentCommentsClient creates an instance of the IncidentCommentsClient client. +func NewIncidentCommentsClient(subscriptionID string) IncidentCommentsClient { + return NewIncidentCommentsClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewIncidentCommentsClientWithBaseURI creates an instance of the IncidentCommentsClient client using a custom +// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure +// stack). +func NewIncidentCommentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentCommentsClient { + return IncidentCommentsClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// CreateComment creates the incident comment. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// incidentCommentID - incident comment ID +// incidentComment - the incident comment +func (client IncidentCommentsClient) CreateComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (result IncidentComment, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.CreateComment") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: incidentComment, + Constraints: []validation.Constraint{{Target: "incidentComment.IncidentCommentProperties", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "incidentComment.IncidentCommentProperties.Message", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentCommentsClient", "CreateComment", err.Error()) + } + + req, err := client.CreateCommentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, incidentCommentID, incidentComment) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "CreateComment", nil, "Failure preparing request") + return + } + + resp, err := client.CreateCommentSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "CreateComment", resp, "Failure sending request") + return + } + + result, err = client.CreateCommentResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "CreateComment", resp, "Failure responding to request") + } + + return +} + +// CreateCommentPreparer prepares the CreateComment request. +func (client IncidentCommentsClient) CreateCommentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string, incidentComment IncidentComment) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentCommentId": autorest.Encode("path", incidentCommentID), + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", pathParameters), + autorest.WithJSON(incidentComment), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateCommentSender sends the CreateComment request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentCommentsClient) CreateCommentSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// CreateCommentResponder handles the response to the CreateComment request. The method always +// closes the http.Response Body. +func (client IncidentCommentsClient) CreateCommentResponder(resp *http.Response) (result IncidentComment, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// GetComment gets an incident comment. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// incidentCommentID - incident comment ID +func (client IncidentCommentsClient) GetComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string) (result IncidentComment, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.GetComment") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentCommentsClient", "GetComment", err.Error()) + } + + req, err := client.GetCommentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, incidentCommentID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "GetComment", nil, "Failure preparing request") + return + } + + resp, err := client.GetCommentSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "GetComment", resp, "Failure sending request") + return + } + + result, err = client.GetCommentResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "GetComment", resp, "Failure responding to request") + } + + return +} + +// GetCommentPreparer prepares the GetComment request. +func (client IncidentCommentsClient) GetCommentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentCommentId": autorest.Encode("path", incidentCommentID), + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments/{incidentCommentId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetCommentSender sends the GetComment request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentCommentsClient) GetCommentSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// GetCommentResponder handles the response to the GetComment request. The method always +// closes the http.Response Body. +func (client IncidentCommentsClient) GetCommentResponder(resp *http.Response) (result IncidentComment, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// ListByIncident gets all incident comments. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// filter - filters the results, based on a Boolean condition. Optional. +// orderby - sorts the results. Optional. +// top - returns only the first n results. Optional. +// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response +// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that +// specifies a starting point to use for subsequent calls. Optional. +func (client IncidentCommentsClient) ListByIncident(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.ListByIncident") + defer func() { + sc := -1 + if result.icl.Response.Response != nil { + sc = result.icl.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentCommentsClient", "ListByIncident", err.Error()) + } + + result.fn = client.listByIncidentNextResults + req, err := client.ListByIncidentPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, filter, orderby, top, skipToken) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "ListByIncident", nil, "Failure preparing request") + return + } + + resp, err := client.ListByIncidentSender(req) + if err != nil { + result.icl.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "ListByIncident", resp, "Failure sending request") + return + } + + result.icl, err = client.ListByIncidentResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "ListByIncident", resp, "Failure responding to request") + } + + return +} + +// ListByIncidentPreparer prepares the ListByIncident request. +func (client IncidentCommentsClient) ListByIncidentPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(filter) > 0 { + queryParameters["$filter"] = autorest.Encode("query", filter) + } + if len(orderby) > 0 { + queryParameters["$orderby"] = autorest.Encode("query", orderby) + } + if top != nil { + queryParameters["$top"] = autorest.Encode("query", *top) + } + if len(skipToken) > 0 { + queryParameters["$skipToken"] = autorest.Encode("query", skipToken) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/comments", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListByIncidentSender sends the ListByIncident request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentCommentsClient) ListByIncidentSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// ListByIncidentResponder handles the response to the ListByIncident request. The method always +// closes the http.Response Body. +func (client IncidentCommentsClient) ListByIncidentResponder(resp *http.Response) (result IncidentCommentList, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listByIncidentNextResults retrieves the next set of results, if any. +func (client IncidentCommentsClient) listByIncidentNextResults(ctx context.Context, lastResults IncidentCommentList) (result IncidentCommentList, err error) { + req, err := lastResults.incidentCommentListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "listByIncidentNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListByIncidentSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "listByIncidentNextResults", resp, "Failure sending next results request") + } + result, err = client.ListByIncidentResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentCommentsClient", "listByIncidentNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListByIncidentComplete enumerates all values, automatically crossing page boundaries as required. +func (client IncidentCommentsClient) ListByIncidentComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result IncidentCommentListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentsClient.ListByIncident") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.ListByIncident(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, filter, orderby, top, skipToken) + return +} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/incidentrelations.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/incidentrelations.go new file mode 100644 index 000000000000..0fcc5343caf0 --- /dev/null +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/incidentrelations.go @@ -0,0 +1,495 @@ +package securityinsight + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// IncidentRelationsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type IncidentRelationsClient struct { + BaseClient +} + +// NewIncidentRelationsClient creates an instance of the IncidentRelationsClient client. +func NewIncidentRelationsClient(subscriptionID string) IncidentRelationsClient { + return NewIncidentRelationsClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewIncidentRelationsClientWithBaseURI creates an instance of the IncidentRelationsClient client using a custom +// endpoint. Use this when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure +// stack). +func NewIncidentRelationsClientWithBaseURI(baseURI string, subscriptionID string) IncidentRelationsClient { + return IncidentRelationsClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// CreateOrUpdateRelation creates or updates the incident relation. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// relationName - relation Name +// relation - the relation model +func (client IncidentRelationsClient) CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string, relation Relation) (result Relation, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.CreateOrUpdateRelation") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: relation, + Constraints: []validation.Constraint{{Target: "relation.RelationProperties", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "relation.RelationProperties.RelatedResourceID", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentRelationsClient", "CreateOrUpdateRelation", err.Error()) + } + + req, err := client.CreateOrUpdateRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, relationName, relation) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "CreateOrUpdateRelation", nil, "Failure preparing request") + return + } + + resp, err := client.CreateOrUpdateRelationSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "CreateOrUpdateRelation", resp, "Failure sending request") + return + } + + result, err = client.CreateOrUpdateRelationResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "CreateOrUpdateRelation", resp, "Failure responding to request") + } + + return +} + +// CreateOrUpdateRelationPreparer prepares the CreateOrUpdateRelation request. +func (client IncidentRelationsClient) CreateOrUpdateRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string, relation Relation) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", pathParameters), + autorest.WithJSON(relation), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateOrUpdateRelationSender sends the CreateOrUpdateRelation request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentRelationsClient) CreateOrUpdateRelationSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// CreateOrUpdateRelationResponder handles the response to the CreateOrUpdateRelation request. The method always +// closes the http.Response Body. +func (client IncidentRelationsClient) CreateOrUpdateRelationResponder(resp *http.Response) (result Relation, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// DeleteRelation delete the incident relation. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// relationName - relation Name +func (client IncidentRelationsClient) DeleteRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.DeleteRelation") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentRelationsClient", "DeleteRelation", err.Error()) + } + + req, err := client.DeleteRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, relationName) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "DeleteRelation", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteRelationSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "DeleteRelation", resp, "Failure sending request") + return + } + + result, err = client.DeleteRelationResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "DeleteRelation", resp, "Failure responding to request") + } + + return +} + +// DeleteRelationPreparer prepares the DeleteRelation request. +func (client IncidentRelationsClient) DeleteRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteRelationSender sends the DeleteRelation request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentRelationsClient) DeleteRelationSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// DeleteRelationResponder handles the response to the DeleteRelation request. The method always +// closes the http.Response Body. +func (client IncidentRelationsClient) DeleteRelationResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// GetRelation gets an incident relation. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// relationName - relation Name +func (client IncidentRelationsClient) GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (result Relation, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.GetRelation") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentRelationsClient", "GetRelation", err.Error()) + } + + req, err := client.GetRelationPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, relationName) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "GetRelation", nil, "Failure preparing request") + return + } + + resp, err := client.GetRelationSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "GetRelation", resp, "Failure sending request") + return + } + + result, err = client.GetRelationResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "GetRelation", resp, "Failure responding to request") + } + + return +} + +// GetRelationPreparer prepares the GetRelation request. +func (client IncidentRelationsClient) GetRelationPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "relationName": autorest.Encode("path", relationName), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations/{relationName}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetRelationSender sends the GetRelation request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentRelationsClient) GetRelationSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// GetRelationResponder handles the response to the GetRelation request. The method always +// closes the http.Response Body. +func (client IncidentRelationsClient) GetRelationResponder(resp *http.Response) (result Relation, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List gets all incident relations. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// filter - filters the results, based on a Boolean condition. Optional. +// orderby - sorts the results. Optional. +// top - returns only the first n results. Optional. +// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response +// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that +// specifies a starting point to use for subsequent calls. Optional. +func (client IncidentRelationsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result RelationListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.List") + defer func() { + sc := -1 + if result.rl.Response.Response != nil { + sc = result.rl.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentRelationsClient", "List", err.Error()) + } + + result.fn = client.listNextResults + req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, filter, orderby, top, skipToken) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.rl.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "List", resp, "Failure sending request") + return + } + + result.rl, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "List", resp, "Failure responding to request") + } + + return +} + +// ListPreparer prepares the List request. +func (client IncidentRelationsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(filter) > 0 { + queryParameters["$filter"] = autorest.Encode("query", filter) + } + if len(orderby) > 0 { + queryParameters["$orderby"] = autorest.Encode("query", orderby) + } + if top != nil { + queryParameters["$top"] = autorest.Encode("query", *top) + } + if len(skipToken) > 0 { + queryParameters["$skipToken"] = autorest.Encode("query", skipToken) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}/relations", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentRelationsClient) ListSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client IncidentRelationsClient) ListResponder(resp *http.Response) (result RelationList, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client IncidentRelationsClient) listNextResults(ctx context.Context, lastResults RelationList) (result RelationList, err error) { + req, err := lastResults.relationListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentRelationsClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client IncidentRelationsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result RelationListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentRelationsClient.List") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, filter, orderby, top, skipToken) + return +} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/incidents.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/incidents.go new file mode 100644 index 000000000000..26bc093b4a09 --- /dev/null +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/incidents.go @@ -0,0 +1,486 @@ +package securityinsight + +// Copyright (c) Microsoft and contributors. All rights reserved. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Code generated by Microsoft (R) AutoRest Code Generator. +// Changes may cause incorrect behavior and will be lost if the code is regenerated. + +import ( + "context" + "github.com/Azure/go-autorest/autorest" + "github.com/Azure/go-autorest/autorest/azure" + "github.com/Azure/go-autorest/autorest/validation" + "github.com/Azure/go-autorest/tracing" + "net/http" +) + +// IncidentsClient is the API spec for Microsoft.SecurityInsights (Azure Security Insights) resource provider +type IncidentsClient struct { + BaseClient +} + +// NewIncidentsClient creates an instance of the IncidentsClient client. +func NewIncidentsClient(subscriptionID string) IncidentsClient { + return NewIncidentsClientWithBaseURI(DefaultBaseURI, subscriptionID) +} + +// NewIncidentsClientWithBaseURI creates an instance of the IncidentsClient client using a custom endpoint. Use this +// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack). +func NewIncidentsClientWithBaseURI(baseURI string, subscriptionID string) IncidentsClient { + return IncidentsClient{NewWithBaseURI(baseURI, subscriptionID)} +} + +// CreateOrUpdate creates or updates the incident. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +// incident - the incident +func (client IncidentsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incident Incident) (result Incident, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.CreateOrUpdate") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}, + {TargetValue: incident, + Constraints: []validation.Constraint{{Target: "incident.IncidentProperties", Name: validation.Null, Rule: false, + Chain: []validation.Constraint{{Target: "incident.IncidentProperties.Title", Name: validation.Null, Rule: true, Chain: nil}}}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentsClient", "CreateOrUpdate", err.Error()) + } + + req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID, incident) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "CreateOrUpdate", nil, "Failure preparing request") + return + } + + resp, err := client.CreateOrUpdateSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "CreateOrUpdate", resp, "Failure sending request") + return + } + + result, err = client.CreateOrUpdateResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "CreateOrUpdate", resp, "Failure responding to request") + } + + return +} + +// CreateOrUpdatePreparer prepares the CreateOrUpdate request. +func (client IncidentsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incident Incident) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsContentType("application/json; charset=utf-8"), + autorest.AsPut(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", pathParameters), + autorest.WithJSON(incident), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always +// closes the http.Response Body. +func (client IncidentsClient) CreateOrUpdateResponder(resp *http.Response) (result Incident, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// Delete delete the incident. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +func (client IncidentsClient) Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (result autorest.Response, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.Delete") + defer func() { + sc := -1 + if result.Response != nil { + sc = result.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentsClient", "Delete", err.Error()) + } + + req, err := client.DeletePreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "Delete", nil, "Failure preparing request") + return + } + + resp, err := client.DeleteSender(req) + if err != nil { + result.Response = resp + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "Delete", resp, "Failure sending request") + return + } + + result, err = client.DeleteResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "Delete", resp, "Failure responding to request") + } + + return +} + +// DeletePreparer prepares the Delete request. +func (client IncidentsClient) DeletePreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsDelete(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// DeleteSender sends the Delete request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentsClient) DeleteSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// DeleteResponder handles the response to the Delete request. The method always +// closes the http.Response Body. +func (client IncidentsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent), + autorest.ByClosing()) + result.Response = resp + return +} + +// Get gets an incident. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// incidentID - incident ID +func (client IncidentsClient) Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (result Incident, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.Get") + defer func() { + sc := -1 + if result.Response.Response != nil { + sc = result.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentsClient", "Get", err.Error()) + } + + req, err := client.GetPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, incidentID) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "Get", nil, "Failure preparing request") + return + } + + resp, err := client.GetSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "Get", resp, "Failure sending request") + return + } + + result, err = client.GetResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "Get", resp, "Failure responding to request") + } + + return +} + +// GetPreparer prepares the Get request. +func (client IncidentsClient) GetPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "incidentId": autorest.Encode("path", incidentID), + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents/{incidentId}", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// GetSender sends the Get request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentsClient) GetSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// GetResponder handles the response to the Get request. The method always +// closes the http.Response Body. +func (client IncidentsClient) GetResponder(resp *http.Response) (result Incident, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// List gets all incidents. +// Parameters: +// resourceGroupName - the name of the resource group within the user's subscription. The name is case +// insensitive. +// operationalInsightsResourceProvider - the namespace of workspaces resource provider- +// Microsoft.OperationalInsights. +// workspaceName - the name of the workspace. +// filter - filters the results, based on a Boolean condition. Optional. +// orderby - sorts the results. Optional. +// top - returns only the first n results. Optional. +// skipToken - skiptoken is only used if a previous operation returned a partial result. If a previous response +// contains a nextLink element, the value of the nextLink element will include a skiptoken parameter that +// specifies a starting point to use for subsequent calls. Optional. +func (client IncidentsClient) List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListPage, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.List") + defer func() { + sc := -1 + if result.il.Response.Response != nil { + sc = result.il.Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + if err := validation.Validate([]validation.Validation{ + {TargetValue: client.SubscriptionID, + Constraints: []validation.Constraint{{Target: "client.SubscriptionID", Name: validation.Pattern, Rule: `^[0-9A-Fa-f]{8}-([0-9A-Fa-f]{4}-){3}[0-9A-Fa-f]{12}$`, Chain: nil}}}, + {TargetValue: resourceGroupName, + Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil}, + {Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}, + {TargetValue: workspaceName, + Constraints: []validation.Constraint{{Target: "workspaceName", Name: validation.MaxLength, Rule: 90, Chain: nil}, + {Target: "workspaceName", Name: validation.MinLength, Rule: 1, Chain: nil}}}}); err != nil { + return result, validation.NewError("securityinsight.IncidentsClient", "List", err.Error()) + } + + result.fn = client.listNextResults + req, err := client.ListPreparer(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, orderby, top, skipToken) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "List", nil, "Failure preparing request") + return + } + + resp, err := client.ListSender(req) + if err != nil { + result.il.Response = autorest.Response{Response: resp} + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "List", resp, "Failure sending request") + return + } + + result.il, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "List", resp, "Failure responding to request") + } + + return +} + +// ListPreparer prepares the List request. +func (client IncidentsClient) ListPreparer(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (*http.Request, error) { + pathParameters := map[string]interface{}{ + "operationalInsightsResourceProvider": autorest.Encode("path", operationalInsightsResourceProvider), + "resourceGroupName": autorest.Encode("path", resourceGroupName), + "subscriptionId": autorest.Encode("path", client.SubscriptionID), + "workspaceName": autorest.Encode("path", workspaceName), + } + + const APIVersion = "2019-01-01-preview" + queryParameters := map[string]interface{}{ + "api-version": APIVersion, + } + if len(filter) > 0 { + queryParameters["$filter"] = autorest.Encode("query", filter) + } + if len(orderby) > 0 { + queryParameters["$orderby"] = autorest.Encode("query", orderby) + } + if top != nil { + queryParameters["$top"] = autorest.Encode("query", *top) + } + if len(skipToken) > 0 { + queryParameters["$skipToken"] = autorest.Encode("query", skipToken) + } + + preparer := autorest.CreatePreparer( + autorest.AsGet(), + autorest.WithBaseURL(client.BaseURI), + autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/incidents", pathParameters), + autorest.WithQueryParameters(queryParameters)) + return preparer.Prepare((&http.Request{}).WithContext(ctx)) +} + +// ListSender sends the List request. The method will close the +// http.Response Body if it receives an error. +func (client IncidentsClient) ListSender(req *http.Request) (*http.Response, error) { + sd := autorest.GetSendDecorators(req.Context(), azure.DoRetryWithRegistration(client.Client)) + return autorest.SendWithSender(client, req, sd...) +} + +// ListResponder handles the response to the List request. The method always +// closes the http.Response Body. +func (client IncidentsClient) ListResponder(resp *http.Response) (result IncidentList, err error) { + err = autorest.Respond( + resp, + client.ByInspecting(), + azure.WithErrorUnlessStatusCode(http.StatusOK), + autorest.ByUnmarshallingJSON(&result), + autorest.ByClosing()) + result.Response = autorest.Response{Response: resp} + return +} + +// listNextResults retrieves the next set of results, if any. +func (client IncidentsClient) listNextResults(ctx context.Context, lastResults IncidentList) (result IncidentList, err error) { + req, err := lastResults.incidentListPreparer(ctx) + if err != nil { + return result, autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "listNextResults", nil, "Failure preparing next results request") + } + if req == nil { + return + } + resp, err := client.ListSender(req) + if err != nil { + result.Response = autorest.Response{Response: resp} + return result, autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "listNextResults", resp, "Failure sending next results request") + } + result, err = client.ListResponder(resp) + if err != nil { + err = autorest.NewErrorWithError(err, "securityinsight.IncidentsClient", "listNextResults", resp, "Failure responding to next results request") + } + return +} + +// ListComplete enumerates all values, automatically crossing page boundaries as required. +func (client IncidentsClient) ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result IncidentListIterator, err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentsClient.List") + defer func() { + sc := -1 + if result.Response().Response.Response != nil { + sc = result.page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + result.page, err = client.List(ctx, resourceGroupName, operationalInsightsResourceProvider, workspaceName, filter, orderby, top, skipToken) + return +} diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/models.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/models.go index 66a1ae79c619..ee784ef6c7d2 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/models.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/models.go @@ -439,12 +439,42 @@ func PossibleFileHashAlgorithmValues() []FileHashAlgorithm { return []FileHashAlgorithm{MD5, SHA1, SHA256, SHA256AC, Unknown} } +// IncidentClassification enumerates the values for incident classification. +type IncidentClassification string + +const ( + // IncidentClassificationFalsePositive Incident was false positive + IncidentClassificationFalsePositive IncidentClassification = "FalsePositive" + // IncidentClassificationTruePositive Incident was true positive + IncidentClassificationTruePositive IncidentClassification = "TruePositive" + // IncidentClassificationUnknown Incident classification was not set + IncidentClassificationUnknown IncidentClassification = "Unknown" +) + +// PossibleIncidentClassificationValues returns an array of possible values for the IncidentClassification const type. +func PossibleIncidentClassificationValues() []IncidentClassification { + return []IncidentClassification{IncidentClassificationFalsePositive, IncidentClassificationTruePositive, IncidentClassificationUnknown} +} + +// IncidentLabelType enumerates the values for incident label type. +type IncidentLabelType string + +const ( + // System Label automatically created by the system + System IncidentLabelType = "System" + // User Label manually created by a user + User IncidentLabelType = "User" +) + +// PossibleIncidentLabelTypeValues returns an array of possible values for the IncidentLabelType const type. +func PossibleIncidentLabelTypeValues() []IncidentLabelType { + return []IncidentLabelType{System, User} +} + // IncidentSeverity enumerates the values for incident severity. type IncidentSeverity string const ( - // IncidentSeverityCritical Critical severity - IncidentSeverityCritical IncidentSeverity = "Critical" // IncidentSeverityHigh High severity IncidentSeverityHigh IncidentSeverity = "High" // IncidentSeverityInformational Informational severity @@ -457,7 +487,24 @@ const ( // PossibleIncidentSeverityValues returns an array of possible values for the IncidentSeverity const type. func PossibleIncidentSeverityValues() []IncidentSeverity { - return []IncidentSeverity{IncidentSeverityCritical, IncidentSeverityHigh, IncidentSeverityInformational, IncidentSeverityLow, IncidentSeverityMedium} + return []IncidentSeverity{IncidentSeverityHigh, IncidentSeverityInformational, IncidentSeverityLow, IncidentSeverityMedium} +} + +// IncidentStatus enumerates the values for incident status. +type IncidentStatus string + +const ( + // IncidentStatusActive An active incident which is being handled + IncidentStatusActive IncidentStatus = "Active" + // IncidentStatusClosed A non-active incident + IncidentStatusClosed IncidentStatus = "Closed" + // IncidentStatusNew An active incident which isn't being handled currently + IncidentStatusNew IncidentStatus = "New" +) + +// PossibleIncidentStatusValues returns an array of possible values for the IncidentStatus const type. +func PossibleIncidentStatusValues() []IncidentStatus { + return []IncidentStatus{IncidentStatusActive, IncidentStatusClosed, IncidentStatusNew} } // KillChainIntent enumerates the values for kill chain intent. @@ -4453,6 +4500,18 @@ type CasesAggregationProperties struct { AggregationByStatus *CasesAggregationByStatusProperties `json:"aggregationByStatus,omitempty"` } +// ClientInfo information on the client (user or application) that made some action +type ClientInfo struct { + // Email - The email of the client. + Email *string `json:"email,omitempty"` + // Name - The name of the client. + Name *string `json:"name,omitempty"` + // ObjectID - The object id of the client. + ObjectID *uuid.UUID `json:"objectId,omitempty"` + // UserPrincipalName - The user principal name of the client. + UserPrincipalName *string `json:"userPrincipalName,omitempty"` +} + // CloudApplicationEntity represents a cloud application entity. type CloudApplicationEntity struct { // CloudApplicationEntityProperties - CloudApplication entity properties @@ -6953,137 +7012,35 @@ func (hep HostEntityProperties) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } -// IncidentInfo describes related incident information for the bookmark -type IncidentInfo struct { - // IncidentID - Incident Id - IncidentID *string `json:"incidentId,omitempty"` - // Severity - The severity of the incident. Possible values include: 'IncidentSeverityCritical', 'IncidentSeverityHigh', 'IncidentSeverityMedium', 'IncidentSeverityLow', 'IncidentSeverityInformational' - Severity IncidentSeverity `json:"severity,omitempty"` - // Title - The title of the incident - Title *string `json:"title,omitempty"` - // RelationName - Relation Name - RelationName *string `json:"relationName,omitempty"` -} - -// IoTDeviceEntity represents an IoT device entity. -type IoTDeviceEntity struct { - // IoTDeviceEntityProperties - IoTDevice entity properties - *IoTDeviceEntityProperties `json:"properties,omitempty"` +// Incident represents an incident in Azure Security Insights. +type Incident struct { + autorest.Response `json:"-"` + // IncidentProperties - Incident properties + *IncidentProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` } -// MarshalJSON is the custom marshaler for IoTDeviceEntity. -func (itde IoTDeviceEntity) MarshalJSON() ([]byte, error) { - itde.Kind = KindIoTDevice +// MarshalJSON is the custom marshaler for Incident. +func (i Incident) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if itde.IoTDeviceEntityProperties != nil { - objectMap["properties"] = itde.IoTDeviceEntityProperties + if i.IncidentProperties != nil { + objectMap["properties"] = i.IncidentProperties } - if itde.Kind != "" { - objectMap["kind"] = itde.Kind + if i.Etag != nil { + objectMap["etag"] = i.Etag } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} - -// AsAzureResourceEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false -} - -// AsCloudApplicationEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false -} - -// AsDNSEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false -} - -// AsFileEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsFileEntity() (*FileEntity, bool) { - return nil, false -} - -// AsFileHashEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsFileHashEntity() (*FileHashEntity, bool) { - return nil, false -} - -// AsHostEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsHostEntity() (*HostEntity, bool) { - return nil, false -} - -// AsIPEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsIPEntity() (*IPEntity, bool) { - return nil, false -} - -// AsMalwareEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsMalwareEntity() (*MalwareEntity, bool) { - return nil, false -} - -// AsProcessEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsProcessEntity() (*ProcessEntity, bool) { - return nil, false -} - -// AsRegistryKeyEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { - return nil, false -} - -// AsRegistryValueEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { - return nil, false -} - -// AsSecurityAlert is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsSecurityAlert() (*SecurityAlert, bool) { - return nil, false -} - -// AsSecurityGroupEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { - return nil, false -} - -// AsURLEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsURLEntity() (*URLEntity, bool) { - return nil, false -} - -// AsIoTDeviceEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { - return &itde, true -} - -// AsEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsEntity() (*Entity, bool) { - return nil, false -} - -// AsBasicEntity is the BasicEntity implementation for IoTDeviceEntity. -func (itde IoTDeviceEntity) AsBasicEntity() (BasicEntity, bool) { - return &itde, true -} - -// UnmarshalJSON is the custom unmarshaler for IoTDeviceEntity struct. -func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { +// UnmarshalJSON is the custom unmarshaler for Incident struct. +func (i *Incident) UnmarshalJSON(body []byte) error { var m map[string]*json.RawMessage err := json.Unmarshal(body, &m) if err != nil { @@ -7093,12 +7050,12 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { switch k { case "properties": if v != nil { - var ioTDeviceEntityProperties IoTDeviceEntityProperties - err = json.Unmarshal(*v, &ioTDeviceEntityProperties) + var incidentProperties IncidentProperties + err = json.Unmarshal(*v, &incidentProperties) if err != nil { return err } - itde.IoTDeviceEntityProperties = &ioTDeviceEntityProperties + i.IncidentProperties = &incidentProperties } case "id": if v != nil { @@ -7107,7 +7064,7 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - itde.ID = &ID + i.ID = &ID } case "name": if v != nil { @@ -7116,7 +7073,7 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - itde.Name = &name + i.Name = &name } case "type": if v != nil { @@ -7125,16 +7082,16 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { if err != nil { return err } - itde.Type = &typeVar + i.Type = &typeVar } - case "kind": + case "etag": if v != nil { - var kind KindBasicEntity - err = json.Unmarshal(*v, &kind) + var etag string + err = json.Unmarshal(*v, &etag) if err != nil { return err } - itde.Kind = kind + i.Etag = &etag } } } @@ -7142,81 +7099,707 @@ func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { return nil } -// IoTDeviceEntityProperties ioTDevice entity property bag. -type IoTDeviceEntityProperties struct { - // DeviceID - READ-ONLY; The ID of the IoT Device in the IoT Hub - DeviceID *string `json:"deviceId,omitempty"` - // IotSecurityAgentID - READ-ONLY; The ID of the security agent running on the device - IotSecurityAgentID *uuid.UUID `json:"iotSecurityAgentId,omitempty"` - // DeviceType - READ-ONLY; The type of the device - DeviceType *string `json:"deviceType,omitempty"` - // Vendor - READ-ONLY; The vendor of the device - Vendor *string `json:"vendor,omitempty"` - // EdgeID - READ-ONLY; The ID of the edge device - EdgeID *string `json:"edgeId,omitempty"` - // IotHubEntityID - READ-ONLY; The AzureResource entity id of the IoT Hub - IotHubEntityID *string `json:"iotHubEntityId,omitempty"` - // HostEntityID - READ-ONLY; The Host entity id of this device - HostEntityID *string `json:"hostEntityId,omitempty"` - // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the IoTDevice entity. - ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` - // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. - AdditionalData map[string]interface{} `json:"additionalData"` - // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. - FriendlyName *string `json:"friendlyName,omitempty"` -} - -// MarshalJSON is the custom marshaler for IoTDeviceEntityProperties. -func (itdep IoTDeviceEntityProperties) MarshalJSON() ([]byte, error) { - objectMap := make(map[string]interface{}) - return json.Marshal(objectMap) +// IncidentAdditionalData incident additional data property bag. +type IncidentAdditionalData struct { + // AlertsCount - READ-ONLY; The number of alerts in the incident + AlertsCount *int32 `json:"alertsCount,omitempty"` + // BookmarksCount - READ-ONLY; The number of bookmarks in the incident + BookmarksCount *int32 `json:"bookmarksCount,omitempty"` + // CommentsCount - READ-ONLY; The number of comments in the incident + CommentsCount *int32 `json:"commentsCount,omitempty"` + // AlertProductNames - READ-ONLY; List of product names of alerts in the incident + AlertProductNames *[]string `json:"alertProductNames,omitempty"` } -// IPEntity represents an ip entity. -type IPEntity struct { - // IPEntityProperties - Ip entity properties - *IPEntityProperties `json:"properties,omitempty"` +// IncidentComment represents an incident comment +type IncidentComment struct { + autorest.Response `json:"-"` + // IncidentCommentProperties - Incident comment properties + *IncidentCommentProperties `json:"properties,omitempty"` // ID - READ-ONLY; Azure resource Id ID *string `json:"id,omitempty"` // Name - READ-ONLY; Azure resource name Name *string `json:"name,omitempty"` // Type - READ-ONLY; Azure resource type Type *string `json:"type,omitempty"` - // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' - Kind KindBasicEntity `json:"kind,omitempty"` } -// MarshalJSON is the custom marshaler for IPEntity. -func (ie IPEntity) MarshalJSON() ([]byte, error) { - ie.Kind = KindIP +// MarshalJSON is the custom marshaler for IncidentComment. +func (ic IncidentComment) MarshalJSON() ([]byte, error) { objectMap := make(map[string]interface{}) - if ie.IPEntityProperties != nil { - objectMap["properties"] = ie.IPEntityProperties - } - if ie.Kind != "" { - objectMap["kind"] = ie.Kind + if ic.IncidentCommentProperties != nil { + objectMap["properties"] = ic.IncidentCommentProperties } return json.Marshal(objectMap) } -// AsAccountEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsAccountEntity() (*AccountEntity, bool) { - return nil, false -} +// UnmarshalJSON is the custom unmarshaler for IncidentComment struct. +func (ic *IncidentComment) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var incidentCommentProperties IncidentCommentProperties + err = json.Unmarshal(*v, &incidentCommentProperties) + if err != nil { + return err + } + ic.IncidentCommentProperties = &incidentCommentProperties + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + ic.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + ic.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + ic.Type = &typeVar + } + } + } -// AsAzureResourceEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { - return nil, false + return nil } -// AsCloudApplicationEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { - return nil, false +// IncidentCommentList list of incident comments. +type IncidentCommentList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of comments. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of comments. + Value *[]IncidentComment `json:"value,omitempty"` } -// AsDNSEntity is the BasicEntity implementation for IPEntity. -func (ie IPEntity) AsDNSEntity() (*DNSEntity, bool) { - return nil, false +// IncidentCommentListIterator provides access to a complete listing of IncidentComment values. +type IncidentCommentListIterator struct { + i int + page IncidentCommentListPage +} + +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *IncidentCommentListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil +} + +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *IncidentCommentListIterator) Next() error { + return iter.NextWithContext(context.Background()) +} + +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter IncidentCommentListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) +} + +// Response returns the raw server response from the last page request. +func (iter IncidentCommentListIterator) Response() IncidentCommentList { + return iter.page.Response() +} + +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter IncidentCommentListIterator) Value() IncidentComment { + if !iter.page.NotDone() { + return IncidentComment{} + } + return iter.page.Values()[iter.i] +} + +// Creates a new instance of the IncidentCommentListIterator type. +func NewIncidentCommentListIterator(page IncidentCommentListPage) IncidentCommentListIterator { + return IncidentCommentListIterator{page: page} +} + +// IsEmpty returns true if the ListResult contains no values. +func (icl IncidentCommentList) IsEmpty() bool { + return icl.Value == nil || len(*icl.Value) == 0 +} + +// incidentCommentListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (icl IncidentCommentList) incidentCommentListPreparer(ctx context.Context) (*http.Request, error) { + if icl.NextLink == nil || len(to.String(icl.NextLink)) < 1 { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(icl.NextLink))) +} + +// IncidentCommentListPage contains a page of IncidentComment values. +type IncidentCommentListPage struct { + fn func(context.Context, IncidentCommentList) (IncidentCommentList, error) + icl IncidentCommentList +} + +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *IncidentCommentListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentCommentListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + next, err := page.fn(ctx, page.icl) + if err != nil { + return err + } + page.icl = next + return nil +} + +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *IncidentCommentListPage) Next() error { + return page.NextWithContext(context.Background()) +} + +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page IncidentCommentListPage) NotDone() bool { + return !page.icl.IsEmpty() +} + +// Response returns the raw server response from the last page request. +func (page IncidentCommentListPage) Response() IncidentCommentList { + return page.icl +} + +// Values returns the slice of values for the current page or nil if there are no values. +func (page IncidentCommentListPage) Values() []IncidentComment { + if page.icl.IsEmpty() { + return nil + } + return *page.icl.Value +} + +// Creates a new instance of the IncidentCommentListPage type. +func NewIncidentCommentListPage(getNextPage func(context.Context, IncidentCommentList) (IncidentCommentList, error)) IncidentCommentListPage { + return IncidentCommentListPage{fn: getNextPage} +} + +// IncidentCommentProperties incident comment property bag. +type IncidentCommentProperties struct { + // CreatedTimeUtc - READ-ONLY; The time the comment was created + CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` + // Message - The comment message + Message *string `json:"message,omitempty"` + // Author - READ-ONLY; Describes the client that created the comment + Author *ClientInfo `json:"author,omitempty"` +} + +// IncidentInfo describes related incident information for the bookmark +type IncidentInfo struct { + // IncidentID - Incident Id + IncidentID *string `json:"incidentId,omitempty"` + // Severity - The severity of the incident. Possible values include: 'CaseSeverityCritical', 'CaseSeverityHigh', 'CaseSeverityMedium', 'CaseSeverityLow', 'CaseSeverityInformational' + Severity CaseSeverity `json:"severity,omitempty"` + // Title - The title of the incident + Title *string `json:"title,omitempty"` + // RelationName - Relation Name + RelationName *string `json:"relationName,omitempty"` +} + +// IncidentLabel represents an incident label +type IncidentLabel struct { + // LabelName - The name of the label + LabelName *string `json:"labelName,omitempty"` + // LabelType - READ-ONLY; The type of the label. Possible values include: 'User', 'System' + LabelType IncidentLabelType `json:"labelType,omitempty"` +} + +// IncidentList list all the incidents. +type IncidentList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of incidents. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of incidents. + Value *[]Incident `json:"value,omitempty"` +} + +// IncidentListIterator provides access to a complete listing of Incident values. +type IncidentListIterator struct { + i int + page IncidentListPage +} + +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *IncidentListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil +} + +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *IncidentListIterator) Next() error { + return iter.NextWithContext(context.Background()) +} + +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter IncidentListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) +} + +// Response returns the raw server response from the last page request. +func (iter IncidentListIterator) Response() IncidentList { + return iter.page.Response() +} + +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter IncidentListIterator) Value() Incident { + if !iter.page.NotDone() { + return Incident{} + } + return iter.page.Values()[iter.i] +} + +// Creates a new instance of the IncidentListIterator type. +func NewIncidentListIterator(page IncidentListPage) IncidentListIterator { + return IncidentListIterator{page: page} +} + +// IsEmpty returns true if the ListResult contains no values. +func (il IncidentList) IsEmpty() bool { + return il.Value == nil || len(*il.Value) == 0 +} + +// incidentListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (il IncidentList) incidentListPreparer(ctx context.Context) (*http.Request, error) { + if il.NextLink == nil || len(to.String(il.NextLink)) < 1 { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(il.NextLink))) +} + +// IncidentListPage contains a page of Incident values. +type IncidentListPage struct { + fn func(context.Context, IncidentList) (IncidentList, error) + il IncidentList +} + +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *IncidentListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/IncidentListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + next, err := page.fn(ctx, page.il) + if err != nil { + return err + } + page.il = next + return nil +} + +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *IncidentListPage) Next() error { + return page.NextWithContext(context.Background()) +} + +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page IncidentListPage) NotDone() bool { + return !page.il.IsEmpty() +} + +// Response returns the raw server response from the last page request. +func (page IncidentListPage) Response() IncidentList { + return page.il +} + +// Values returns the slice of values for the current page or nil if there are no values. +func (page IncidentListPage) Values() []Incident { + if page.il.IsEmpty() { + return nil + } + return *page.il.Value +} + +// Creates a new instance of the IncidentListPage type. +func NewIncidentListPage(getNextPage func(context.Context, IncidentList) (IncidentList, error)) IncidentListPage { + return IncidentListPage{fn: getNextPage} +} + +// IncidentOwnerInfo information on the user an incident is assigned to +type IncidentOwnerInfo struct { + // Email - The email of the user the incident is assigned to. + Email *string `json:"email,omitempty"` + // AssignedTo - The name of the user the incident is assigned to. + AssignedTo *string `json:"assignedTo,omitempty"` + // ObjectID - The object id of the user the incident is assigned to. + ObjectID *uuid.UUID `json:"objectId,omitempty"` + // UserPrincipalName - The user principal name of the user the incident is assigned to. + UserPrincipalName *string `json:"userPrincipalName,omitempty"` +} + +// IncidentProperties describes incident properties +type IncidentProperties struct { + // AdditionalData - READ-ONLY; Additional data on the incident + AdditionalData *IncidentAdditionalData `json:"additionalData,omitempty"` + // Classification - The reason the incident was closed. Possible values include: 'IncidentClassificationUnknown', 'IncidentClassificationTruePositive', 'IncidentClassificationFalsePositive' + Classification IncidentClassification `json:"classification,omitempty"` + // CreatedTimeUtc - READ-ONLY; The time the incident was created + CreatedTimeUtc *date.Time `json:"createdTimeUtc,omitempty"` + // Description - The description of the incident + Description *string `json:"description,omitempty"` + // FirstActivityTimeUtc - The time of the first activity in the incident + FirstActivityTimeUtc *date.Time `json:"firstActivityTimeUtc,omitempty"` + // IncidentNumber - READ-ONLY; A sequential number + IncidentNumber *int32 `json:"incidentNumber,omitempty"` + // Labels - List of labels relevant to this incident + Labels *[]IncidentLabel `json:"labels,omitempty"` + // LastActivityTimeUtc - The time of the last activity in the incident + LastActivityTimeUtc *date.Time `json:"lastActivityTimeUtc,omitempty"` + // LastModifiedTimeUtc - READ-ONLY; The last time the incident was updated + LastModifiedTimeUtc *date.Time `json:"lastModifiedTimeUtc,omitempty"` + // Owner - Describes a user that the incident is assigned to + Owner *IncidentOwnerInfo `json:"owner,omitempty"` + // Severity - The severity of the incident. Possible values include: 'IncidentSeverityHigh', 'IncidentSeverityMedium', 'IncidentSeverityLow', 'IncidentSeverityInformational' + Severity IncidentSeverity `json:"severity,omitempty"` + // Status - The status of the incident. Possible values include: 'IncidentStatusNew', 'IncidentStatusActive', 'IncidentStatusClosed' + Status IncidentStatus `json:"status,omitempty"` + // Title - The title of the incident + Title *string `json:"title,omitempty"` +} + +// IoTDeviceEntity represents an IoT device entity. +type IoTDeviceEntity struct { + // IoTDeviceEntityProperties - IoTDevice entity properties + *IoTDeviceEntityProperties `json:"properties,omitempty"` + // ID - READ-ONLY; Azure resource Id + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; Azure resource name + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; Azure resource type + Type *string `json:"type,omitempty"` + // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' + Kind KindBasicEntity `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for IoTDeviceEntity. +func (itde IoTDeviceEntity) MarshalJSON() ([]byte, error) { + itde.Kind = KindIoTDevice + objectMap := make(map[string]interface{}) + if itde.IoTDeviceEntityProperties != nil { + objectMap["properties"] = itde.IoTDeviceEntityProperties + } + if itde.Kind != "" { + objectMap["kind"] = itde.Kind + } + return json.Marshal(objectMap) +} + +// AsAccountEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsAccountEntity() (*AccountEntity, bool) { + return nil, false +} + +// AsAzureResourceEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { + return nil, false +} + +// AsCloudApplicationEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { + return nil, false +} + +// AsDNSEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsDNSEntity() (*DNSEntity, bool) { + return nil, false +} + +// AsFileEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsFileEntity() (*FileEntity, bool) { + return nil, false +} + +// AsFileHashEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsFileHashEntity() (*FileHashEntity, bool) { + return nil, false +} + +// AsHostEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsHostEntity() (*HostEntity, bool) { + return nil, false +} + +// AsIPEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsIPEntity() (*IPEntity, bool) { + return nil, false +} + +// AsMalwareEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsMalwareEntity() (*MalwareEntity, bool) { + return nil, false +} + +// AsProcessEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsProcessEntity() (*ProcessEntity, bool) { + return nil, false +} + +// AsRegistryKeyEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsRegistryKeyEntity() (*RegistryKeyEntity, bool) { + return nil, false +} + +// AsRegistryValueEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsRegistryValueEntity() (*RegistryValueEntity, bool) { + return nil, false +} + +// AsSecurityAlert is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsSecurityAlert() (*SecurityAlert, bool) { + return nil, false +} + +// AsSecurityGroupEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsSecurityGroupEntity() (*SecurityGroupEntity, bool) { + return nil, false +} + +// AsURLEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsURLEntity() (*URLEntity, bool) { + return nil, false +} + +// AsIoTDeviceEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsIoTDeviceEntity() (*IoTDeviceEntity, bool) { + return &itde, true +} + +// AsEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsEntity() (*Entity, bool) { + return nil, false +} + +// AsBasicEntity is the BasicEntity implementation for IoTDeviceEntity. +func (itde IoTDeviceEntity) AsBasicEntity() (BasicEntity, bool) { + return &itde, true +} + +// UnmarshalJSON is the custom unmarshaler for IoTDeviceEntity struct. +func (itde *IoTDeviceEntity) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var ioTDeviceEntityProperties IoTDeviceEntityProperties + err = json.Unmarshal(*v, &ioTDeviceEntityProperties) + if err != nil { + return err + } + itde.IoTDeviceEntityProperties = &ioTDeviceEntityProperties + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + itde.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + itde.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + itde.Type = &typeVar + } + case "kind": + if v != nil { + var kind KindBasicEntity + err = json.Unmarshal(*v, &kind) + if err != nil { + return err + } + itde.Kind = kind + } + } + } + + return nil +} + +// IoTDeviceEntityProperties ioTDevice entity property bag. +type IoTDeviceEntityProperties struct { + // DeviceID - READ-ONLY; The ID of the IoT Device in the IoT Hub + DeviceID *string `json:"deviceId,omitempty"` + // IotSecurityAgentID - READ-ONLY; The ID of the security agent running on the device + IotSecurityAgentID *uuid.UUID `json:"iotSecurityAgentId,omitempty"` + // DeviceType - READ-ONLY; The type of the device + DeviceType *string `json:"deviceType,omitempty"` + // Vendor - READ-ONLY; The vendor of the device + Vendor *string `json:"vendor,omitempty"` + // EdgeID - READ-ONLY; The ID of the edge device + EdgeID *string `json:"edgeId,omitempty"` + // IotHubEntityID - READ-ONLY; The AzureResource entity id of the IoT Hub + IotHubEntityID *string `json:"iotHubEntityId,omitempty"` + // HostEntityID - READ-ONLY; The Host entity id of this device + HostEntityID *string `json:"hostEntityId,omitempty"` + // ThreatIntelligence - READ-ONLY; A list of TI contexts attached to the IoTDevice entity. + ThreatIntelligence *[]ThreatIntelligence `json:"threatIntelligence,omitempty"` + // AdditionalData - READ-ONLY; A bag of custom fields that should be part of the entity and will be presented to the user. + AdditionalData map[string]interface{} `json:"additionalData"` + // FriendlyName - READ-ONLY; The graph item display name which is a short humanly readable description of the graph item instance. This property is optional and might be system generated. + FriendlyName *string `json:"friendlyName,omitempty"` +} + +// MarshalJSON is the custom marshaler for IoTDeviceEntityProperties. +func (itdep IoTDeviceEntityProperties) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + return json.Marshal(objectMap) +} + +// IPEntity represents an ip entity. +type IPEntity struct { + // IPEntityProperties - Ip entity properties + *IPEntityProperties `json:"properties,omitempty"` + // ID - READ-ONLY; Azure resource Id + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; Azure resource name + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; Azure resource type + Type *string `json:"type,omitempty"` + // Kind - Possible values include: 'KindEntity', 'KindAccount', 'KindAzureResource', 'KindCloudApplication', 'KindDNSResolution', 'KindFile', 'KindFileHash', 'KindHost', 'KindIP', 'KindMalware', 'KindProcess', 'KindRegistryKey', 'KindRegistryValue', 'KindSecurityAlert', 'KindSecurityGroup', 'KindURL', 'KindIoTDevice' + Kind KindBasicEntity `json:"kind,omitempty"` +} + +// MarshalJSON is the custom marshaler for IPEntity. +func (ie IPEntity) MarshalJSON() ([]byte, error) { + ie.Kind = KindIP + objectMap := make(map[string]interface{}) + if ie.IPEntityProperties != nil { + objectMap["properties"] = ie.IPEntityProperties + } + if ie.Kind != "" { + objectMap["kind"] = ie.Kind + } + return json.Marshal(objectMap) +} + +// AsAccountEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsAccountEntity() (*AccountEntity, bool) { + return nil, false +} + +// AsAzureResourceEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsAzureResourceEntity() (*AzureResourceEntity, bool) { + return nil, false +} + +// AsCloudApplicationEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsCloudApplicationEntity() (*CloudApplicationEntity, bool) { + return nil, false +} + +// AsDNSEntity is the BasicEntity implementation for IPEntity. +func (ie IPEntity) AsDNSEntity() (*DNSEntity, bool) { + return nil, false } // AsFileEntity is the BasicEntity implementation for IPEntity. @@ -9394,6 +9977,93 @@ func (rvep RegistryValueEntityProperties) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } +// Relation represents a relation between two resources +type Relation struct { + autorest.Response `json:"-"` + // RelationProperties - Relation properties + *RelationProperties `json:"properties,omitempty"` + // ID - READ-ONLY; Azure resource Id + ID *string `json:"id,omitempty"` + // Name - READ-ONLY; Azure resource name + Name *string `json:"name,omitempty"` + // Type - READ-ONLY; Azure resource type + Type *string `json:"type,omitempty"` + // Etag - Etag of the azure resource + Etag *string `json:"etag,omitempty"` +} + +// MarshalJSON is the custom marshaler for Relation. +func (r Relation) MarshalJSON() ([]byte, error) { + objectMap := make(map[string]interface{}) + if r.RelationProperties != nil { + objectMap["properties"] = r.RelationProperties + } + if r.Etag != nil { + objectMap["etag"] = r.Etag + } + return json.Marshal(objectMap) +} + +// UnmarshalJSON is the custom unmarshaler for Relation struct. +func (r *Relation) UnmarshalJSON(body []byte) error { + var m map[string]*json.RawMessage + err := json.Unmarshal(body, &m) + if err != nil { + return err + } + for k, v := range m { + switch k { + case "properties": + if v != nil { + var relationProperties RelationProperties + err = json.Unmarshal(*v, &relationProperties) + if err != nil { + return err + } + r.RelationProperties = &relationProperties + } + case "id": + if v != nil { + var ID string + err = json.Unmarshal(*v, &ID) + if err != nil { + return err + } + r.ID = &ID + } + case "name": + if v != nil { + var name string + err = json.Unmarshal(*v, &name) + if err != nil { + return err + } + r.Name = &name + } + case "type": + if v != nil { + var typeVar string + err = json.Unmarshal(*v, &typeVar) + if err != nil { + return err + } + r.Type = &typeVar + } + case "etag": + if v != nil { + var etag string + err = json.Unmarshal(*v, &etag) + if err != nil { + return err + } + r.Etag = &etag + } + } + } + + return nil +} + // RelationBase represents a relation type RelationBase struct { // Kind - READ-ONLY; The type of relation node. Possible values include: 'CasesToBookmarks' @@ -9408,6 +10078,152 @@ type RelationBase struct { Type *string `json:"type,omitempty"` } +// RelationList list of relations. +type RelationList struct { + autorest.Response `json:"-"` + // NextLink - READ-ONLY; URL to fetch the next set of relations. + NextLink *string `json:"nextLink,omitempty"` + // Value - Array of relations. + Value *[]Relation `json:"value,omitempty"` +} + +// RelationListIterator provides access to a complete listing of Relation values. +type RelationListIterator struct { + i int + page RelationListPage +} + +// NextWithContext advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +func (iter *RelationListIterator) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/RelationListIterator.NextWithContext") + defer func() { + sc := -1 + if iter.Response().Response.Response != nil { + sc = iter.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + iter.i++ + if iter.i < len(iter.page.Values()) { + return nil + } + err = iter.page.NextWithContext(ctx) + if err != nil { + iter.i-- + return err + } + iter.i = 0 + return nil +} + +// Next advances to the next value. If there was an error making +// the request the iterator does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (iter *RelationListIterator) Next() error { + return iter.NextWithContext(context.Background()) +} + +// NotDone returns true if the enumeration should be started or is not yet complete. +func (iter RelationListIterator) NotDone() bool { + return iter.page.NotDone() && iter.i < len(iter.page.Values()) +} + +// Response returns the raw server response from the last page request. +func (iter RelationListIterator) Response() RelationList { + return iter.page.Response() +} + +// Value returns the current value or a zero-initialized value if the +// iterator has advanced beyond the end of the collection. +func (iter RelationListIterator) Value() Relation { + if !iter.page.NotDone() { + return Relation{} + } + return iter.page.Values()[iter.i] +} + +// Creates a new instance of the RelationListIterator type. +func NewRelationListIterator(page RelationListPage) RelationListIterator { + return RelationListIterator{page: page} +} + +// IsEmpty returns true if the ListResult contains no values. +func (rl RelationList) IsEmpty() bool { + return rl.Value == nil || len(*rl.Value) == 0 +} + +// relationListPreparer prepares a request to retrieve the next set of results. +// It returns nil if no more results exist. +func (rl RelationList) relationListPreparer(ctx context.Context) (*http.Request, error) { + if rl.NextLink == nil || len(to.String(rl.NextLink)) < 1 { + return nil, nil + } + return autorest.Prepare((&http.Request{}).WithContext(ctx), + autorest.AsJSON(), + autorest.AsGet(), + autorest.WithBaseURL(to.String(rl.NextLink))) +} + +// RelationListPage contains a page of Relation values. +type RelationListPage struct { + fn func(context.Context, RelationList) (RelationList, error) + rl RelationList +} + +// NextWithContext advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +func (page *RelationListPage) NextWithContext(ctx context.Context) (err error) { + if tracing.IsEnabled() { + ctx = tracing.StartSpan(ctx, fqdn+"/RelationListPage.NextWithContext") + defer func() { + sc := -1 + if page.Response().Response.Response != nil { + sc = page.Response().Response.Response.StatusCode + } + tracing.EndSpan(ctx, sc, err) + }() + } + next, err := page.fn(ctx, page.rl) + if err != nil { + return err + } + page.rl = next + return nil +} + +// Next advances to the next page of values. If there was an error making +// the request the page does not advance and the error is returned. +// Deprecated: Use NextWithContext() instead. +func (page *RelationListPage) Next() error { + return page.NextWithContext(context.Background()) +} + +// NotDone returns true if the page enumeration should be started or is not yet complete. +func (page RelationListPage) NotDone() bool { + return !page.rl.IsEmpty() +} + +// Response returns the raw server response from the last page request. +func (page RelationListPage) Response() RelationList { + return page.rl +} + +// Values returns the slice of values for the current page or nil if there are no values. +func (page RelationListPage) Values() []Relation { + if page.rl.IsEmpty() { + return nil + } + return *page.rl.Value +} + +// Creates a new instance of the RelationListPage type. +func NewRelationListPage(getNextPage func(context.Context, RelationList) (RelationList, error)) RelationListPage { + return RelationListPage{fn: getNextPage} +} + // RelationNode relation node type RelationNode struct { // RelationNodeID - Relation Node Id @@ -9435,6 +10251,18 @@ func (rn RelationNode) MarshalJSON() ([]byte, error) { return json.Marshal(objectMap) } +// RelationProperties relation property bag. +type RelationProperties struct { + // RelatedResourceID - The resource ID of the related resource + RelatedResourceID *string `json:"relatedResourceId,omitempty"` + // RelatedResourceName - The name of the related resource + RelatedResourceName *string `json:"relatedResourceName,omitempty"` + // RelatedResourceType - READ-ONLY; The resource type of the related resource + RelatedResourceType *string `json:"relatedResourceType,omitempty"` + // RelatedResourceKind - READ-ONLY; The resource kind of the related resource + RelatedResourceKind *string `json:"relatedResourceKind,omitempty"` +} + // RelationsModelInput relation input model type RelationsModelInput struct { // RelationsModelInputProperties - Relation input properties diff --git a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/securityinsightapi/interfaces.go b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/securityinsightapi/interfaces.go index 374637a85817..b413e4379fea 100644 --- a/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/securityinsightapi/interfaces.go +++ b/services/preview/securityinsight/mgmt/2017-08-01-preview/securityinsight/securityinsightapi/interfaces.go @@ -150,6 +150,21 @@ type EntitiesClientAPI interface { var _ EntitiesClientAPI = (*securityinsight.EntitiesClient)(nil) +// EntitiesRelationsClientAPI contains the set of methods on the EntitiesRelationsClient type. +type EntitiesRelationsClientAPI interface { + List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.RelationListPage, err error) + ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.RelationListIterator, err error) +} + +var _ EntitiesRelationsClientAPI = (*securityinsight.EntitiesRelationsClient)(nil) + +// EntityRelationsClientAPI contains the set of methods on the EntityRelationsClient type. +type EntityRelationsClientAPI interface { + GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, entityID string, relationName string) (result securityinsight.Relation, err error) +} + +var _ EntityRelationsClientAPI = (*securityinsight.EntityRelationsClient)(nil) + // OfficeConsentsClientAPI contains the set of methods on the OfficeConsentsClient type. type OfficeConsentsClientAPI interface { Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, consentID string) (result autorest.Response, err error) @@ -183,3 +198,35 @@ type EntityQueriesClientAPI interface { } var _ EntityQueriesClientAPI = (*securityinsight.EntityQueriesClient)(nil) + +// IncidentsClientAPI contains the set of methods on the IncidentsClient type. +type IncidentsClientAPI interface { + CreateOrUpdate(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incident securityinsight.Incident) (result securityinsight.Incident, err error) + Delete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (result autorest.Response, err error) + Get(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string) (result securityinsight.Incident, err error) + List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.IncidentListPage, err error) + ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.IncidentListIterator, err error) +} + +var _ IncidentsClientAPI = (*securityinsight.IncidentsClient)(nil) + +// IncidentCommentsClientAPI contains the set of methods on the IncidentCommentsClient type. +type IncidentCommentsClientAPI interface { + CreateComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string, incidentComment securityinsight.IncidentComment) (result securityinsight.IncidentComment, err error) + GetComment(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, incidentCommentID string) (result securityinsight.IncidentComment, err error) + ListByIncident(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.IncidentCommentListPage, err error) + ListByIncidentComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.IncidentCommentListIterator, err error) +} + +var _ IncidentCommentsClientAPI = (*securityinsight.IncidentCommentsClient)(nil) + +// IncidentRelationsClientAPI contains the set of methods on the IncidentRelationsClient type. +type IncidentRelationsClientAPI interface { + CreateOrUpdateRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string, relation securityinsight.Relation) (result securityinsight.Relation, err error) + DeleteRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (result autorest.Response, err error) + GetRelation(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, relationName string) (result securityinsight.Relation, err error) + List(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.RelationListPage, err error) + ListComplete(ctx context.Context, resourceGroupName string, operationalInsightsResourceProvider string, workspaceName string, incidentID string, filter string, orderby string, top *int32, skipToken string) (result securityinsight.RelationListIterator, err error) +} + +var _ IncidentRelationsClientAPI = (*securityinsight.IncidentRelationsClient)(nil)